There are some applications that will do DNSSEC. You should assume that any
application may ask for DNSSEC records and that is normal. DNSSEC was designed
from the very beginning to be validated in the application and only works fully
when that is done. The recursive server still needs to val
You are correct. Normal stub resolvers on desktop clients or mobile devices
only see the AD flag (or SERVFAIL when validation fails). They will only
get all the additional DNSSEC record types if they used the +dnssec option
in dig (which sets the DO bit in the outbound query).
On Tue, Apr 11, 2023
I was in the process of setting up a test server with DNSSEC signed
domains, and asking users to point at the test server to see if the larger
packets affected their application, when I realized I might be wrong.
DNS Resolvers will get bigger responses from DNS Authoritative servers
because of DNSS
In message <70279.1412020...@server1.tristatelogic.com>, "Ronald F. Guilmette"
writes:
>
> My apologies if this question might also be considered a bit
> off-topic for this list.
>
> Is the maximum possible size of a DNS packet (just the payload part...
> not including IP and UDP headers) 64k b
My apologies if this question might also be considered a bit
off-topic for this list.
Is the maximum possible size of a DNS packet (just the payload part...
not including IP and UDP headers) 64k bytes?
I have some old code which assumes that, perhaps incorrectly.
___
On Wed, Sep 11, 2013 at 12:24 PM, Maria Iano wrote:
>
> What does it mean when the edns0 response to a dig says the overall packet
> size will be one value but the message size reported is different. For
> example in this reponse the OPT PSEUDOSECTION says udp: 4096 but at the en
On 11 Sep 2013, at 17:24, Maria Iano wrote:
> What does it mean when the edns0 response to a dig says the overall packet
> size will be one value
Not "will be one value" but "can be no more than that value".
> but the message size reported is different.
What does it mean when the edns0 response to a dig says the overall packet size
will be one value but the message size reported is different. For example in
this reponse the OPT PSEUDOSECTION says udp: 4096 but at the end it says MSG
SIZE rcvd: 275.
$ dig www.google.com
; <<>>
of bytes bytes actually used in
> the target buffer (i.e. the response packet size) or else -1 for errors.
>
> Assuming that one wishes to call res_query in a manner that allows for the
> largest possible response packet size, what size should the `answer'
> buffer have, and
When called, res_query must be passed the base address of a buffer
(`answer'), and the maximum length of that buffer (`anslen'). Upon
return, res_query returns the count of bytes bytes actually used in
the target buffer (i.e. the response packet size) or else -1 for errors.
Assumin
'?) after
>> reducing the advertised EDNS UDP packet size to 512 octets
>>
>> i have followings in my named.conf
>>
>> edns-udp-size 512;
>> max-udp-size 512;
>
> I don't see the problem. (The log message above says "success"
On Tue, 5 May 2009, alexus wrote:
> the other problem im having is these:
>
> May 5 20:44:57 dd named[21037]: success resolving
> '92.68.83.189.zen.spamhaus.org/TXT' (in 'zen.spamhaus.org'?) after
> reducing the advertised EDNS UDP packet size to 512
the other problem im having is these:
May 5 20:44:57 dd named[21037]: success resolving
'92.68.83.189.zen.spamhaus.org/TXT' (in 'zen.spamhaus.org'?) after
reducing the advertised EDNS UDP packet size to 512 octets
i have followings in my named.conf
edns-udp-size
13 matches
Mail list logo
