Re: ip6tables with raw table(no conntrack) drop fragmented packet

Thanks! Larry On Sat, Oct 1, 2016 at 2:21 PM, /dev/rob0 wrote: > On Fri, Sep 30, 2016 at 11:55:18PM -0400, Larry Larson wrote: > > I've followed instructions in this BIND Knowledge base article and > > installed ip6tables on my DNS server, using raw table with no > > con

ip6tables with raw table(no conntrack) drop fragmented packet

Greetings, I've followed instructions in this BIND Knowledge base article and installed ip6tables on my DNS server, using raw table with no conntrack for DNS: https://kb.isc.org/article/AA-01183/0/Linux-connection-tracking-and-DNS.html But for IPv6 it drops fragmented packets, for example this qu