Over the years, DNS, the foundation of the Internet, has suffered from bloat making it unnecessarily slow, unable to deploy new features and complex to upgrade. Workarounds that crept in over the years to accommodate ad-hoc implementations are to blame. Vendors of DNS software and big public DNS providers are going to remove certain workarounds on February 1st, 2019. This day has come to be known as DNS Flag Day.
It is a day to remove workarounds in DNS resolvers to deal with broken EDNS0 implementations in DNS authoritative name servers and broken network policies (firewalls, Deep Packet Inspection, load balancers) that prevent EDNS0 from working correctly. Extension Mechanism for DNS (EDNS0) is a standard that allows the addition of new functionality to the DNS standard. It enables features such as DNS message sizes larger than 512 bytes.
Fortunately, DNSVAULT customers have little to worry. DNSVAULT is fully supportive of the DNS flag day initiative. DNSVAULT authoritative and recursive DNS appliance are EDNS0 compliant. DNSVAULT customers only need to check their 3rd party authoritative DNS name servers for EDNS0 compliance and their firewall/DPI rules so they don’t drop DNS packets with EDNS0 extensions.
To be sure, please drop down us an email