Skip to content

DNS Flag Day 2020 - EDNS buffer size configuring does not work anymore

Summary

I think !4179 (merged) introduced a bug, that any config option of max-udp-size or edns-udp-size are not working anymore.

BIND version used

9.16.8 9.11.24

old versions ( 9.16.7 , 9.11.23 ) don't show this behavior

Steps to reproduce

Install new bind and following config:

    edns-udp-size 2000;
    max-udp-size 2000;

But you will still get a TC-bit for queries bigger than 1232 byte.

What is the current bug behavior?

You get the TC-bit even if the answer is lower than 2000 byte long.

What is the expected correct behavior?

Not getting the TC-bit.

Relevant configuration files

    edns-udp-size 2000;
    max-udp-size 2000;

Relevant logs and/or screenshots

With the new version installed on 28th October 2020 the TCP queries for DNSKEY quadrupled: Screenshot_2020-11-06_DSC-Grafana

Possible fixes

I think !4179 (merged) introduced this bug.

Edited by Arsen Stasic
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information