Hi Due to the DNS changes to the packet size up from 512.
Recent increases in DNSSEC deployment are exposing problems with DNS resolvers that cannot receive large responses.
Please see the below response
Announced buffer size:
512 bytes
Measured buffer size:
486 bytes
EDNS enabled:
no
DNSSEC enabled:
no
Your resolver does not have DNSSEC enabled.
Your resolver was only able to get packets SMALLER than 512 bytes.
Please see Update status Root DNSSEC Blog Archive Status Update, April 2010
On May 5, the world's top domain authorities (led by ICANN, the US Government and Verisign) will complete the first phase of the roll-out of DNSSEC (Domain Name System Security Extensions) across the 13 root servers that direct user requests to the relevant websites on the internet.
The DNSSEC upgrade adds a digital signature to the response from every DNS (Domain Name Server) request to give an internet user an extra level of assurance that the domain name is translated to the correct Internet location (such as a website, or email destination).
Warning: Why your Internet might fail on May 5 - Security - Technology - News - iTnews.com.au
https://www.dns-oarc.net/oarc/services/replysizetest
