DNS IXFR/AXFR multiple response
When DNS response is on multiple packets as described in RFC5936 (for AXFR) on field "Transaction ID" in DNS protocol Wireshark throws a Warning.
Steps to reproduce
Open pcap file attached and look at packet 830 (TCP reassembled).
What is the current bug behavior?
Expert Info (Warning/Protocol): DNS response retransmission. Original response in frame 340
but RFC5936 describes this behavious is possible. Look at RFC1995, too, to understand that a response to an IXFR question can be an AXFR.
What is the expected correct behavior?
Warning disappears. It could be great if wireshark adds an info describing the packet is in the sequence of an AXFR response.
Sample capture file
Relevant logs and/or screenshots
(Paste any relevant logs)
Version 3.4.4 (v3.4.4-0-gc33f6306cbb2)