[dns-operations] Truncation query
fweimer at redhat.com
Tue Mar 14 13:47:05 UTC 2017
On 02/06/2017 03:47 PM, Peter van Dijk wrote:
> As I have understood the relevant RFCs, the counts should match what’s
> actually in the packet, and ‘harvesting’ data from a truncated response
> is allowed under limited circumstances. So if I have to guess, the
> packet you are seeing is not valid.
I agree that these packets are malformed because the header does not
match what's in the packet.
But our BIND-derived stub resolver creates such packets if the
application calls one of the res_ lookup functions, TCP fallback
happens, and the response is larger than the caller-supplied buffer. In
this case, the stub resolver just patches in the TC bit and truncates
the DNS message to fit the application-supplied buffer, without further
adjusting the DNS header. And the truncation can happen in the middle
of a resource record.
I don't think there is a better option to deal with this scenario
(except perhaps not returning the response packet at all, just an error
More information about the dns-operations