[Pdns-users] Using root-referral

Joyce LAMBERT lambert.joyce at gmail.com
Fri Jan 29 14:30:35 UTC 2010


I'am using the option send-root-referral=lean (or yes) in my powerdns
authoritative server.

This server isn't recursive.

When my server need to reply with CNAME where we are not authoritative for
the destination, the server add root server in the authority section, and ip
address in the additional section.

Often this reply, can't enter in a UDP packet and need a TCP reply.

When i analyse trafic with tcpdump and wireshark i can found
[Malformed Packet: DNS]

For most resolver, this is not a problem, and communication continue in TCP

But it look like some other resolver (or firewall) stop on this Malformed
Packet and resolution can't finish.
But only with PowerDNS authoritative server. With other, this type of
resolver can switch in TCP


One solution is the reduce the number of root server we send on authority
and additional section to limit the packet size.
This can't bo done in configuration file and need to patch sources file.

Do you now this problem, and is there any other solution.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20100129/dd1fb0d7/attachment.html>


More information about the Pdns-users mailing list