Can a NAPTR query over TCP contain OPT section in Additional Records

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Can a NAPTR query over TCP contain OPT section in Additional Records

Harshith Mulky
This post was updated on .
Hello Experts,

I am having this Call Flow

Client                                                                     DNS
            EDNS query, buffer size=4096
 ------------------------------------------------------->

               DNS Response, Truncation bit set (TC=1)
<-------------------------------------------------------

                          DNS Query over TCP
------------------------------------------------------->

                         DNS Response over TCP
<------------------------------------------------------

In the above Call Scenario, I have the Client supporting, edns Buffer Size=4096. and on the server, I have enabled this: to limit the server sending > 512 bytes in Response

server 0.0.0.0/0  {
        edns yes;
        edns-udp-size 512; //max size query sever can receive is upto 4096 bytes(default value=4096 )
        max-udp-size 512; //max size server can transfer is upto 4096 bytes(default value =4096)
};

The EDNS query is OK, the response is also OK

The question is regarding the DNS Query over TCP,
Can the DNS Query over TCP include the OPT RR section, is this not Applicable to only UDP? is there any RFC which supports OPT RR section for query over TCP

Traces:

Transmission Control Protocol, Src Port: 65168 (65168), Dst Port: domain (53), Seq: 1, Ack: 1, Len: 42
    Source port: 65168 (65168)
    Destination port: domain (53)
    [Stream index: 5]
    Sequence number: 1    (relative sequence number)
    [Next sequence number: 43    (relative sequence number)]
    Acknowledgement number: 1    (relative ack number)
    Header length: 32 bytes
    Flags: 0x18 (PSH, ACK)
        000. .... .... = Reserved: Not set
        ...0 .... .... = Nonce: Not set
        .... 0... .... = Congestion Window Reduced (CWR): Not set
        .... .0.. .... = ECN-Echo: Not set
        .... ..0. .... = Urgent: Not set
        .... ...1 .... = Acknowledgement: Set
        .... .... 1... = Push: Set
        .... .... .0.. = Reset: Not set
        .... .... ..0. = Syn: Not set
        .... .... ...0 = Fin: Not set
    Window size: 29312 (scaled)
    Checksum: 0x479c [validation disabled]
        [Good Checksum: False]
        [Bad Checksum: False]
    Options: (12 bytes)
        NOP
        NOP
        Timestamps: TSval 275757710, TSecr 3185381708
    [SEQ/ACK analysis]
        [Number of bytes in flight: 42]
    [PDU Size: 42]
Domain Name System (query)
    [Response In: 113]
    Length: 40
    Transaction ID: 0x62f0
    Flags: 0x0100 (Standard query)
        0... .... .... .... = Response: Message is a query
        .000 0... .... .... = Opcode: Standard query (0)
        .... ..0. .... .... = Truncated: Message is not truncated
        .... ...1 .... .... = Recursion desired: Do query recursively
        .... .... .0.. .... = Z: reserved (0)
        .... .... ...0 .... = Non-authenticated data: Unacceptable
    Questions: 1
    Answer RRs: 0
    Authority RRs: 0
    Additional RRs: 1
    Queries
        alabamat1.com: type NAPTR, class IN
            Name: alabamat1.com
            Type: NAPTR (Naming authority pointer)
            Class: IN (0x0001)
    Additional records
        <Root>: type OPT
            Name: <Root>
            Type: OPT (EDNS0 option)
            UDP payload size: 4096
            Higher bits in extended RCODE: 0x0
            EDNS0 version: 0
            Z: 0x8000
                Bit 0 (DO bit): 1 (Accepts DNSSEC security RRs)
                Bits 1-15: 0x0 (reserved)
            Data length: 0
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Can a NAPTR query over TCP contain OPT section in Additional Records

Mukund Sivaraman
Hi Harshith

On Thu, Jun 22, 2017 at 05:36:12AM -0700, Harshith Mulky wrote:

> Client                                                                    
> DNS
>             EDNS query, buffer size=4096
>  ------------------------------------------------------->
>
>                DNS Response, Truncation bit set (TC=1)
> <-------------------------------------------------------
>
>                           DNS Query over TCP
> ------------------------------------------------------->
>
>                          DNS Response over TCP
> <------------------------------------------------------
>
> In the above Call Scenario, I have the Client supporting, edns Buffer
> Size=4096. and on the server, I have enabled this: to limit the server
> sending > 512 bytes in Response
>
> server 0.0.0.0/0  {
>         edns yes;
>         edns-udp-size 512; //max size query sever can receive is upto 4096
> bytes(default value=4096 )
>         max-udp-size 512; //max size server can transfer is upto 4096
> bytes(default value =4096)
> };

It is not clear what it is you're trying to achieve from the config
block above, but it isn't a good idea to limit to 512 for /0.

> The EDNS query is OK, the response is also OK
>
> The question is regarding the DNS Query over TCP,
> Can the DNS Query over TCP include the OPT RR section, is this not
> Applicable to only UDP? is there any RFC which supports OPT RR section for
> query over TCP

Yes, the OPT RR carries other information and EDNS options between
client<->nameserver. E.g., without the OPT RR, how will a client tell
the nameserver that DNSSEC is OK (DO=1) ?

>                 Bit 0 (DO bit): 1 (Accepts DNSSEC security RRs)

                Mukund
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Can a NAPTR query over TCP contain OPT section in Additional Records

Harshith Mulky
Hi Mukund,

I am trying Fallback procedures from edns query to TCP when edns Responses have TC bit set to 1

Regards
Harshith
Loading...