Slp - Add a Delay (Latency)

Slp - Add a Delay (Latency)

This modifier adds an arbitrary delay to DNS responses, allowing users to set a specified delay (sleep) in milliseconds before the response is sent.

This can be useful for testing DNS resolvers by causing them to wait for a specified period before receiving a response from the PolarDNS server.

Such approach can occupy a resolution worker/thread on the target DNS resolver for a specified period of time. Sending numerous such requests simultaneously can potentially lead to a Denial of Service (DoS) situation on the resolver.

This modifier is compatible with and can be combined with any other existing feature or modifier.

BEWAREThis can potentially lead to domain lock-up (DoS).

Category: Packet manipulation

Tags: Domain Lock-Up, Denial of Service

Format

*.slp<MILISECONDS>.*

Where:

  • The <MILLISECONDS> parameter specifies the duration (in milliseconds) to sleep before the response is sent. Note that 1,000 milliseconds equals to 1 second.

Examples

In this example, we use the basic always feature, which always resolves to an IP address. Additionally, we introduce a delay of 1 second before sending the response:

# dig always.slp1000.yourdomain.com @127.0.0.1

; <<>> DiG 9.18.10-2-Debian <<>> always.slp1000.yourdomain.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16856
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;always.slp1000.yourdomain.com.	IN	A

;; ANSWER SECTION:
always.slp1000.yourdomain.com. 60 IN	A	2.3.4.5

;; Query time: 1007 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Mon Nov 04 15:58:51 +04 2024
;; MSG SIZE  rcvd: 63

Download PCAP File


In this example, we introduce a delay of 3 seconds before sending the response:

# dig always.slp3000.yourdomain.com @127.0.0.1

; <<>> DiG 9.18.10-2-Debian <<>> always.slp3000.yourdomain.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26180
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;always.slp3000.yourdomain.com.	IN	A

;; ANSWER SECTION:
always.slp3000.yourdomain.com. 60 IN	A	2.3.4.5

;; Query time: 3011 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Mon Nov 04 15:58:55 +04 2024
;; MSG SIZE  rcvd: 63

Download PCAP File


In this example, we use the alias feature for generating alias records. We request to generate 5 (five) CNAME alias records and add a 2-second delay before sending the response:

# dig alias.5.slp2000.yourdomain.com @127.0.0.1

; <<>> DiG 9.18.10-2-Debian <<>> alias.5.slp2000.yourdomain.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39421
;; flags: qr aa; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;alias.5.slp2000.yourdomain.com.	IN	A

;; ANSWER SECTION:
alias.5.slp2000.yourdomain.com.	60 IN	CNAME	alias980082.5.slp2000.yourdomain.com.
alias.5.slp2000.yourdomain.com.	60 IN	CNAME	alias20811.5.slp2000.yourdomain.com.
alias.5.slp2000.yourdomain.com.	60 IN	CNAME	alias3815.5.slp2000.yourdomain.com.
alias.5.slp2000.yourdomain.com.	60 IN	CNAME	alias851856.5.slp2000.yourdomain.com.
alias.5.slp2000.yourdomain.com.	60 IN	CNAME	alias927533.5.slp2000.yourdomain.com.

;; Query time: 2007 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Mon Nov 04 15:58:59 +04 2024
;; MSG SIZE  rcvd: 295

Download PCAP File


In this example, we request to generate 5 (five) NS alias records and add a 2-second delay before sending the response. Additionally, we append a random number to the feature name, which helps prevent receiving cached responses from the target DNS resolver. This forces the target resolver to actively communicate with our PolarDNS server instead of responding with cached answers:

# dig NS alias${RANDOM}.5.slp2000.yourdomain.com @10.211.55.2

; <<>> DiG 9.18.10-2-Debian <<>> NS alias25431.5.slp2000.yourdomain.com @10.211.55.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26689
;; flags: qr aa; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;alias25431.5.slp2000.yourdomain.com. IN	NS

;; ANSWER SECTION:
alias25431.5.slp2000.yourdomain.com. 60	IN NS	alias163440.5.slp2000.yourdomain.com.
alias25431.5.slp2000.yourdomain.com. 60	IN NS	alias804798.5.slp2000.yourdomain.com.
alias25431.5.slp2000.yourdomain.com. 60	IN NS	alias706069.5.slp2000.yourdomain.com.
alias25431.5.slp2000.yourdomain.com. 60	IN NS	alias75550.5.slp2000.yourdomain.com.
alias25431.5.slp2000.yourdomain.com. 60	IN NS	alias325809.5.slp2000.yourdomain.com.

;; Query time: 2007 msec
;; SERVER: 10.211.55.2#53(10.211.55.2) (UDP)
;; WHEN: Mon Nov 04 15:59:02 +04 2024
;; MSG SIZE  rcvd: 302

Download PCAP File


From the same category

See also


Go back to catalogue.