Re: [Pdns-users] EDNS support + default buffer size
Its my understanding that EDNS is going to be required to exchange keys properly for DNSSEC. Am I wrong? Is EDNS going to be a requirement in the future? Thanks in advance, Curtis On 3/18/2010 8:40 PM, Michael Fincham wrote: Hi Bert, Thanks for the expedient and comprehensive reply. On Thu, 2010-03-18 at 06:45 +0100, bert hubert wrote: The 'nothing but trouble' refers to the surprisingly large number of servers that when queried with EDNS on, either provide no answer, return a SERVFAIL or a malformed answer. As it turns out, my testing has shown that at least one important NZ-based government website falls in to this category :( I hope the above answers your questions. Sure did, cheers. ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
[Pdns-users] EDNS support + default buffer size
Hi all, I've just tested the PowerDNS Recursor 3.2 with its out of the box configuration against the tests outlined at https://www.dns-oarc.net/oarc/services/replysizetest It seems that EDNS is disabled by default, which is confirmed by the comment attached to changeset #1430 (http://wiki.powerdns.com/trac/changeset/1430) Looking at the source it seems in 3.2 an option disable-edns=no was added which turns EDNS support on. A cursory test here shows that adding this to the stock config does cause the dns-oarc reply size test to report a reply size of 1200 vs 512 when EDNS is off. What is the status of EDNS support? Is it safe to rely on in production environments? What specifically does the nothing but trouble comment on the changeset refer to? Also, the buffer size of 1200 appears to be hard coded. Is there any particular reason for this value? I'm guessing it has to do with avoiding fragmentation, but it'd be nice to know for sure. Thanks, -- -Michael Fincham System Administrator, Unleash www.unleash.co.nz Phone: 0800 750 250 ___ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users
