My DC (MS W2K8R2) which is running DNS is throwing a lot of 5501 events.The DNS server encountered a bad packet from 126.96.36.199. Packet processing leads beyond packet length. The event data contains the DNS packet.
The MS KB says this is the problem with the router (pfsense):This issue occurs because of the Extension Mechanisms for DNS (EDNS0) functionality that is supported in Windows Server 2003 DNS.
EDNS0 permits the use of larger User Datagram Protocol (UDP) packet sizes. However, some firewall programs may not permit UDP packets that are larger than 512 bytes. As a result, these DNS packets may be blocked by the firewall.http://support.microsoft.com/kb/832223
Any idea on how to investigate on the router?
Thank you fine folks!