Scribd Logo
Upload

Welcome to Scribd!

  • DNS

    Uploaded by

    Boppe saisreeharsha
    5 views14 pages
    Dns

    Original Title

    (DNS)

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Dns

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views14 pages

    DNS

    Uploaded by

    Boppe saisreeharsha
    Dns

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 14

    1. Run nslookup to obtain the IP address of a Web server in Europe.

    2. Run nslookup to determine the authoritative DNS servers for a university in Asia.

    3. Run nslookup so that one of the DNS servers obtained in Question 2 is queried for the mail
    servers for Yahoo! mail.
    1
    The IP address is 2001:1458:1:1::5

    I was unable to get any of the DNS servers listed above to answer a query for a Yahoo
    mail server (even cn.mail.yahoo.com was refused)

    4. Locate the DNS query and response messages. Are they sent using the UDP or TCP protocol?

    2
    UDP as shown in the screenshot.

    5. What is the destination port for the DNS query message? What is the source port of DNS
    response message? See screenshot. Source port: 55566. Dest port: 53.

    6. To what IP address is the DNS query message sent? Use ipconfig to determine the IP
    address of your local DNS server. Are these two IP addresses the same?

    3
    The screenshot shows that the DNS message was sent to 192.168.0.1. This matches the DNS
    server listed by the command ipconfig /all.

    7. Examine the DNS query message. What “Type” of DNS query is it1? Does the query message
    contain any “answers”? It is a “type A” query, which is for a standard host address resource
    record. No answers as shown in screenshot (one question).

    1
    A table of all the different “types” is available in your textbook (see “resource record types”).

    4
    8. Examine the DNS response message. How many “answers” are provided? What does each of
    these answers contain? One answer containing the IP address of www.ietf.org (see screenshot)

    5
    9. Consider the subsequent TCP SYN packet sent by your host. Does the destination IP address
    of the SYN packet correspond to any of the IP addresses provided in the DNS response
    message?
    A:Yes, as seen in the prior screenshot, the destination address is 23.53.240.178 which is the
    address provided by the DNS server for www.ietf.org.

    10. This web page contains images. Before retrieving each image, does your host issue new DNS
    queries?

    A: No, the images are all loaded from www.ietf.org, so no additional DNS queries are necessary (the
    host uses a cached address).

     Start packet capture.

     Do an nslookup on www.mit.edu

     Stop packet capture

    11. What is the destination port for the DNS query message? What is the source port of DNS
    response message?

    A : Source port: 55566.

    Dest port: 53 (see screenshot)

    6
    12. To what IP address is the DNS query message sent? Is this the IP address of your default
    local DNS server?
    A : T h e D N S q u e r y m e s s a g e w a s s e n t t o 192.168.0.1. T h i s t h e s a m e I P
    address of my default local DNS server.

    13. Examine the DNS query message. What “Type” of DNS query is it? Does the query message
    contain any “answers”?

    A: Standard type A (Host address) query. The messageonly contains a query (no answers).

    7
    14. Examine the DNS response message. How many “answers” are provided? What does each
    of these answers contain? Provide a screenshot.
    A: Three answers (resource records), two corresponding to CNAMEs and one host address.

    8
    15. Provide a screenshot.

    9
    Now repeat the previous experiment, but instead issue the command:
    nslookup –type=NS mit.edu
    Answer the following questions :

    16. To what IP address is the DNS query message sent? Is this the IP address of your default local DNS
    server?

    10
    A:The DNS query message was sent to 192.168.0.1.This the same IP address of my default local DNS sever.

    17. Examine the DNS query message. What “Type” of DNS query is it? Does the
    query message contain any “answers”?
    A: The DNS query id Type NS .It has no answers.

    18. Examine the DNS response message. What MIT nameservers does the response
    message provide? Does this response message also provide the IP addresses of the
    MIT namesers?

    11
    According to the screenshot, there are few name servers but IP addresses of these name
    servers are not provided.

    12
    19. Provide a screenshot

    Now repeat the previous experiment, but instead issue the command:
    nslookup www.aiit.or.kr bitsy.mit.edu
    Answer the following questions

    20. To what IP address is the DNS query message sent? Is this the IP address of your
    default local DNS server? If not, what does the IP address correspond to?
    A:The DNS query message was sent to 18.0.72.3.This is not the default local DNS server and thus corresponds
    to address of the DNS server bitsy.mit.edu rather than to the default DNS server.

    21. Examine the DNS query message. What “Type” of DNS query is it? Does the
    query message contain any “answers”?

    Type A (1 question ,no answer)

    22. Examine the DNS response message. How many “answers” are provided? What
    does each of these answers contain?

    There is no response message

    13
    23. Provide a screenshot

    14

    You might also like