In message <4d7a2547-32b0-4dfb-8042-2db33c628...@utk.edu>, "King, Harold Clyde (Hal)" writes: > I have not found any problems so far on my test machines, but I was wondering > what changes there are to look forward to in moving from 9.9 to 9.10?
9.10 and 9.11 are drop in replacements. Basically all updates are drop in replacements. 9.11 adds DNS COOKIE options to the out going requests. This exposes stupid firewall configurations and some broken handling of EDNS queries. https://ednscomp.isc.org/compliance/summary.html contain graphs of how different populations of servers behave to different EDNS extensions being used. For the most part it just results in additional queries being made as named falls back to plain DNS queries when some of this misbehaviour is detected. Echoing of the option is currently ignored. If the broken servers are also serving signed zones then lookups will fail as responses to plain DNS queries do not contain RRSIGs. Manual intervention is required to work with these servers but the population of such servers is small. I've got six entries in named.conf. e.g. server 117.56.91.234 { send-cookie false; }; server 199.252/16 { send-cookie false; }; Unknown EDNS options are supposed to be ignored. Mark > -- > Hal King - h...@utk.edu > Systems Administrator > Office of Information Technology > Shared Systems Services > > The University of Tennessee > 103C5 Kingston Pike Building > 2309 Kingston Pk. Knoxville, TN 37996 > Phone : 974-1599 > Helpdesk 24/7 : 974-9900 > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
