[dns-operations] Odd EDNS implementation bug

Geoffrey Sisson geoff at geoff.co.uk
Wed May 26 23:29:57 UTC 2010 

marka at isc.org (Mark Andrews) wrote:

> In message <alpine.LSU.2.00.1005261924540.28459 at hermes-2.csi.cam.ac.uk>, Tony Finch writes:
> > Some rr.com name servers put the answer RRset in the additional ssection
> > if you make an EDNS request:
> > 
> > 
> > ; <<>> DiG 9.7.0-P2 <<>> +norec @65.24.6.70 cpe-75-81-112-75.kc.res.rr.com. A
> > ; (1 server found)
> > ;; global options: +cmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24159
> > ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> > 
> > ;; QUESTION SECTION:
> > ;cpe-75-81-112-75.kc.res.rr.com.        IN      A
> > 
> > ;; ANSWER SECTION:
> > cpe-75-81-112-75.kc.res.rr.com. 604800 IN A     75.81.112.75
> > 
> > ;; Query time: 106 msec
> > ;; SERVER: 65.24.6.70#53(65.24.6.70)
> > ;; WHEN: Wed May 26 19:27:21 2010
> > ;; MSG SIZE  rcvd: 94
> > 
> > 
> > ; <<>> DiG 9.7.0-P2 <<>> +bufsize=512 +norec @65.24.6.70 cpe-75-81-112-75.kc.res.rr.com. A
> > ; (1 server found)
> > ;; global options: +cmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10801
> > ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
> > 
> > ;; OPT PSEUDOSECTION:
> > ; EDNS: version: 0, flags:; udp: 512
> > ;; QUESTION SECTION:
> > ;cpe-75-81-112-75.kc.res.rr.com.        IN      A
> > 
> > ;; ADDITIONAL SECTION:
> > cpe-75-81-112-75.kc.res.rr.com. 604800 IN A     75.81.112.75
> > 
> > ;; Query time: 111 msec
> > ;; SERVER: 65.24.6.70#53(65.24.6.70)
> > ;; WHEN: Wed May 26 19:27:39 2010
> > ;; MSG SIZE  rcvd: 105
> > 
> > 
> > Tony.
> > -- 
> > f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/
> > SHANNON: NORTHERLY 4, BUT 5 OR 6 AT FIRST IN EAST. MODERATE OR ROUGH. SHOWERS.
> > MAINLY GOOD.
> > _______________________________________________
> > dns-operations mailing list
> > dns-operations at lists.dns-oarc.net
> > https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>
> I suspect that it is a specialized server synthesizing responses
> on the fly and it hasn't been properly tested.  You can't just
> append answers to queries and have it work.

Looking at this on the wire, it seems the OPT RR is in the answer section
and the answer is in the additional section, so it looks like they just
have the RRs in the wrong order.

Geoff

More information about the dns-operations mailing list