If you had previously read Peter’s latest post on internal DNS, and have been holding out to hear more about the promised “DNS conformance” work to be done, this is the short and sweet update for you!
We’ve now fixed up the internal DNS handling of “Extended DNS (EDNS)”, which we addressed for our public DNS recently.
DNS lookups from within machines now have their EDNS settings respected, which should smooth things over for large responses. Typically large responses would be truncated and retried over TCP, but the threshold at which that happens is controlled by you (the DNS client).
This also resolves some edge cases that might have confused a very strict DNS client, such as when we passed through an EDNS response from our upstream resolver whose settings didn’t match your request, or in some cases when we were naughty and defaulted to truncating at a larger size than you (the RFC author) were expecting.
This has been rolled out for a while now, so we’re not anticipating any issues to crop up with these specific changes. But do let us know if you hit funkier-than-normal things with DNS in general!
(As an aside, if you want some fun reading, gaze upon how EDNS jams two-thirds of the response code inside the not-actually-a-TTL for the OPT record).