Christian Evangelista

Wireshark Lab 2 – DNS

1. 116.127.123.322. nighthawk.dns.ox.ac.uk3. 163.1.60.424. They are sent over UDP.5. 53 is the destination and source port for the DNS query and response message.6. 75.75.75.75 and this is the same as the IP address of my local DNS server.7. type A. The query message does not contain any “answers”.8. It contains 1 “answer”. The answer contains the

Name: www.ietf.org

Type: A

Class: IN

Time to live: 8 minutes, 34 seconds

Data length: 4

Addr: 4.31.198.44

9. It matches the IP address that is provided in the answer of the DNS response message.10. It does not issue new DNS queries.11. Destination port for DNS query message: 53. Source port DNS response message: 53.12. 75.75.75.75 and it is the IP address of my default local DNS server.13. type AAAA. And it contains no “answers”. 14. There are 2 “answers”.

15.

16. 75.75.75.75 and it is the IP address of my default local DNS server.17. type NS and it contains no “answers”.

18.

The response message provides the above MIT nameservers. It does not provide the IP addresses of the MIT nameservers under “Answers” in Wireshark but it does show their IP addresses under “Additional records” in the response message and on the Command Prompt.

19.

20. The first DNS query message for bitsy.mit.edu is sent to IP address 75.75.75.75 which is my default local DNS server, but the following query messages are sent to 18.72.0.3 which is not the default local DNS server, but the IP address of bitsy.mit.edu.

21. The first DNS query message is of type A. When trying to send a query message to 18.72.0.3, the type is PTR, A, and AAAA none of which received a response as the requests timed out.

22. The DNS response from 75.75.75.75 had 1 “answer”. There was no DNS response from 18.72.0.3 as the request timed out.

There was no DNS response from 18.72.0.3 as the request timed out.

23.