[dns-operations] Truncation query
pk at denic.de
Mon Feb 6 15:13:25 UTC 2017
On Mon, Feb 06, 2017 at 02:25:05PM +0000, Ray Bellis wrote:
> Should the server have set ANCOUNT=0 in this packet for it to be legal,
> or should the presence of TC=1 be taken to mean that "all bets are off"
> for everything after the question section?
With RFC 1035, section 6.2
When a response is so long that truncation is required, the truncation
should start at the end of the response and work forward in the
datagram. Thus if there is any data for the authority section, the
answer section is guaranteed to be unique.
and sction 9 of RFC 2182
Where TC is set, the partial RRSet that would not completely fit may
be left in the response. When a DNS client receives a reply with TC
set, it should ignore that response, and query again, using a
mechanism, such as a TCP connection, that will permit larger replies.
one could argue that the ANCOUNT>0 is OK-ish to identify the truncated section
(which could be either answer or authority).
More information about the dns-operations