Option to turn off EDNS globally?
Adam Tkac
atkac at redhat.com
Thu Sep 20 18:39:14 UTC 2007
On Thu, Sep 20, 2007 at 10:30:22PM +1000, Mark Andrews wrote:
>
> > Hi all,
> >
> > Recently I've got report that syslog is flooded with messages like "Too many
> > timeouts resolving $DOMAIN (in $DOMAIN?): disabling EDNS". Of course those me
> > ssages will be easily supressed with "edns-disabled" logging option but this
> > not suppress EDNS queries. I've created patch which will completely disable E
> > DNS (patch adds edns option). Would it be possible include it in main source
> > or this is step back?
> >
> > Adam
>
> It's really a step backwards. The message is there to alert
> people about problems they have rather than silently work
> around the problem. With DNSSEC finally seeing initial
> deployments, EDNS has to work. It's time to fix the broken
> middleware.
Yes, broken firewalls/routers are big problem. But some people really don't need EDNS (and DNSSEC) or their firewall/router vendor is stupid and doesn't to want fix firmware. I think this option will help them. Btw if I look into BIND source it contains many statements like:
if (on_this_system_is_buggy_implementation) {
use_isc_implementation
} else {
use_system_implementation
}
so I wonder why this option isn't acceptable (hack broken firewalls).
>
> Mark
>
> P.S. the same effect is already achievable without making
> edns a view/global option using server clauses.
Yes, I know. But global option should be more comfortable
Adam
More information about the bind-workers
mailing list