[dns-operations] OARC's DNS Reply Size Test Server is not EDNS compliant

Franck Martin fmartin at linkedin.com
Tue Dec 23 23:42:18 UTC 2014


On Dec 15, 2014, at 1:34 PM, Keith Mitchell <keith at dns-oarc.net> wrote:

> On 12/14/2014 11:45 AM, Keith Mitchell wrote:
>> On 12/13/2014 04:30 PM, Mark Andrews wrote:
>>> 
>>> OARC's DNS Reply Size Test Server is not EDNS compliant.  It does 
>>> not return a OPT record to EDNS requests.  This causes named from 
>>> BIND 9.10.0 and later to classify the servers as not EDNS
>>> compliant and to only send plain DNS queries.  This in turn results
>>> in bug reports saying we fail the test when it is the test that is
>>> broken.
>> 
>> We'll look into it.
> 
> Thanks Mark for bringing this to our attention. We believe we have now
> addressed this shortcoming, if others could test and verify that would
> be helpful.
> 
> The best way to report issues with OARC services is by e-mail to
> <admin at dns-oarc.net> 
> 
I see weird results with 9.10.0 sometimes it says max EDNS is 512 sometimes it says 4096.. Looking at the bind logs, I don’t see any explicit downgrade or disable of EDNS for any query...

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20141223/28f18d57/attachment.sig>


More information about the dns-operations mailing list