12. RFC notes

12.1. RFC 8914 (Extended DNS Errors)

The EDNS Extended DNS Errors and Extended DNS Errors and RPZ sections contain many details about Loop's EDNS Extended DNS Errors implementation.

The ede-enable and ede-extra-text-enable configuration options of named.conf(5) control whether and how the EDNS Extended DNS Errors option is returned in responses.

12.2. RFC 9276 (Guidance for NSEC3 Parameter Settings)

The max-nsec3-iterations configuration option of named.conf(5) can be used to configure the maximum permitted number of additional NSEC3 iterations in the validating resolver.

named will return a SERVFAIL response if the number of additional NSEC3 iterations required are larger than the configured value.

Currently, named does not return the Unsupported NSEC3 Iterations Value (83) EDNS Extended DNS Errors option as specified in RFC 9276.