#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2012
    Posts
    1
    Rep Power
    0

    Reverse dns packet with tc bit = 1


    Hi,

    I received a DNS packet with a PTR query, and an additional record. The additional record's data looks like garbage (name uknown, type and class unknown, negative TTL etc.)
    The truncated bit (TC) is 1.
    Is this packet valid? Should the DNS ignore the invalid data because of the truncated bit?

    Thanks!
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2010
    Location
    Florida
    Posts
    248
    Rep Power
    4
    Truncated means the answer was too large for UDP and the server should retry in TCP mode. If the answer was over 512 bytes and no DO bit (EDNS), TCP should be tried next under normal circumstances. If TCP is blocked/not supported, you essentially get the error but no answer.

IMN logo majestic logo threadwatch logo seochat tools logo