Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2 HF1, 11.5.3 HF1, 11.5.3 HF2, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.0.0, 11.6.0 HF5
Opened: Mar 12, 2015 Severity: 3-Major
There is no option to change the DNS UDP truncation value to something other than 512 bytes.
Certain network topologies that might require the UDP DNS to be passed through or have a higher limit cannot configure for it.
Using DNS UDP truncation.
None.
There is now a DB variable to control DNS UDP truncation behavior: dns.udptruncate. When dns.udptruncate is enabled, UDP DNS responses are truncated if the response is larger than 512 bytes. When dns.udptruncate is disabled, the message is not truncated, and the full message is received. If the client specifies a non-default size via EDNS, the message is truncated if the response is larger than the specified size regardless of the value of dns.udptruncate.
There is now a DB variable to control DNS UDP truncation behavior: dns.udptruncate. When dns.udptruncate is enabled, UDP DNS responses are truncated if the response is larger than 512 bytes. When dns.udptruncate is disabled, the message is not truncated, and the full message is received. If the client specifies a non-default size via EDNS, the message is truncated if the response is larger than the specified size regardless of the value of dns.udptruncate.