Operators, how do you handle EDNS?
Ray Van Dolson
rvandolson at esri.com
Wed Jan 14 01:00:38 UTC 2009
On Tue, Jan 13, 2009 at 04:35:46PM -0800, Mark Andrews wrote:
> The number of nameservers that fail to respond to EDNS
> queries is miniscule. The majority of nameservers on the
> net actually talk EDNS.
>
> I suggest that you re-analyse the failures to determine
> their true causes.
>
> Mark
I'd thought we'd ruled this out, but testing again from an OOB server
confirms what you're saying.
Will definitely reinvestigate.
Initially I am getting these in response to my dig queries:
# dig @130.76.96.65 boeing.com soa +dnssec +norec
;; Warning: ID mismatch: expected ID 1582, got 13152
;; Warning: ID mismatch: expected ID 1582, got 13152
;; Warning: ID mismatch: expected ID 1582, got 13152
; <<>> DiG 9.3.5-P2 <<>> @130.76.96.65 boeing.com soa +dnssec +norec
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
I guess our firewall could be tinkering with the request ID's? Perhaps
as a result of dnssec being on... hmm.
More information about the bind-users
mailing list