-
Notifications
You must be signed in to change notification settings - Fork 30
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
edns fails for afnic.fr ... seems to be false alert #480
Comments
I just did a test and ran wireshark. What I can observe is that we send a packet with EDNS version 1 (which is not a valid vesion number) then we get an answer with NOERROR. According to the specs, the message you have is what is expected. |
I did a dig and i do not get that
|
|
OK, I got it, Extended RCODE are not processed the same way in LDNS. I have to check both rcode and edns-rcode to compute RCODE value (perhaps we could improve specs to disambiguate that). |
I do not see how i could improve the specs "https://github.com/zonemaster/zonemaster/blob/develop/docs/specifications/tests/Nameserver-TP/nameserver10.md" Any inputs? |
@sandoche2k perhaps make a reference to both https://tools.ietf.org/html/rfc6891#section-9 and https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-6. |
So, if i understand clearly, you want a reference to the RCODE BADVERS in Nameserver10? |
@sandoche2k No, I would like a specification that is self sufficient. I mean, I wrote the code corresponding to the specs but I had not in mind the whole RFC at that time (I read it again since). That's why I made a mistake while implementing. BADVERS is not a legal RCODE value in the DNS header but a combination of RCODE and extended-RCODE (in OPT RR). I guess it would be easier for a mutual understanding if the specs could detail RCODE and extended-RCODE values expected or include the following excerp from RFC 6891, especially if we come back in one or two years on this test case.
|
Ok.. I will add that for the respective specifications. |
Refer to zonemaster/zonemaster#668 |
From Zonemaster CLI:
But EDNS compliance testing passes : https://ednscomp.isc.org/ednscomp/87d77657eb
The text was updated successfully, but these errors were encountered: