Knowledge Base ISC Main Website Ask a Question/Contact ISC
Testing authoritative server support for EDNS and large UDP buffer sizes in BIND 9.10
Author: Cathy Almond Reference Number: AA-01350 Views: 7911 Created: 2016-03-01 10:45 Last Updated: 2016-03-01 10:45 0 Rating/ Voters

The EDNS fallback code was re-worked in BIND 9.10 to make it more resilient and reliable when:

  • Encountering new authoritative servers that have not been queried before and for whom the capabilities/support for EDNS and large buffer sizes by both the server and the network path between it and the resolver is unknown.
  • Facing intermittent network packet losses which, on older versions of BIND, can result in SERVFAILs due to servers that should support EDNS being marked as EDNS-incapable

The EDNS code in BIND 9.10 records successful plain and EDNS query counts as well at timeouts for plain DNS and EDNS queries at various EDNS buffer sizes: 4096, 1432, 1232 and 512 for each server named talks to.  A EDNS timeout for a lower buffer size is also counted against higher buffer sizes. These are held in 8 bit counters and are shifted on overflow of any counter. This will result in the removal from history of any false positives due to transitory network problems.

The buffer sizes of 1432 and 1232 are chosen to allow for a IPv4/IPv6 encapsulated UDP message to be sent without fragmentation at Ethernet and IPv6 network minimum MTU sizes.

Named also records the largest successful EDNS response size seen.

When talking to a new server named will send a EDNS query advertising a 512 byte UDP buffer. This is the most conservative EDNS message that can be sent. If this results in a response with TC=1 being sent a larger EDNS buffer size will be used rather than a immediate fallback to TCP.

If there are too many timeouts to EDNS queries without a successful EDNS query and with successful plain DNS queries named will fallback to using plain DNS when taking to a server. Named will periodically send a EDNS query to see if the server now supports EDNS.

When talking to a server using EDNS named will choose a EDNS buffer size based on the history of EDNS timeouts at various advertised sizes.

© 2001-2017 Internet Systems Consortium

For assistance with problems and questions for which you have not been able to find an answer in our Knowledge Base, we recommend searching our community mailing list archives and/or posting your question there (you will need to register there first for your posts to be accepted). The bind-users and the dhcp-users lists particularly have a long-standing and active membership.

ISC relies on the financial support of the community to fund the development of its open source software products. If you would like to support future product evolution and maintenance as well having peace of mind knowing that our team of experts are poised to provide you with individual technical assistance whenever you call upon them, then please consider our Professional Subscription Support services - details can be found on our main website.

  • There is no feedback for this article
Quick Jump Menu