getting edns disabling message in logs
Michael Hoskins (michoski)
michoski at cisco.com
Wed Jul 4 19:14:33 UTC 2012
From: Tony Finch <dot at dotat.at>
Date: Wednesday, July 4, 2012 7:54 AM
To: Cathy Almond <cathya at isc.org>
Cc: "bind-users at lists.isc.org" <bind-users at lists.isc.org>
Subject: Re: getting edns disabling message in logs
>Cathy Almond <cathya at isc.org> wrote:
>> (Just created, so apologies if there are any typos or other editorial
>> corrections needed - they will happen later)
>I suggest "middlebox" since "middleware" usually means something like a
>horrific enterprisey web services message bus framework.
i think you could just leave out middleware entirely in that sentence. :)
>> > Is there any way that we can show that current disabling EDNS happens
>> > firewall issue ?
>> That's a bit tricky, if what's broken is not in your network space. On
>> the other hand, if you're getting this reported for every domain that is
>> queried, then it's probably *your* problem.
>Try the DNS-OARC reply size test server.
thanks, this is quite useful. i'd always just issued queries for common
domains i know aren't misconfigured (e.g. google) -- when it's a local
firewall problem many of these log obvious errors.
there was a default configuration in many legacy cisco appliances that
caused issues, but defaults were updated awhile back on newer gear so it's
become less of an issue for me.
More information about the bind-users