3

This is part of the response when I run dig in terminal:

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512

What does OPT mean? What does PSEUDOSECTION mean?

David Kennell
  • 255
  • 3
  • 6
  • 2
    Crosspost https://unix.stackexchange.com/questions/588558/what-does-opt-pseudosection-mean-in-dig-response . Good thing I didn't find this first and waste my time -- I would consider that rude, greedy, and abusive, and would remember to not ever again do anything that might help you – dave_thompson_085 May 24 '20 at 02:34
  • It looks like a good question. Why people downvote this post? Does it break some rules? – Ryan Lyu May 29 '20 at 02:32
  • 1
    @RyanLv When I wanted to post this question, I wasn't sure which StackExchange was most appropriate, so I posted it on two different ones. Turns out that cross-posting like that is a breach of StackExchange etiquette, which I didn't know before now. That's why it was downvoted. I've taken down the other post, which was on https://unix.stackexchange.com/questions/588558/what-does-opt-pseudosection-mean-in-dig-response. – David Kennell May 30 '20 at 14:57

1 Answers1

7

So this has to do with something called Extended mechanisms for DNS (EDNS). A DNS message (by which I mean either a request or response) consists of the following five sections that may or may not have values:

- Header
- Question
- Answer
- Authority
- Additional

In the late 90s, people wanted to extend the functionality of DNS, but because of the way it was built, it was not possible to add more sections to the original list of five, nor to add new flags to the header. So EDNS was created, which among other things adds "pseudosections" to DNS. They're called that because they're actually just part of the ADDITIONAL section. They're not full sections in their own right, they're just "pseudosections."

EDNS also adds support for "pseudo- resource records." So far, only one pseudo- resource record type has been created: OPT, which stands for "options." OPT records don't actually carry any DNS information, just info "pertaining to the question-and-answer sequence of a specific transaction." In other words, they simply contain:

  • the version of EDNS that is being used
  • any EDNS flags
  • the size of the UDP packet that is carrying the request.

I recommend the wikipedia article on EDNS as well as the RFC that introduces it:

https://en.wikipedia.org/wiki/Extension_mechanisms_for_DNS

https://www.rfc-editor.org/rfc/rfc6891

Community
  • 1
David Kennell
  • 255
  • 3
  • 6