PowerDNS secondary servers receive empty SOA response for particular zone.
Mark Andrews
marka at isc.org
Fri Nov 18 20:41:53 UTC 2022
The permanent fix of for PowerDNS to follow the DNS protocol and make the query over TCP.
They have a choice of solutions. Just make a TCP query and make a second TCP query for the XFR. Make a TCP query and then the XFR if required over the same TCP connection.
--
Mark Andrews
> On 19 Nov 2022, at 00:33, Andy Smith <andy at strugglers.net> wrote:
>
> Hi Bob,
>
>> On Fri, Nov 18, 2022 at 07:20:22AM -0500, Bob McDonald wrote:
>> The size of the TCP packets is a problem. You might also look at
>> minimal-responses.
>
> The issue seems to be that an SOA query response for this DNSSEC-signed
> zone is 2293 bytes, and PowerDNS can not yet retry that SOA query over
> TCP.
>
> After setting minimal-responses that SOA query is only 685 bytes, so
> thanks, that will give me some time to think about what I'm going to do
> as a more permanent fix.
>
> Thanks,
> Andy
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list