Home/ Questions/Q 9005685
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-16T01:12:38+00:00

When I do a request to a nameserver which has dnssec the response is

  • 0

When I do a request to a nameserver which has dnssec the response is sometimes incomplete
i looked around on the web and found some information regarding the issue
2.3.4 Size limits
https://www.rfc-editor.org/rfc/rfc1035

It saysUDP messages 512 octets or less

To receive a bigger response I need EDNS0 so i can receive a max of 4096 bytes.I can’t really figure out how to use/enable EDNS0
EDNS0 info:
https://www.rfc-editor.org/rfc/rfc2671
EDIT
i have to send an OPT RR with my request to get more data back. i have an example from microsoft, but they use a type RRSIG. i want to use a type ANY.
http://img266.imageshack.us/img266/6707/optf.png

The question:
can someone explain how EDNS0 works and why my opt rr is not working.(i use the same as the microsoft example)

thx in advance:)

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    For some odd reason my request is working now.

    Request i send:
    01 01 01 00 00 01 00 00 00 00 00 01". domain2dns($domainname) ."00 00 ff 00 01 00 00 29 10 00 00 00 00 00 00 00

    explanation of the EDNS part
    Name: 00
    Type: 00 29
    UDP Payload size: 10 00
    Higher bits in extended RCODE:00
    EDNS0 version: 00
    Z: 00 00
    Data Lenght: 00 00

    NAME – – domain name — empty (root domain)
    TYPE – – u_int16_t —- OPT
    CLASS – u_int16_t —- sender’s UDP payload size
    TTL – – – u_int32_t —- extended RCODE and flags
    RDLEN – u_int16_t —- describes RDATA
    RDATA – octet stream – {attribute,value} pairs

    Problem solved
    thx guys 🙂

    • 0