Re: [DNSOP] Clarification question: compression pointers always to names earlier in the packet?

bert hubert <> Wed, 24 October 2018 09:21 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 30D59130EF2 for <>; Wed, 24 Oct 2018 02:21:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.652
X-Spam-Status: No, score=-1.652 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id yTw9nRAKY1mX for <>; Wed, 24 Oct 2018 02:21:52 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 921EA130E7C for <>; Wed, 24 Oct 2018 02:21:52 -0700 (PDT)
Received: from (unknown []) by (Postfix) with ESMTPS id A76789FB55 for <>; Wed, 24 Oct 2018 09:21:48 +0000 (UTC)
Received: by (Postfix, from userid 1000) id 64EB6AC9CD5; Wed, 24 Oct 2018 11:21:48 +0200 (CEST)
Date: Wed, 24 Oct 2018 11:21:48 +0200
From: bert hubert <>
To: dnsop <>
Message-ID: <>
References: <>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <>
Subject: Re: [DNSOP] Clarification question: compression pointers always to names earlier in the packet?
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 24 Oct 2018 09:22:00 -0000

On Wed, Oct 24, 2018 at 05:01:53AM -0400, Viktor Dukhovni wrote:
> And yet, here and there I see mention of having to take care to avoid "loops",
> but loops are impossible in a monotone strictly decreasing sequence.

Yes. This is one of the best ways of preventing such loops. Some libraries
accidentally allowed a jump to the same place though, if I recall correctly.

PowerDNS, for reasons I'm trying to find out, not only checks if a jump went
backwards but also refuses to go backwards more than 100 times. It may be
that someone made a packet that burned a lot of CPU time.

> Is there a later RFC that relaxes the constraint and allows pointers to names
> later in the message?  I'm having a bit of trouble finding the later text...

Not that I know of. But it might accidentally work in some places, including
I think old (2.9 era) PowerDNS software. 

> Secondarily, can the pointer point to some odd-ball location earlier in the
> message that is not semantically a label in its original context, but just
> happens to carry data that decodes as the desired label?  Or, are pointers
> only valid to prior locations that are corresponding labels in their original
> context?

I'd say "don't do that". Someone really clever might one day find you can
point back to a location in the middle of a name that so happens to be
parseable as a whole name (remember, there is a length field there). 

It would likely work though in most implementations.