[vmp]

I had to turn off DNSSEC support for my Bind9 at home, from time to time pages wouldn't resolve or it would take up to 10 seconds (ages!). When I checked the logs it was something about EDNS packet sizes that tripped it up. Turned EDNS off (and DNSSEC with it) and had no issues what so ever. It's a pretty standard installation with a few master zones and it's resolving queries directly - without forwarding to ISP or GoogleDNS or anything.