DNS 数据包标志前面的数字代表什么?

DNS 数据包标志前面的数字代表什么?

Flags: 0x0500这个DNS查询包的部分是什么意思?

Domain Name System (query)
    Transaction ID: 0x4242
    Flags: 0x0500 Standard query
        0... .... .... .... = Response: Message is a query
        .000 0... .... .... = Opcode: Standard query (0)
        .... ..0. .... .... = Truncated: Message is not truncated
        .... ...1 .... .... = Recursion desired: Do query recursively
        .... .... .0.. .... = Z: reserved (0)
        .... .... ...0 .... = Non-authenticated data: Unacceptable
    Questions: 1
    Answer RRs: 0
    Authority RRs: 0
    Additional RRs: 0
    Queries
        secure.net: type A, class IN

这个数据包看起来不正常,因为这个部分通常是这样的Flags: 0x0100。这个部分有什么相关性?

答案1

这些标志的描述如下RFC 10354.1.1 节。您设置的位,要获得 0x0500,是这样的

AA 权威答案 - 此位在响应中有效,并指定响应名称服务器是相关部分中域名的权威机构。

答案2

由于某种原因,Wireshark 未显示在您的示例中启用的 AA(权威答案)标志。

在我的 Wireshark 上显示该标志:

Flags: 0x8180 Standard query response, No error
    1... .... .... .... = Response: Message is a response
    .000 0... .... .... = Opcode: Standard query (0)
    .... .0.. .... .... = Authoritative: Server is not an authority for domain
    .... ..0. .... .... = Truncated: Message is not truncated
    .... ...1 .... .... = Recursion desired: Do query recursively
    .... .... 1... .... = Recursion available: Server can do recursive queries
    .... .... .0.. .... = Z: reserved (0)
    .... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server
    .... .... ...0 .... = Non-authenticated data: Unacceptable
    .... .... .... 0000 = Reply code: No error (0)

相关内容