[dns-operations] Way to test remote EDNS capability?
Doug Barton
dougb at dougbarton.us
Fri Jun 7 07:33:47 UTC 2013
I'm looking at some resolver logs and seeing the "success resolving
$blah after reducing the advertised EDNS UDP packet size to 512 octets"
messages for some authoritative servers run by organizations that I
would think ought to know better. :) I've tested the path on my side
using https://www.dns-oarc.net/oarc/services/replysizetest and both my
IPv4 and IPv6 paths show as clear (which I would expect of course).
Is there any simple way test the remote side's actual capabilities?
Meanwhile I've been trying 'dig +bufsize=4096' and it seems to succeed
more often than it fails. In one particular zone 4 of the 5 auth name
server addresses succeeded, but the one that failed failed with both
+bufsize=4096 and +bufsize=512. Is it possible that named (BIND
9.9.3-p1) just happened to hit the failing server first, then it
happened to work when it backed the packet size off and tried another
server?
Insights welcome,
Doug
More information about the dns-operations
mailing list