[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[no subject]

DNS resolver operators

On or around Feb 1st, 2019, major open source resolver vendors will release updates that will stop accommodating non-standard responses. This change will affect authoritative servers which do not comply either with the original DNS standard from 1987 (RFC1035) or the newer EDNS standards from 1999 (RFC2671 and RFC6891). Major public DNS resolver operators listed below are also removing accommodations so this change will also impact Internet users and providers who use these public DNS services.

Sites hosted on incompatible authoritative servers may become unreachable through updated resolvers. The web form above diagnostic tool may be helpful while investigating problems with a particular domain. Domains which repeatedly fail the test above have problems with either their DNS software or their firewall configuration and cannot be fixed by DNS resolver operators.

The following versions of DNS resolvers will not accommodate EDNS non-compliant responses:

	â?¢ BIND 9.13.3 (development) and 9.14.0 (production)
	â?¢ Knot Resolver has already implemented stricter EDNS handling in all current versions
	â?¢ PowerDNS Recursor 4.2.0
	â?¢ Unbound 1.9.0

Now BIND 9.13.3 became public on 2018-09-19 and the Knot Resolver are already public. You can lookup PowerDNS and Unbound to see if they are public.

> -- 
> -James

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka at isc.org

Prev by Date: Waves between Buffalo and Manhattan
Previous by thread: Google you have a problem.
Index(es):
- Date
- Thread