[CentOS] BIND issues, server not responding

Thu Aug 23 16:37:52 UTC 2007
Feizhou <feizhou at graffiti.net>

Paul Heinlein wrote:
> On Thu, 23 Aug 2007, Feizhou wrote:
> 
>>
>>>  You only need the tcp rule if you plan on serving up zone
>>>  transfers, not if plan on only requesting them.
>>>
>>
>> Well, very rare but answers that are over 512 bytes will have to be 
>> sent over tcp since the rfc 1035 mandates maximum 512 bytes for the 
>> udp payload. So tcp is not just for zone transfers only.
> 
> Note that by default Win 2003 uses a packet size of 1280 per Paul 
> Vixie's suggestion in RFC 2671 section 4.5.1. I don't know if any other 
> OS implementations do the same.
> 
> In any event, I've found it helpful to allow up to 1280 bytes of DNS UDP 
> traffic. Setting the limit at 512 triggers a noticable number of 
> retries, at least in our environment.
> 

Sigh. I can see some caching servers with big scissors to apply to udp 
packets...if they at all issue queries that get such large replies...