FORMERR responses after upgrading resolver from 9.16 to 9.18.8
Andreas S. Kerber
ask at ag-trek.de
Thu Oct 20 11:49:35 UTC 2022
Am Thu, Oct 20, 2022 at 01:23:47PM +0200 schrieb Ondřej Surý:
> did you try writing to elbrev.com <http://elbrev.com/> operators to fix their servers to stop breaking DNS protocol? It often helps. (I'm ccing the contact in their SOA records, so let's see if anything happens.)
>
> It's not lack of EDNS0 support, but they fail to properly process unknown EDNS0 options - DNS Cookie in this specific example:
Hi Ondřej,
thanks for your quick reply and analysis regarding DNS cookies.
Is there maybe an option to configure 9.18 to act as if it was 9.16 in this regard?
Honestly I haven't contacted the elbrev.com people (see below).
> > Of course I would prefer to upgrade back to 9.18.X, but I guess I won't be able to find all EDNS0 incompatible servers and loosing customers to 8.8.8.8 - which is able to resolve these names..
> This is kind of moot argument - the DNS needs to evolve, and it can't evolve if we keep supporting broken stuff. This needs to be fixed on the authoritative operator side, not in BIND 9.
You're absolutely right. I guess I've just kind of given up on convincing other people the fix their stuff (dayjob trauma). Sorry about that.
More information about the bind-users
mailing list