Add bufsize plugin for preparing the DNS Flag Day and avoiding IP fragmentation (#3401)

* add bufsize plugin Signed-off-by: ykhr53 <yukihira.lab@gmail.com> * add docstring and comment Signed-off-by: ykhr53 <yukihira.lab@gmail.com> * delete stdout messages when get an error Signed-off-by: ykhr53 <yukihira.lab@gmail.com> * change to context.Background from TODO Signed-off-by: ykhr53 <yukihira.lab@gmail.com> * define default bufsize as defaultBufSize constant Signed-off-by: ykhr53 <yukihira.lab@gmail.com> * fix some comments Signed-off-by: ykhr53 <yukihira.lab@gmail.com> * function name change: parse Signed-off-by: ykhr53 <yukihira.lab@gmail.com> * function name change: parse Signed-off-by: ykhr53 <yukihira.lab@gmail.com>
2025-11-02 10:13:14 -05:00 · 2019-11-10 08:10:12 +00:00
parent 113783ed91
commit e23a34abb4
8 changed files with 234 additions and 0 deletions
--- a/plugin/bufsize/README.md
+++ b/plugin/bufsize/README.md
@@ -0,0 +1,30 @@
+# bufsize
+## Name
+*bufsize* - sizes EDNS0 buffer size to prevent IP fragmentation.
+
+## Description
+*bufsize* limits a requester's UDP payload size.  
+It prevents IP fragmentation so that to deal with DNS vulnerability.
+
+## Syntax
+```txt
+bufsize [SIZE]
+```
+
+**[SIZE]** is an int value for setting the buffer size.  
+The default value is 512, and the value must be within 512 - 4096.  
+Only one argument is acceptable, and it covers both IPv4 and IPv6.
+
+## Examples
+```corefile
+. {
+    bufsize 512
+    forward . 172.31.0.10
+    log
+}
+```
+
+If you run a resolver on 172.31.0.10, the buffer size of incoming query on the resolver will be set to 512 bytes.
+
+## Considerations
+For now, if a client does not use EDNS, this plugin adds OPT RR.