Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
COREDNS-BUFSIZE(7)		CoreDNS	Plugins		    COREDNS-BUFSIZE(7)

NAME
       bufsize - sizes EDNS0 buffer size to prevent IP fragmentation.

DESCRIPTION
       bufsize limits a	requester's UDP	payload	size.  It prevents IP fragmen-
       tation, mitigating certain DNS vulnerabilities.

SYNTAX
	      bufsize [SIZE]

       [SIZE]  is an int value for setting the buffer size.  The default value
       is 512, and the value must be within 512	- 4096.	 Only one argument  is
       acceptable, and it covers both IPv4 and IPv6.

EXAMPLES
       Enable  limiting	 the  buffer  size  of	outgoing query to the resolver
       (172.31.0.10):

	      .	{
		  bufsize 512
		  forward . 172.31.0.10
		  log
	      }

       Enable limiting the buffer size as an authoritative nameserver:

	      .	{
		  bufsize 512
		  file db.example.org
		  log
	      }

CONSIDERATIONS
          Setting 1232	bytes to bufsize may avoid fragmentation on the	major-
	   ity of networks in use today, but it	depends	 on  the  MTU  of  the
	   physical network links.

          For now, if a client	does not use EDNS, this	plugin adds OPT	RR.

CoreDNS				  March	2021		    COREDNS-BUFSIZE(7)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=coredns-bufsize&sektion=7&manpath=FreeBSD+Ports+14.3.quarterly>

home | help