Malformed DNS response

Helping look at a DNS issue on a production system. Most of the DNS is all good but they were seeing problems from a particular test client. The packets captured here are from a different one (the other party are in a different timezone so I can't test the specific client at this time). But I noticed that for the NS query for root (which won't be much good as we won't allow them to go to the root), I see a malformed response, according to WS. I'll probably find the time to trawl through the RFC, but it would be appreciated if anyone quickly point out the issue, and what could be causing it (I can't imagine they have rolled their own DNS server, but it could be a really badly configured zone file, I dunno).

image description

C:\fakepath\malformed-dns.pcap

martyvis's avatar
911
martyvis
asked 2018-08-30 00:13:43 +0000
edit flag offensive 0 remove flag close merge delete

Comments

Hi, I do not see any errors on my latest automated build (Version 2.9.0-1587-g1bf27192 (v2.9.0rc0-1587-g1bf27192)

Try to update Wireshark.

Packet_vlad's avatar Packet_vlad (2018-08-30 06:26:25 +0000) edit
more
  • delete

Thanks, I'm running the latest stable release on Windows - Version 2.6.3 (v2.6.3-0-ga62e6c27)

Maybe the patch for it can be applied to the next stable release?

martyvis's avatar martyvis (2018-08-30 23:50:43 +0000) edit
more
  • delete

So, this requires a proper link text bug report then. Adding as much information as possible, and a sample capture file (not a screenshot!) to the bug helps in investigating, solving and verifying the bug.

Jaap's avatar Jaap (2018-08-31 05:30:57 +0000) edit
more
  • delete
add a comment see more comments