1、计算机网络实验2WiresharkDNSLab 21. nslookup1. Run nslookup to obtain the IP address of a Web server in Asia.The address is 202.38.193.1882 .Run nslookup to determine the authoritative DNS servers for a university in Europe. There are four authoritative DNS servers.3. Run nslookup so that one of the DNS ser
2、vers obtained in Question 2 is queried for the mail servers for Yahoo! mail.The query is failed.3. Tracing DNS with WiresharkSTEPS Use ipconfig to empty the DNS cache in your host. Open your browser and empty your browser cache. (With Internet Explorer, go to Tools menu and select Internet Options;
3、then in the General tab select Delete Files.) Open Wireshark and enter “ip.addr = your_IP_address” into the filter, where you obtain your_IP_address (the IP address for the computer on which you are running Wireshark) with ipconfig. This filter removes all packets that neither originate nor are dest
4、ined to your host. Start packet capture in Wireshark. With your browser, visit the Web page: http:/www.ietf.org Stop packet capture.QUESTIONS4. Locate the DNS query and response messages. Are they sent over UDP or TCP? They are sent over UDP.5. What is the destination port for the DNS query message?
5、 What is the source port of DNS response message? The destination port for the DNS query message is 53. The source port of DNS response message is 53.6. To what IP address is the DNS query message sent? Use ipconfig to determine the IP address of your local DNS server. Are these two IP addresses the
6、 same? The DNS query message is sent to 202.116.64.114. The IP address of my local DNS server is 202.116.64.114. These two IP addresses are the same.7. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?The “Type” is A. The query message doesn
7、t contain any “answers”.8. Examine the DNS response message. How many “answers” are provided? What does each of these answers contain? 3 “answers” are provided. The first one contains Name, Type, Class, Time to live, Data length, CNAME. The last two contains Name, Type, Class, Time to live, Data len
8、gth, Address. 9. Consider the subsequent TCP SYN packet sent by your host. Does the destination IP address of the SYN packet correspond to any of the IP addresses provided in the DNS response message? The IP addresses provided in the DNS response message are 104.20.0.85 and 104.20.1.85. But there is
9、 not a SYN packet of which the destination IP address correspond to any of them.10. This web page contains images. Before retrieving each image, does your host issue new DNS queries?My host doesnt issue new DNS queries.STEPS Start packet capture. Do an nslookup on “” Stop packet capture.QUESTIONS11.
10、 What is the destination port for the DNS query message? What is the source port of DNS response message? The destination port for the DNS query message is 53. The source port of DNS response message is 53.12. To what IP address is the DNS query message sent? Is this the IP address of your default l
11、ocal DNS server? The IP address is 202.116.64.114. This is the IP address of my default local DNS server.13. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”? The type is A. The query message doesnt contain any “answers”. 14. Examine the DNS
12、 response message. How many “answers” are provided? What does each of these answers contain? One answer is provided. It contains Name, Type, Class, Time to live, Data length, Address. 15. Provide a screenshot.STEPS Start packet capture. Enter the command “nslookup -type=NS ” Stop packet capture.QUES
13、TIONS16. To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server? The IP address is 202.116.64.114. This is the IP address of my default local DNS server.17. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contai
14、n any “answers”? The type is “NS”. The query message doesnt contain any “answers”.18. Examine the DNS response message. What FUDAN name servers does the response message provide? Does this response message also provide the IP addresses of the FUDAN name servers? No IP address.19. Provide a screensho
15、t.STEPS Start packet capture. Enter the command “nslookup ” Stop packet capture.QUESTIONS20. To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server? If not, what does the IP address correspond to? 202.120.224.26. This isnt the IP address of my defau
16、lt local DNS server. The IP address correspond to .21. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”? The type is A. The query message doesnt contain any “answers”. 22. Examine the DNS response message. How many “answers” are provided? What does each of these answers contain? 2 answers are provided. The first one contains Name, Type, Class, Time to live, Data length, CNAME. The second one contains Name, Type, Class, Time to live, Data length, Address.23. Provide a screenshot.