Test if a name server supports EDNS
From Brandonhutchinson.com
(Difference between revisions)
(New page: Use the following to test if a name server supports [http://en.wikipedia.org/wiki/EDNS EDNS], specifically EDNS0 in the examples below. When testing a name server, make sure to send a que...) |
(→Other tests) |
||
| (3 intermediate revisions not shown.) | |||
| Line 3: | Line 3: | ||
When testing a name server, make sure to send a query that will result in authoritative answer. For example, if '''ns.example.com''' is authoritative for '''example.com''', send a query such as '''example.com soa'''. Sending a query for something like '''. ns''' to the name server will result in a timeout when specifying '''+edns=0'''. | When testing a name server, make sure to send a query that will result in authoritative answer. For example, if '''ns.example.com''' is authoritative for '''example.com''', send a query such as '''example.com soa'''. Sending a query for something like '''. ns''' to the name server will result in a timeout when specifying '''+edns=0'''. | ||
| - | + | == dig +edns == | |
* If your version of '''dig''' supports '''+edns=#''', use the following: | * If your version of '''dig''' supports '''+edns=#''', use the following: | ||
| Line 14: | Line 14: | ||
'''; EDNS: version: 0, flags:; udp: 4096''' | '''; EDNS: version: 0, flags:; udp: 4096''' | ||
| - | + | == dig +bufsize == | |
| - | * According to '''dig'''(1), sending a non-zero '''bufsize''' causes an EDNS query to be sent. | ||
* If your version of '''dig''' does not support '''+edns=#''', you will have to use '''+bufsize=B'''. | * If your version of '''dig''' does not support '''+edns=#''', you will have to use '''+bufsize=B'''. | ||
| + | * According to '''dig'''(1), sending a non-zero '''bufsize''' causes an EDNS query to be sent. | ||
$ '''dig @''nameserver'' +noall +comments +bufsize=1 ''query''''' | $ '''dig @''nameserver'' +noall +comments +bufsize=1 ''query''''' | ||
;; Got answer: | ;; Got answer: | ||
| Line 25: | Line 25: | ||
''';; OPT PSEUDOSECTION:''' | ''';; OPT PSEUDOSECTION:''' | ||
'''; EDNS: version: 0, flags:; udp: 4096''' | '''; EDNS: version: 0, flags:; udp: 4096''' | ||
| + | |||
| + | == Links == | ||
| + | |||
| + | * [http://groups.google.com/group/comp.protocols.dns.bind/msg/439cf16f4940a0bc Too many timeouts resolving / disabling EDNS messages] | ||
Current revision
Use the following to test if a name server supports EDNS, specifically EDNS0 in the examples below.
When testing a name server, make sure to send a query that will result in authoritative answer. For example, if ns.example.com is authoritative for example.com, send a query such as example.com soa. Sending a query for something like . ns to the name server will result in a timeout when specifying +edns=0.
dig +edns
- If your version of dig supports +edns=#, use the following:
$ dig @nameserver +noall +comments +edns=0 query ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26316 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 9, ADDITIONAL: 10 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096
dig +bufsize
- If your version of dig does not support +edns=#, you will have to use +bufsize=B.
- According to dig(1), sending a non-zero bufsize causes an EDNS query to be sent.
$ dig @nameserver +noall +comments +bufsize=1 query ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61334 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 9, ADDITIONAL: 10 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096
