Scribd
Upload
39 views13 pages

DNS Lab Guide for Networking Students

Uploaded by

p229067
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
39 views13 pages

DNS Lab Guide for Networking Students

Uploaded by

p229067
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

Wireshark Lab: 06

DNS v8.1
Supplement to Computer Networking: A Top-Down
Approach, 8th ed., J.F. Kurose and K.W. Ross

“Tell me and I forget. Show me and I remember. Involve me


and I understand.” Chinese proverb

© 2005-2021, J.F Kurose and K.W. Ross, All Rights Reserved

TASKS
1. Run nslookup to obtain the IP address of the web server for the Indian
Institute of Technology in Bombay, India: www.iitb.ac.in. What is the IP address
of www.iitb.ac.in and IP address of the DNS server that provided the answer to
your nslookup command in question 1 above? Did the answer to your
nslookup command in question 1 above come from an authoritative or non-
authoritative server? (0.5)

IP Address OF IITB: 103.21.124.133


DNS Server that provided my answer: 8.8.8.8
The answer came from a non-authoritative server :

[ www.iitb.ac.it ]
2. Use the nslookup command to determine the name of the authoritative name
server for the iit.ac.in domain. What is that name? (If there are more than one
authoritative servers, what is the name of the first authoritative server returned by
nslookup)? If you had to find the IP address of that authoritative name server, how
would you do so? (0.5)

NAME SERVER OF IITB

IP Address
3 Locate the first DNS query message resolving the name gaia.cs.umass.edu. What
is the packet number1 in the trace for the DNS query message? Is this query
message sent over UDP or TCP? (0.5)

• 1st DNS query Message = has a Packet Number in


the Trace as = 118
• Yes the Query was sent by UDP protocol
4 Now locate the corresponding DNS response to the initial DNS query. What is the
packet number in the trace for the DNS response message? Is this response
message received via UDP or TCP? (0.5)

• DNS Response In Returns to the INITIAL query = has


the Packet Number in the trace as: 121
• Yes the Message was received via a UDP protocol
5 What is the destination port for the DNS query message? What is the source port
of the DNS response message? To what IP address is the DNS query message
sent? (1)

• Destination Port for the DNS = 53


• IP Address is the DNS query message = 192.168.0.1

• Source Port of the DNS response message = 53


6 Examine the DNS query message. How many “questions” does this DNS message
contain? How many “answers” answers does it contain? Examine the DNS
response message to the initial query message. How many “questions” does this
DNS message contain? How many “answers” answers does it contain? (1)

DNS query message:


• Questions does this contain = 1
• Answers does this contain = 0

DNS response message:

• Questions does this contain = 1


• Answers does this contain = 1
7 What is the destination port for the DNS query message? What is the source port
of the DNS response message? (1)

• destination port for the DNS query message = 53

• source port of the DNS response message = 53


8 To what IP address is the DNS query message sent? Is this the IP address of your
default local DNS server? (1)

• IP address of the DNS query message where it is being


sent is = 192.168.0.1
• Yes it is my LOCAL DNS Server

• PROOF

My DNS / Default Gateway:

Destination IP:
9 Examine the DNS query message. What “Type” of DNS query is it? Does the
query message contain any “answers”? (1)

DNS query message:

• TYPE = A (maps a domain name to its IPv4 address)

• Answers = NOT AVAAILABLE in the QUERY section.


10 Examine the DNS response message to the query message. How many
“questions” does this DNS response message contain? How many “answers”? (1)

DNS response message:

• Questions = 1
• Answers = 1
11 To what IP address is the DNS query message sent? Is this the IP address of your
default local DNS server? Examine the DNS query message. How many questions
does the query have? Does the query message contain any “answers”? (1)

• To what IP address is the DNS query message sent =


192.168.0.1

• Is this the IP address of your default local DNS server =


YES

DNS query message:


• Questions does this contain = 1
• Answers does this contain = 0
12 Examine the DNS response message. How many answers does the response
have? What information is contained in the answers? How many additional
resource records are returned? What additional information is included in these
additional resource records? (1)

DNS response message:

• Questions does this contain = 1


• Answers does this contain = 3

How many additional resource records are returned: ‘3’

What additional information is included in these


additional resource records

The records that are received are given bellow: -


Server: UnKnown
Address: 192.168.0.1

Non-authoritative answer:
umass.edu nameserver = ns1.umass.edu
umass.edu nameserver = ns3.umass.edu
umass.edu nameserver = ns2.umass.edu

ns1.umass.edu internet address = 128.119.10.27


ns2.umass.edu internet address = 128.119.10.28
ns3.umass.edu internet address = 69.16.40.18

INCLUDES:

Name: The Primary Authoritative name server = umass.edu

Type: NS (Returned Us with 3 Authoritative name servers of


umass.edu) Which are:

ns2.umass.edu
ns3.umass.edu
ns1.umass.edu

Class: IN (Means that the DNS record belongs to the Internet Class)

Time-To-Live: 3600 (1 hour) means the DNS record is cached


for 3600 seconds (1 hour) before it must be re-queried from the ANS.

Data Length: 6 means it contains 6 bytes of DATA.

Name Server: ns2.umass.edu specifies that ns2.umass.edu is


one of the authoritative name servers responsible for handling DNS queries
for the umass.edu domain.

< >

You might also like