query dropping vs. returning nxdomain
Mark Andrews
Mark_Andrews at isc.org
Wed Mar 8 22:19:42 UTC 2006
> Mark Andrews wrote:
> > Whatever we do we have to be very very careful.
> >
> > Some MS nameservers put a 60 second dead time after seeing a EDNS
> > query. This really has made deploying EDNS a pain. I'm sure MS
> > thought that this was a "good idea" but it definitely has had bad
> > consequences.
> >
>
> Do you mean this? (from KB837928):
>
> > CAUSE: This problem occurs because a DNS server suppresses responses
> > when the server detects a format error in a DNS request. Because DNS
> > does not support EDNS, the EDNS query is detected as a bad format DNS
> > query. After a Windows 2000 DNS server detects a bad format query,
> > the server does not respond to the computer that sent the query for
> > 60 seconds.
Yes.
>
> Windows 2K3 does support EDNS0 but is not widely deployed.
I know. Thats why I used "some".
This was just a example of what not to do. Remember dropping
packets is going outside of the protocol specification and
I know BIND 4/8 are also guilty (no query restart after
fetching glue).
In both cases it has caused operational problems.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-workers
mailing list