Implement RFC 8914 Extended DNS Errors
deathowl opened this issue · 4 comments
https://www.rfc-editor.org/rfc/rfc8914.html
RFC 8914 defines an extensible method to return additional information about the cause of DNS errors.
This is useful for cases, where we might want to indicate for example that we are not autohiritative for a request by adding an EDE code Not Authoritative in the response, alongside the normal REFUSED, which provides the user with some more insight.
@deathowl i see you set SetEdns0(4096, true).
4096 is probably not right. I believe a PR recently made sure this value would be minimal. Should it align with it?
Ok. What I am referring to is internal diff D48613667 . TL;DR is that we use the CoreDNS bufsize plugin https://github.com/coredns/coredns/blob/master/plugin/bufsize/bufsize.go to clamp it down.
@chantra if i set -max-udp-size 2048 SetEdns0 honors that setting thanks to bufsize plugin
see
death0wl@death0wl-fedora-PF20THNE ~ dig testnotauth.com @127.0.0.1 -p 8053
; <<>> DiG 9.16.40-RH <<>> testnotauth.com @127.0.0.1 -p 8053
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 46626
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 2048
; EDE: 20 (Not Authoritative)
;; QUESTION SECTION:
;testnotauth.com. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.1#8053(127.0.0.1)
;; WHEN: Wed Sep 13 13:15:59 IST 2023
;; MSG SIZE rcvd: 50