Empty6 - ANSWER Section Missing
This module is designed to respond with a standard-looking DNS response that, according to the DNS header, contains a single Answer. However, the actual Answer is intentionally ommited. The entire ANSWER section is removed from the body.
This is likely to result in unexpected errors.
Category: Empty responses
Format
empty6.yourdomain.com
This module has no parameters.
Examples
In this example, we can see that we receive a DNS response with the entire ANSWER section missing from the body. The parser cannot interpret this response properly and identifies it as malformed:
# dig empty6.yourdomain.com @127.0.0.1
;; Warning: Message parser reports malformed message packet.
; <<>> DiG 9.18.10-2-Debian <<>> empty6.yourdomain.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10659
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;empty6.yourdomain.com. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Tue Oct 29 01:15:09 +04 2024
;; MSG SIZE rcvd: 39
In TCP mode, the results are the same as in the previous example in UDP mode. The entire ANSWER section is missing from the body and we see a warning about malformed packet:
# dig empty6.yourdomain.com @127.0.0.1 +tcp
;; Warning: Message parser reports malformed message packet.
; <<>> DiG 9.18.10-2-Debian <<>> empty6.yourdomain.com @127.0.0.1 +tcp
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22731
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;empty6.yourdomain.com. IN A
;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (TCP)
;; WHEN: Tue Oct 29 11:29:13 +04 2024
;; MSG SIZE rcvd: 39
Like other features, we can append anything to the feature name to avoid receiving cached responses from the target DNS resolver. This forces the target resolver to actively communicate with our PolarDNS server instead of responding with cached answers. Using a random number is the most effective strategy:
# dig empty6${RANDOM}.yourdomain.com @10.211.55.2
;; Warning: Message parser reports malformed message packet.
; <<>> DiG 9.18.10-2-Debian <<>> empty624929.yourdomain.com @10.211.55.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2777
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;empty624929.yourdomain.com. IN A
;; Query time: 0 msec
;; SERVER: 10.211.55.2#53(10.211.55.2) (UDP)
;; WHEN: Fri Nov 01 11:20:45 +04 2024
;; MSG SIZE rcvd: 44From the same category
- Close - Close the Connection
- Empty1 - Empty Packet
- Empty2 - Only NULL Bytes
- Empty3 - Only NULL Bytes (Suitable for TCP)
- Empty4 - Only Transaction ID and NULL Bytes
- Empty5 - Only DNS Header and NULL Bytes
- Empty7 - ANSWER Section Is NULL Bytes
- QueryBack1 - Query Reflection
- QueryBack2 - Query Reflection (Stripped)
- QueryBack3 - Query Reflection (To Port 53)
- QueryBack4 - Query Reflection (Random, to Port 53)
- Timeout - Do Not Respond