On Thu, Jan 24, 2019 at 10:53:49AM -0300, Roberto Carna wrote: > Dear, I've just worked around on my public BIND DNS's in order to solve the > problem of DNS Flag Day. > > But I have a pair of private DNS (BIND and Windows) that respond to > internal queries and also forward non authoritative queries to my public > DNS's....may my private DNS's become unstables after DNS Flag Day if I > don't any workaround on them ?
DNS flag day is when vendors of recursive name servers will stop releasing new software that coddles ancient or broken authoritative servers and firewalls. Instead of trying over and over in different ways to coax some broken remote system to send back an answer, new resolver software will just declare the remote server to be broken, and give up. Nothing will stop working suddenly on February 1. However, the next time you upgrade your recursive name server to the latest version, you *might* have problems then. My guess is that you won't, but I can't guarantee it. If you do have some legacy server running internally that can't be fixed to support EDNS properly, you can still configure your resolvers not to use EDNS when talking to that specific server. That option will still be available after flag day. An easy way to check would be to install the latest BIND development release (version 9.13.5) and see if it works. It already has all the flag day changes in it. -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
