[dns-operations] Non-EDNS FORMERR with qdcount==0?

[Viktor Dukhovni]

On Mon, Nov 18, 2019 at 03:54:36PM +0530, Mukund Sivaraman wrote:

> > MUST servers reflect the question (on error?) or can they leave it
> > out?
> 
> It would depend on how much of the question was syntactically parsable.

My example queries had a well-formed question, along with an EDNS(0)
OPT record, but the FORMERR response had an empty question section.
So, whether that's valid or not, I guess I'll have to accept that
as a matching response that indicates lack of EDNS(0) support, and
retry without EDNS.

> > Is FORMERR special in this regard (not being an answer to a question),
> > but an error processing my query packet?
> 
> Maybe the outlook.com implementation thinks this question is
> syntactically incorrect, and so it can't use it in the reply.

It groks the same question once the OPT record is left out.

> > FWIW, "unbound-host" handles the "empty" FORMERR response, and retries the
> > query without EDNS.  Is unbound-host doing what's expected, or employing
> > a work-around for known breakage?
> 
> Loop's resolver does the same too, and appears to be a workaround (the
> code is from 2000 by Bob Halley written for BIND, and it describes the
> same).

I pushed a bugfix:

    https://github.com/kazu-yamamoto/dns/commit/de1063e4cfcbc582074dd911e637053876886670

    +-- When the response 'RCODE' is 'FormatErr', the server did not understand our
    +-- query packet, and so is not expected to return a matching question.
    +--
     checkRespM :: Question -> Identifier -> DNSMessage -> Maybe DNSError
     checkRespM q seqno resp
       | identifier (header resp) /= seqno = Just SequenceNumberMismatch
    +  | FormatErr <- rcode $ flags $ header resp
    +  , []        <- question resp        = Nothing
       | [q] /= question resp              = Just QuestionMismatch
       | otherwise                         = Nothing

-- 
    Viktor.