In message <5710932c.9040...@bellis.me.uk>, Ray Bellis writes: > > > On 15/04/2016 05:19, Mark Andrews wrote: > > > Or we could just complain to the operators of the servers that echo > > EDNS options and request that they fix them. It's not like it isn't > > a fixable problem. It just requires a little co-operation to find > > and report broken servers to the operators and willingness to follow > > through when servers are not fixed. > > > > Below is list of servers that echo unknown EDNS options and don't > > also return BADVERS / FORMERR from yesterdays EDNS compliance run. > > I'm more concerned by the dumb CPE devices that do the same but aren't > detected by your (very useful) survey.
Most dumb CPE devices don't do EDNS at all or just proxy it from a recursive server. If they are broken then the owner will find out and replace it. If you really needed to know if a CPE device is broken send a EDNS COOKIE. If it is echoed back it is broken but will also let you know the reply isn't spoofed. If you get a SERVER COOKIE that should be a good (not perfect) indication that EDNS options are well handled. Mark > Ray > > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
