[Dnsmasq-discuss] Large AXFR through dnsmasq causes dig to hang with partial results
Connor Bell
ConnorBell at fico.com
Wed Oct 10 11:02:42 BST 2018
Hi everyone,
I've had a strange issue I've been trying to resolve over the past few days where dnsmasq seems to only be allowing part of a zone transfer through, causing dig to hang.
I opened a Stackoverflow post to track it with most of the information I've found.
https://serverfault.com/questions/933956/large-axfr-through-dnsmasq-causes-dig-to-hang-with-partial-results
With a tcpdump comparing a request with dnsmasq acting as forwarder and without, I can see in both cases that the upstream bind server replies with two packets, 2521 bytes and 189 bytes. When digging dnsmasq, the first packet is read out correctly and dig sits and waits for the second packet, which for some reason it never seems to receive.
When digging bind directly, dig receives both packets and reads out the answer correctly. I'm guessing I'm hitting a packet size limit causing it to split the response, but why does dig not receive the second packet from dnsmasq?
Kind regards,
Connor Bell
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20181010/b10cbabd/attachment.html>
More information about the Dnsmasq-discuss
mailing list