Got ReservedBitsAreNonZero errors

Question

Got ReservedBitsAreNonZero errors

Closed this issue 9 years ago · 3 comments

My dig command generates DNS packets that has the AD bit set (the 11th bit in flags) as Wireshark shows to me. But dns-parser thinks that bit should be zero because it's reserved.

I think reserved data should be stored as-is, without checked, as it may have meaning in the future.

Answer 1 · 2016-06-07T09:24:49.000Z

Here is the citation:

Z Reserved for future use. Must be zero in all queries
and responses.

As I understand the text if a bit is set the request may be a different thing at all. Like a domain name is in a different encoding or something. All of that may have security implications.

Anyway, what is "AD" bit (any link)? If it's something that is widely used let's just implement it.

Answer 2 · 2016-06-07T10:41:23.000Z

Here's it: https://www.ietf.org/rfc/rfc3655.txt.

Wireshark also shows "Non-authenticated data: Unacceptable" for the next bit (set as 0 by dig), but I didn't find any link explaining what it is.

Answer 3 · 2016-06-07T10:44:48.000Z

Hm, it looks like we need to expose that bit as a boolean flag, but can otherwise ignore it. Do you want to make a pull request?