[dns-operations] Truncation query

Peter Koch pk at denic.de
Mon Feb 6 15:13:25 UTC 2017

On Mon, Feb 06, 2017 at 02:25:05PM +0000, Ray Bellis wrote:

> Should the server have set ANCOUNT=0 in this packet for it to be legal,
> or should the presence of TC=1 be taken to mean that "all bets are off"
> for everything after the question section?

interesting question.

With RFC 1035, section 6.2

	When a response is so long that truncation is required, the truncation
	should start at the end of the response and work forward in the
	datagram.  Thus if there is any data for the authority section, the
	answer section is guaranteed to be unique.

and sction 9 of RFC 2182

	Where TC is set, the partial RRSet that would not completely fit may
	be left in the response.  When a DNS client receives a reply with TC
	set, it should ignore that response, and query again, using a
	mechanism, such as a TCP connection, that will permit larger replies.

one could argue that the ANCOUNT>0 is OK-ish to identify the truncated section
(which could be either answer or authority).


More information about the dns-operations mailing list