DNS resource data types differantiation

Nikolaos Kakouros asked:

In RFC1035, it says that in a DNS response, if the resource data is a pointer then the first two bits of those resource data should be 11. If it is a domain name, they should be 00. Two questions:

  1. What happens in the case the resource data is an IP address, eg where 0d201 = 0b11001001 ? Are there other fields taken into account as well?
  2. Is this distinction between 11 and 00 for the first two bytes really needed? If the resource data length field is taken into account, then wouldn’t a length of 2 uniquely identify a pointer in the resource? A domain name cannot be 2 bytes long in the notation used in DNS messages.

My answer:

You’ve misread the RFC.

It states that the two high bits of the length octet shall be set to 11 or 00.

More specifically, if these two bits are 00, the byte is treated as a length, and the lower 6 bits represent the number of bytes following. If the two bits are 11, the field is a pointer, and the following 14 bits represent the offset.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.