Hello,
I'm using ethereal as a debugging tool and have found something which
looks like a bug in the way it decodes dynamic DNS packets. What
caught my eye is that I needed to check if some DDNS packets I was
sending were correctly formatted, and they would show up with a
mention of "malformed packet" in Ethereal, leading me to believe that
I was doing something wrong in my app. On the other hand, output for
DDNS packets is also lacking - you can't tell the opcode for
prerequisistes (YXRRSET, NXRRSET, YXDOMAIN etc.) or updates
(ADD/DELETE), so you most likely have to guess what type the update
packet is (I think the YXRRSET preset has the class set to 'any',
while NXRRSET has the class set as 'none', but I wouldn't swear by
that).
I've tried sending a DDNS update with nsupdate, the standard tool in
the BIND 9.2.3 distribution for DDNS updates - I've ran nsupdate on
Windows, the DNS server is on Solaris (also BIND 9.2.3). The commands
used are below, and the trace is in the attachment. Briefly, a
perfectly valid and ordinary DDNS packet shows up as 'malformed' in
Ethereal. The trace also include the server response, which says the
update was successful - further proof the packet isn't actually
malformed. Is this a known bug? Any fixes planned? I'm using Ethereal
0.9.7 on Windows and 0.9.6 on Solaris - both have this problem.
> server 10.2.6.162
> zone 10.in-addr.arpa
>
> prereq yxrrset 51.4.2.10.in-addr.arpa IN PTR
> update delete 51.4.2.10.in-addr.arpa IN PTR
If the attachment doesn't get through, I can try and send it again
uunecoded, or if you can suggest another solution. Anyway, I think
this is easy to reproduce, just try using nsupdate to create some
update packets.
Attachment:
ethereal-malformed.cap
Description: Binary data