On 28. 03. 23 13:00, Peter DeVries via dns-operations wrote:
The queries for "_.extglb.tn.gov. IN A ?" in your PCAP are a novelty to
me. Are these some form of query minimisation, or some sort of sanity
check of the delegation? Sadly, the "tn.gov" nameserver just drops
these without responding, so their failure could well contribute to the
problems you observe.
These are indeed how BIND does qname minimization in "relaxed" mode
which is currently the default.
We almost blocked these because we didn't know what they were but then
I stumbled upon one of the old RFC drafts for query minimization and
it does mention this as a technique. I could see someone else doing
so as well because it did make up a very large percentage of our
inbound queries and there isn't much documentation on it.
FTR the underscore trick is now documented in
https://bind9.readthedocs.io/en/latest/reference.html#namedconf-statement-qname-minimization
(And also mentioned in RFC 7816 section 3.)
--
Petr Špaček
Internet Systems Consortium
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
