Hi Veronique. Every DNS server should support EDNS by now. It has been around for a very long time. Even if it doesn't support EDNS it should ignore it.
I made some test queries and packet captures to 23.82.12.28. Whatever this box is, please talk to the manufacturer about EDNS support. Or.. it may be that some network infrastructure - firewalls are usually the first place to look - is blocking this traffic. Whatever is happening at the authoritative end, it needs to be fixed. All modern recursive servers will use EDNS. Cheers, Greg On Wed, 4 May 2022 at 13:13, Veronique Lefebure <veronique.lefeb...@cern.ch> wrote: > Hello, > > If we see this on our DNS server logs (BIND 9.11): > > 04-May-2022 12:55:37.675 edns-disabled: info: success resolving ' > sour.woinsta.com/A' (in 'woinsta.com'?) after disabling EDNS > > - are we correct to say that with BIND 9.16, that query wil always fail > because EDNS won't be disabled anymore ? > - is there any tuning that needs to be done ? > - with BIND 9.11: how many times does BIND try before disabling EDNS ? > from what we can see in the logs, BIND seems to first try all NS and as > they all fail, then it disable EDNS and then retries. Is it correct ? > > Thanks, > Veronique > -- > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > ISC funds the development of this software with paid support > subscriptions. Contact us at https://www.isc.org/contact/ for more > information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users >
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
