Draft: new: usr: Implement some DNS Grease methods (!9544) · Merge requests · ISC Open Source Projects / BIND

Mark Andrews requested to merge 4959-implement-some-dns-grease-methods into main Sep 24, 2024

This change exercises parts to the DNS protocol that are not currently exercised to identify broken implementations. The intention is for multiple implementations to all do this to identify broken implementations so they can be corrected and to enable the use of these parts of the protocol in the future without having to deploy workarounds.

Sending the final DNS header flag bit. This is supposed to be ignored on reception if non zero and not echoed back to the sender. Log if echoed back. Disable Jan 1, 2026.

Send currently undefined EDNS flag bits. These are supposed to be ignored on reception if non zero and not echoed back to the sender. Log if echoed back. Disable Jan 1, 2026.

Test EDNS version negotiation by sending a large EDNS version. This should be negotiated back to EDNS(0) as that is the only currently defined version.

Adds named.conf controls grease-dns-flags, grease-edns-flags, grease-edns-known-flags, grease-edns-max-version, grease-edns-negotiation, grease-nsid, grease-rate and grease-until. Adds logging category grease.

Closes #4959

Edited Oct 25, 2024 by Mark Andrews

Draft: new: usr: Implement some DNS Grease methods

Merge request reports