Hi Iptables(6) is not an issue. Thanks 8o)
Bruce Bruce Hayward, MTS Allstream Inc., (p) 204-958-1983 (e) [email protected] -----Original Message----- From: Roland van Rijswijk [mailto:[email protected]] Sent: October 26, 2010 1:44 AM To: Hayward, Bruce Cc: [email protected] Subject: Re: [Unbound-users] RHEL 5 and Unbound Guys, RHEL 5 + IPv6 = evil Bruce, could it be that you have ip6tables turned on? The IPv6 and ip6tables implementations in the kernel shipped with RHEL 5 are riddled with bugs. One of these bugs is that if you enable ip6tables, even without any firewall rules, the MTU size drops dramatically and the kernel mucks up IPv6 fragmentation. I've written down some of the problems we ran into on our resolvers (running unbound on both IPv4 as well as IPv6) in this blogpost (it also contains some info on compiling a newer BIND on RHEL 5.x, but you can ignore that): https://dnssec.surfnet.nl/?p=464 Cheers, -- Roland M. van Rijswijk -- SURFnet Middleware Services -- t: +31-30-2305388 -- e: [email protected] Is it really necessary to print this email? MTS ALLSTREAM INC. CONFIDENTIALITY WARNING: This email message is confidential and intended only for the named recipient(s). If you are not the intended recipient, or an agent responsible for delivering it to the intended recipient, or if this message has been sent to you in error, you are hereby notified that any review, use, dissemination, distribution or copying of this message or its contents is strictly prohibited. If you have received this message in error, please notify the sender immediately and delete the original message. If there is an agreement attached with this message, such agreement will not be binding until it is signed by all parties named therein. _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
