Bob McDonald <bmcdonal...@gmail.com> wrote: > I've seen cases where folks have added all of the Domain Controller > addresses for an AD forest to the NS list for a domain. This results in > huge TCP response packets for ALL requests to that domain.
You can safely reduce the size of answers using the `minimal-responses no-auth` or `no-auth-recursive` options available in 9.11 and later. The default in 9.12 changes from `no` to `no-auth-recursive`. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ - I xn--zr8h punycode South Biscay: Northerly 5 or 6, veering northeasterly 4 or 5. Moderate or rough, becoming slight or moderate. Rain at first. Good, occasionally poor at first. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
