-----Original Message----- From: Tony Finch <d...@dotat.at> Date: Wednesday, July 4, 2012 7:54 AM To: Cathy Almond <cat...@isc.org> Cc: "bind-users@lists.isc.org" <bind-users@lists.isc.org> Subject: Re: getting edns disabling message in logs
>Cathy Almond <cat...@isc.org> wrote: >> >> >>https://kb.isc.org/article/AA-00708/55/Why-does-BIND-log-messages-about-d >>isabling-EDNS-or-reducing-the-advertised-packet-size >> >> (Just created, so apologies if there are any typos or other editorial >> corrections needed - they will happen later) > >I suggest "middlebox" since "middleware" usually means something like a >horrific enterprisey web services message bus framework. i think you could just leave out middleware entirely in that sentence. :) >> > Is there any way that we can show that current disabling EDNS happens >>by >> > firewall issue ? >> >> That's a bit tricky, if what's broken is not in your network space. On >> the other hand, if you're getting this reported for every domain that is >> queried, then it's probably *your* problem. > >Try the DNS-OARC reply size test server. >https://www.dns-oarc.net/oarc/services/replysizetest/ thanks, this is quite useful. i'd always just issued queries for common domains i know aren't misconfigured (e.g. google) -- when it's a local firewall problem many of these log obvious errors. there was a default configuration in many legacy cisco appliances that caused issues, but defaults were updated awhile back on newer gear so it's become less of an issue for me. https://supportforums.cisco.com/thread/2013390 _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
