[dns-operations] latest bind, EDNS & TCP

Franck Martin fmartin at linkedin.com
Fri Oct 10 21:55:29 UTC 2014


On Oct 10, 2014, at 9:43 AM, Peter Koch <pk at DENIC.DE> wrote:

> On Fri, Oct 10, 2014 at 02:53:38PM +0100, Simon Munton wrote:
> 
>> I seem to remember someone saying that the latest version of bind starts 
>> with bufsize=512, but presumably it will learn a larger bufsize 
>> capability, if declared by the responding server?
> 
What I have noticed from my logs, is that bind will fall back to resend the query with EDNS size=512 if it does not get an answer, then the answer it gets is likely to request to switch to TCP.

This may prove troublesome when fetching some TXT records with low TTL, especially the SPF kind… TXT at the organizational level can be overloaded with “prove its you” strings.

Set the EDNS advertised size if you are in this situation, to skip one step.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20141010/ae3db610/attachment.sig>


More information about the dns-operations mailing list