Michael Wise <michael.w...@microsoft.com> wrote: > > So is the FORMERR ... just the resolver noting that EDNS is not supported? > > If so, I'm uncertain of the issue.
There has been some discussion of this problem on the bind-users list, see https://lists.isc.org/pipermail/bind-users/2016-May/thread.html The problems seem to be: (1) Very short TTL on the NS records, which means that most attempts to resolve the names have to go through iterative name server discovery. (2) Only two NS records, but each server has a large number of IP addresses, and the sets of IP addresses overlap. (3) Lack of EDNS support means more work has to be done by a resolver each time the TTL expires. The way to fix this would be to increase the stability of the name server records - the NS records and associated address records. Give them decently long TTLs, have a few more NS records, with few non-overlapping IP addresses each. Add support for EDNS to your server - you don't need to support any special EDNS features (no need for large packets), just handle OPT records, so that resolvers don't have to do error recovery. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ - I xn--zr8h punycode Irish Sea: South 4 or 5 becoming variable 3 or 4. Slight or moderate. Occasional drizzle, fog patches in north. Moderate or good, occasionally very poor in north. _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
