EDNS, 9.12 and archives.gov
Mark Boolootian
booloo at ucsc.edu
Wed Apr 11 18:28:18 UTC 2018
Hi folks,
I upgraded out of 9.10 and into 9.12
last week. Subsequent to that, I received
complaints about hosts in archives.gov
failing to resolve.
We run validating recursive servers, and
archives.gov is signed.
I've poked at this but concluded I lack
enough DNS foo to understand the specifics
of the trouble. It seems clear that archives.gov
isn't fully baked when it comes to EDNS:
https://ednscomp.isc.org/ednscomp/77e4f9ead1
and I suspect that is what causes the resolution
failures.
I've read the thread on "Enforce EDNS". I've
tried reaching out to the standard RFC2142
aliases at archives.gov, but it looks like most of
them bounce. I'm not feeling particularly optimistic
about being able to effect change on that end
,
even if I got an answer.
I'm wondering if anyone from this august group
can clue me in to how I might config around this
issue for the archives.gov servers (assuming that
is possible).
Any help greatly appreciated.
best regards,
mark
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180411/1ac0fa69/attachment-0001.html>
More information about the bind-users
mailing list