EDNS RRs
Ian Cohee
ian.cohee at secure64.com
Thu Nov 19 20:47:39 UTC 2015
Hello all,
One of our engineers discovered some interesting behavior while testing
bad EDNS RRs in Unbound. He discovered that Unbound properly checks and
identifies a truncated OPT RR as a FORMERR, but then returns the
truncated OPT RR, resulting in a malformed response to a malformed
request. I have attached a PCAP file that should contain the malformed
requests/responses.
Has anyone observed this behavior, and if so, had issues from it?
I'd also like to hear some opinions about this behavior.
Thanks,
--
Ian Cohee | Software Engineer
Secure64 Software Corporation
ian.cohee at secure64.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Unbound-EDNS
Type: application/octet-stream
Size: 1734 bytes
Desc: not available
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20151119/40217158/attachment.obj>
More information about the Unbound-users
mailing list