[dns-operations] Name server turning off RD bit in response - just curious

Peter Koch pk at DENIC.DE
Tue Aug 7 18:03:42 UTC 2012


On 07/08/2012 13:40, Faasen, Craig wrote:

> > > Out of curiosity, any idea why a name server would want to change
> > > the RD bit ? (except to break an unsuspecting script ;)

both RA and RD are uni-directional (and over in the IETF we'll find someone
who remembers why it was desigend this way instead of saving the bit).

> Anand Buddhdev wrote:

> > perform recursive queries. While RFC 1035 requires the server to copy
> > the value of RD from the query into the response, a client shouldn't
> > even be bothering to look at RD in a response, and certainly should not
> > break if its value in the response doesn't match the query.

The "client" well indeed be somebody withj a dig/drill/host in their
hands, and in tose cases, keeping the RD at least informs the debugging
individual how the query was received.

On Tue, Aug 07, 2012 at 01:39:32PM -0400, Robert Edmonds wrote:
> indeed, and for an example of the opposite behavior, see
> ns[1-4].google.com, which set the RD bit in responses regardless of the
> RD bit in the query.

Well, at least my version of "dig" breaks insofar as it emits a warning
that is only based on the response: ";; WARNING: recursion requested but not available",
even with "+norec".

-Peter



More information about the dns-operations mailing list