[80870] in North American Network Operators' Group
Re: Verisign broke GTLDs again?
daemon@ATHENA.MIT.EDU (Michael Tokarev)
Mon May 16 10:24:18 2005
Date: Mon, 16 May 2005 18:23:50 +0400
From: Michael Tokarev <mjt@tls.msk.ru>
To: nanog@merit.edu
In-Reply-To: <200505161406.j4GE6AC4029664@drugs.dv.isc.org>
Errors-To: owner-nanog@merit.edu
Mark Andrews wrote:
> In article <42887A19.2010701@tls.msk.ru> you write:
>
>>Noticied today. All Verisign's GTLD servers broke
>>EDNS0 (RFC2671). Here's how it looks like:
[]
>>;; received 12 bytes response from 192.5.6.30 port 53
>>;; unexpected number of entries in QUERY section: 0
>>;; ->>HEADER<<- opcode: QUERY, status: FORMERR, id: 64471, size: 12
>>;; flags: qr rd; QUERY: 0, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> This is the expected response from a server that doesn't
> understand EDNS. If you can't parse the original query,
> which is what FORMERR indicates, then the only thing you
> can safely send back is the DNS header.
Well ok, I know it's kinda expected -- "i don't understand what you're
asking for, can't even repeat your question". But the next question
is -- *why*? When at least half the world is actually *using* EDNS0
(bind8 and bind9 clients does), and another half a word isn't
"dropping" EDNS0 stuff, -- why so important component of worldwide DNS
infrastructure "does not understand" it?
It looks pretty much like situation with ECN: you don't have to
"support" it, but don't munge and drop it, just pass it along.
*especially* when you're an "internet backbone".
/mjt
