“21天好习惯”第一期-9

计算机网络实验三:DNS

一、实验目的

1. 使用nslookup命令进行域名解析
2. 使用ipconfig查看本地ip地址
3. 学会通过Wrieshar掌握DNS报文的一些格式

二、实验平台

1. 操作系统：Windows10；
2. Wrieshark

• 实验步骤

1. nslookup

1. Run nslookup to obtain the IP address of a Web server in Asia. What is the IP

address of that server?

 

The address is 219.229.249.18

2. Run nslookup to determine the authoritative DNS servers for a university in

Europe.

The are two authoritative DNS servers

1. Run nslookup so that one of the DNS servers obtained in Question 2 is queried for the mail servers for Yahoo! mail. What is its IP address?

 

The addresses are 87.248.118.22 ad 87.248.118.23

2. ipconfig

3. Tracing DNS with Wireshark

Steps

• Use ipconfig to empty the DNS cache in your host.

• Open your browser and empty your browser cache. (With Internet Explorer,

go to Tools menu and select Internet Options; then in the General tab select

Delete Files.)

• Open Wireshark and enter “ip.addr == your_IP_address” into the filter, where

you obtain your_IP_address with ipconfig. This filter removes all packets that

neither originate nor are destined to your host.

• Start packet capture in Wireshark.

• With your browser, visit the Web page: http://www.ietf.org

• Stop packet capture.

questions

1. Locate the DNS query and response messages. Are then sent over UDP or TCP?

 

They are send over UDP

5. What is the destination port for the DNS query message? What is the source port

of DNS response message?

 

the destination port for the DNS query message is 53

 

the source port of DNS response message is 53

6. To what IP address is the DNS query message sent? Use ipconfig to determine the

IP address of your local DNS server. Are these two IP addresses the same?

 

I forgot to look up the IP address of the computer in the machine room,but it must be 192.168.5.56.

7. Examine the DNS query message. What “Type” of DNS query is it? Does the

query message contain any “answers”?

 

The Type is “A”,the query message doesn’t contain any“answers”

8. Examine the DNS response message. How many “answers” are provided? What

do each of these answers contain?

 

 

3 or 2 “answers” are provided, these answers all contain Name, Type, Class, Time, Data, Address. The first answers contains CNAME

9. Consider the subsequent TCP SYN packet sent by your host. Does the destination

IP address of the SYN packet correspond to any of the IP addresses provided in

the DNS response message?

 

 No,the IP address provided in the DNS response is 104.16.449 and 104.16.45.9, there is no SYN packet correspond to them.

10. This web page contains images. Before retrieving each image, does your host

issue new DNS queries?

No, the images are all on the web site, so there is no new DNS.

Steps

• Start packet capture.

• Do an nslookup on www.mit.edu

• Stop packet capture.

Questions

11. What is the destination port for the DNS query message? What is the source port

of DNS response message?

The destination port for the DNS query message is 53.

The source port of DNS response message is 53.

 

 

12. To what IP address is the DNS query message sent? Is this the IP address of your

default local DNS server?

The IP address is 219.229.242.62.This is the IP address of machine room local DNS server.

13. Examine the DNS query message. What “Type” of DNS query is it? Does the

query message contain any “answers”?

The type is 'A'. The query message doesn't contain any “answers".

 

14. Examine the DNS response message. How many “answers” are provided? What

do each of these answers contain?

One answer is provided. It contains Name, Type, Class,Time to live, Data length, Address.

1. Provide a screenshot.

Steps

• Start packet capture.

• enter the commend “nslookup –type=NS mit.edu”

• Stop packet capture.

Questions

16. To what IP address is the DNS query message sent? Is this the IP address of your

default local DNS server?

The IP address is 219.229.242.62.This is the IP address of machine room local DNS server.

 

17. Examine the DNS query message. What “Type” of DNS query is it? Does the

query message contain any “answers”?

The type are"A"、"AAAA"and "RTR". The query message doesn't contain any "answers".

 

18. Examine the DNS response message. What MIT nameservers does the response

message provide? Does this response message also provide the IP addresses of the

MIT namesers?

No IP address

1. Provide a screenshot.

Steps

• Start packet capture.

• enter the commend “nslookup www.aiit.or.kr bitsy.mit.edu”

• Stop packet capture.

Questions

20. To what IP address is the DNS query message sent? Is this the IP address of your

default local DNS server? If not, what does the IP address correspond to?

219.229.242.62.This isn't the IP address of my default local DNS server. The IP address correspond to bisty.mit.edu.

 

21. Examine the DNS query message. What “Type” of DNS query is it? Does the

query message contain any “answers”?

The type is 'A'. The query message doesn't contain any "answers".

 

22. Examine the DNS response message. How many “answers” are provided? What

does each of these answers contain?

One answers are provided.It contains Name,Type, Name, Type, Class,Time to live, Data length, Address.

 

23. Provide a screenshot.

• 实验总结及问题

1. 学会使用什么做什么事情；

答： 

1. 在实验过程中遇到了什么问题？是如何解决的？

答：

3、还有什么问题尚未解决？可能是什么原因导致的。

答：