Adrr - Set Additional RRs in the Header
This modifier allows to modify the number of Additional records (RRs) in the DNS response header.
It's important to note that this does not change the actual Additional section in the DNS response body in any way.
This modifier is compatible with and can be combined with any other existing feature or modifier.
Category: Header manipulation
Format
*.adrr<NUMBER>.*
Where:
- The
<NUMBER>
parameter specifies the number of Additional records in the DNS response header. Note that the maximum number of Additional records that can be set is 65535, as it is a 2-byte field.
Examples
In this example, we use the basic always feature which always resolves to an IP address. Additionally, we set the number of Additional records (RRs) in the DNS header to 0
. This arrangement actually accurately reflects the actual content of the DNS response body since there are no additional records:
# dig always.adrr0.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> always.adrr0.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1010 ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;always.adrr0.yourdomain.com. IN A ;; ANSWER SECTION: always.adrr0.yourdomain.com. 60 IN A 2.3.4.5 ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Tue Oct 22 13:47:25 +04 2024 ;; MSG SIZE rcvd: 61
Similar to the previous example, but in this case, we set the number of Additional records (RRs) in the DNS header to 1
. This arrangement leads to a malformed message packet
warning because there is no additional record present in the body, while the parser is expecting one additional record (ADDITIONAL: 1
):
# dig always.adrr1.yourdomain.com @127.0.0.1
;; Warning: Message parser reports malformed message packet.
; <<>> DiG 9.18.10-2-Debian <<>> always.adrr1.yourdomain.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7237
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;always.adrr1.yourdomain.com. IN A
;; ANSWER SECTION:
always.adrr1.yourdomain.com. 60 IN A 2.3.4.5
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Tue Oct 22 13:47:26 +04 2024
;; MSG SIZE rcvd: 61
Similar to the previous examples, but in this case, we set the number of Additional records (RRs) in the DNS header to 100
. This arrangement also leads to a malformed message packet
warning because there are no additional records in the body, while the parser is expecting a hundred additional records (ADDITIONAL: 100
):
# dig always.adrr100.yourdomain.com @127.0.0.1
;; Warning: Message parser reports malformed message packet.
; <<>> DiG 9.18.10-2-Debian <<>> always.adrr100.yourdomain.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41506
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 100
;; QUESTION SECTION:
;always.adrr100.yourdomain.com. IN A
;; ANSWER SECTION:
always.adrr100.yourdomain.com. 60 IN A 2.3.4.5
;; Query time: 3 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Tue Oct 22 13:47:28 +04 2024
;; MSG SIZE rcvd: 63
From the same category
- Anrr - Set Answer RRs in the Header
- Aurr - Set Authority RRs in the Header
- Flgs - Set Custom Flags in the Header
- NewId - Set Random Transaction ID
- Qurr - Set Question RRs in the Header
See also
- Tc - Set Truncated Flag (Force TCP Mode)
- Noq - Remove the Query Section
- Slp - Add a Delay (Latency)
- Ttl - Set Custom TTL Value
- Len - Set Custom Length in TCP
- Cnk - Send Response in Chunks (TCP only)
- Cut - Cut N Bytes from the End of the Packet
- Add - Add N Bytes to the End of the Packet
- Rl - Recalculate Length in TCP
- Fc - Force Compression
- Nc - No Compression