FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
fgilloteau_FTNT
Description
Extension mechanisms for DNS (EDNS) is a specification for expanding the size of several parameters of the Domain Name System (DNS) protocol which had size restrictions that the Internet engineering community deemed too limited for increasing functionality of the protocol. The first set of extensions was published in 1999 by the Internet Engineering Task Force as RFC 2671, also known as EDNS0.

More information is available here: https://en.wikipedia.org/wiki/Extension_mechanisms_for_DNS

EDNS0 implies UDP DNS message length larger than 512 bytes. Some firewalls can block this kind of messages assuming the maximum size of a DNS message length is 512 bytes.

FortiGate supports EDSN0, and thus DNS messages with length larger than 512 bytes.

Contributors