I tried OARC's DNS Reply Size Test on two of my name servers, both on the same network, behind the same firewall & router.
Both came back and reported "DNS reply size limit is at least 3843" (results below). Is 3843 close enough to 4096 to keep me safe next Wednesday (May 5th)? If not, do the required remedies need to be applied in named.conf, or the router & firewall? And if the latter, what, specifically, needs to be configured? Other than OARC's page are there any sites that describe everything that needs to be done and checked to make sure we're good to go on 5/5? Thank you $ dig +short rs.dns-oarc.net txt rst.x3827.rs.dns-oarc.net. rst.x3837.x3827.rs.dns-oarc.net. rst.x3843.x3837.x3827.rs.dns-oarc.net. "198.x.x.8 sent EDNS buffer size 4096" "198.x.x.8 DNS reply size limit is at least 3843" "Tested at 2010-05-01 02:10:34 UTC" =========================== rst.x3827.rs.dns-oarc.net. rst.x3837.x3827.rs.dns-oarc.net. rst.x3843.x3837.x3827.rs.dns-oarc.net. "Tested at 2010-05-01 02:14:45 UTC" "198.x.x.9 sent EDNS buffer size 4096" "198.x.x.9 DNS reply size limit is at least 3843" _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
