Disabling EDNS0 options in 8.3.1 queries
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Thu May 23 00:18:33 UTC 2002
> We recently upgraded our name servers to 8.3.1, and are having
> problems resolving some names at yahoo.com, e.g. biz.yahoo.com,
> weather.yahoo.com, etc. Bind 8.3.1 appears to be adding an
> EDNS0 option to the query, and yahoo's name servers are just
> dropping the query, instead of responding with NOTIMPL or FORMERR
> (sp?). I've read a bit about this on the mailing lists, groups,
> faqs, etc., and it seems that some commercial Bind implementations
Perhaps you ment "some commercial DNS implementations".
> have this bad behavior and some load balancers will also drop the
> queries.
These servers don't drop EDNS0 queries. Perhaps you have some
other piece of equipment (firwall/nat perhaps) that is blocking
these queries / reponses. The "+bufsize=512" causes a EDNS0
query to be generated.
Mark
; <<>> DiG 9.2.1 <<>> +bufsize=512 biz.yahoo.com @NS1.YAHOO.COM
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2231
;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 13
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;biz.yahoo.com. IN A
;; ANSWER SECTION:
biz.yahoo.com. 1800 IN CNAME biz.finance.yahoo.akadns.net.
;; AUTHORITY SECTION:
net. 68466 IN NS A.GTLD-SERVERS.net.
net. 68466 IN NS G.GTLD-SERVERS.net.
net. 68466 IN NS H.GTLD-SERVERS.net.
net. 68466 IN NS C.GTLD-SERVERS.net.
net. 68466 IN NS I.GTLD-SERVERS.net.
net. 68466 IN NS B.GTLD-SERVERS.net.
net. 68466 IN NS D.GTLD-SERVERS.net.
net. 68466 IN NS L.GTLD-SERVERS.net.
net. 68466 IN NS F.GTLD-SERVERS.net.
net. 68466 IN NS J.GTLD-SERVERS.net.
net. 68466 IN NS K.GTLD-SERVERS.net.
net. 68466 IN NS E.GTLD-SERVERS.net.
net. 68466 IN NS M.GTLD-SERVERS.net.
;; ADDITIONAL SECTION:
A.GTLD-SERVERS.net. 241243 IN A 192.5.6.30
G.GTLD-SERVERS.net. 241243 IN A 192.42.93.30
H.GTLD-SERVERS.net. 241243 IN A 192.54.112.30
C.GTLD-SERVERS.net. 241243 IN A 192.26.92.30
I.GTLD-SERVERS.net. 241243 IN A 192.43.172.30
B.GTLD-SERVERS.net. 241243 IN A 192.33.14.30
D.GTLD-SERVERS.net. 241243 IN A 192.31.80.30
L.GTLD-SERVERS.net. 241243 IN A 192.41.162.30
F.GTLD-SERVERS.net. 241243 IN A 192.35.51.30
J.GTLD-SERVERS.net. 241243 IN A 210.132.100.101
K.GTLD-SERVERS.net. 414045 IN A 192.52.178.30
E.GTLD-SERVERS.net. 241243 IN A 192.12.94.30
;; Query time: 267 msec
;; SERVER: 66.218.71.63#53(NS1.YAHOO.COM)
;; WHEN: Thu May 23 09:57:37 2002
;; MSG SIZE rcvd: 497
; <<>> DiG 9.2.1 <<>> +bufsize=512 biz.finance.yahoo.akadns.net @zg.akadns.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: FORMERR, id: 56716
;; flags: qr rd; QUERY: 0, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; Query time: 260 msec
;; SERVER: 204.248.36.131#53(zg.akadns.net)
;; WHEN: Thu May 23 09:58:56 2002
;; MSG SIZE rcvd: 12
>
> SO....How do I stop 8.3.1 from sending them out in the first
> place? I see nothing in the documentation about this, no options,
> etc. The code shows an 'edns0' option in the resolv.conf that will
> turn it *on*, but I see no options to turn it off. I've tried commenting
> out RES_USE_EDNS0 in lib/resolv.h, which should remove lots of #ifdef'd code,
> to no effect.
>
> Thanks,
>
> - Darren
>
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list