Skip to content

Enhancement: Add --nord option to disable Recursion Desired (RD) flag in DNS lookup toolΒ #146

@waltzbucks

Description

@waltzbucks

Some authoritative DNS servers intentionally block or drop queries with the RecursionDesired (RD) flag set, as a mitigation against DNS cache poisoning attacks that leverage recursive queries.

Currently, when testing domain lookups against such authoritative DNS servers, queries fail because the tool always sends RD=1 by default.

Although there is an existing --rd option, it is:

  • Boolean

  • Enabled (true) by default

  • Does not provide a clear or explicit way to force RD=0

To properly test authoritative DNS servers that reject recursive queries, the tool needs a way to explicitly disable the RD flag.

Add a new CLI option:

--nord

Behavior:

  • Explicitly sets Recursion Desired = 0
  • Overrides default behavior (RD=1)
  • Takes precedence over --rd

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions