DNS/FCP/edns_sizeについて、ここに記述してください。 公開リゾルバーに問合せてみて、どのようなqueryが送られてくるか調べる。  今回はEDNS udp: に注目する。 || サーバー || UDP || || 1.1.1.1 || 1452 || || 8.8.8.8 || 4096 || || 9.9.9.9 || 1680 || || 64.6.64.6 || 1280 || || 106.186.17.181 || 4096 || || 209.244.0.3 || 8192 || [[/ISP]] == 1.1.1.1 == {{{ UDP request 2018-11-11 04:36:01.838409 (162.158.5.77 29823): 36 f4c1000000010000000000010462726175026a70000002000100002905ac000000000000 --- query --- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62657 ;; flags: ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; QUESTION SECTION: ;brau.jp. IN NS ;; ADDITIONAL SECTION: ;OPT PSEUDOSECTION ;EDNS: version: 0, flags: ; udp: 1452 [, , , , , , ] ---- Reply: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62657 ;; flags: qr aa rd; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;brau.jp. IN NS }}} == 8.8.8.8 == {{{ 13:39f%dig -t ns home.qmail.jp @8.8.8.8 ~/brau ; <<>> DiG 9.12.1 <<>> -t ns home.qmail.jp @8.8.8.8 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 57782 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;home.qmail.jp. IN NS ;; Query time: 142 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Sun Nov 11 13:40:07 JST 2018 ;; MSG SIZE rcvd: 42 }}} {{{ UDP request 2018-11-11 04:40:07.834137 (74.125.41.3 52440): 53 3a710010000100000000000104686f6d6505716d61696c026a700000020001000029100000008000000b00080007000118000ec02c --- query --- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14961 ;; flags: ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; QUESTION SECTION: ;home.qmail.jp. IN NS ;; ADDITIONAL SECTION: ;OPT PSEUDOSECTION ;EDNS: version: 0, flags: do; udp: 4096 ;EDNS: code: 8; data: 000118000ec02c [, , , , , , ] ---- Reply: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14961 ;; flags: qr aa rd; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;home.qmail.jp. IN NS ;; ANSWER SECTION: }}} == 9.9.9.9 == {{{ 13:42f%dig -t ns brau.jp @9.9.9.9 ~/brau ; <<>> DiG 9.12.1 <<>> -t ns brau.jp @9.9.9.9 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19872 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;brau.jp. IN NS ;; ANSWER SECTION: brau.jp. 300 IN CNAME co.jp. ;; AUTHORITY SECTION: jp. 900 IN SOA z.dns.jp. root.dns.jp. 1541910602 3600 900 1814400 900 ;; Query time: 157 msec ;; SERVER: 9.9.9.9#53(9.9.9.9) ;; WHEN: Sun Nov 11 13:42:54 JST 2018 ;; MSG SIZE rcvd: 100 }}} {{{ UDP request 2018-11-11 04:42:54.502799 (74.63.20.243 49422): 36 e439000000010000000000010462726175026a7000000200010000290690000080000000 --- query --- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58425 ;; flags: ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; QUESTION SECTION: ;brau.jp. IN NS ;; ADDITIONAL SECTION: ;OPT PSEUDOSECTION ;EDNS: version: 0, flags: do; udp: 1680 [, , , , , , ] ---- Reply: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58425 ;; flags: qr aa rd; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;brau.jp. IN NS }}} == verisign == {{{ %dig -t ns brau.jp @64.6.64.6 ~/brau ; <<>> DiG 9.12.1 <<>> -t ns brau.jp @64.6.64.6 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38577 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;brau.jp. IN NS ;; ANSWER SECTION: brau.jp. 300 IN CNAME co.jp. ;; AUTHORITY SECTION: jp. 900 IN SOA z.dns.jp. root.dns.jp. 1541911501 3600 900 1814400 900 ;; Query time: 41 msec ;; SERVER: 64.6.64.6#53(64.6.64.6) ;; WHEN: Sun Nov 11 13:47:11 JST 2018 ;; MSG SIZE rcvd: 100 }}} {{{ UDP request 2018-11-11 04:47:11.361179 (103.87.108.222 36725): 41 7a10001000010000000000010141026e530442724175024a7000001c00010000290500000080000000 --- query --- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31248 ;; flags: ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; QUESTION SECTION: ;A.nS.BrAu.Jp. IN AAAA ;; ADDITIONAL SECTION: ;OPT PSEUDOSECTION ;EDNS: version: 0, flags: do; udp: 1280 [, , , , , , ] ---- Reply: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31248 ;; flags: qr aa rd; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;A.nS.BrAu.Jp. IN AAAA ;; ANSWER SECTION: }}} {{{ UDP request 2018-11-11 06:08:47.093063 (106.186.17.181 25084): 41 031f001000010000000000010161026e730462726175026a7000001c00010000291000000080000000 --- query --- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 799 ;; flags: ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; QUESTION SECTION: ;a.ns.brau.jp. IN AAAA ;; ADDITIONAL SECTION: ;OPT PSEUDOSECTION ;EDNS: version: 0, flags: do; udp: 4096 [, , , , , , ] ---- Reply: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 799 ;; flags: qr aa rd; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;a.ns.brau.jp. IN AAAA }}} {{{ UDP request 2018-11-11 06:11:29.734691 (8.0.41.28 30453): 41 e36e0010000100000000000104686f6d650462726175026a7000000200010000292000000080000000 --- query --- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58222 ;; flags: ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; QUESTION SECTION: ;home.brau.jp. IN NS ;; ADDITIONAL SECTION: ;OPT PSEUDOSECTION ;EDNS: version: 0, flags: do; udp: 8192 [, , , , , , ] ---- Reply: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58222 ;; flags: qr aa rd; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;home.brau.jp. IN NS ;; ANSWER SECTION: }}}