Scribd
Upload
18 views

DNS Lab

MMT

Uploaded by

ngoxuanninh2004
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
18 views

DNS Lab

MMT

Uploaded by

ngoxuanninh2004
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Wireshark Lab: DNS

1. nslookup

Now that we have provided an overview of nslookup, it is time for you to test drive it yourself. Do the
following (and write down the results):

1.Run nslookup to obtain the IP address of a Web server in Asia. What is the IP address of that server?

IP Address: 173.223.93.162

2. Run nslookup to determine the authoritative DNS servers for a university in Europe.
3.Run nslookup so that one of the DNS servers obtained in Question 2 is queried forthe mail servers for
Yahoo! mail. What is its IP address?

IP Address : 151.101.130.216

4.Locate the DNS query and response messages. Are then sent over UDP or TCP?

Answer: UDP

5.What is the destination port for the DNS query message? Ans: 53

What is the source port of DNS response message? Ans: 53

6.To what IP address is the DNS query message sent? 192.168.1.10

Use ipconfig to determine the IP address of your local DNS server. 192.168.1.10
Two IP addresses are the same

7.Examine the DNS query message. What “Type” of DNS query is it? Ans: Type AAAA

Does the query message contain any “answers”? 0

8. Examine the DNS response message. How many “answers” are provided? 2

What do each of these answers contain?

9. Consider the subsequent TCP SYN packet sent by your host. Does the destination IP address of the SYN
packet correspond to any of the IP addresses provided in the DNS response message? they correspond

10. This web page contains images. Before retrieving each image, does your host issue new DNS queries?
No

11. What is the destination port for the DNS query message? 53

What is the source port of DNS response message? 53

12. To what IP address is the DNS query message sent? Is this the IP address of your default local DNS
server? yes
13. Examine the DNS query message. What “Type” of DNS query is it? A

Does the query message contain any “answers”? No

14. Examine the DNS response message. How many “answers” are provided? 1

What do each of these answers contain?

15. Provide a screenshot.

Now repeat the previous experiment, but instead issue the command:

nslookup –type=NS mit.edu

Answer the following questions:

16. To what IP address is the DNS query message sent? 2402:800:20ff:6666::1

Is this the IP address of your default local DNS server? Yes

17. Examine the DNS query message. What “Type” of DNS query is it? NS

Does the query message contain any “answers”? No

18. Examine the DNS response message. What MIT nameservers does the response message provide?
Does this response message also provide the IP addresses of the MIT namesers?
19. Provide a screenshot.

Now repeat the previous experiment, but instead issue the command:

nslookup www.aiit.or.kr bitsy.mit.edu

Answer the following questions:

20. To what IP address is the DNS query message sent?

Is this the IP address of your default local DNS server? If not, what does the IP address correspond to?

The DNS query message is sent to 2402:800:20ff:6666::1 which is not the same as my local DNS server.
This IP address corresponds to www.aiit.or.kr.

21. Examine the DNS query message. What “Type” of DNS query is it? A

Does the query message contain any “answers”?

22. Examine the DNS response message. How many “answers” are provided?

What does each of these answers contain?

You might also like