On Wed, Jan 21, 2009 at 11:47:01AM -0500, Todd Snyder <tsny...@rim.com> wrote a message of 38 lines which said:
> I am sure there is much in the RTFM category, and I will continue to > RTFM, The FM here is RFC 2671, published nine years ago (a lot of time in Internet terms). > We are seeing some firewall messages indicating that one of our FW's is > getting DNS respones at 600ish btyes: > > 2009 Jan 21 14:03:02 -- %FWSM: Dropped UDP DNS reply from xxxxxxxx/53 to > yyyyyyy/2114; packet length 660 bytes exceeds configured limit of 512 > bytes That is a badly configured firewall. Fire the guy who configured it, and hire someone else, someone who knows about the things developed in the last ten years. As mentioned by Anton Korotin, the root name servers send answers > 512. _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
