[dns-operations] What's the most EDNS option codes you seen?
Mark Andrews
marka at isc.org
Tue Mar 7 23:49:29 UTC 2017
In message <D6ED7B4D-95AE-460B-817C-B72A89D32373 at cisco.com>, "Brian Hartvigsen
(bhartvig)" writes:
>
> At OpenDNS/Cisco Umbrella we haven’t looked into this directly, but we
> have code deployed on the end point that stuffs multiple ENDS options
> into a single request. There are networks where that fails. Our testing
> has shown that some devices still kill DNS packets with more then 1
> option code in the OPT record.
>
> Other then where we have code to inject multiple options, we normally
> only see 0 or 1 in requests. Upstream, we generally only send 1 (EDNS
> Client Subnet) at this time.
>
> — Brian
There are ones that drop any EDNS option.
There are ones that drop any query with a NSID option present.
There are ones that FORMERR on any EDNS option independent of EDNS version.
There are ones that return BADVERS on any EDNS option to EDNS(0) queries.
See https://ednscomp.isc.org
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the dns-operations
mailing list