On 2024-05-05 20:47, Mark Andrews wrote:
On 6 May 2024, at 07:38, J Doe <gene...@nativemethods.com> wrote:
Hello,
I run BIND 9.18.26 as a recursive, validating resolver. In my logs, I
noticed the following:
01-May-2024 00:52:49.689 lame-servers: info: truncated TCP response
resolving 'www.ipfire.org/A/IN': 74.113.60.134#53
I am aware that there are issues with DNS UDP traffic being truncated
and/or rejected via firewalls or middle-boxes that enforce limits on
expected packet size (I believe one of the goals of a recent Flag Day
was to address these configs), but what would lead to truncated TCP
traffic in the context of DNS ?
Usually it is a software bug in the server where it doesn’t support 65535 byte
responses or incorrectly applies UDP limits to TCP. Very occasionally the
response actually won’t fit in 65535 bytes.
Whatever it was I’m not seeing it now.
Mark
Thanks,
- J
Hi Mark,
When you say "server" do you mean my server (which implies that there is
a TCP/IP stack issue on my end), or the remote server (in this case the
authoritative DNS Server for: www.ipfire.org) ?
Thanks,
- J
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
