Hi, I agree with Eric that your question might apply to the authoritative name server rather than Unbound. Having said that, there are options to reduce/minimize the authoritative and additional section in a DNS response (minimal-responses option both in NSD and Unbound), but not for the answer section.
For large answers though, TCP fail-over should work or an EDNS buffer size of 4096 (if client supports EDNS). An authoritative/recursive name server cannot cut an answer in pieces and remove RRs. If your users still encounter this problem with a large answer section, the suggestion of Eric would be your path forward and you can develop a Python plugin to modify DNS replies such that if fits with your requirements. Best regards, -- Benno On 06/08/2017 22:14, Eric Luehrsen via Unbound-users wrote: > It is not entirely clear from your question, so it may be that your > question applies to NSD vs BIND rather than Unbound vs BIND. Note where > BIND is a combined recursive server and authoritative server, Unbound is > a standalone recursive server, and NSD is a standalone authoritative server. > > If your hosting provider is handling the authoritative DNS, then you can > use Unbound and python plug-ins to modify the records. You may find a > reasonable starting point under "examples" here: > http://unbound.net/documentation/pythonmod/index.html. Maybe do > something similar to blacklist record manipulation and instead strip > excess records. > > > On 08/06/2017 11:57 AM, Avi Harari via Unbound-users wrote: >> Can anyone assist? >> Thanks in advance! >> >> 2017-08-03 16:25 GMT-04:00 Avi Harari <harari...@gmail.com >> <mailto:harari...@gmail.com>>: >> >> >> >> Dear List, >> >> I'm currently using bind and I have a unique scenario. >> I have A records with multiple IPs (e.g xyz.mydomain.com >> <http://xyz.mydomain.com> has 200 different IPs). >> Recently some users encountered an issue while trying to resolve >> these records, apparently due to the record size. >> I was wondering if with Unbound I can control the response size >> and limit it (so that for example when a user is resolving >> xyz.mydomain.com <http://xyz.mydomain.com> he will only receive >> one or several records as per the round robin load balancing). >> Looking forward for your insights. >> >> Regards, >> Avi >> >> >> >> -- >> אבי הררי > -- Benno J. Overeinder NLnet Labs http://www.nlnetlabs.nl/