Anand Kumria wrote: > Hi, > > I've upgraded my nameservers to Bind 9.5 and am now receiving many > instances of an error message complaining that a particular DNS server > does not have EDNS enabled. > > Amonst them were the .au (and other sub-domains); does anyone know if > EDNS is enabled for the .au nameservers? > > Does anyone have a good way to test that EDNS is working end-to-end? > suspect you simply want to stop logging these here's the relevant section of our named,conf logging stanza # [DMT 21-Jul-2008] have been logging a lot of these after update to # 9.5 which always tries EDNS. Most if not all come from queries failing # such as "no servers could be reached". See description in ARM where # the lack of response is currently not treated as packet loss, but as # coming from servers not responding (with a FORMERR) when receiving # something they don't understand, like EDNS. So I don't think we miss # anything by not logging these. # http://groups.google.com/group/comp.protocols.dns.bind/browse_thread/thread/cfa8c63ec6bd08d6 category edns-disabled { null; }; NB I tried Mark Andrews tests for firewall/NAT problems and saw no issue. For about 20 entries appearing in our logs, I tried a manual dns lookup and nearly all resulted in "no servers could be reached", i.e. bad packet loss or lame delegations. DannyReceived on Fri Oct 24 2008 - 17:29:53 UTC
This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:09 UTC