Bug 701 - AD=1 set in a BADVERS response
AD=1 set in a BADVERS response
Product: NSD
Classification: Unclassified
Component: NSD Code
x86_64 Linux
: P5 minor
Assigned To: NSD team
Depends on:
  Show dependency treegraph
Reported: 2015-09-01 18:17 CEST by howard.m.kash.civ
Modified: 2015-09-24 09:29 CEST (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description howard.m.kash.civ 2015-09-01 18:17:41 CEST
I received the following from ISC in response to reporting the IP address changes for h.root-servers.net.  I am currently using NSD 4.1.2.

A quick test of the servers show a protocol compliance error.  I
would not expect to see AD=1 being set in a BADVERS response.  This
is not a major issue.

dig soa . @2001:500:1::53 +edns=1 +ednsflag=0x40 +ednsopt=100 +noednsneg

; <<>> DiG 9.11.0pre-alpha <<>> soa . @2001:500:1::53 +edns=1 +ednsflag=0x40 +ednsopt=100 +noednsneg
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: BADVERS, id: 28876
;; flags: qr rd ad; QUERY: 0, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

; EDNS: version: 0, flags:; udp: 4096
;; Query time: 332 msec
;; SERVER: 2001:500:1::53#53(2001:500:1::53)
;; WHEN: Tue Sep 01 07:45:52 EST 2015
;; MSG SIZE  rcvd: 23
Comment 1 Wouter Wijngaards 2015-09-24 09:29:06 CEST
Hi Howard,

This should be fixed (for NSD 4.1.6).  It'll also not set AD=1 in other error responses.

Best regards, Wouter