[ldns-users] DNS RCODEs

[Vladimir Levijev]

On Thu, Mar 22, 2018 at 10:26 AM Vladimir Levijev <
vladimir.levijev at gmail.com> wrote:

> Currently ldns supports RCODES from 0 to 10:

>   /* rcodes for pkts */
> enum ldns_enum_pkt_rcode {
>          LDNS_RCODE_NOERROR = 0,
>          LDNS_RCODE_FORMERR = 1,
>          LDNS_RCODE_SERVFAIL = 2,
>          LDNS_RCODE_NXDOMAIN = 3,
>          LDNS_RCODE_NOTIMPL = 4,
>          LDNS_RCODE_REFUSED = 5,
>          LDNS_RCODE_YXDOMAIN = 6,
>          LDNS_RCODE_YXRRSET = 7,
>          LDNS_RCODE_NXRRSET = 8,
>          LDNS_RCODE_NOTAUTH = 9,
>          LDNS_RCODE_NOTZONE = 10
> };

> while RFC lists more (16-23 are missing):


https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-6

> Is there a reason for that or is adding the rest planned for the fugure?

Getting back to this old question. We found out that there are actually 2
groups of RCODEs:

- unextended (0-15) available in DNS packet header
- extended (>16) available in different resource records

Quoting https://tools.ietf.org/html/rfc2929#section-2.3 :

[...]
It would appear from the DNS header above that only four bits of
RCODE, or response/error code are available. However, RCODEs can
appear not only at the top level of a DNS response but also inside
OPT RRs [RFC 2671], TSIG RRs [RFC 2845], and TKEY RRs [RFC 2930].
The OPT RR provides an eight bit extension resulting in a 12 bit
RCODE field and the TSIG and TKEY RRs have a 16 bit RCODE field.
[...]

Is there a plan to support extended RCODEs?

Cheers,

VL