* William Herrin: > Anyone else having trouble with .gov DNS failing with edns-udp-size > set to 512?
You need an UDP size of at least 1220 for DNSSEC, see RFC 3226, section 3. A query that advertises a smaller buffer size is non-compliant. BIND will send such queries, but this is a controversial feature. This has been noted before, for example: From: Mark Andrews <[email protected]> Subject: [dnsext] Failure to add glue MUST cause TC to be set. To: [email protected] Date: Sun, 20 Feb 2011 08:07:15 +1100 Message-Id: <[email protected]>
