[DNSOP] RFC 6891 Clarification (EDNS=1 and higher behaviour)
Ondřej Surý <ondrej.sury@nic.cz> Mon, 15 September 2014 15:09 UTC
Return-Path: <ondrej.sury@nic.cz>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80E551A0362 for <dnsop@ietfa.amsl.com>; Mon, 15 Sep 2014 08:09:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.297
X-Spam-Level: *
X-Spam-Status: No, score=1.297 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_EQ_CZ=0.445, HOST_EQ_CZ=0.904, J_CHICKENPOX_57=0.6, MIME_8BIT_HEADER=0.3, RP_MATCHES_RCVD=-1.652] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dt8etSpacTn7 for <dnsop@ietfa.amsl.com>; Mon, 15 Sep 2014 08:09:18 -0700 (PDT)
Received: from mail.nic.cz (mail.nic.cz [IPv6:2001:1488:800:400::400]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA3E91A037C for <dnsop@ietf.org>; Mon, 15 Sep 2014 08:09:13 -0700 (PDT)
Received: from calcifer.nic.cz (calcifer.nic.cz [217.31.202.36]) by mail.nic.cz (Postfix) with ESMTP id 40AD013FB92 for <dnsop@ietf.org>; Mon, 15 Sep 2014 17:09:12 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nic.cz; s=default; t=1410793752; bh=hOfp1cwodo5Xgz+b48gKrBvsLahMiexDEeZN8xDqCfc=; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type: Content-Transfer-Encoding; b=vJLHy8HsAtjOJpifKQJC/6NLVVL1F5TZwYexOuX3BQQdC+rYEX+METH56Gdp1F3ed EqyPhFUTe5HnYcN1MLzGGVwSkUetcMxbKQYwp2SPv0DHnFBumOzbxA1B5PWnGNPMsA HBZM4OdtjWIjr9QgZn6peFZRbH/Q7aYOlzasJxRQ=
Date: Mon, 15 Sep 2014 17:09:01 +0200
From: Ondřej Surý <ondrej.sury@nic.cz>
To: dnsop@ietf.org
Message-ID: <160445486.13485.1410793741990.JavaMail.zimbra@nic.cz>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Originating-IP: [2001:1488:ac15:ff70:0:0:0:88]
X-Mailer: Zimbra 8.5.0_BETA3_2884 (ZimbraWebClient - FF31 (Linux)/8.5.0_BETA3_2884)
Thread-Topic: RFC 6891 Clarification (EDNS=1 and higher behaviour)
Thread-Index: F0XRBLQCQAElmqJvkA5VCUgA1nNVrw==
X-Virus-Scanned: clamav-milter 0.98.1 at mail
X-Virus-Status: Clean
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/bY0372trbPQ4EOMrYwzF4jxBLsA
Subject: [DNSOP] RFC 6891 Clarification (EDNS=1 and higher behaviour)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Sep 2014 15:09:19 -0000
Hey all, we have received a notice that Knot DNS adds an answer in case the EDNS=1 (and higher) in the response where RCODE=BADVERS (and OPT EDNS=0). The RFC 6891 doesn't forbid such behaviour: If a responder does not implement the VERSION level of the request, then it MUST respond with RCODE=BADVERS. All responses MUST be limited in format to the VERSION level of the request, but the VERSION of each response SHOULD be the highest implementation level of the responder. In this way, a requestor will learn the implementation level of a responder as a side effect of every response, including error responses and including RCODE=BADVERS. And in fact we think this might be a more forward compatible behaviour than returning an empty response with RCODE=BADVERS. (Sending it here as dnsext is concluded...) Cheers, -- Ondřej Surý -- Chief Science Officer ------------------------------------------- CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC Americka 23, 120 00 Praha 2, Czech Republic mailto:ondrej.sury@nic.cz http://nic.cz/ -------------------------------------------
- [DNSOP] RFC 6891 Clarification (EDNS=1 and higher… Ondřej Surý
- Re: [DNSOP] RFC 6891 Clarification (EDNS=1 and hi… Mark Andrews