Comments on: BIND Logging http://blog.namor.ca/2009/08/05/bind-logging/ Masturbation is Better when you Show it Off Wed, 04 Nov 2009 15:30:27 -0600 http://wordpress.org/?v=2.8.4 hourly 1 By: lamerfreak http://blog.namor.ca/2009/08/05/bind-logging/comment-page-1/#comment-56 lamerfreak Wed, 04 Nov 2009 15:30:27 +0000 http://blog.namor.ca/?p=102#comment-56 I believe this, as far as I know: http://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions#Recursive_name_servers "The process starts when a security-aware resolver sets the 'DO' flag bit in a DNS query. Since the DO bit is in the extended flag bits defined by EDNS, all DNSSEC transactions must support EDNS." So it's checking for DNSSEC support on top of EDNS, if I'm reading it right. I believe this, as far as I know:

http://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions#Recursive_name_servers

“The process starts when a security-aware resolver sets the ‘DO’ flag bit in a DNS query. Since the DO bit is in the extended flag bits defined by EDNS, all DNSSEC transactions must support EDNS.”

So it’s checking for DNSSEC support on top of EDNS, if I’m reading it right.

]]> By: mattias http://blog.namor.ca/2009/08/05/bind-logging/comment-page-1/#comment-55 mattias Wed, 04 Nov 2009 13:57:49 +0000 http://blog.namor.ca/?p=102#comment-55 Did you ever figure out what the DNS_MESSAGEEXTFLAG_DO flag means? Did you ever figure out what the DNS_MESSAGEEXTFLAG_DO flag means?

]]>