Franck Martin <[email protected]> wrote: > > What is the recommended setup for EDNS? > -limit size to <1500? on both IPv4 and IPv6?
Yes, on some if not all of your authority servers. That is, you need to limit the size of response that you send (max-udp-size in BIND terms). (Don't get confused with your advertized EDNS buffer size which is for receiving responses, mainly on recursive servers.) This improves your interoperability with resolvers at other sites that have broken networks which drop fragmented packets. https://dnssec.surfnet.nl/wp-content/uploads/2012/09/Recommendations-for-dealing-with-fragmentation-in-DNS-v3.pdf https://www.usenix.org/sites/default/files/conference/protected-files/vanrisjwik_lisa12_slides.pdf Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ Trafalgar: Cyclonic in northwest, otherwise mainly northerly or northwesterly 5 or 6. Slight or moderate. Showers in northwest. Good. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
