This is how we handle the DNS header in the recursive client. ID: Stored and given back to client; not cached QR: Must be 0 for packet to be accepted; all replies give this a 1 value OPCODE: Must be 0; 0 in replies AA: Value in query ignored; 0 in replies TC: Truncation. Ignore value in query; send empty "truncated" reply when this is 1 (they can enable TCP) RD: Must be 1 in query; is 1 in reply RA: Ignored in query; is 1 in reply (because of brain-dead DNS clients) Z: Must be all 0 in query; set to all 0 in reply RCODE: Must be 0 in query; usually 0 (OK) in reply but can be 2 (server failure) should we be unable to connect to any nameservers QDCOUNT: Must be 1 in query; is 1 in reply (we echo the question) ANCOUNT: As per the reply we get from the remote server (this number will be stored in the cache) NSCOUNT, ARCOUNT: Same as ANCOUNT Note that in the case of ARCOUNT being one in a query, we ignore the AR record (which may be an EDNS OPT query) and act as if the packet is a simple RFC1035 DNS packet without ENDS data.