For EDNS to work correctly you MUST accept UDP fragmented packets, or configure your DNS server to advertise a max EDNS packet size of about 1200 bytes.
Otherwise, bind, for instance, goes in a series of fallback and by the time the result is available the mail server has moved on... On Thu, Apr 28, 2016 at 2:16 PM, Carl Byington <c...@five-ten-sg.com> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On Thu, 2016-04-28 at 20:57 +0000, Michael Wise wrote: > > If the "Aware" flag expired, would best practice not be to check that > > first rather than presuppose that the facility does exist? > > The check for "edns aware" involves sending the query with edns > extensions. If the reply is formerr (or possibly others?), then you can > remember that this server does not understand edns, and repeat the query > without it. > > If you just do the first query without edns, there is no mechanism to > then learn that that server does indeed understand edns. > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.14 (GNU/Linux) > > iEYEAREKAAYFAlcifY8ACgkQL6j7milTFsEyTgCfbLe36v3LuECg+Ma4/mjxq52c > C9oAnjFeZYZjl2//eCsWM3NvkeWwthUy > =H2pv > -----END PGP SIGNATURE----- > > > > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop >
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop