[76991] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU

daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Mon Jan 10 08:29:57 2005

Date: Mon, 10 Jan 2005 18:59:25 +0530
From: Suresh Ramasubramanian <ops.lists@gmail.com>
Reply-To: Suresh Ramasubramanian <ops.lists@gmail.com>
To: Mark Andrews <Mark_Andrews@isc.org>
Cc: Alexei Roudnev <alex@relcom.net>, nanog@merit.edu
In-Reply-To: <200501101142.j0ABgSVO013787@drugs.dv.isc.org>
Errors-To: owner-nanog-outgoing@merit.edu


On Mon, 10 Jan 2005 22:42:28 +1100, Mark Andrews <Mark_Andrews@isc.org> wrote:
> > I receive DNS responses > 500 bytes every day (reported by PIX firewall). So
> > it is an issue, no matter wgat is recomended in RFC.
> 
>         The correct thing to do is to fix your firewall to handle the
>         EDNS responses.

It is a cisco pix, right?  Maybe just replacing the thing with a 1U
openbsd box will work wonders.

-- 
Suresh Ramasubramanian (ops.lists@gmail.com)


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[76991] in North American Network Operators' Group

Re: Broken PMTUD for . + TLD servers, was: Re: Smallest Transit MTU

daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)Mon Jan 10 08:29:57 2005

daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Mon Jan 10 08:29:57 2005