At the IEPG meeting, Francis Dupont presented on behalf of Mark Andrews from ISC, on the levels of EDNS compliance being seen in the DNS traffic.
A significant number of variations of bug can be shown out there in the wild, doing some crazy subsets of the EDNS implied behaviours. They used a set of dig command queries with different options to explore capabilities, and analysed the responses. Considering that EDNS support is now mandatory, its rather odd the volume of mis-implementations and lack of support.
It may be this is caused by intermediate systems, Firewalls or proxies, which are intruding into the query-response path.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.