Minimum safe size is recommended to be 1232. See https://dnsflagday.net/2020/ [commit 43082362626dc85a8ea2ba7af2db091f4482932b upstream] Change-Id: Ia2c264bb74b1a8a13020daaa105b9aa71a53403c Signed-off-by: DL6ER <dl6er@dl6er.de>

commit: ca6b560565d759021fa7c737ae08b988fe792e61 [log] [tgz]
author: Dominik Derigs <dl6er@dl6er.de> Tue Dec 28 11:03:40 2021 +0100
committer: Tarun Kundu <tarun.kundu@est.tech> Wed Apr 10 08:43:33 2024 -0700
tree: df16120da38f4eb905a55b1ff61835ec09da8474
parent: d49eb85a8a1089f07e081f42317e7d55d0aaf7c7 [diff] [blame]
diff --git a/src/config.h b/src/config.h
index 45b1c4c..3f016c4 100644
--- a/src/config.h
+++ b/src/config.h

@@ -20,7 +20,7 @@
 #define TCP_MAX_QUERIES 100 /* Maximum number of queries per incoming TCP connection */
 #define TCP_BACKLOG 32  /* kernel backlog limit for TCP connections */
 #define EDNS_PKTSZ 4096 /* default max EDNS.0 UDP packet from RFC5625 */
-#define SAFE_PKTSZ 1280 /* "go anywhere" UDP packet size */
+#define SAFE_PKTSZ 1232 /* "go anywhere" UDP packet size, see https://dnsflagday.net/2020/ */
 #define KEYBLOCK_LEN 40 /* choose to minimise fragmentation when storing DNSSEC keys */
 #define DNSSEC_WORK 50 /* Max number of queries to validate one question */
 #define TIMEOUT 10 /* drop UDP queries after TIMEOUT seconds */
commit	ca6b560565d759021fa7c737ae08b988fe792e61	[log] [tgz]
author	Dominik Derigs <dl6er@dl6er.de>	Tue Dec 28 11:03:40 2021 +0100
committer	Tarun Kundu <tarun.kundu@est.tech>	Wed Apr 10 08:43:33 2024 -0700
tree	df16120da38f4eb905a55b1ff61835ec09da8474
parent	d49eb85a8a1089f07e081f42317e7d55d0aaf7c7 [diff] [blame]