On Tue, 2010-12-07 at 16:31 -0600, David A. Evans wrote:
I would like to silently drop the record lookups instead
of responding back with NXDOMAIN. Thusly generating a performance hit
as the application waits 2 seconds for the reply.
Responding with NXDOMAIN will have a definite
Our network team are quite reluctant to make any changes on the FWSM
in regards to DNS inspection.
So it seems that we are stuck with maximum UDP packet of 512 byte.
Unfortunately, I do not have much evidence (ie user complains) to
escalate this issue much further except from few number of users
In message aanlkti=t5tj29_gmngbtpug8cfyrqpgadr=-yvfwj...@mail.gmail.com, Rian
to Wahyudi writes:
Our network team are quite reluctant to make any changes on the FWSM
in regards to DNS inspection.
So it seems that we are stuck with maximum UDP packet of 512 byte.
Unfortunately, I do not have
Hi Mark,
Thanks for your quick response !
Standards Track.
RFC 2671 Extension Mechanisms for DNS (EDNS0)
RFC 3226 DNSSEC and IPv6 A6 aware server/resolver message size requirements
Unfortunately RFC is not considered as good enough ... unless if we
can find an actual proof that can be
On 2010-12-07 23:31, David A. Evans wrote:
I'm in the mood to prove a point. I have a very poorly written
application that is generating a few hundred queries per second of
completely bogus records before attempting a lookup of the correct
A records. This is because the
5 matches
Mail list logo