[dns-operations] Truncation query

Florian Weimer fweimer at redhat.com
Tue Mar 14 13:47:05 UTC 2017

On 02/06/2017 03:47 PM, Peter van Dijk wrote:
> As I have understood the relevant RFCs, the counts should match what’s
> actually in the packet, and ‘harvesting’ data from a truncated response
> is allowed under limited circumstances. So if I have to guess, the
> packet you are seeing is not valid.

I agree that these packets are malformed because the header does not 
match what's in the packet.

But our BIND-derived stub resolver creates such packets if the 
application calls one of the res_ lookup functions, TCP fallback 
happens, and the response is larger than the caller-supplied buffer.  In 
this case, the stub resolver just patches in the TC bit and truncates 
the DNS message to fit the application-supplied buffer, without further 
adjusting the DNS header.  And the truncation can happen in the middle 
of a resource record.

I don't think there is a better option to deal with this scenario 
(except perhaps not returning the response packet at all, just an error 


More information about the dns-operations mailing list