Hi All
Due to the DNS changes to the packet size up from 512 for EDNS.
Recent increases in DNSSEC deployment are exposing problems with DNS resolvers that cannot receive large packet responses.
I understand THAT the Astaro products are OK.
But I know various ISP forwarders that are not.
INFO:-
Please see Update status Root DNSSEC Blog Archive Status Update, April 2010
On May 5, the world's top domain authorities (led by ICANN, the US Government and Verisign) will complete the first phase of the roll-out of DNSSEC (Domain Name System Security Extensions) across the 13 root servers that direct user requests to the relevant websites on the internet.
The DNSSEC upgrade adds a digital signature to the response from every DNS (Domain Name Server) request to give an internet user an extra level of assurance that the domain name is translated to the correct Internet location (such as a website, or email destination).
Warning: Why your Internet might fail on May 5 - Security - Technology - News - iTnews.com.au
Tools:-
https://www.dns-oarc.net/oarc/services/replysizetest
Updated Reply-Size Tester | RIPE Labs
Correct response:-
The output should look something like this:
rst.x4001.rs.dns-oarc.net.
rst.x3985.x4001.rs.dns-oarc.net.
rst.x4023.x3985.x4001.rs.dns-oarc.net.
"192.168.1.1 sent EDNS buffer size 4096"
"192.168.1.1 DNS reply size limit is at least 4023 bytes"
This thread was automatically locked due to age.
