[dns-operations] Experiences with a post 2019 Flag Day Resolver

manu tman chantr4 at gmail.com
Mon Sep 16 18:58:27 UTC 2019

On Mon, Sep 16, 2019 at 11:30 AM Shumon Huque <shuque at gmail.com> wrote:

> Google Public DNS sends the EDNS Client Subnet option to authority servers
> that we run, and presumably to those broken servers too. We cannot observe
> the conversation between Google and the broken sites, but since they
> resolve, we assume that they might at least have a workaround to retry such
> sites without ECS (or maybe a dynamically maintained ECS blacklist is in
> use). Perhaps, a Google Public DNS operator can confirm or disconfirm this.

Obviously not for Google Public DNS, but last I remember, they would probe
the name servers to see if they support ECS, if they do then they will
start sending ECS. Therefore I would assume those misbehaving name sergers
are failing the probe test and hence Google Public DNS will not send ECS to


> --
> Shumon Huque
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20190916/2fdb854f/attachment.html>

More information about the dns-operations mailing list