使用TCP和Scapy向DNS请求添加长度前缀

Question

In the RFC 1035 about DNS, it's written :

4.2.2. TCP usage

Messages sent over TCP connections use server port 53 (decimal). The message is prefixed with a two byte length field which gives the message length, excluding the two byte length field. This length field allows the low-level processing to assemble a complete message before beginning to parse it.

I want to send a DNS request with TCP but I don't know how to add these two bytes before the DNS request. I try with that code :

from scapy.all import *

ip=IP(dst="216.239.32.10")

request = DNS(rd=1, qd=DNSQR(qname = "google.be", qtype="A")) #size = 27(dec) = 1b (hex)
twoBytesRequestSize = "\x1b\x00" 
completeRequest = str(request) + twoBytesRequestSize

SYN=ip/TCP(sport=RandNum(1024,65535), dport=53, flags="S", seq=42)
SYNACK=sr1(SYN)

ACK=ip/TCP(sport=SYNACK.dport, dport=53, flags="A", seq=SYNACK.ack, ack=SYNACK.seq + 1)
send(ACK)

DNSRequest = ip/TCP(sport=SYNACK.dport, dport=53, flags="PA", seq=SYNACK.ack, ack=SYNACK.seq + 1) / completeRequest
DNSReply = sr1(DNSRequest, timeout = 1)

But my paquet is interpreted like a simple TCP packet without DNS layer.

Have you an idea to add these two bytes prefix before the DNS request?

Thank you !

Answer 1

The solution uses Big endian notation. \\x00\\x1b instead of \\x1b\\x00 . But the rest of the code above is correct. Thank you Armin.