Mark Andrews wrote: > In article <[EMAIL PROTECTED]> you write: > >>Noticied today. All Verisign's GTLD servers broke >>EDNS0 (RFC2671). Here's how it looks like: [] >>;; received 12 bytes response from 192.5.6.30 port 53 >>;; unexpected number of entries in QUERY section: 0 >>;; ->>HEADER<<- opcode: QUERY, status: FORMERR, id: 64471, size: 12 >>;; flags: qr rd; QUERY: 0, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 > > This is the expected response from a server that doesn't > understand EDNS. If you can't parse the original query, > which is what FORMERR indicates, then the only thing you > can safely send back is the DNS header.
Well ok, I know it's kinda expected -- "i don't understand what you're asking for, can't even repeat your question". But the next question is -- *why*? When at least half the world is actually *using* EDNS0 (bind8 and bind9 clients does), and another half a word isn't "dropping" EDNS0 stuff, -- why so important component of worldwide DNS infrastructure "does not understand" it? It looks pretty much like situation with ECN: you don't have to "support" it, but don't munge and drop it, just pass it along. *especially* when you're an "internet backbone". /mjt