In message <[EMAIL PROTECTED]>, Stephane Bortzmeyer writes:
> On Thu, Oct 09, 2008 at 09:49:57AM -0400,
> jeff donovan <[EMAIL PROTECTED]> wrote
> a message of 29 lines which said:
>
> > i have been noticing my firewall denying udp packets that exceed
> > 512.
>
> Very bad idea. It will prevent any DNS feature younger than twelve
> years (DNSSEC, IDN, IPv6).
>
> > What is the correct packet size ,
>
> 64k, the maximum size of an UDP packet.
A better answer is the maximun of whatever EDNS UDP sizes
your nameservers and other DNS clients advertise. Named
will advertise a size up to 4096 bytes, which is also the
default.
See RFC 2671 and edns-udp-size in named.conf.
Network Working Group P. Vixie
Request for Comments: 2671 ISC
Category: Standards Track August 1999
Extension Mechanisms for DNS (EDNS0)
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED]
