Skip to content

Commit 41b468f

Browse files
kanashimiakanashimia
committed
Always query DNS records over TCP instead of UDP
TXT records can be quite large, with is a problem for DNS challenges, they don't fit in the 512 buffer especially if there are multiple. DNS servers can increase the buffer size through EDNS0 extension, and retry over TCP if that wasn't enough. For the pebble puposes there isn't much reason to try UDP first, it is possible to just always query DNS records over TCP, so we do. Also see docs for Exchange function: https://pkg.go.dev/github.com/miekg/dns#Client.Exchange Was originally found in #536 (comment)
1 parent d180fbf commit 41b468f

2 files changed

Lines changed: 1 addition & 0 deletions

File tree

pebble

11.3 MB
Binary file not shown.

va/va.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -139,6 +139,7 @@ func New(
139139
if customResolverAddr != "" {
140140
va.log.Printf("Using custom DNS resolver for ACME challenges: %s", customResolverAddr)
141141
va.dnsClient = new(dns.Client)
142+
va.dnsClient.Net = "tcp"
142143
} else {
143144
va.log.Print("Using system DNS resolver for ACME challenges")
144145
}

0 commit comments

Comments
 (0)