[ previous ] [ next ] [ threads ]
 
 From:  "Federico Krum" <federico at thehost dot com dot ar>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] firewall blocking the EDNS responses > 512 octets
 Date:  Thu, 9 Dec 2004 16:15:32 -0300
Hi all again.

Had no reply about this yet, but I have found more references saying my
problem is caused by the firewall. 

http://homepages.tesco.net/~J.deBoynePollard/FGA/dns-edns0-and-firewalls.htm
l

It even mentions a Cisco PIX reconfiguration.

The other solution possible is to install bind 9.3 which has configuration
options for firewalls with this error. Is not only caused by bind, MS DNS
server get this error too.

I only want to know if this fix is been considered.

Thanks, Federico

-----Mensaje original-----
De: Federico Krum [mailto:federico at thehost dot com dot ar] 
Enviado el: Lunes, 06 de Diciembre de 2004 11:02 a.m.
Para: m0n0wall at lists dot m0n0 dot ch
Asunto: [m0n0wall] firewall blocking the EDNS responses > 512 octets

Hi All.

I use m0n0wall as a filtering bridge. A DNS server is behind it. While I use
this DNS from inside my internal network, I can browse with internet
explorer www.symantec.com because the resolved packets don't go through
m0n0wall. But if I am outside my network, I can't browse Symantec. 

I thought it was a virus, but guess what, by changing the DNS server to some
other I was able to browse Symantec's website. Strange.

So I googled a bit and found this:

http://www.webservertalk.com/archive69-2004-3-159475.html


It ends saying

: You have a firewall blocking the EDNS responses > 512 octets.
: Contact your firewall vendor for an upgrade.


Any clue?

Regards




---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch