DNS flag day test results



Just been reading about the upcoming DNS Flag Day, and ran their DNS tester on a domain hosted at Bytemark.

It came up with a number of errors, viewable in the report below:


Should I be concerned about any of these failures? Are Bytemark planning to address them?




The errors are all saying that Bytemark’s name server doesn’t support OPT, so no EDNS. They’re using DJB’s TinyDNS, which is now seriously out of date. No EDNS, no DNSSEC, no DoT, no DoH. In other words, basic name serving works, will continue to work, and is not affected by DNS Flag Day, which is all about squeezing out bad EDNS implementations. But if you want any DNS facilities introduced in the last 15 years, you’re out of luck.


It’s a good question. Whilst tiny DNS has proven quite easy to operate for a number of years (as long as I can remember being a customer… quite a long time), I don’t think I have ever seen any changes in this area. Is anyone from Bytemark able to say whether there are any changes planned?



Please upgrade both authoritative servers and resolvers to something with DNSSEC support. Thanks