FYI: adobe.com GSLB DNS servers choking on "nsid"
Phil Mayers
p.mayers at imperial.ac.uk
Tue Jan 13 12:39:09 UTC 2015
On 13/01/15 12:37, Anand Buddhdev wrote:
> On 13/01/15 13:27, Phil Mayers wrote:
>
>> Just to save anyone else the trouble, I've just found that some of the
>> GSLB names for *.adobe.com return NXDOMAIN with "nsid" options present:
>
> It's not just NSID. They're responding with NXDOMAIN if you send any
> EDNS option they don't understand, so it's the same with the EXPIRE and
> SUBNET options as well.
Yeah, I just found that. Turns out we're getting caught out because we
have "sit" enabled (accidentally).
This must be recent(-ish) though; we've been on 9.10 since December and
only just had the report.
More information about the bind-users
mailing list