The resolver can use UDP protocols to more efficiently obtain resource information when it uses the Extension Mechanisms for DNS (EDNS0) standards. Before these standards existed, UDP responses from a name server were limited to 512 bytes. If a large number of resource records appear on a DNS response message, more than 512 bytes might be required to return all the response data to the resolver. IPv6 resource records are larger than IPv4 resource records, so fewer IPv6 resource records are needed to reach the 512 byte limitation, but the limitation can be reached even with just IPv4 resource records. EDNS0 support permits the resolver to accept DNS messages, using UDP protocols, of greater than 512 bytes, if the name server that is providing the response message also supports EDNS0.
You do not need to configure support for EDNS0 standards. If the resolver is not certain of the EDNS0 capability of a name server, the resolver does not use EDNS0 for that name server and does not indicate on any query that it sends to the name server that it supports EDNS0 processing. After the resolver dynamically determines that a name server supports EDNS0 processing, the resolver modifies the DNS requests that are sent to the name server to use EDNS0.
The resolver dynamically attempts to determine the EDNS0 capabilities of a name server the first time that the resolver receives a truncated UDP response from the name server; the resolver sends the same query to the name server and includes an indication that it supports EDNS0 processing, which is called an EDNS0 probe. The resolver determines whether the name server supports EDNS0 based on the following possible results from the EDNS0 probe:
Because the resolver cannot determine why a timeout occurs, it does not use EDNS0 to that name server for a minimum five-minute interval. At the end of that interval, if appropriate, the resolver sends another EDNS0 probe query to determine whether the name server now supports EDNS0. To fully gain EDNS0 performance benefits, you should choose a resolver timeout value that is long enough to allow larger UDP packets to arrive.
The resolver periodically verifies that the name server does not support EDNS0, even if the response to the EDNS0 probe explicitly indicated that the name server does not support EDNS0. The periodic EDNS0 probe processing allows the resolver to dynamically discover that the capabilities of the name server have changed, although the rediscovery period might take some time. You can use the MODIFY RESOLVER,REFRESH command to cause the resolver to rediscover the capabilities of the name servers more quickly. For more information about the MODIFY RESOLVER,REFRESH command, see z/OS Communications Server: IP System Administrator's Commands.
To verify whether a name server supports EDNS0, use the dig command with the +bufsize= option to force dig to send an OPT RR record on the request. If the name server supports EDNS0, it responds with its own OPT RR record on the response.
If you have upgraded a name server to support EDNS0, you can issue the MODIFY RESOLVER,REFRESH command to force the resolver to dynamically determine name server capability. The resolver can then use EDNS0 support to accept DNS messages of greater than 512 bytes, using the less costly UDP protocol, which results in improved DNS and resolver performance.