" All this is stating is that DNS++ does not support RFC 2671 EDNS protocol extensions. " DNS++ is responding per the RFC by sending the FORMERR back to the requestor.
We don't support *ANY* EDNS features at present, at all. That would appear to include the ... OPT records? As to the, "Why?" I don't know. There appear to be internal load balancing issues in play, but that's a guess. Not my department at all. Aloha, Michael. -- Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been Processed." | Got the Junk Mail Reporting Tool ? -----Original Message----- From: Tony Finch [mailto:fa...@hermes.cam.ac.uk] On Behalf Of Tony Finch Sent: Thursday, May 5, 2016 3:29 AM To: Michael Wise <michael.w...@microsoft.com> Cc: mailop@mailop.org Subject: Re: [mailop] DNS Errors for Microsoft Hostnames Michael Wise <michael.w...@microsoft.com> wrote: > > So is the FORMERR ... just the resolver noting that EDNS is not supported? > > If so, I'm uncertain of the issue. There has been some discussion of this problem on the bind-users list, see https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2flists.isc.org%2fpipermail%2fbind-users%2f2016-May%2fthread.html&data=01%7c01%7cMichael.Wise%40microsoft.com%7cc8be6a025d804f03da5c08d374d019f9%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=9g%2bvN%2bth9lLTwzURPBBuCZugYPu5D1zCjVGAORY2GzE%3d The problems seem to be: (1) Very short TTL on the NS records, which means that most attempts to resolve the names have to go through iterative name server discovery. (2) Only two NS records, but each server has a large number of IP addresses, and the sets of IP addresses overlap. (3) Lack of EDNS support means more work has to be done by a resolver each time the TTL expires. The way to fix this would be to increase the stability of the name server records - the NS records and associated address records. Give them decently long TTLs, have a few more NS records, with few non-overlapping IP addresses each. Add support for EDNS to your server - you don't need to support any special EDNS features (no need for large packets), just handle OPT records, so that resolvers don't have to do error recovery. Tony. -- f.anthony.n.finch <d...@dotat.at> https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fdotat.at%2f&data=01%7c01%7cMichael.Wise%40microsoft.com%7cc8be6a025d804f03da5c08d374d019f9%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=9fMp8vbpmPGSBeK67zHvf5CVxooK%2f%2fi%2bywkAMco1A1Y%3d - I xn--zr8h punycode Irish Sea: South 4 or 5 becoming variable 3 or 4. Slight or moderate. Occasional drizzle, fog patches in north. Moderate or good, occasionally very poor in north. _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
