In message <[email protected]>, Mark Andrews writes:
> I've tested enough version negotiation paths. See https://ednscomp.isc.org/ > The entries with "badversion" show a failed EDNS version negotiation. > The entire Alexa top 1M is scanned once a month. I've added a link to the raw data for those that want to investigate further. > EDNS(0) + rcode != BADVERS -> badversion > BADVERS + response version >= request version -> badversion > > > > BIND 9.11 is already adding a DNS COOKIE option to every request. > > > That is causing some firewalls to be fixed as well as some nameservers. > > > We haven't added additional workaround code for this. > > > > nice. thanks for that. > > > > -- > > P Vixie > > > -- > Mark Andrews, ISC > 1 Seymour St., Dundas Valley, NSW 2117, Australia > PHONE: +61 2 9871 4742 INTERNET: [email protected] > > _______________________________________________ > DNSOP mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dnsop -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
