TrueCloudLab/coredns
16
0
Fork 2
Code Issues Pull requests 2 Projects Releases Packages Wiki Activity Actions
coredns/plugin/bufsize
History
Exact
Petr Menšík 52f0348312
Change default value to 1232 (#6183) 
* Change default value to 1232

As specified by DNS flag day 2020, good and decent default value
avoiding fragmentation issues should be 1232. It is quite likely 1500
would work reliably on local ethernet networks.

Value 512 is set implicitly and must be used for all clients, which did
not include OPT RR with explicit value they support.

Since MR #5368 it should work correctly.

Signed-off-by: Petr Menšík <pemensik@redhat.com>

* Adapt bufsize test to new default value

Check also buffer size smaller than legacy value is not accepted.

Signed-off-by: Petr Menšík <pemensik@redhat.com>

* Update bufsize documentation

Mention also increasing request size is not possible, it can only reduce
the accepted size.

Signed-off-by: Petr Menšík <pemensik@redhat.com>

---------

Signed-off-by: Petr Menšík <pemensik@redhat.com>
2023-07-10 07:49:52 -07:00
..
bufsize.go Do not expand query UDP buffer size if already set to a smaller value (#5602) 2022-09-07 22:53:30 +09:00
bufsize_test.go Do not expand query UDP buffer size if already set to a smaller value (#5602) 2022-09-07 22:53:30 +09:00
README.md Change default value to 1232 (#6183) 2023-07-10 07:49:52 -07:00
setup.go Change default value to 1232 (#6183) 2023-07-10 07:49:52 -07:00
setup_test.go Change default value to 1232 (#6183) 2023-07-10 07:49:52 -07:00

README.md

bufsize

Name

bufsize - limits EDNS0 buffer size to prevent IP fragmentation.

Description

bufsize limits a requester's UDP payload size to within a maximum value. If a request with an OPT RR has a bufsize greater than the limit, the bufsize of the request will be reduced. Otherwise the request is unaffected. It prevents IP fragmentation, mitigating certain DNS vulnerabilities. It cannot increase UDP size requested by the client, it can be reduced only. This will only affect queries that have an OPT RR (EDNS(0)).

Syntax

bufsize [SIZE]

[SIZE] is an int value for setting the buffer size. The default value is 1232, and the value must be within 512 - 4096. Only one argument is acceptable, and it covers both IPv4 and IPv6.

Examples

Enable limiting the buffer size of outgoing query to the resolver (172.31.0.10):

. {
    bufsize 1100
    forward . 172.31.0.10
    log
}

Enable limiting the buffer size as an authoritative nameserver:

. {
    bufsize 1220
    file db.example.org
    log
}

Considerations

  • Setting 1232 bytes to bufsize may avoid fragmentation on the majority of networks in use today, but it depends on the MTU of the physical network links.