512 bytes for edns-buffer-size?
mibere opened this issue · comments
mibere commented
Hi,
my Unbound of dnscrypt.me is running with
edns-buffer-size: 1472
As Let's Encrypt uses a size of 512 for their server now - see here - is it also a recommendation for DNSCrypt server operators?
Frank Denis commented
Interesting.
Unbound (for a long time), and probably most modern DNS resolvers, set the IP_PMTUDISC_OMIT
flag on Linux.
So, let's Encrypt decision sounds a bit overzealous to me, but discussions are likely to follow on the PowerDNS, Knot and Unbound lists, and these will be definitely worth following.