[dns-operations] Odd EDNS implementation bug

Mark Andrews marka at isc.org
Wed May 26 22:23:16 UTC 2010 

In message <alpine.LSU.2.00.1005261924540.28459 at hermes-2.csi.cam.ac.uk>, Tony Finch writes:
> Some rr.com name servers put the answer RRset in the additional ssection
> if you make an EDNS request:
> 
> 
> ; <<>> DiG 9.7.0-P2 <<>> +norec @65.24.6.70 cpe-75-81-112-75.kc.res.rr.com. A
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24159
> ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;cpe-75-81-112-75.kc.res.rr.com.        IN      A
> 
> ;; ANSWER SECTION:
> cpe-75-81-112-75.kc.res.rr.com. 604800 IN A     75.81.112.75
> 
> ;; Query time: 106 msec
> ;; SERVER: 65.24.6.70#53(65.24.6.70)
> ;; WHEN: Wed May 26 19:27:21 2010
> ;; MSG SIZE  rcvd: 94
> 
> 
> ; <<>> DiG 9.7.0-P2 <<>> +bufsize=512 +norec @65.24.6.70 cpe-75-81-112-75.kc.res.rr.com. A
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10801
> ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 512
> ;; QUESTION SECTION:
> ;cpe-75-81-112-75.kc.res.rr.com.        IN      A
> 
> ;; ADDITIONAL SECTION:
> cpe-75-81-112-75.kc.res.rr.com. 604800 IN A     75.81.112.75
> 
> ;; Query time: 111 msec
> ;; SERVER: 65.24.6.70#53(65.24.6.70)
> ;; WHEN: Wed May 26 19:27:39 2010
> ;; MSG SIZE  rcvd: 105
> 
> 
> Tony.
> -- 
> f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/
> SHANNON: NORTHERLY 4, BUT 5 OR 6 AT FIRST IN EAST. MODERATE OR ROUGH. SHOWERS.
> MAINLY GOOD.
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations

I suspect that it is a specialized server synthesizing responses
on the fly and it hasn't been properly tested.  You can't just
append answers to queries and have it work.

Mark

08:15:04.399005 IP (tos 0x0, ttl 244, id 63642, offset 0, flags [DF], proto: UDP (17), length: 133) 65.24.6.70.53 > 192.168.191.236.54779: [udp sum ok]  33769*- q: A? cpe-75-81-112-75.kc.res.rr.com. 1/0/1 . OPT UDPsize=512 ar: cpe-75-81-112-75.kc.res.rr.com. A 75.81.112.75 (105)

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the dns-operations mailing list