On 1 February 2019 is DNS Flagday! – This means that the Internet will no longer take faulty DNS servers into consideration. So it is high time to act and use the important DNS extension EDNS before consequences threaten!
What is the DNS Flagday?
The first of February 2019 was appointed DNS Flagday by numerous DNS software providers and Internet service providers. They are supported by numerous and world market leading DNS operators such as Facebook and Google.
On this day, workarounds that maintain faulty DNS servers will be shut down. Manufacturers and vendors are taking action against both outdated and incompatible DNS implementations. They are using a simple method; from 1 February, participants in the initiative will simply no longer consider this software.
Basically everything revolves around the so-called EDNS. In full, this means “Extension Mechanism for DNS” and is an extension type for DNS servers. This should have been the standard and prerequisite for a long time and should be implemented correctly by all DNS servers. In the past, complex procedures were therefore used to consider faulty or obsolete servers without EDNS extension. From 1 February 2019, however, this will change!
At DNS Flagday 2019 numerous server providers and server operators, such as Google and Facebook, are working together to finally establish the EDNS extensions.
Are there many faulty DNS servers?
The clear answer to this question is; yes, unfortunately! Because far too many servers react to a DNS request with an EDNS extension incorrectly or not at all. Therefore, it is high time to act, as this requirement has been on the agenda for almost 20 years.
Many people are probably wondering what is so bad about DNS servers not implementing the EDNS extension correctly. Because so far everything worked, because the providers simply used certain methods, called workarounds, to solve the problem.
There is also a clear answer to this question, because on the one hand these workarounds always cost a lot of work because they have to be specially developed. This makes the DNS software unnecessarily complicated. On the other hand, the workarounds also cost a lot of time. Not only in development and programming, but also in DNS queries.
What are the concrete changes?
The DNS Flagday not only draws attention to the problem and sets a signal for updating to EDNS extensions, but also changes take effect. Knot, a well-known DNS software, has already deleted all workarounds and the programs Unbound, Bind and PowerDNS follow with the next versions.
In addition, the DNS Flagday supporters, such as Facebook and Google, but also Cloudfare, are making corresponding changes in their systems.
DNS Flagday 2019 is not only about signalling, but also about concrete changes in the area of DNS servers that are implemented.
What should you do now?
As an operator of a website, you are now advised to check your DNS server. This is basically quite simple, since the initiative provides its own website with a check for free. You can find it at https://dnsflagday.net/index-de.html.
Your DNS server will probably be provided and managed by a host of your choice. Many of these hosts get massive problems because of the DNS flagday. Because some DNS servers of the hosts probably still work with faulty software. Although your domain will continue to work with great certainty, requests will probably take longer. Since the hosts use multiple DNS servers, one request will request multiple servers until one responds correctly.
Firewalls can also be a problem to address. For example, the check indicates that some firewalls are blocking requests with EDNS messages. Therefore, the functions that block packets with EDNS messages should be immediately disabled in the firewalls.