Aurr - Set Authority RRs in the Header
This modifier allows to modify the number of Authority records (RRs) in the DNS response header.
It's important to note that this does not change the actual Authority section in the DNS response body in any way.
This modifier is compatible with and can be combined with any other existing feature or modifier.
Category: Header manipulation
Format
*.aurr<NUMBER>.*
Where:
- The
<NUMBER>
parameter specifies the number of Authority records in the DNS response header. Note that the maximum number of Authority records that can be set is 65535, as it is a 2-byte field.
Examples
In this example, we use the basic always feature which always resolves to an IP address. Additionally, we set the number of Authority records (RRs) in the DNS header to 0. This arrangement actually accurately reflects the actual content of the DNS response body since there are no authority records:
# dig always.aurr0.yourdomain.com @127.0.0.1 ; <<>> DiG 9.18.10-2-Debian <<>> always.aurr0.yourdomain.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34679 ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;always.aurr0.yourdomain.com. IN A ;; ANSWER SECTION: always.aurr0.yourdomain.com. 60 IN A 2.3.4.5 ;; Query time: 4 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Tue Oct 22 14:05:39 +04 2024 ;; MSG SIZE rcvd: 61
Similar to the previous example, but in this case, we set the number of Authority records (RRs) in the DNS header to 1. This arrangement leads to a warning about malformed packet because there is no authority record present in the body, while the parser is expecting one authority record (AUTHORITY: 1
):
# dig always.aurr1.yourdomain.com @127.0.0.1
;; Warning: Message parser reports malformed message packet.
; <<>> DiG 9.18.10-2-Debian <<>> always.aurr1.yourdomain.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46262
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;always.aurr1.yourdomain.com. IN A
;; ANSWER SECTION:
always.aurr1.yourdomain.com. 60 IN A 2.3.4.5
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Tue Oct 22 14:05:40 +04 2024
;; MSG SIZE rcvd: 61
Similar to the previous examples, but in this case, we set the number of Authority records (RRs) in the DNS header to 100. This arrangement also leads to a warning about malformed packet because there are no authority records in the body, while the parser is expecting a hundred authority records (AUTHORITY: 100
):
# dig always.aurr100.yourdomain.com @127.0.0.1
;; Warning: Message parser reports malformed message packet.
; <<>> DiG 9.18.10-2-Debian <<>> always.aurr100.yourdomain.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20492
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 100, ADDITIONAL: 0
;; QUESTION SECTION:
;always.aurr100.yourdomain.com. IN A
;; ANSWER SECTION:
always.aurr100.yourdomain.com. 60 IN A 2.3.4.5
;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Tue Oct 22 14:05:42 +04 2024
;; MSG SIZE rcvd: 63
From the same category
- Adrr - Set Additional RRs in the Header
- Anrr - Set Answer RRs in the Header
- Flgs - Set Custom Flags in the Header
- NewId - Set Random Transaction ID
- Qurr - Set Question RRs in the Header
See also
- Tc - Set Truncated Flag (Force TCP Mode)
- Noq - Remove the Query Section
- Slp - Add a Delay (Latency)
- Ttl - Set Custom TTL Value
- Len - Set Custom Length in TCP
- Cnk - Send Response in Chunks (TCP only)
- Cut - Cut N Bytes from the End of the Packet
- Add - Add N Bytes to the End of the Packet
- Rl - Recalculate Length in TCP
- Fc - Force Compression
- Nc - No Compression