[dns-operations] Answer both Truncated and Authentic?

Mark Andrews marka at isc.org
Thu May 23 21:40:36 UTC 2013


In message <20130523210849.GA31540 at sources.org>, Stephane Bortzmeyer writes:
> Is it reasonable/legal to have both tc and ad?

Yes.  The example is more than just tc + ad, it is also zero records
after the EDNS OPT record is removed at which point the ad=1 is just
noise.

If you are going to use a tc=1 response and not retry with TCP you
really have to think about how you interpret the response.  AD=1 is
clear enough in what it means.

Mark

> % dig +noignore @8.8.8.8 ANY fr 
> 
> ; <<>> DiG 9.7.3 <<>> +noignore @8.8.8.8 ANY fr
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46304
> ;; flags: qr tc rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags: do; udp: 512
> ;; QUESTION SECTION:
> ;fr.				IN	ANY
> 
> ;; Query time: 59 msec
> ;; SERVER: 8.8.8.8#53(8.8.8.8)
> ;; WHEN: Thu May 23 23:07:10 2013
> ;; MSG SIZE  rcvd: 31
> 
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org



More information about the dns-operations mailing list