DNS Flag Day and beyond - how will it affect you?

A number of DNS software and service providers have announced that we will all cease implementing DNS resolver workarounds to accommodate DNS authoritative systems …

A number of DNS software and service providers have announced that we will all cease implementing DNS resolver workarounds to accommodate DNS authoritative systems that don’t follow the EDNS protocol. Each vendor has pledged to roll out this change in some version of their software by the ‘Flag Day.’ Domains served by DNS servers that are not compliant with the standard will not function reliably after February 1, 2019, and may become unavailable. If your company’s DNS zones are served by non-compliant servers, your online presence will slowly degrade or disappear as ISPs and other organizations update their resolvers. When you update your own internal DNS resolvers to versions that don’t implement workarounds, some sites and email servers may become unreachable. This talk will cover the background of the changes, potential affects on Internet users/providers and testing methodologies to ensure minimal impact. *** Please note the following: We in the DNS community thought we had provided plenty of advance notice and forewarning of this flag day. We did not originally intend to give this talk at NANOG 75 as it is post flag day. However, we have received an alarming number of “OMG, will my DNS will stop working?” inquires in the past couple of weeks. It appears auditors have just started running compliance checks. As such, we feel this will now be a timely talk.