23 Sep
2014
23 Sep
'14
2:49 a.m.
On Sep 24, 2014, at 12:51 AM, Joe Abley
Note that for 53/udp transport the 512-byte limit is for the DNS message, and hence doesn't include the UDP and IP headers.
Yes. The things which do this are typically stateful firewalls and so-called 'IPS' systems, which are parsing the DNS message and which typically have some configuration switch equivalent to 'drop all DNS replies larger than 512 bytes', not ACLs on routers matching on overall packet length.
----------------------------------------------------------------------
Roland Dobbins