About this test: In order to translate a mnemonic name (such as "netalyzr.icsi.berkeley.edu") to an IP address, this involves a protocol knows as DNS, or the Domain Name Service. EDNS, or Extended DNS, is an extension to the DNS protocol necessary to implement DNS security enhancements, which require the ability to send significantly longer messages. Unfortunately, some older network devices do not understand EDNS and think it is anomalous.
This test works by sending DNS messages from the applet to our server, which then replies with EDNS responses of varying size. The small reply is to check that EDNS is supported, while the medium and large reply are used to check whether a network device rejects large DNS replies, which will be necessary as DNS information becomes cryptographically signed.What if this test reports a problem: If the UDP fragmentation test doesn't work, that is the most likely cause of any failure on this test. If that test works fine, the most likely cause is a misconfiguration or error in your NAT ("home router") or firewall. You should make sure your home router or firewall is running updated software to prevent what might be perceived as mysterious failures and slowdowns when DNSSEC becomes more widely deployed.
For additional information on these tests, please consult the Netalyzr help site over at the New Scientist.