Scribd
Upload
6 views

Lab 2b Networking

Uploaded by

quangminh2004.qng
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
6 views

Lab 2b Networking

Uploaded by

quangminh2004.qng
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Wireshark Lab: DNS v8.

0
Name: Nguyen Vu Quang Minh
Class: L10

1. nslookup:
1. Run nslookup to obtain the IP address of a Web server in Asia. What
is the IP address of that server?
The IP address of that server is 160.16.123.100
2. Run nslookup to determine the authoritative DNS servers for a
university in
Europe.
Result:
cam.ac.uk nameserver = ns3.mythic-beasts.com
cam.ac.uk nameserver = ns2.ic.ac.uk
cam.ac.uk nameserver = dns0.cl.cam.ac.uk
cam.ac.uk nameserver = auth0.dns.cam.ac.uk
cam.ac.uk nameserver = dns0.engl.cam.ac.uk
cam.ac.uk nameserver = ns1.mythic-beasts.com

3. Run nslookup so that one of the DNS servers obtained in Question 2


is queried for the mail servers for Yahoo! mail. What is its IP address?
The IP address of that DNS server is 2a05:b400:5:270::80e8:8408.
2. ipconfig:

3. Tracing DNS with Wireshark


4. Locate the DNS query and response messages. Are then sent over
UDP or TCP?
It was sent over UDP. (When I clicked to DNS query, I saw User
Diagram Protocol)
5. What is the destination port for the DNS query message? What is the
source port of DNS response messages?
The destination port for the DNS query message is 53. The source
port of DNS response messages is also 53.
6. To what IP address is the DNS query message sent? Use ipconfig to
determine the IP address of your local DNS server. Are these two IP
addresses the same?
The IP address that DNS query message sent is 192.168.1.1. That IP
and my default gateway address are the same.
7. Examine the DNS query message. What “Type” of DNS query is it?
Does the query message contain any “answers”?
The DNS query message is:
Transaction ID: 0x7800
Flags: 0x0100 Standard query
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
Type of DNS query is AAAA. This query doesn’t contain any answer
because Answer RRs is 0.
8. Examine the DNS response message. How many “answers” are
provided? What do each of these answers contain?
There are 2 answers that were provided.
These answers contain:
www.ietf.org: type A, class IN, addr 104.16.45.99
www.ietf.org: type A, class IN, addr 104.16.44.99
9. Consider the subsequent TCP SYN packet sent by your host. Does
the destination IP address of the SYN packet correspond to any of the
IP addresses provided in the DNS response message?
Yes, it does.
10. This web page contains images. Before retrieving each image, does
your host issue new DNS queries?
The host doesn’t issue any new DNS queries.
11. What is the destination port for the DNS query message? What is
the source port of DNS response message?
The destination port for the DNS query message is 53. The source
port of DNS response message is also 53.
12. To what IP address is the DNS query message sent? Is this the IP
address of your default local DNS server?
The IP address that the DNS query message sent is fe80::1. That
IP address and my default local DNS server are the same.
13. Examine the DNS query message. What “Type” of DNS query is it?
Does the query message contain any “answers”?
Type of this DNS query is AAAA. This query message doesn’t
contain any answers.
14. Examine the DNS response message. How many “answers” are
provided? What do each of these answers contain?
There are 2 answers that were provided.
These answers contain:
mit.edu: type AAAA, class IN, addr 2600:140e:6:ab3::255e
mit.edu: type AAAA, class IN, addr 2600:140e:6:a83::255e
15. Provide a screenshot.

16. To what IP address is the DNS query message sent? Is this the IP
address of your default local DNS server?
The IP address that the DNS query message sent is fe80::1. This is
also my default local DNS server.
17. Examine the DNS query message. What “Type” of DNS query is it?
Does the query message contain any “answers”?
Type of this DNS query is NS. The query message doesn’t contain
any answers.
18. Examine the DNS response message. What MIT nameservers does
the response message provide? Does this response message also
provide the IP addresses of the MIT namesers?
MIT nameservers that the response message provide are:
mit.edu: type NS, class IN, ns usw2.akam.net
mit.edu: type NS, class IN, ns eur5.akam.net
mit.edu: type NS, class IN, ns use2.akam.net
mit.edu: type NS, class IN, ns ns1-173.akam.net
mit.edu: type NS, class IN, ns asia2.akam.net
mit.edu: type NS, class IN, ns use5.akam.net
mit.edu: type NS, class IN, ns ns1-37.akam.net
mit.edu: type NS, class IN, ns asia1.akam.net
19. Provide a screenshot.

20. To what IP address is the DNS query message sent? Is this the IP
address of your default local DNS server? If not, what does the IP
address correspond to?
The IP address that the DNS query message sent is fe80::1. This IP
address is similar to my default local DNS server.
21. Examine the DNS query message. What “Type” of DNS query is it?
Does the query message contain any “answers”?
Type of DNS query is A. The query message doesn’t contain any
answers.
22. Examine the DNS response message. How many “answers” are
provided? What does each of these answers contain?
The DNS response message is contains 1 answer:
bitsy.mit.edu: type A, class IN, addr 18.0.72.3
23. Provide a screenshot

You might also like