DNS Flag Day

Over the years, DNS, the foundation of the Internet, has suffered from bloat making it unnecessarily slow, unable to deploy new features and complex to upgrade. Workarounds that crept in over the years to accommodate ad-hoc implementations are to blame. Vendors of DNS software and big public DNS providers are going to remove certain workarounds on February 1st, 2019. This day has come to be known as DNS Flag Day.


It is a day to remove workarounds in DNS resolvers to deal with broken EDNS0 implementations in DNS authoritative name servers and broken network policies (firewalls, Deep Packet Inspection, load balancers) that prevent EDNS0 from working correctly. Extension Mechanism for DNS (EDNS0) is a standard that allows the addition of new functionality to the DNS standard. It enables features such as DNS message sizes larger than 512 bytes.


Fortunately, Infoblox customers have little to worry. Infoblox is fully supportive of the DNS flag day initiative. Infoblox authoritative DNS servers are EDNS0 compliant.  Infoblox recursive DNS servers are retaining the EDNS0 workarounds for the time being.  Infoblox customers only need to check their 3rd party authoritative DNS name servers for EDNS0 compliance and their firewall/DPI rules so they don’t drop DNS packets with EDNS0 extensions.


Please be sure to review our FAQ and KB articles below:


DNS Flag Day FAQ


Public NIOS KB


Public ATC KB


You can safely put your trust in Next Level Networking from Infoblox.

Showing results for 
Search instead for 
Do you mean 

Demo: Infoblox IPAM plug-in integration with OpenStack Newton