Educause Security Discussion mailing list archives
Windows 2008 Server R2 SECDNS Blocked
From: Daniel Bennett <dbennett () PCT EDU>
Date: Thu, 24 Sep 2009 11:14:12 -0400
Has anyone run into their DNS traffic being blocked by their firewall because the reply packet from the Root Hints is greater than 512 Bytes? I came across this with testing a Windows 2008 Server R2 domain controller running DNS. It appears that the implementation of SECDNS on R2 has increased the packet size to be larger than 512 Bytes which is default for regular DNS traffic. If you have run into this did you allow larger DNS UDP packets through your firewall? If so, what size limit did you set? Thanks, Daniel Bennett IT Security Analyst Pennsylvania College of Technology One College Ave Williamsport PA, 17701 570.329.4989
Current thread:
- Windows 2008 Server R2 SECDNS Blocked Daniel Bennett (Sep 24)
- <Possible follow-ups>
- Re: Windows 2008 Server R2 SECDNS Blocked Basgen, Brian (Sep 24)
- Re: Windows 2008 Server R2 SECDNS Blocked Valdis Kletnieks (Sep 25)