On Tue, May 16, 2023 at 06:54:47PM -0400, Alex wrote:
> > The problems with their DNS are:
> >
> > - ns1.apr.gov.rs: EDNS(0) option intolerance, but returns
> > FORMERR, so fallback to non-EDNS queries should (and does) work.
> > [...]
> > Disabling use of cookies in your BIND configuration would suffice.
> > [...]
> > Turn off coookies for queries to this domain, or generally.
> >
>
> Turning off cookies for this server solved the problem, but it's not a very
> scalable method. I realize this isn't bind-users, but can I ask if there is
> a way to fallback to not using cookies, instead of having to create a
> server {} section for each broken server?
>
> I have a bind-9.16.38 system and it's apparently able to query these broken
> servers without issue.
Perhaps BIND 9.18 does not fall back to non-EDNS queries as willingly,
and when using EDNS(0), assumes that cookies will be tolerated
(typically simply ignored, per RFC requirement for unknown/unsupported
options). Your question does indeed belong on bind-users.
If you do find out something actionable, you can post the solution here.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
