FYI: adobe.com GSLB DNS servers choking on "nsid"
Carl Byington
carl at byington.org
Tue Jan 13 16:07:33 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, 2015-01-13 at 12:49 +0000, Phil Mayers wrote:
> Just found another; dns{0,1}.getsurfed.com are returning crazy error
> codes with "nsid" (and presumably other) edns options:
> # dig +norec +nsid @213.162.97.177 www.london-nano.com
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: ?17, id: 21450
> Sigh...
> I'd advise strongly against people enabling "sit" in 9.10 right now...
After adding the getsurfed ones, I have:
// adobe servers that don't understand edns options
server 192.150.16.247 { request-sit no; };
server 192.150.19.247 { request-sit no; };
server 193.104.215.247 { request-sit no; };
// eia.gov servers that don't understand edns options
server 205.254.135.9 { request-sit no; };
server 199.36.140.199 { request-sit no; };
// lctcs.edu servers that don't understand edns options
server 76.165.120.16 { request-sit no; };
server 76.165.210.249 { request-sit no; };
// london-nano.com servers that don't understand edns options
server 213.162.97.177 { request-sit no; };
server 213.162.97.178 { request-sit no; };
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
iEYEARECAAYFAlS1QrQACgkQL6j7milTFsEbQACfRVVodh7gaZTOe1Tb9Qnwqp+I
LlsAnRw/bRWwjyMvehdSk0jxDIJ3iA6B
=hQJd
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list