[Unbound-users] problems resolving www.iana.org / ianawww.vip.icann.org
Daisuke HIGASHI
daisuke.higashi at gmail.com
Tue Jun 21 10:36:53 UTC 2011
Hi, Wouter. Thanks to reply.
2011/6/20 W.C.A. Wijngaards <wouter at nlnetlabs.nl>:
> The reponses for this query, the DNSKEY and the A responses are over 3
> Kb. You likely have path MTU trouble. Something is wrong with your
> fragments. Perhaps you own firewall is set to stop UDP fragments?
You are right. -- my firewall (modem) handles fragments incorrectly.
It seems that my firewall denies all fragments until first fragment
(offset=0) arrives. Most times first fragment from vip.icann.org does
not arrives first at my network. I don't know why but always packets
may be reordered...
> There is the OARC reply size tester to help with that.
I wasn't able to find the problem because it sends me 1st fragment first.
--
Daisuke HIGASHI <daisuke.higashi at gmail.com>
More information about the Unbound-users
mailing list