In message <20170922042453.08ea187a1...@rock.dv.isc.org>, Mark Andrews writes:
> I've tested enough version negotiation paths. See https://ednscomp.isc.org/ > The entries with "badversion" show a failed EDNS version negotiation. > The entire Alexa top 1M is scanned once a month. I've added a link to the raw data for those that want to investigate further. > EDNS(0) + rcode != BADVERS -> badversion > BADVERS + response version >= request version -> badversion > > > > BIND 9.11 is already adding a DNS COOKIE option to every request. > > > That is causing some firewalls to be fixed as well as some nameservers. > > > We haven't added additional workaround code for this. > > > > nice. thanks for that. > > > > -- > > P Vixie > > > -- > Mark Andrews, ISC > 1 Seymour St., Dundas Valley, NSW 2117, Australia > PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
