--- bind-9.4.0/lib/dns/view.c.edns	2006-03-10 00:38:21.000000000 +0100
+++ bind-9.4.0/lib/dns/view.c	2007-03-06 14:55:44.000000000 +0100
@@ -160,6 +160,7 @@
 	view->additionalfromcache = ISC_TRUE;
 	view->additionalfromauth = ISC_TRUE;
 	view->enablednssec = ISC_TRUE;
+	view->enableedns = ISC_TRUE;
 	view->enablevalidation = ISC_TRUE;
 	view->acceptexpired = ISC_FALSE;
 	view->minimalresponses = ISC_FALSE;
--- bind-9.4.0/lib/dns/include/dns/view.h.edns	2006-03-10 00:38:21.000000000 +0100
+++ bind-9.4.0/lib/dns/include/dns/view.h	2007-03-06 14:56:19.000000000 +0100
@@ -112,6 +112,7 @@
 	isc_boolean_t			additionalfromauth;
 	isc_boolean_t			minimalresponses;
 	isc_boolean_t			enablednssec;
+	isc_boolean_t			enableedns;
 	isc_boolean_t			enablevalidation;
 	isc_boolean_t			acceptexpired;
 	dns_transfer_format_t		transfer_format;
--- bind-9.4.0/lib/isccfg/namedconf.c.edns	2006-05-03 03:46:40.000000000 +0200
+++ bind-9.4.0/lib/isccfg/namedconf.c	2007-03-06 14:43:48.000000000 +0100
@@ -767,6 +767,7 @@
 	{ "root-delegation-only",  &cfg_type_optional_exclude, 0 },
 	{ "disable-algorithms", &cfg_type_disablealgorithm,
 	  CFG_CLAUSEFLAG_MULTI },
+	{ "edns-enable", &cfg_type_boolean, 0 },
 	{ "dnssec-enable", &cfg_type_boolean, 0 },
 	{ "dnssec-validation", &cfg_type_boolean, 0 },
 	{ "dnssec-lookaside", &cfg_type_lookaside, CFG_CLAUSEFLAG_MULTI },
--- bind-9.4.0/doc/misc/options.edns	2006-05-03 04:26:59.000000000 +0200
+++ bind-9.4.0/doc/misc/options	2007-03-06 14:43:48.000000000 +0100
@@ -85,6 +85,7 @@
         max-udp-size <integer>;
         root-delegation-only [ exclude { <quoted_string>; ... } ];
         disable-algorithms <string> { <string>; ... };
+        edns-enable <boolean>;
         dnssec-enable <boolean>;
         dnssec-validation <boolean>;
         dnssec-lookaside <string> trust-anchor <string>;
@@ -313,6 +314,7 @@
         max-udp-size <integer>;
         root-delegation-only [ exclude { <quoted_string>; ... } ];
         disable-algorithms <string> { <string>; ... };
+        edns-enable <boolean>;
         dnssec-enable <boolean>;
         dnssec-validation <boolean>;
         dnssec-lookaside <string> trust-anchor <string>;
--- bind-9.4.0/bin/named/config.c.edns	2006-05-03 03:46:40.000000000 +0200
+++ bind-9.4.0/bin/named/config.c	2007-03-06 15:02:07.000000000 +0100
@@ -135,6 +135,7 @@
 	acache-enable no;\n\
 	acache-cleaning-interval 60;\n\
 	max-acache-size 0;\n\
+	edns-enable yes;\n\
 	dnssec-enable yes;\n\
 	dnssec-validation no; /* Make yes for 9.5. */ \n\
 	dnssec-accept-expired no;\n\
--- bind-9.4.0/bin/named/server.c.edns	2007-03-06 14:43:48.000000000 +0100
+++ bind-9.4.0/bin/named/server.c	2007-03-06 15:01:24.000000000 +0100
@@ -1492,6 +1492,11 @@
 	dns_resolver_setclientsperquery(view->resolver,
 					cfg_obj_asuint32(obj),
 					max_clients_per_query);
+
+        obj = NULL;
+        (void)ns_config_get(maps, "edns-enable", &obj);
+        if(obj != NULL)
+               view->enableedns = cfg_obj_asboolean(obj);
 			
 	obj = NULL;
 	result = ns_config_get(maps, "dnssec-enable", &obj);
--- bind-9.4.0/bin/named/query.c.edns	2007-01-08 03:41:59.000000000 +0100
+++ bind-9.4.0/bin/named/query.c	2007-03-06 14:43:48.000000000 +0100
@@ -4578,6 +4578,12 @@
 	if (client->view->enablednssec)
 		message->flags |= DNS_MESSAGEFLAG_AD;
 
+        /*
+         * Disable edns if an user require it.
+         */
+        if (!client->view->enableedns)
+                client->query.fetchoptions |= DNS_FETCHOPT_NOEDNS0;
+
 	qclient = NULL;
 	ns_client_attach(client, &qclient);
 	query_find(qclient, NULL, qtype);