Bug #7634 for Net-DNS: Setting AA in Net::DNS::Nameserver does not work

Mon Sep 13 20:13:09 2004 Guest - Ticket created

Subject:

Setting AA in Net::DNS::Nameserver does not work

According to the documentation/manpage of Net::DNS::Nameserver one can set the AA bit on responses by adding { aa => 1 } to the return code. I tried this for a small script I did once but it does not work. See the attached script, when queried for something it should return NXDOMAIN with aa set, but dig and ethereal don't show it. ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51213 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 I hit the same hole with a bigger project I'm currently working on, but this one here is easier to reproduce. Net-DNS-0.48 This is perl, v5.8.4 built for i686-linux-thread-multi Linux majestix 2.6.7-gentoo-r11 #1 Wed Jul 28 01:04:54 CEST 2004 i686 Intel(R) Pentium(R) 4 CPU 2.80GHz GenuineIntel GNU/Linux

#!/usr/bin/perl -w use Net::DNS::Nameserver; use POSIX; my $ns = Net::DNS::Nameserver->new( LocalAddr => "81.92.174.18", ReplyHandler => \&reply_handler, Verbose => 1, ) || die "couldn't create nameserver object\n"; $ns->main_loop; sub reply_handler { my ($qname, $qclass, $qtype, $peerhost) = @_; my ($rcode, @ans, @auth, @add); my $time = asctime(localtime()); chomp($time); open(SPFDNS, ">>/tmp/spfdns"); if ($qname =~ /^cl\.(.*)\.fr\.(.*)\.he\.(.*)\.null\.spf\.mucip\.net$/i) { print SPFDNS "$time client=$1 from=<$2> helo=$3\n"; } else { print SPFDNS "$time $qname not understood\n"; } $rcode = "NXDOMAIN"; close(SPFDNS); return ($rcode, \@ans, \@auth, \@add, { aa => 1 }); }

Mon Sep 13 21:43:00 2004 mike [...] fuhr.org - Correspondence added

Date:	Mon, 13 Sep 2004 19:38:24 -0600
From:	Michael Fuhr <mike [...] fuhr.org>
To:	Guest via RT <bug-Net-DNS [...] rt.cpan.org>
CC:	undisclosed-recipients: ;
Subject:	Re: [cpan #7634] Setting AA in Net::DNS::Nameserver does not work
RT-Send-Cc:

On Mon, Sep 13, 2004 at 08:13:09PM -0400, Guest via RT wrote: Show quoted text

> > <URL: https://rt.cpan.org/Ticket/Display.html?id=7634 > > > According to the documentation/manpage of Net::DNS::Nameserver > one can set the AA bit on responses by adding { aa => 1 } to the > return code. I tried this for a small script I did once but it does > not work. See the attached script, when queried for something it > should return NXDOMAIN with aa set, but dig and ethereal don't show > it. > > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51213 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

Your script worked fine for me: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39920 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 Are you sure you're sending the queries to the correct IP address and port? Net::DNS::Nameserver doesn't set the RA flag by default yet that flag shows up in the response you got, so I'm wondering if your DNS queries are going elsewhere. You've set Verbose => 1, so the script should print output like the following: creating TCP socket...done. creating UDP socket...done. waiting for connections...UDP connection from 10.1.2.3:3848 query 1848: (example.com, IN, A)...NXDOMAIN ;; id = 1848 ;; qr = 1 opcode = QUERY aa = 1 tc = 0 rd = 1 ;; ra = 0 ad = 0 cd = 0 rcode = NXDOMAIN ;; qdcount = 1 ancount = 0 nscount = 0 arcount = 0 writing response...done What output, if any, are you getting from the script? -- Michael Fuhr http://www.fuhr.org/~mfuhr/

Tue Sep 14 13:45:01 2004 Guest - Correspondence added

From:

berni [...] birkenwald.de

[ Sent this by mail this morning, but apparently the RT does not cope with that ] Show quoted text

> Your script worked fine for me:

grah, sorry, on the testing box there also was an old version of Net::DNS (0.40) floating around, breaking exactly this functionality. I had been pretty sure I had checked for that, sorry for the inconvenience. Bernhard

Mon Feb 07 11:54:16 2005 OLAF [...] cpan.org - Taken

Mon Feb 07 11:55:01 2005 OLAF [...] cpan.org - Status changed from 'new' to 'resolved'