Received: from mx.pao1.isc.org (mx.pao1.isc.org [149.20.64.53]) by bugs.isc.org (Postfix) with ESMTP id B82C42D20571 for ; Mon, 4 Aug 2014 02:14:14 +0000 (UTC) Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) by mx.pao1.isc.org (Postfix) with ESMTP id A1A913493E0 for ; Mon, 4 Aug 2014 02:14:11 +0000 (UTC) Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id 9EEFB160066 for ; Mon, 4 Aug 2014 02:24:16 +0000 (UTC) Received: from rock.dv.isc.org (c211-30-183-50.carlnfd1.nsw.optusnet.com.au [211.30.183.50]) by zmx1.isc.org (Postfix) with ESMTPSA id 714E6160060 for ; Mon, 4 Aug 2014 02:24:16 +0000 (UTC) Received: from rock.dv.isc.org (localhost [IPv6:::1]) by rock.dv.isc.org (Postfix) with ESMTP id 52C9E1B76D77 for ; Mon, 4 Aug 2014 12:14:07 +1000 (EST) Delivered-To: bind9-bugs@bugs.isc.org Subject: Re: [ISC-Bugs #36330] [PATCH 3/3] use a larger starting EDNS UDP size, and add some debug logging Return-Path: In-Reply-To: Your message of "Fri, 25 Jul 2014 14:45:44 +0000." X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD autolearn=ham autolearn_force=no version=3.4.0 X-Original-To: bind9-bugs@bugs.isc.org Date: Mon, 04 Aug 2014 12:14:07 +1000 References: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mx.pao1.isc.org Content-Type: text/plain; charset="utf-8" Message-ID: <20140804021407.52C9E1B76D77@rock.dv.isc.org> To: bind9-bugs@isc.org X-RT-Original-Encoding: utf-8 From: Mark Andrews RT-Message-ID: Content-Length: 1655 This one will break lookups from behind a firewall that only passes DNS queries <= 512 bytes. This can be demonstrated by having named silently drop any UDP packets > 512 bytes. named -T maxudp512 B.T.W. The broken TCP behaviour of the nameservers for soy and foo has been fixed. Mark In message , "Tony Finch via RT" writes: > --- > lib/dns/resolver.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c > index 884aeb8..0b48d1a 100644 > --- a/lib/dns/resolver.c > +++ b/lib/dns/resolver.c > @@ -2022,10 +2022,10 @@ resquery_send(resquery_t *query) { > > /* > * We know nothing about the peer's capabilities > - * so start with minimal EDNS UDP size. > + * so start with moderate EDNS UDP size. > */ > if (udpsize == 0U) > - udpsize = 512; > + udpsize = 1232; > > if ((flags & DNS_FETCHOPT_EDNSVERSIONSET) != 0) { > version = flags & DNS_FETCHOPT_EDNSVERSIONMASK; > @@ -2103,6 +2103,8 @@ resquery_send(resquery_t *query) { > * Record the UDP EDNS size choosen. > */ > query->udpsize = udpsize; > + isc_log_write(dns_lctx, DNS_LOGCATEGORY_RESOLVER, DNS_LOGMODULE_RESOLVE > R, > + ISC_LOG_DEBUG(10), "fctx %p(%s): udpsize %d", fctx, fctx->info, udp > size); > > if (udpsize > 0) > add_triededns(fctx, &query->addrinfo->sockaddr); > -- > 2.0.1 > > > > > -- > Ticket History: https://bugs.isc.org/Ticket/Display.html?id=36330 -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org