Maintained by: NLnet Labs

[Unbound-users] Unbound rejects queries with unknown data in additional section

Alexander E. Patrakov
Fri Jan 11 08:37:45 CET 2013


Hello.

I found a difference in behaviour between Unbound and BIND. Could you
please explain if this is intentional?

The difference happens if a query contains something except the query
section and the OPT record. Namely, a non-standard record in the
additional section. To reproduce the problem, you can run this command
in bash:

echo '4VEBAAABAAAAAAABA3d3dwZkYWRhZGECcnUAAAEAAQD/7QABAAAAAAAEIYWXrg=='
| base64 -d > /dev/udp/127.0.0.1/53

and observe the FORMERR in wireshark or in the log if 127.0.0.1 runs
unbound-1.4.17. This comes from the parse_edns_from_pkt() function.

BIND just ignores the unknown record and replies normally.

-- 
Alexander E. Patrakov