Unfortunately I fell ill right before the WG meeting or I could have answered this then.
I’ve been measuring this behaviour for years now and incorrect behaviour is almost non-existent. Old versions of MS Windows DNS servers used to echo back unknown EDNS options. This was fixed by MS a couple of years ago. Old versions of Jupiter firewalls used to block unknown EDNS options. Juniper fixed these several years ago. These have mostly been replaced. There where servers that returned FORMERR to unknown EDNS options. These too have mostly gone in the last couple of years. There are servers that only return EDNS responses to specific EDNS options. Having recursive DNS servers that are sending EDNS options by default in requests has cleared out most of the broken servers. Anyway the time series and responses from the last daily runs are available at https://ednscomp.isc.org for a number of target populations. The two listed below are for all the servers for .GOV zones. https://ednscomp.isc.org/compliance/ts/govfull.optfail.html https://ednscomp.isc.org/compliance/gov-full-report.html#eo -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
