Is it possible to set the udp packet size for a DNS query in BIND 9.2.1??
Hi,
I'm using BIND 9.2.1 and CheckPoint FW1, when attempting recursive queries through BIND as a resolver only, the FW log is clogged with 'Badly formed DNS' messages, I have searched the net and it would appear this has to do with the advertised size of the udp packet that the DNS server can handle (I can not at present alter the FW which is the best way to resolve this).
I have found that with BIND 9.3.1 there is an entry that can be put in the properties section of named.conf (edns-udp-size=512) to force the advertised size to fall within a single udp packet, this however is not acceptable in 9.2.1 (although back ported to 8.4).
Does anyone know of a way to force BIND 9.2.1 to advertise a 512k udp packet size?
'Upgrade' is not currently an option.
Thanks in advance,
Paul.
|