Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU

  • From: Suresh Ramasubramanian
  • Date: Mon Jan 10 08:30:54 2005
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=WiIN9jEtcQDZH+CoZk8F3tyEmvqBJD+n1dbrj6Wkt5XuhqpgQm2P2/m0qbGaYC+u59OnPfdg0/8q9+uyRLNHIqX5RnL96yPJvlV3JIoXr8U3wy/KLBmdDtzJvaP2qpsLNpbVMluBdio/R3CaGVnnip9zq7YYtKDKCwMmgS4kYRg=

On Mon, 10 Jan 2005 22:42:28 +1100, Mark Andrews <Mark_Andrews@isc.org> wrote:
> > I receive DNS responses > 500 bytes every day (reported by PIX firewall). So
> > it is an issue, no matter wgat is recomended in RFC.
> 
>         The correct thing to do is to fix your firewall to handle the
>         EDNS responses.

It is a cisco pix, right?  Maybe just replacing the thing with a 1U
openbsd box will work wonders.

-- 
Suresh Ramasubramanian (ops.lists@gmail.com)




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.