10 Jan
2005
10 Jan
'05
11:49 a.m.
Yes, it is correct.
It is a cisco pix, right? Maybe just replacing the thing with a 1U openbsd box will work wonders.
A PIX firewall can handle EDNS fine. It just has to be told what is the maximum EDNS size being advertised by the internal clients. The defaults assume there is no EDNS (e.g. 512). -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org