getting edns disabling message in logs

Michael Hoskins (michoski) michoski at
Wed Jul 4 19:14:33 UTC 2012

-----Original Message-----

From: Tony Finch <dot at>
Date: Wednesday, July 4, 2012 7:54 AM
To: Cathy Almond <cathya at>
Cc: "bind-users at" <bind-users at>
Subject: Re: getting edns disabling message in logs

>Cathy Almond <cathya at> wrote:
>> (Just created, so apologies if there are any typos or other editorial
>> corrections needed - they will happen later)
>I suggest "middlebox" since "middleware" usually means something like a
>horrific enterprisey web services message bus framework.

i think you could just leave out middleware entirely in that sentence. :)

>> > Is there any way that we can show that current disabling EDNS happens
>> > firewall issue ?
>> That's a bit tricky, if what's broken is not in your network space.  On
>> the other hand, if you're getting this reported for every domain that is
>> queried, then it's probably *your* problem.
>Try the DNS-OARC reply size test server.

thanks, this is quite useful.  i'd always just issued queries for common
domains i know aren't misconfigured (e.g. google) -- when it's a local
firewall problem many of these log obvious errors.

there was a default configuration in many legacy cisco appliances that
caused issues, but defaults were updated awhile back on newer gear so it's
become less of an issue for me.

More information about the bind-users mailing list