Seth Waddingham

EE5753 Wireshark Lab Mod 6

18 Jun 2016

www.rediff.com
184.51.126.73

I used Cambridge University for my example.

www.cam.ac.uk
131.111.150.25

I couldn't get this to work for the server I looked at it in question 2. If you used Google's server, the
results above are obtained.

UDP

The destination port is port 53. The source port is also port 53.

My DNS server is at 192.168.0.1. This is the same address as where it was sent, shown above in the
figure from problem 4.

This is a standard Type A Class IN DNS query. Answer RRs = 0, so there are no answers.

Answer RRs = 3 so 3 answers are provided.

The first SYN was sent to 104.20.0.85, which corresponds to the first IP address provided in the DNS
response above in problem 8.

No it did not.

11. Destination port is port 53. Source port of DNS response is port 53.
12. Destination IP address is 192.168.0.1. Yes, this is my local default DNS server.
13. The query message is a type PTR class IN standard query. No, it does not contain any answers.
14. Depending on which query you select, there were either 0, 3, or 4 answers provided.

15.

16. Destination IP address is 192.168.0.1. Yes, this is my local default DNS server.
17. The query message is a type PTR class IN standard query. No, it does not contain any answers.
18. See below. Yes

19.

20. Destination IP address is 192.168.0.1. Yes, this is my local default DNS server.
21. The query message is a type A class IN standard query. No, it does not contain any answers.
22. The majority of the responses all reply with 0 answers, except for 1 response which replied with
two answers.

23.