Ano-Tech Computers

Enter keyword:

Juniper SRX: Add support for EDNS
Problem: Cisco and Juniper firewalls by default limits DNS UDP packets to a maximum size of 512 bytes. Windows Server 2008 by default ships with EDNS enabled, which utilizes DNS packets larger than 512 bytes. How do I enable support for this?
Solution: "`set security alg dns maximum-message-length 1500`" This adjusts the maximum UDP message size for DNS packets to 1500 bytes. If you allow even bigger packets (check MTU/MRU) then adjust the number accordingly.
Discuss this solution
Did this article solve your problem? Yes No Did not apply

This is free technical advice without any warranties. Use at your own risk. Solutions offered may not apply to your particular problem at all. Opinions and views expressed in the articles are the authors' personal and may not necessarily reflect or coincide with those of Ano-Tech Computers. We take no responsibility if anything bad happens from following any of the intructions given. If you don't understand and accept this, please contact us for personal assistance instead.
To read our full disclaimer, go here.

We welcome anyone who is willing to contribute to this public knowledge base, contact siteadmin@atc.no if you have information you would like to share. The idea is not to replace the commercial support sites, but to publish those hard-to-find solutions you've found yourself looking for over and over again.

Show all articles