[191188] in North American Network Operators' Group
Re: Can someone from Amazon please answer.
daemon@ATHENA.MIT.EDU (g@1337.io)
Fri Aug 26 18:17:18 2016
X-Original-To: nanog@nanog.org
To: nanog@nanog.org
From: "g@1337.io" <g@1337.io>
Date: Fri, 26 Aug 2016 15:17:12 -0700
In-Reply-To: <20160823233710.8DC3A5206AD7@rock.dv.isc.org>
Errors-To: nanog-bounces@nanog.org
I would love to hear Amazon's response to this very question!
On 8/23/16 4:37 PM, Mark Andrews wrote:
> I'm curious. What are you trying to achieve by blocking EDNS version
> negotiation? Is it really too hard to return BADVERS to a EDNS
> query with version != 0 along with the version of EDNS you support
> in the version field? Are you deliberately trying to prevent the
> IETF from deciding to bump the EDNS version in the future? Do you
> have firewalls that have this behaviour hard coded? Do you even
> test for RFC compliance?
>
> Mark
>
> lostoncampus.com.au. @205.251.195.156 (ns-924.awsdns-51.net.): dns=ok edns=ok edns1=timeout edns@512=ok ednsopt=ok edns1opt=timeout do=ok ednsflags=ok optlist=ok,nsid,subnet signed=ok ednstcp=ok
> lostoncampus.com.au. @205.251.192.78 (ns-78.awsdns-09.com.): dns=ok edns=ok edns1=timeout edns@512=ok ednsopt=ok edns1opt=timeout do=ok ednsflags=ok optlist=ok,nsid,subnet signed=ok ednstcp=ok
> lostoncampus.com.au. @205.251.196.198 (ns-1222.awsdns-24.org.): dns=ok edns=ok edns1=timeout edns@512=ok ednsopt=ok edns1opt=timeout do=ok ednsflags=ok optlist=ok,nsid,subnet signed=ok ednstcp=ok
> lostoncampus.com.au. @205.251.199.20 (ns-1812.awsdns-34.co.uk.): dns=ok edns=ok edns1=timeout edns@512=ok ednsopt=ok edns1opt=timeout do=ok ednsflags=ok optlist=ok,nsid,subnet signed=ok ednstcp=ok
>
