Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
COREDNS-BUFSIZE(7)		CoreDNS	Plugins		    COREDNS-BUFSIZE(7)

NAME
       bufsize - sizes EDNS0 buffer size to prevent IP fragmentation.

DESCRIPTION
       bufsize limits a	requester's UDP	payload	size.  It prevents IP fragmen-
       tation, mitigating certain DNS vulnerabilities.

SYNTAX
	      bufsize [SIZE]

       [SIZE] is an int	value for setting the buffer size.  The	default	 value
       is  512,	and the	value must be within 512 - 4096.  Only one argument is
       acceptable, and it covers both IPv4 and IPv6.

EXAMPLES
       Enable limiting the buffer size	of  outgoing  query  to	 the  resolver
       (172.31.0.10):

	      .	{
		  bufsize 512
		  forward . 172.31.0.10
		  log
	      }

       Enable limiting the buffer size as an authoritative nameserver:

	      .	{
		  bufsize 512
		  file db.example.org
		  log
	      }

CONSIDERATIONS
       o   Setting 1232	bytes to bufsize may avoid fragmentation on the	major-
	   ity of networks in use today, but it	depends	 on  the  MTU  of  the
	   physical network links.

       o   For now, if a client	does not use EDNS, this	plugin adds OPT	RR.

CoreDNS				  March	2021		    COREDNS-BUFSIZE(7)

NAME | DESCRIPTION | SYNTAX | EXAMPLES | CONSIDERATIONS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=coredns-bufsize&sektion=7&manpath=FreeBSD+13.1-RELEASE+and+Ports>

home | help