Maintained by: NLnet Labs

[Unbound-users] Maximum size of UDP responses?

Daisuke HIGASHI
Fri Apr 19 15:43:05 CEST 2013


Hi Wouter,

Here is a patch to implement only "max-udp-size" (a revised version).
I hope this would be applied to mainline.

 max-udp-size: <number>
   Maximum UDP response size.
   Valid values are 512 to 4096. Default is 4096.

In spite of my allow_minimal patch, Unbound should implement
max-udp-size option and defaults to 4096.
Because currently Unbound's response size has no limit and it can be
dangerous high-amplification-rate reflector if Unbound is mistakenly
configured as open-resolver. Also useful if we want to avoid IP
fragment.

Regards,
--
 Daisuke HIGASHI <daisuke.higashi at gmail.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: unbound-maxudpsize.patch
Type: application/octet-stream
Size: 6248 bytes
Desc: not available
URL: <https://unbound.nlnetlabs.nl/pipermail/unbound-users/attachments/20130419/07ac4141/attachment.obj>