Viktor Dukhovni (ietf-dane) writes:
> The below was just brought to my attention, a domain with 81(!) records
> in its NS RRSet (3201 bytes over TCP):
Eek.
Someone leaked their AD zone... And, they made every DC auth for the
zone,
or they have many locations - either way it's not good. I've dealt with
customer environments where clients stopped being able to log on the day
the response size for the NS RRSet crossed 512 bytes (what, DNS runs
needs TCP and 512 bytes isn't the limit ?).
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
