Minimum safe size is recommended to be 1232. See https://dnsflagday.net/2020/

author Dominik Derigs <dl6er@dl6er.de>

Tue, 28 Dec 2021 10:03:40 +0000 (11:03 +0100)

committer Simon Kelley <simon@thekelleys.org.uk>

Thu, 13 Jan 2022 00:31:54 +0000 (00:31 +0000)
author Dominik Derigs <dl6er@dl6er.de>
Tue, 28 Dec 2021 10:03:40 +0000 (11:03 +0100)
committer Simon Kelley <simon@thekelleys.org.uk>
Thu, 13 Jan 2022 00:31:54 +0000 (00:31 +0000)
diff --git a/src/config.h b/src/config.h

index 2bb6683..227fb1f 100644 (file)
--- a/src/config.h
+++ b/src/config.h
@@ -20,7 +20,7 @@
  #define TCP_MAX_QUERIES 100 /* Maximum number of queries per incoming TCP connection */
  #define TCP_BACKLOG 32  /* kernel backlog limit for TCP connections */
  #define EDNS_PKTSZ 4096 /* default max EDNS.0 UDP packet from RFC5625 */
-#define SAFE_PKTSZ 1280 /* "go anywhere" UDP packet size */
+#define SAFE_PKTSZ 1232 /* "go anywhere" UDP packet size, see https://dnsflagday.net/2020/ */
  #define KEYBLOCK_LEN 40 /* choose to minimise fragmentation when storing DNSSEC keys */
  #define DNSSEC_WORK 50 /* Max number of queries to validate one question */
  #define TIMEOUT 10     /* drop UDP queries after TIMEOUT seconds */
author	Dominik Derigs <dl6er@dl6er.de>
	Tue, 28 Dec 2021 10:03:40 +0000 (11:03 +0100)
committer	Simon Kelley <simon@thekelleys.org.uk>
	Thu, 13 Jan 2022 00:31:54 +0000 (00:31 +0000)