coredns/man/coredns-bufsize.7
Miek Gieben dcff271480 doc: run make -f Makefile.doc (#3595)
Update the docs (mechanical change).

Also run: go generate (no changes, good!)

Signed-off-by: Miek Gieben <miek@miek.nl>
2020-01-13 06:31:42 -08:00

68 lines
1.2 KiB
Groff

.\" Generated by Mmark Markdown Processer - mmark.miek.nl
.TH "COREDNS-BUFSIZE" 7 "January 2020" "CoreDNS" "CoreDNS Plugins"
.SH "NAME"
.PP
\fIbufsize\fP - sizes EDNS0 buffer size to prevent IP fragmentation.
.SH "DESCRIPTION"
.PP
\fIbufsize\fP limits a requester's UDP payload size.
It prevents IP fragmentation so that to deal with DNS vulnerability.
.SH "SYNTAX"
.PP
.RS
.nf
bufsize [SIZE]
.fi
.RE
.PP
\fB[SIZE]\fP is an int value for setting the buffer size.
The default value is 512, and the value must be within 512 - 4096.
Only one argument is acceptable, and it covers both IPv4 and IPv6.
.SH "EXAMPLES"
.PP
Enable limiting the buffer size of outgoing query to the resolver (172.31.0.10):
.PP
.RS
.nf
\&. {
bufsize 512
forward . 172.31.0.10
log
}
.fi
.RE
.PP
Enable limiting the buffer size as an authoritative nameserver:
.PP
.RS
.nf
\&. {
bufsize 512
file db.example.org
log
}
.fi
.RE
.SH "CONSIDERATIONS"
.IP \(bu 4
Setting 1232 bytes to bufsize may avoid fragmentation on the majority of networks in use today, but it depends on the MTU of the physical network links.
.IP \(bu 4
For now, if a client does not use EDNS, this plugin adds OPT RR.