greetings, i have been noticing my firewall denying udp packets that exceed 512. What is the correct packet size , and should I make any adjustments on ether the dns side or the firewall?
sample firewall log: Oct 9 09:46:33 192.168.1.2 %PIX-4-410001: Dropped UDP DNS reply from outside:209.1.1.2/53 to inside:209.96.10.100/53661; packet length 523 bytes exceeds configured limit of 512 bytes Oct 9 09:46:33 192.168.1.2 %PIX-4-410001: Dropped UDP DNS reply from outside:209.1.1.2/53 to inside:209.96.10.100/53661; packet length 557 bytes exceeds configured limit of 512 bytes Oct 9 09:46:33 192.168.1.2 %PIX-4-410001: Dropped UDP DNS reply from outside:209.1.1.2/53 to inside:209.96.10.100/53661; packet length 523 bytes exceeds configured limit of 512 bytes Oct 9 09:46:33 192.168.1.2 %PIX-4-410001: Dropped UDP DNS reply from outside:209.1.1.2/53 to inside:209.96.10.100/53661; packet length 557 bytes exceeds configured limit of 512 bytes Oct 9 09:46:35 192.168.1.2 %PIX-4-410001: Dropped UDP DNS reply from outside:209.1.1.2/53 to inside:209.96.10.100/53661; packet length 519 bytes exceeds configured limit of 512 bytes Oct 9 09:46:38 192.168.1.2 %PIX-4-410001: Dropped UDP DNS reply from outside:209.1.1.2/53 to inside:209.96.10.100/53661; packet length 573 bytes exceeds configured limit of 512 bytes thanks for any insight -jeff
