nanog mailing list archives
Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU
From: Mark Andrews <Mark_Andrews () isc org>
Date: Tue, 11 Jan 2005 00:43:43 +1100
On Mon, 10 Jan 2005 22:42:28 +1100, Mark Andrews <Mark_Andrews () isc org> wrote :I receive DNS responses > 500 bytes every day (reported by PIX firewall).Soit is an issue, no matter wgat is recomended in RFC.The correct thing to do is to fix your firewall to handle the EDNS responses.It is a cisco pix, right? Maybe just replacing the thing with a 1U openbsd box will work wonders.
A PIX firewall can handle EDNS fine. It just has to be told
what is the maximum EDNS size being advertised by the internal
clients. The defaults assume there is no EDNS (e.g. 512).
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews () isc org
Current thread:
- Re: Smallest Transit MTU Sabri Berisha (Jan 05)
- Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU Iljitsch van Beijnum (Jan 09)
- Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU Mark Andrews (Jan 09)
- Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU Iljitsch van Beijnum (Jan 09)
- Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU Alexei Roudnev (Jan 10)
- Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU Mark Andrews (Jan 10)
- Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU Suresh Ramasubramanian (Jan 10)
- Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU Mark Andrews (Jan 10)
- Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU Alexei Roudnev (Jan 10)
- Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU Mark Andrews (Jan 09)
- Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU Iljitsch van Beijnum (Jan 09)