Domain-Name-System

DNS數據包標誌前面的數字是什麼?

  • October 16, 2019

Flags: 0x0500這個 DNS 查詢數據包的部分是什麼意思?

Domain Name System (query)
   Transaction ID: 0x4242
   Flags: 0x0500 Standard query
       0... .... .... .... = Response: Message is a query
       .000 0... .... .... = Opcode: Standard query (0)
       .... ..0. .... .... = Truncated: Message is not truncated
       .... ...1 .... .... = Recursion desired: Do query recursively
       .... .... .0.. .... = Z: reserved (0)
       .... .... ...0 .... = Non-authenticated data: Unacceptable
   Questions: 1
   Answer RRs: 0
   Authority RRs: 0
   Additional RRs: 0
   Queries
       secure.net: type A, class IN

這個數據包似乎異常,因為這部分通常是Flags: 0x0100。本節的相關性是什麼?

這些標誌在RFC 1035第 4.1.1 節中進行了描述。你設置的位,得到 0x0500 是這個

AA Authoritative Answer - 此位在響應中有效,並指定響應名稱伺服器是問題部分域名的權威。

出於任何原因,Wireshark 沒有顯示在您的範例中啟用的 AA(權威答案)標誌。

在我的 Wireshark 上顯示了該標誌:

Flags: 0x8180 Standard query response, No error
   1... .... .... .... = Response: Message is a response
   .000 0... .... .... = Opcode: Standard query (0)
   .... .0.. .... .... = Authoritative: Server is not an authority for domain
   .... ..0. .... .... = Truncated: Message is not truncated
   .... ...1 .... .... = Recursion desired: Do query recursively
   .... .... 1... .... = Recursion available: Server can do recursive queries
   .... .... .0.. .... = Z: reserved (0)
   .... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server
   .... .... ...0 .... = Non-authenticated data: Unacceptable
   .... .... .... 0000 = Reply code: No error (0)

引用自:https://serverfault.com/questions/988242