Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
After upgrading my iPad from iOS 13.7 to 14.2, I find my caching forwarder logs flooded with:
Nov 10 16:28:09 janus named[1050]: REFUSED unexpected RCODE resolving 'ocsp.g.aaplimg.com/TYPE65/IN': 208.67.222.222#53Nov 10 16:28:09 janus named[1050]: RE...
I have a caching forwarder for a small home network, running bind-9.11.13-6.el8_2.1.x86_64 on CentOS 8.
I get about 1200 or so of these messages a day in my logs, with no particular time of day when they do or do not occur:
...Nov 9 23:48:49 janus n...
Ah, that explains it, thanks.
For anyone interested who's running ISC bind, to avoid getting these errors in your logs you can disable the "lame-servers" category in the "logging" section of named.conf
logging { category lame-servers { null; }...
Traced it to one host on my wireless network - an iPad Pro that was just updated from iOS 13.7 to iOS 14.2.
So it seems iOS 14 is issuing Type 65 (HTTPS) requests now.
Does OpenDNS have any plans to support this RR type?
