DNS/FCP/edns_size - moin.dnsq.info

DNS/FCP/edns_sizeについて、ここに記述してください。

公開リゾルバーに問合せてみて、どのようなqueryが送られてくるか調べる。

今回はEDNS udp: に注目する。

サーバー	UDP
1.1.1.1	1452
8.8.8.8	4096
9.9.9.9	1680
64.6.64.6	1280
106.186.17.181	4096
209.244.0.3	8192

/ISP

1. 1.1.1.1

UDP request 2018-11-11 04:36:01.838409 (162.158.5.77 29823):
36 f4c1000000010000000000010462726175026a70000002000100002905ac000000000000
--- query ---
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62657
;; flags: ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;brau.jp.                       IN      NS
;; ADDITIONAL SECTION:
;OPT PSEUDOSECTION
;EDNS: version: 0, flags: ; udp: 1452
[<DNS RR: 'brau.jp.' rtype=CNAME rclass=IN ttl=300 rdata='co.jp.'>, <DNS RR: 'co.jp.' rtype=NS rclass=IN ttl=300 rdata='x.ns.qmail.jp.'>, <DNS RR: 'xxx.qmail.jp.' rtype=NS rclass=IN ttl=300 rdata='a.ns.www.qmail.jp.'>, <DNS RR: 'd2.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='d1.home.qmail.jp.'>, <DNS RR: 'd1.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='d0.home.qmail.jp.'>, <DNS RR: 'd0.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='www.qmail.jp.'>, <DNS RR: 'x.ns.qmail.jp.' rtype=A rclass=IN ttl=300 rdata='192.168.10.7'>]
---- Reply:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62657
;; flags: qr aa rd; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;brau.jp.                       IN      NS

2. 8.8.8.8

13:39f%dig -t ns home.qmail.jp @8.8.8.8                                  ~/brau

; <<>> DiG 9.12.1 <<>> -t ns home.qmail.jp @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 57782
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;home.qmail.jp.                 IN      NS

;; Query time: 142 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Nov 11 13:40:07 JST 2018
;; MSG SIZE  rcvd: 42

UDP request 2018-11-11 04:40:07.834137 (74.125.41.3 52440):
53 3a710010000100000000000104686f6d6505716d61696c026a700000020001000029100000008000000b00080007000118000ec02c
--- query ---
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14961
;; flags: ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;home.qmail.jp.                 IN      NS
;; ADDITIONAL SECTION:
;OPT PSEUDOSECTION
;EDNS: version: 0, flags: do; udp: 4096
;EDNS: code: 8; data: 000118000ec02c
[<DNS RR: 'brau.jp.' rtype=CNAME rclass=IN ttl=300 rdata='co.jp.'>, <DNS RR: 'co.jp.' rtype=NS rclass=IN ttl=300 rdata='x.ns.qmail.jp.'>, <DNS RR: 'xxx.qmail.jp.' rtype=NS rclass=IN ttl=300 rdata='a.ns.www.qmail.jp.'>, <DNS RR: 'd2.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='d1.home.qmail.jp.'>, <DNS RR: 'd1.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='d0.home.qmail.jp.'>, <DNS RR: 'd0.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='www.qmail.jp.'>, <DNS RR: 'x.ns.qmail.jp.' rtype=A rclass=IN ttl=300 rdata='192.168.10.7'>]
---- Reply:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14961
;; flags: qr aa rd; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;home.qmail.jp.                 IN      NS
;; ANSWER SECTION:

3. 9.9.9.9

13:42f%dig -t ns brau.jp @9.9.9.9                                        ~/brau

; <<>> DiG 9.12.1 <<>> -t ns brau.jp @9.9.9.9
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19872
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;brau.jp.                       IN      NS

;; ANSWER SECTION:
brau.jp.                300     IN      CNAME   co.jp.

;; AUTHORITY SECTION:
jp.                     900     IN      SOA     z.dns.jp. root.dns.jp. 1541910602 3600 900 1814400 900

;; Query time: 157 msec
;; SERVER: 9.9.9.9#53(9.9.9.9)
;; WHEN: Sun Nov 11 13:42:54 JST 2018
;; MSG SIZE  rcvd: 100

UDP request 2018-11-11 04:42:54.502799 (74.63.20.243 49422):
36 e439000000010000000000010462726175026a7000000200010000290690000080000000
--- query ---
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58425
;; flags: ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;brau.jp.                       IN      NS
;; ADDITIONAL SECTION:
;OPT PSEUDOSECTION
;EDNS: version: 0, flags: do; udp: 1680
[<DNS RR: 'brau.jp.' rtype=CNAME rclass=IN ttl=300 rdata='co.jp.'>, <DNS RR: 'co.jp.' rtype=NS rclass=IN ttl=300 rdata='x.ns.qmail.jp.'>, <DNS RR: 'xxx.qmail.jp.' rtype=NS rclass=IN ttl=300 rdata='a.ns.www.qmail.jp.'>, <DNS RR: 'd2.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='d1.home.qmail.jp.'>, <DNS RR: 'd1.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='d0.home.qmail.jp.'>, <DNS RR: 'd0.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='www.qmail.jp.'>, <DNS RR: 'x.ns.qmail.jp.' rtype=A rclass=IN ttl=300 rdata='192.168.10.7'>]
---- Reply:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58425
;; flags: qr aa rd; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;brau.jp.                       IN      NS

4. verisign

%dig -t ns brau.jp @64.6.64.6                                      ~/brau

; <<>> DiG 9.12.1 <<>> -t ns brau.jp @64.6.64.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38577
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;brau.jp.                       IN      NS

;; ANSWER SECTION:
brau.jp.                300     IN      CNAME   co.jp.

;; AUTHORITY SECTION:
jp.                     900     IN      SOA     z.dns.jp. root.dns.jp. 1541911501 3600 900 1814400 900

;; Query time: 41 msec
;; SERVER: 64.6.64.6#53(64.6.64.6)
;; WHEN: Sun Nov 11 13:47:11 JST 2018
;; MSG SIZE  rcvd: 100

UDP request 2018-11-11 04:47:11.361179 (103.87.108.222 36725):
41 7a10001000010000000000010141026e530442724175024a7000001c00010000290500000080000000
--- query ---
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31248
;; flags: ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;A.nS.BrAu.Jp.                  IN      AAAA
;; ADDITIONAL SECTION:
;OPT PSEUDOSECTION
;EDNS: version: 0, flags: do; udp: 1280
[<DNS RR: 'brau.jp.' rtype=CNAME rclass=IN ttl=300 rdata='co.jp.'>, <DNS RR: 'co.jp.' rtype=NS rclass=IN ttl=300 rdata='x.ns.qmail.jp.'>, <DNS RR: 'xxx.qmail.jp.' rtype=NS rclass=IN ttl=300 rdata='a.ns.www.qmail.jp.'>, <DNS RR: 'd2.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='d1.home.qmail.jp.'>, <DNS RR: 'd1.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='d0.home.qmail.jp.'>, <DNS RR: 'd0.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='www.qmail.jp.'>, <DNS RR: 'x.ns.qmail.jp.' rtype=A rclass=IN ttl=300 rdata='192.168.10.7'>]
---- Reply:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31248
;; flags: qr aa rd; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;A.nS.BrAu.Jp.                  IN      AAAA
;; ANSWER SECTION:

UDP request 2018-11-11 06:08:47.093063 (106.186.17.181 25084):
41 031f001000010000000000010161026e730462726175026a7000001c00010000291000000080000000
--- query ---
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 799
;; flags: ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;a.ns.brau.jp.                  IN      AAAA
;; ADDITIONAL SECTION:
;OPT PSEUDOSECTION
;EDNS: version: 0, flags: do; udp: 4096
[<DNS RR: 'brau.jp.' rtype=CNAME rclass=IN ttl=300 rdata='co.jp.'>, <DNS RR: 'co.jp.' rtype=NS rclass=IN ttl=300 rdata='x.ns.qmail.jp.'>, <DNS RR: 'xxx.qmail.jp.' rtype=NS rclass=IN ttl=300 rdata='a.ns.www.qmail.jp.'>, <DNS RR: 'd2.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='d1.home.qmail.jp.'>, <DNS RR: 'd1.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='d0.home.qmail.jp.'>, <DNS RR: 'd0.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='www.qmail.jp.'>, <DNS RR: 'x.ns.qmail.jp.' rtype=A rclass=IN ttl=300 rdata='192.168.10.7'>]
---- Reply:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 799
;; flags: qr aa rd; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;a.ns.brau.jp.                  IN      AAAA

UDP request 2018-11-11 06:11:29.734691 (8.0.41.28 30453):
41 e36e0010000100000000000104686f6d650462726175026a7000000200010000292000000080000000
--- query ---
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58222
;; flags: ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;home.brau.jp.                  IN      NS
;; ADDITIONAL SECTION:
;OPT PSEUDOSECTION
;EDNS: version: 0, flags: do; udp: 8192
[<DNS RR: 'brau.jp.' rtype=CNAME rclass=IN ttl=300 rdata='co.jp.'>, <DNS RR: 'co.jp.' rtype=NS rclass=IN ttl=300 rdata='x.ns.qmail.jp.'>, <DNS RR: 'xxx.qmail.jp.' rtype=NS rclass=IN ttl=300 rdata='a.ns.www.qmail.jp.'>, <DNS RR: 'd2.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='d1.home.qmail.jp.'>, <DNS RR: 'd1.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='d0.home.qmail.jp.'>, <DNS RR: 'd0.home.qmail.jp.' rtype=CNAME rclass=IN ttl=300 rdata='www.qmail.jp.'>, <DNS RR: 'x.ns.qmail.jp.' rtype=A rclass=IN ttl=300 rdata='192.168.10.7'>]
---- Reply:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58222
;; flags: qr aa rd; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;home.brau.jp.                  IN      NS
;; ANSWER SECTION:

MoinQ: DNS/FCP/edns_size

1. 1.1.1.1

2. 8.8.8.8

3. 9.9.9.9

4. verisign