Hi Stephane, On 2013/10/25 12:41 , Stephane Bortzmeyer wrote:
So, it seems as if recursion_desired is ignored and the reality is that the RD bit is always set.
By the way, this investigation was done because some people, to monitor the content of the DNS caches, use open resolvers (<https://indico.dns-oarc.net//getFile.py/access?contribId=7&resId=1&materialId=slides&confId=1> and <http://samarudge.github.io/dnsyo/>) and I tought it would be better to use Atlas probes. But the tests may have to be run without RD, otherwise you risk "poisoning" the caches, if you use the measurement to test a hijacking, for instance, as in the first example mentioned.
The RD bit is set because Atlas is supposed to do active measurements and not probe the host's systems. One obvious bug is that this behavior is not documented. Whether setting this flag is a good idea is of course subject to debate. Another thing is that just silently setting the flag is not optimal, maybe the measurement should have been rejected instead. Philip