[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Juan J. MartÃnez wrote: > >> What exactly did you try to test it? > > dig +short rs.dns-oarc.net txt > > Check: https://www.dns-oarc.net/oarc/services/replysizetest Oh and of course if EDNS0 doesn't work, the resolver can still fall back to using TCP connections for DNS. So not having a working EDNS0 doesn't mean necessarily that your Internet will stop when DNSSEC is enabled, it may go slower and you won't be able to take advantage of DNSSEC, but it may still work. EDNS0 and/or TCP have been needed to reliably email some of the big email players for a long while. So I'd be surprised if big DNS queries of themselves cause too many people problems. One of the metrics they use to assess the impact of DNSSEC is the number of additional TCP queries seen at the relevant authoritative servers (in this case the root). They did see an increase in testing, which suggests EDNS0 is not universal yet. I see quite a lot of EDNS0 not working messages at work, so plenty of folks still need to deploy DNS with 1999 technology in 2010. Simon -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html