EDNS unknown version: query not in response

Question

EDNS unknown version: query not in response

AngeloColucci opened this issue 3 years ago · comments

Hi @wcawijngaards
I'm experimenting the same issue in a similar configuration scenario described in the issue #97 (dnsdist 1.7.0 in front of nsd 4.2.4 epel package).
When I try to exectute dnsflag day 2020 auth nameserver validation I receive minor warning on the query:

dig +edns=1 soa zone @server

Capturing the network traffic i noticed that in the query response is missing the initial request.
Does this nsd version is fixable?

Thanks in advance for your support
Angelo

Wouter Wijngaards · Answer 1 · Mon Mar 07 2022 16:08:57 GMT+0800 (China Standard Time)

To fix it you need to upgrade, the fix for that issue appears in NSD 4.3.2. When I test the latest version in the code repository, that version seems to work fine too. So an upgrade, to perhaps the latest version, of NSD would solve the issue.

AngeloColucci · Answer 2 · Mon Mar 07 2022 16:37:41 GMT+0800 (China Standard Time)

Hi @wcawijngaards,
thanks for your update.
So I need to request that version to the mantainer of epel repository, because they still promote the 4.2.4.

BR
Angelo

Wouter Wijngaards · Answer 3 · Mon Mar 07 2022 16:40:18 GMT+0800 (China Standard Time)

Yes, we do not maintain those repositories. You could also compile NSD manually, from source code. That creates a version that installs in /usr/local by default.