What does OPT PSEUDOSECTION mean in `dig` response

digdomain-name-system

This is part of the response when I run dig in terminal:

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512

What does OPT mean? What does PSEUDOSECTION mean?

Best Answer

So this has to do with something called Extended mechanisms for DNS (EDNS). A DNS message (by which I mean either a request or response) consists of the following five sections that may or may not have values:

- Header
- Question
- Answer
- Authority
- Additional

In the late 90s, people wanted to extend the functionality of DNS, but because of the way it was built, it was not possible to add more sections to the original list of five, nor to add new flags to the header. So EDNS was created, which among other things adds "pseudosections" to DNS. They're called that because they're actually just part of the ADDITIONAL section. They're not full sections in their own right, they're just "pseudosections."

EDNS also adds support for "pseudo- resource records." So far, only one pseudo- resource record type has been created: OPT, which stands for "options." OPT records don't actually carry any DNS information, just info "pertaining to the question-and-answer sequence of a specific transaction." In other words, they simply contain:

the version of EDNS that is being used
any EDNS flags
the size of the UDP packet that is carrying the request.

I recommend the wikipedia article on EDNS as well as the RFC that introduces it:

https://en.wikipedia.org/wiki/Extension_mechanisms_for_DNS

https://www.rfc-editor.org/rfc/rfc6891

Related Solutions

What does “Warning: query response not set” mean in dig output

The QR bit (the MSB in the 3rd octet in the header) indicates whether the packet is a request (0) or a response (1).

All clients MUST therefore send packets with that bit clear, and the server MUST send it back with that bit set. The error messages tell you that a response was received that was flagged as a request.

BTW, there was a known bug in the Microsoft DNS server some years back where it would answer a packet even if the QR bit was set in that packet! As a result it was possible to cause a packet loop.

Ping hostname returns another hostname in output : what does it mean

The DNS system has many kinds of records. "A" records map names to IP addresses. "PTR" records map IP addresses to names. The mapping is not always transitive, and there can be multiple A records that map the the same IP address.

Strictly speaking, PTR records map special names to other names. The IP address 194.98.81.144 first must be translated to 144.81.98.194.in-addr.arpa, then a PTR request can be made. You can see this in the detailed output of the dig command:

$ dig -x 194.98.81.144

; <<>> DiG 9.8.1-P1 <<>> -x 194.98.81.144
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21897
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;144.81.98.194.in-addr.arpa.    IN  PTR

;; ANSWER SECTION:
144.81.98.194.in-addr.arpa. 86400 IN    PTR mpfrrelay.michaelpage.fr.

;; Query time: 148 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Jan 26 08:47:32 2013
;; MSG SIZE  rcvd: 82

Best Answer

Related Solutions

What does “Warning: query response not set” mean in dig output

Ping hostname returns another hostname in output : what does it mean

Related Topic