DNS packets are being dropped due to EDNS extesions or the UDP packet size

  • 7007286
  • 02-Dec-2010
  • 27-Apr-2012


Novell DNS


On Linux, edns-udp-size, a new setting introduced on Linux, is set by default to 4096. But, on NetWare the UDP packet size was set to 512 by default. So, with Linux DNS, it is possible to run into problems if large packets are blocked.
See the note below regarding possible firewall problems caused by EDNS


To fix possible problems caused by large packet sizes try setting the edns-udp-size to 512. There is no way to set this using the Java Console. It can be performed using ConsoleOne or iManager.
Following are steps to set the UDP size using ConsoleOne:
1. Select the DNS Server Object.
2. Right Click -> Proporties. Goto 'Other' Tab.
3. Select the multi-valued attribute,'dnipAdditionalOptions'. This attribute is added if any of the options in 'Advance' tab of DNS Server are set. If this attribute is not present, add this attribute.

4. Click 'Add'. Enter the text "edns-udp-size 512;"(without quotes) and apply the savings.

5. Restart the DNS Server. If changing edns-udp-size to 512 doesn't resolves the issue, then it could be a firewall issue.
Note: OES2sp2 will have a fix in the channel updates to address the EDNS extension from being present in the packets. The extensions are being removed as Novell does not currently support EDNS and the removal will help eliminate firewall problems due to EDNS. If you have fully patched to the latest updates in the channel on the OES2sp2 code base and still have the problems with EDNS, please contact Novell Support.