Support - Help
Impact of unknown EDNS options on the DNS
The EDNS (Extension mechanisms for DNS) protocol allows us to add new features to DNS that were not envisioned when DNS was originally specified. DNSSEC, Client-subnet Identifier and DNS cookies are applications that use EDNS.
It appears from ISC's testing that a significant percentage of sites that support EDNS do not respond well to unknown EDNS options. The failure mode can be as severe as disabling EDNS (breaking DNSSEC). We are reluctant to encourage the use of new EDNS options until there is better tolerance for unknown EDNS options in the DNS. We would like to raise awareness of the issue, and find out what the community thinks we should do to address it.
Please also consider this submission for the NANOG65 DNS track