zdns icon indicating copy to clipboard operation
zdns copied to clipboard

Published 20 hours ago verified publisher icon zmap

Set DO flag when doing NSEC lookups.

Open simonvik opened this issue 5 years ago • 1 comments

Some DNS servers wont answer on NSEC querys unless the DO flag has been set.

Easiest patch is to add m.SetEdns0(1232, true) in DoLookupWorker but i dont know if its desired to do this on all querys.

Perhaps some flag is needed for EDNS buffer size and DO?

simonvik avatar May 22 '20 04:05 simonvik

I think that’s probably fine to set globally for now. Can you submit PR?

On Thu, May 21, 2020 at 11:26 PM Simon Vikström [email protected] wrote:

Some DNS servers wont answer on NSEC querys unless the DO flag has been set.

Easiest patch is to add m.SetEdns0(1232, true) in DoLookupWorker but i dont know if its desired to do this on all querys.

Perhaps some flag is needed for EDNS buffer size and DO?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/zmap/zdns/issues/220, or unsubscribe https://github.com/notifications/unsubscribe-auth/AABREUBZI4MPLQ5DINJLWHLRSX5IDANCNFSM4NHO3X2A .

zakird avatar May 22 '20 13:05 zakird

Addressed by #323

zakird avatar Feb 19 '24 14:02 zakird