I would say we had one provider go as far as saying this whole flag day thing is a hoax. Not sure what option there is other than voting with your wallet and moving to a different provider.
May even be worth looking at 2 providers. I see DNS provider redundancy as being a huge priority after the Dyn DDoS event. On Fri, Jan 18, 2019, 2:50 PM Lightner, Jeffrey <jlight...@dsservices.com wrote: > On checking I find that any of our domains that use Network Solutions’ > Worldnic.com nameservers are reporting failures when checked. > > For example this result: https://ednscomp.isc.org/ednscomp/e30c6cf0ea > > Other people online have posted about Network Solutions as they also saw > failures. > > On calling Network Solutions today they told me they are compliant despite > what was reported by https://dnsflagday.net/ > > > > This issue is with domains registered at Network Solutions and using their > Advanced DNS (i.e. their Worldnic name servers). Other domains we have > registered with them but pointing to other name servers (i.e. our own BIND > servers) displayed as compliant. > > When I sent them the links they saw what I saw but still claimed they are > compliant. They refused to send me something in writing stating that so I > suggested they reach out to ISC regarding the checker’s results if they > believe they are compliant, but they said they don’t see the need. I’ve > asked them to escalate and they say they have but I suspect I’ll not hear > back from them. > > Is there a list of known edns compliant Registrar name severs for the > larger Registrars? > > Is it possible the failures seen are false? If so, are there alternate > edns compliance checkers that might show different responses than > dnsflagday.net? > > > > > > > > > > *From:* bind-users <bind-users-boun...@lists.isc.org> * On Behalf Of *Ben > Croswell > *Sent:* Friday, January 18, 2019 12:19 PM > *To:* bind-users@lists.isc.org > *Subject:* Re: DNS flag day > > > > I shouldn't have posted so closely to responding to the other user. > > > > I am not running 9.8. I was replying to them about firewalls in regards to > their 9.8 issues. > > > > Was just hoping for a statement of 9.x or greater supports the needed > badvers signaling etc. > > > > On Fri, Jan 18, 2019, 12:15 PM Victoria Risk <vi...@isc.org wrote: > > > > On Jan 18, 2019, at 9:09 AM, Ben Croswell <ben.crosw...@gmail.com> wrote: > > > > Has ISC released minimum viable BIND version for flag day? > > > > Most versions of BIND authoritative servers, going back years, are EDNS > compatible. Certainly ALL currently supported versions are compatible. I > see you are running 9.8, which has been EOL since September, 2014. I think > that is probably fine, as far as EDNS, however. > > > > The change in BIND related to DNS Flag Day is removing workarounds from > resolvers, that will retry without EDNS or otherwise try to proceed even > when EDNS fails. This change came in the BIND 9.13 development version, and > will be in BIND 9.14, which is not yet released. > > > > The problem you are seeing is most likely firewall-related. > > > > Vicky > > > > > > I looked around and couldn't find anything. > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > > > > > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users >
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
