Hi folks, I upgraded out of 9.10 and into 9.12 last week. Subsequent to that, I received complaints about hosts in archives.gov failing to resolve.
We run validating recursive servers, and archives.gov is signed. I've poked at this but concluded I lack enough DNS foo to understand the specifics of the trouble. It seems clear that archives.gov isn't fully baked when it comes to EDNS: https://ednscomp.isc.org/ednscomp/77e4f9ead1 and I suspect that is what causes the resolution failures. I've read the thread on "Enforce EDNS". I've tried reaching out to the standard RFC2142 aliases at archives.gov, but it looks like most of them bounce. I'm not feeling particularly optimistic about being able to effect change on that end , even if I got an answer. I'm wondering if anyone from this august group can clue me in to how I might config around this issue for the archives.gov servers (assuming that is possible). Any help greatly appreciated. best regards, mark
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list email@example.com https://lists.isc.org/mailman/listinfo/bind-users