CS 519 Spring 2003
Homework 2 – DNS
Download:
dnstrace.cap [last updated 01/30/03]
Script
File: dnstrace.script.txt
Network Configuration
The trace was captured on a host behind a NAT firewall. A
laptop (host) was connected to the cable modem router that contains a DHCP
server. Nslookup was the program that was used to generate dns traffic with the
local name server machine. The script file contains the commands that were used
in the nslookup command prompt.
Questions
- What is the name and IP address of the local
name server of the host from which the DNS requests are issued? Which port
number does the local name server listen to?
- Packet 15 shows the DNS A query request for
www.google.com. Now look into the response for this query. Is this an
authoritative response? How many authoritative name servers information does
the response packet contain? Identify the authoritative name servers for www.google.com
and their respective IP addresses.
- What does the Time to live field signify? Why
is its importance?
- Packet 25 shows the DNS A query request for www.cnn.com.
Now look into the response for this query. How many IP addresses are sent
as a response for this query? Why would you require more than one IP
address in the response?
- What is a canonical name? Packet 42 contains
the DNS NS query for www.mit.edu. What is the canonical name for www.mit.edu?
- Look into packet 128 that carries the DNS PTR
query request for the IP address 128.84.154.132. Why is the IP address
information reversed in the query packet?
- What are the SOA and SRV queries? What
information does these queries help to retrieve?