1. Run nslookup to obtain the IP address of a Web server in Asia. 2. Run nslookup to determine the authoritative DNS servers for a university in Europe.
3. Run nslookup so that one of the DNS servers obtained in Question 2 is queried for the mail servers for Yahoo! mail.
I assume that taking screens of IPConfig section 2 of the LAB is pointless, because that’s just too easy and time wasting. Better to skip onto the next one.
Tracing DNS with Wireshark
4. Locate the DNS query and response messages. Are then sent over UDP or TCP?
5. What is the destination port for the DNS query message? What is the source port of DNS response message?
Destination port for the DNS query message is 8080 .
Source port of DNS response message is 2636 .
6. To what IP address is the DNS query message sent? Use ipconfig to determine the IP address of your local DNS server. Are these two IP addresses the same?
220.127.116.11 is IP address the DNS query message sent. But local DNS server is 192.168.0.12
7. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
It is GET from HTTP request the page of http://www.ietf.org/ , not contain any answer.
8. Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?
One answer is provided, the answer contain the HTML code of http://www.ietf.org/ webpage.
9. Consider the subsequent TCP SYN packet sent by your host. Does the destination IP address of the SYN packet correspond to any of the IP addresses provided in the DNS response message?
10. This web page contains images. Before retrieving each image, does your host issue new DNS queries?
Now let’s play with nslookup2.
Start packet capture.
Do an nslookup on www.mit.edu
Stop packet capture.
11. What is the destination port for the DNS query message? What is the source port of DNS...
Please join StudyMode to read the full document