2021-09-13计算机网络自顶向下WireShark Lab（三）DNS

win10 使用 cmd 下的 nslookup 得在管理员模式下运行。

Name和Value的的具体含义取决于Type：

Type = A，则Name是主机名，Value是该主机名对应的IP地址。例如：（relay1.bar.foo.com,145.37.93.126, A）
Type = NS,则Name是域（如foo.com）,而Value是知道如何获取该域中主机IP地址的权威DNS服务器的主机名，如（foo.com, dns.foo.com, NS）
Type = CNAME, 则Value是别名为Name的主机对应的规范主机名，如（foo.com,relay1.bar.foo.com）

不成功的例子：

一个成功的例子

nslookup

(1)Run nslookup to obtain the IP address of a Web server in Asia. What is the IP address of that server?

(2)Run nslookup to determine the authoritative DNS servers for a university in Europe.

University of Cambridge
https://www.cam.ac.uk/

下图多加了一个www.不知道为什么这两个会有区别，也不知道区别在哪里。

(3)Run nslookup so that one of the DNS servers obtained in Question 2 is queried for the mail servers for Yahoo! mail. What is its IP address?

2. ipconfig
ipconfig \all

ipconfig /displaydns

ipconfig /flushdns

3. Tracing DNS with Wireshark
使用ipconfig来获取本机的ip地址

(4)Locate the DNS query and response messages. Are then sent over UDP or TCP?

(5) What is the destination port for the DNS query message? What is the source port of DNS response message?

destination port for the DNS is 53

(6) To what IP address is the DNS query message sent? Use ipconfig to determine the IP address of your local DNS server. Are these two IP addresses the same?

is the same

(7) Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?

No,it didn’t.

(8)Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?

5 answers.
domain name,type ,class, IP address

(9)Consider the subsequent TCP SYN packet sent by your host. Does the destination IP address of the SYN packet correspond to any of the IP addresses provided in the DNS response message?

the first

(10) This web page contains images. Before retrieving each image, does your host issue new DNS queries?

no,it didn’t.

Now let’s play with nslookup.

(11)What is the destination port for the DNS query message? What is the source port of DNS response message?

They are 53.

(12) To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server?

The DNS query message sent to 58.200.168.8.
Yes,it is.

(13) Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?

A(ipv4) and AAA(ipv6).
No it didn’t.

(14) Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?

2 answers.

(15) Provide a screenshot.

Now repeat the previous experiment, but instead issue the command:
nslookup –type=NS mit.edu

Answer the following questions :

(16)To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server?

The DNS query message sent to 58.200.168.8.
Yes,it is.

(17) Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?

NS
No,it didn’t.

（18) Examine the DNS response message. What MIT nameservers does the response message provide? Does this response message also provide the IP addresses of the MIT namesers?

name,class, 权威域服务器的名字，权威域服务器的IPv4地址和部分IPv6的地址

（19）Provide a screenshot.

Now repeat the previous experiment, but instead issue the command:
先放一个不成功的：
nslookup www.aiit.or.kr bitsy.mit.edu

（20）To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server? If not, what does the IP address correspond to?

First ,it was sent to default local DNS to get the internet address of bitsy.mit.edu.
And them it was sent to bitsy.mit.edu.

（21）Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
A and AAA
No.it did’t.

（22）Examine the DNS response message. How many “answers” are provided? What does each of these answers contain?

2 answer provide.

【SOA 资源记录表明此 DNS 名称服务器是为该 DNS 域中的数据的信息的最佳来源。

SOA 记录与 NS 记录的区别：简单讲，NS记录表示域名服务器记录，用来指定该域名由哪个DNS服务器来进行解析；SOA记录设置一些数据版本和更新以及过期时间的信息。

dns服务器无法响应dns请求时，会默认响应soa记录，所以从抓包看soa响应就是查询失败的意思。】

对于www.aiit.or.kr后面的询问一直没有得到回复
（23） Provide a screenshot

再放一个成功的

（20） To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server? If not, what does the IP address correspond to?

First ,it was sent to default local DNS to get the internet address of dns.baidu.com
And them it was sent to dns.baidu.com

(21) Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
A and AAA

(22) Examine the DNS response message. How many “answers” are provided? What does each of these answers contain?

respond

疑惑：为什么这个dns响应报文不包括答案

(23) Provide a screenshot

2021-09-13计算机网络自顶向下WireShark Lab（三）DNS相关推荐

HTTP计算机网络自顶向下+wireshark lab
Overview HTTP(HyperText Transfer Protocol),一个应用层协议,是Web的核心.在RFC文档中有相关定义[RFC 1945]和[RFC 2616].HTTP包括两 ...
计算机网络自顶向下方法实验报告,计算机网络自顶向下方法试验三报告.doc
计算机网络自顶向下方法试验三报告陕西师范大学计算机网络实验报告年级: 2010级姓名: 陈翠萍学号: 实验日期: 2012.9.24 实验名称:Wireshark Lab: HTTP 1至 ...
计算机网络自顶向下 Wireshark实验 Lab4 TCP
计算机网络自顶向下 Wireshark实验 Lab4 TCP 不写答案,本文章只记录任务和问题开始Wireshark Lab TCP 先在Wireshark Lab官网下载相应文档:https ...
实习日志（2021.09.13）
2021.09.13星期一今天把之前的算法题终于给弄明白了,并能够按照自己的思路去把他给完成,总结这个题目并不是很难,最重要的是要把链表给弄懂,一开始由于我对链表不是很熟悉,导致我在写该题目的时候花 ...
计算机网络自顶向下方法第三章运输层 3.4 可靠数据传输原理
计算机网络自顶向下方法总结3.4可靠数据传输原理目录 3.4 可靠数据传输原理 3.4.1 构造可带数据传输协议 3.4.2 流水线可靠数据传输协议 3.4.3 回退N步 3.4.4 选择重传 3. ...
计算机网络自顶向下方法第三章 3.5 面向连接的运输：TCP
计算机网络自顶向下方法总结3.5面向连接的运输:TCP 目录 3.5 面向连接的运输:TCP 3.5.1 TCP连接 3.5.2 TCP报文段结构 3.5.3 往返时间的估计与超时 3.5.4 可靠数 ...
计算机网络自顶向下方法第三章运输层 3.6 拥塞控制原理
计算机网络自顶向下方法总结3.6拥塞控制原理目录 3.6 拥塞控制原理 3.6.1 拥塞原因与代价 3.6.2 拥塞控制方法 3.6 拥塞控制原理前面讲到分组丢失时用于可靠数据传输服务的基本原理及 ...
《计算机网络自顶向下》第三章==传输层==随堂笔记
文章目录第三章传输层 3.1 传输层概述传输层提供什么服务? 传输层协议 3.2 多路复用和解复用多路复用解复用 3.3 UDP(User Datagram Protocol) 3.4 可靠 ...
计算机网络-自顶向下方法第三章课后习题答案（第七版）
复习题 R1. a) 就叫这个协议为简单传输协议STP(Simple Transport Protocol).在发送方,STP从发送进程接收不超过1196字节的数据块.目标主机地址和目标端口号.STP ...

2021-09-13计算机网络自顶向下WireShark Lab（三）DNS

2021-09-13计算机网络自顶向下WireShark Lab（三）DNS相关推荐

最新文章

热门文章