FORMERR responses after upgrading resolver from 9.16 to 9.18.8
Ondřej Surý
ondrej at isc.org
Thu Oct 20 11:50:52 UTC 2022
https://bind9.readthedocs.io/en/v9_18_8/chapter9.html?highlight=cookie
--
Ondřej Surý (He/Him)
ondrej at isc.org
My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.
> On 20. 10. 2022, at 13:49, Andreas S. Kerber <ask at ag-trek.de> wrote:
>
> Am Thu, Oct 20, 2022 at 01:23:47PM +0200 schrieb Ondřej Surý:
>> did you try writing to elbrev.com <http://elbrev.com/> operators to fix their servers to stop breaking DNS protocol? It often helps. (I'm ccing the contact in their SOA records, so let's see if anything happens.)
>>
>> It's not lack of EDNS0 support, but they fail to properly process unknown EDNS0 options - DNS Cookie in this specific example:
>
> Hi Ondřej,
>
> thanks for your quick reply and analysis regarding DNS cookies.
> Is there maybe an option to configure 9.18 to act as if it was 9.16 in this regard?
> Honestly I haven't contacted the elbrev.com people (see below).
>
>
>>> Of course I would prefer to upgrade back to 9.18.X, but I guess I won't be able to find all EDNS0 incompatible servers and loosing customers to 8.8.8.8 - which is able to resolve these names..
>> This is kind of moot argument - the DNS needs to evolve, and it can't evolve if we keep supporting broken stuff. This needs to be fixed on the authoritative operator side, not in BIND 9.
>
> You're absolutely right. I guess I've just kind of given up on convincing other people the fix their stuff (dayjob trauma). Sorry about that.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20221020/0d4acdb2/attachment.htm>
More information about the bind-users
mailing list