On Tue, May 4, 2010 at 10:43 AM, Stephane Bortzmeyer <bortzme...@nic.fr>wrote:
> On Tue, May 04, 2010 at 10:27:25AM -0400, > Linux Addict <linuxaddi...@gmail.com> wrote > a message of 89 lines which said: > > > lacks EDNS, defaults to 512" > > DNS reply size limit is at least 490" > > "Tested at 2010-05-04 14:21:02 UTC" > > You edited the responses (which includes an IP address). Is it the IP > address of your resolver? There is may be a forwarder which does not > have EDNS. > > Second possibility, a middlebox mangles your packets and deletes EDNS > options. > > Actually that IP was our external NAT. One information I neglected to mention is bind forwards to a tinydns appliance which of course does not support DNSSEC for obvious reasons. So what are my options now? Will the internet work for me tomorrow? At least I have company in Google.. dig +short rs.dns-oarc.net txt @8.8.8.8 rst.x476.rs.dns-oarc.net. rst.x485.x476.rs.dns-oarc.net. rst.x490.x485.x476.rs.dns-oarc.net. "64.233.168.94 DNS reply size limit is at least 490" "64.233.168.94 lacks EDNS, defaults to 512" "Tested at 2010-05-04 15:00:07 UTC"
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users