[dns-operations] EDNS1 tests in the ednscomp tool

Mark Andrews marka at isc.org
Thu May 31 23:06:17 UTC 2018 

> On 31 May 2018, at 10:35 pm, Ray Bellis <ray at isc.org> wrote:
> 
> On 31/05/2018 12:01, Chris Thompson wrote:
> 
>> Is this even categorically wrong? I couldn't find anything by casual 
>> inspection of RFC 2671 or RFC 6891. Even if it is technically wrong,
>> I don't see how any resolver is going to take the wrong action as a
>> result of receiving such a response.
> 
> Copying the question into the response is actually required:
> 
> From 6891:
> 
>   The minimal response MUST be the DNS header, question section, and an
>   OPT record.  This MUST also occur when a truncated response (using
>   the DNS header's TC bit) is returned.
> 
> It would seem as Mark suggests though that sometimes the answers coming
> back are not correct.

The bad answers have a NOERROR rcode and a SOA record in the answer
section.  (DNS Flags: 8400 + OPT TTL: 0000 0000 == QR, NOERROR, AA, VERSION=0)

As the request had a EDNS version of 1 the rcode should have been BADVER,
AA should not have been set and the answer section should have been empty.

22:04:45.216020 IP 172.30.42.91.58741 > 217.160.81.195.53: 11775 [1au] SOA? ui-dns.biz. (39)
	0x0000:  4500 0043 4e43 0000 4011 2a8a ac1e 2a5b  E..CNC.. at .*...*[
	0x0010:  d9a0 51c3 e575 0035 002f 9c71 2dff 0000  ..Q..u.5./.q-...
	0x0020:  0001 0000 0000 0001 0675 692d 646e 7303  .........ui-dns.
	0x0030:  6269 7a00 0006 0001 0000 2910 0000 0100  biz.......).....
	0x0040:  0000 00                                  ...

22:04:46.564015 IP 217.160.81.195.53 > 172.30.42.91.58741: 11775*- 1/0/1 SOA (99)
	0x0000:  4500 007f 678e 4000 3211 df02 d9a0 51c3  E...g. at .2.....Q.
	0x0010:  ac1e 2a5b 0035 e575 006b 680c 2dff 8400  ..*[.5.u.kh.-...
	0x0020:  0001 0001 0000 0001 0675 692d 646e 7303  .........ui-dns.
	0x0030:  6269 7a00 0006 0001 c00c 0006 0001 0000  biz.............
	0x0040:  0e10 0030 066e 732d 6269 7ac0 0c08 646e  ...0.ns-biz...dn
	0x0050:  7361 646d 696e 0531 756e 6431 0264 6500  sadmin.1und1.de.
	0x0060:  77dd c293 0000 7080 0000 1c20 0009 3a80  w.....p.......:.
	0x0070:  0000 0258 0000 2906 90 00    ...X..)........

> Ray
> _______________________________________________00 0000 0000
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-operations mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka at isc.org

More information about the dns-operations mailing list