GitLab

the query flags were cleared too early, and the rec never
retried if the NS had ipv6 addresses, but all were bad

this fixes an issue when nameserver responds with AA=0 and authority
of a CNAME target (which is in current bailiwick)

DNS 0x20 https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00
is a way to add more randomness into queries to make spoofing tougher
this implementation provides up to 32 bits of randomness to QNAME,
which is more than enough for most names (it is possible to add a
maximum of 1 bit of entropy per alphanumeric character, so it's not very
efficient with shorter names)

fixes #27

libuv doesn't do connected UDP sockets, so we can't get ICMP unreachable
otherwise