[dns-operations] DNS cookies in a mixed resolver anycast environment

Ondřej Surý ondrej at sury.org
Mon Jun 3 09:45:04 UTC 2019

> 7On 3 Jun 2019, at 11:13, Tobias S. Josefowitz <t.josefowitz at gmail.com> wrote:
> On Fri, May 31, 2019 at 7:13 PM Ondřej Surý <ondrej at sury.org> wrote:
>> The whole point of DNS Flag Day is that we don’t have any obligation to resolve domains running on broken DNS server. It have become “fix you sh^Htuff” instead of “fix our stuff” how it have been before.
>> Also it’s perfectly OK (on technical level) to not support EDNS, but in this particular case (p4.no) it’s the fact that the server returns FORMERR + OPT RR that’s causing the resolution failure as 6891 says:
>>> Responders that choose not to implement the protocol extensions
>>   defined in this document MUST respond with a return code (RCODE) of FORMERR to messages containing an OPT record in the additional
>>   section and MUST NOT include an OPT record in the response.
> As an implementor and operator of multiple authoritatives that choose
> to not implement "the protocol extensions", why is that anyway? Never
> having even heard of EDNS at some point in history certainly was the
> norm for responders, so must have been (and still is) handled
> gracefully. I never appreciated that RFC 6891 introduces an additional
> RTT for implementations choosing not to implement (in cases where the
> querying party is not already sending non-EDNS queries).

Reading the RFC 6891 that you quote would help, just the full Section 7 would be enough:


Ondřej Surý
ondrej at sury.org

More information about the dns-operations mailing list