Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.



DNS Flag Day

New Member
Posts: 1
7262     0



I apologize if this is not the right place to post this question, but I was asked to find out if Infoblox will be affected by DNS Flag Day.


Link -


"A number of DNS software and service providers have announced that we will all cease implementing DNS resolver workarounds to accommodate DNS authoritative systems that don’t follow the EDNS protocol. Each vendor has pledged to roll out this change in some version of their software by the ‘Flag Day.’ "


If this is not the proper forum for this question, please let me know.


Thanks in advance.

Re: DNS Flag Day

Posts: 14
7263     0



DNS Flag day is covered in KB 9983 on the Infoblox support portal.  Infoblox will be rolling out official messaging to the community next week some time.


The gists is that Infoblox does not yet have a target as to when we will have a NIOS or ATC version that implements flag day protocol.  So recursive queries from your DNS server to others will not change until we have deployed NIOS/ATC code that has this change in it.  And it does require a code change on NIOS to make this happen, which we will implement at some point.


That doesn't mean your authoratative servers won't be affected by this as some network policies will prevent EDNS0 from working properly.  You can use the various tools for flag day to determin if your doamins are at risk.


Hope this helps to answer your questions.  If you need more details please consult the support portal or enter a support ticket.

Re: DNS Flag Day

Posts: 14
7263     0

Just FYI, the updated KBs for DNS Flag day are live.


External NIOS KB:

External ATC KB:





Showing results for 
Search instead for 
Did you mean: 

Recommended for You