CS 519 Spring 2003

 

Homework 2 – DNS

 

Download: dnstrace.cap [last updated 01/30/03]

Script File: dnstrace.script.txt

 

Network Configuration

 

The trace was captured on a host behind a NAT firewall. A laptop (host) was connected to the cable modem router that contains a DHCP server. Nslookup was the program that was used to generate dns traffic with the local name server machine. The script file contains the commands that were used in the nslookup command prompt.

 

Questions

 

1. What is the name and IP address of the local name server of the host from which the DNS requests are issued? Which port number does the local name server listen to?

 

2. Packet 15 shows the DNS A query request for www.google.com. Now look into the response for this query. Is this an authoritative response? How many authoritative name servers information does the response packet contain? Identify the authoritative name servers for www.google.com and their respective IP addresses.

 

3. What does the Time to live field signify? Why is its importance?

 

4. Packet 25 shows the DNS A query request for www.cnn.com. Now look into the response for this query. How many IP addresses are sent as a response for this query? Why would you require more than one IP address in the response?

 

5. What is a canonical name? Packet 42 contains the DNS NS query for www.mit.edu. What is the canonical name for www.mit.edu?

 

6. Look into packet 128 that carries the DNS PTR query request for the IP address 128.84.154.132. Why is the IP address information reversed in the query packet?

 

7. What are the SOA and SRV queries? What information does these queries help to retrieve?