DNS Response Code

Networking ASIM Compatible

Synopsis

Converts DNS response code numbers to their corresponding human-readable names using ASIM lookup logic.

Schema

- dns_response_code:
    description: <text>
    field: <ident>
    target_field: <ident>
    if: <script>
    ignore_failure: <boolean>
    ignore_missing: <boolean>
    on_failure: <processor[]>
    on_success: <processor[]>
    tag: <string>

Configuration

The following fields are used to define the processor:

Field	Required	Default	Description
field	Y		Field containing the DNS response code number
target_field	N	Same as field	Field to store the response code name
description	N	-	Explanatory notes
if	N	-	Condition to run
ignore_failure	N	false	See Handling Failures
ignore_missing	N	false	Continue processing if the field is missing
on_failure	N	-	See Handling Failures
on_success	N	-	See Handling Success
tag	N	-	Identifier

Details

The processor accepts DNS response code numbers in various formats (string, integer, float) and converts them to standardized DNS response code names according to RFC specifications. It supports all standard DNS response codes including:

• Success codes: NOERROR (successful query)
• Client error codes: FORMERR (format error), NOTIMP (not implemented), REFUSED (query refused)
• Server error codes: SERVFAIL (server failure), NXDOMAIN (domain does not exist)
• Zone error codes: NOTAUTH (not authoritative), NOTZONE (name not in zone)
• Security codes: BADKEY (bad key), BADTIME (bad time), BADALG (bad algorithm)
• Extension codes: BADVERS (bad version), BADCOOKIE (bad cookie)

info

This processor follows RFC 1035, RFC 2136, RFC 2845, and other DNS-related RFCs for response code definitions, ensuring compatibility with standard DNS implementations.

note

Numbers in the Private Use range (3841-4095) are mapped to "Reserved for Private Use", while unrecognized numbers default to "Unassigned".

tip

Understanding DNS response codes is crucial for network troubleshooting. NXDOMAIN indicates the queried domain doesn't exist, while SERVFAIL suggests DNS server issues that may require investigation.

Examples

Successful Query

A successful DNS query...	{ "response_code": 0 } - dns_response_code: field: response_code
returns the success status:	{ "response_code": "NOERROR" }

Domain Not Found

When a domain doesn't exist...	{ "dns_result": 3 } - dns_response_code: field: dns_result target_field: dns_status
the error is clearly identified:	{ "dns_result": 3, "dns_status": "NXDOMAIN" }

Server Failure

DNS server errors...	{ "error_code": "2" } - dns_response_code: field: error_code target_field: server_status
indicate infrastructure issues:	{ "error_code": "2", "server_status": "SERVFAIL" }

Query Refused

Refused queries...	{ "rejection_code": 5 } - dns_response_code: field: rejection_code
show access control issues:	{ "rejection_code": "REFUSED" }

Format Error

Malformed DNS queries...	{ "query_error": 1 } - dns_response_code: field: query_error target_field: error_type
are flagged as format errors:	{ "query_error": 1, "error_type": "FORMERR" }

Authentication Issues

DNSSEC authentication failures...	{ "auth_code": 17 } - dns_response_code: field: auth_code target_field: security_status
show key validation problems:	{ "auth_code": 17, "security_status": "BADKEY" }

Zone Transfer Errors

Zone authority issues...	{ "zone_error": 9 } - dns_response_code: field: zone_error
indicate authorization problems:	{ "zone_error": "NOTAUTH" }

Cookie Extension Errors

DNS cookie validation failures...	{ "cookie_status": 23 } - dns_response_code: field: cookie_status target_field: cookie_result
are identified for security analysis:	{ "cookie_status": 23, "cookie_result": "BADCOOKIE" }

Unknown Response Codes

Unrecognized response codes...	{ "unknown_code": 999 } - dns_response_code: field: unknown_code
default to "Unassigned":	{ "unknown_code": "Unassigned" }