PowerDNS secondary servers receive empty SOA response for particular zone.
Andy Smith
andy at strugglers.net
Fri Nov 18 13:33:12 UTC 2022
Hi Bob,
On Fri, Nov 18, 2022 at 07:20:22AM -0500, Bob McDonald wrote:
> The size of the TCP packets is a problem. You might also look at
> minimal-responses.
The issue seems to be that an SOA query response for this DNSSEC-signed
zone is 2293 bytes, and PowerDNS can not yet retry that SOA query over
TCP.
After setting minimal-responses that SOA query is only 685 bytes, so
thanks, that will give me some time to think about what I'm going to do
as a more permanent fix.
Thanks,
Andy
More information about the bind-users
mailing list