AnsweredAssumed Answered

DNS flag day and DNS inspection

Question asked by Kosin Usuwanthim on Jan 2, 2019
Latest reply on Jan 2, 2019 by Kosin Usuwanthim

DNS flag day 

If there is a problem, the ednscomp tool displays an explanation for each failed test. Failures in these tests are typically caused by:

  • broken DNS software
  • broken firewall configuration

Firewalls must not drop DNS packets with EDNS extensions, including unknown extensions. 

 

How to prevent this impact on CheckPoint firewall ?

Outcomes