使用的资料
计算机网络自顶向下方法 第7版
操作系统:Windows 7
我的笔记
实验步骤
nslookup
Run nslookup to obtain the IP address of a Web server in Asia. What is the IP address of that server?
查询www.baidu.com
Run nslookup to determine the authoritative DNS servers for a university in Europe.
查询权威域名,关于非权威应答的解释在文档中。
However, nslookup also indicates that the answer is “non-authoritative,” meaning that this answer came from the cache of some server rather than from an authoritative MIT DNS server.
Run nslookup so that one of the DNS servers obtained in Question 2 is queried for the mail servers for Yahoo! mail. What is its IP address?
我看几次DNS服务都是阿里云提供的,国内不太可能是雅虎提供,我就直接对mail.yahoo.com进行了查询。
ipconfig
这个比较熟悉了,之前搞过许多次手动添加DNS解析的再刷新ipconfig /flushdns。
Tracing DNS with Wireshark
这才是主菜。
Locate the DNS query and response messages. Are then sent over UDP or TCP?
请求和响应报文都使用的是UDP。
What is the destination port for the DNS query message? What is the source port of DNS response message?
请求报文的目的端口号为53,响应报文的源端口号也为53。
To what IP address is the DNS query message sent? Use ipconfig to determine the IP address of your local DNS server. Are these two IP addresses the same?
DNS请求的IP地址为223.5.5.5确实与本地DNS服务器(public1.alidns.com)地址相同。
我记得第二次测试的时候有重新清理过DNS缓存。
Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
type A,并没有answer。
Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?
包含3个answer。
Consider the subsequent TCP SYN packet sent by your host. Does the destination IP address of the SYN packet correspond to any of the IP addresses provided in the DNS response message?
我的观察发现,与之前的IP不同,但不太确定这些TCP哪些是和之前DNS相关的,有太多干扰。
This web page contains images. Before retrieving each image, does your host issue new DNS queries?
并没有,图片都存在该web网站上,因此没有新的DNS。
- Start packet capture.
- Do an nslookup on www.mit.edu
- Stop packet capture.
What is the destination port for the DNS query message? What is the source port of DNS response message?
和之前相同,采用的是UDP,两个端口号都是53。
To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server?
不是本地域名服务器,是阿里云的服务器。
Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
Type: A,请求报文并不包含answer字段。
Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?
www.mit.edu: type CNAME, class IN, cname www.mit.edu.edgekey.netwww.mit.edu.edgekey.net: type CNAME, class IN, cname e9566.dscb.akamaiedge.nete9566.dscb.akamaiedge.net: type A, class IN, addr 23.74.47.242
Provide a screenshot.
这几个问题和之前的类似,不做过多的解释。
nslookup –type=NS mit.eduTo what IP address is the DNS query message sent? Is this the IP address of your default local DNS server?
53,不是。
Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
Type A,没有answer。
Examine the DNS response message. What MIT nameservers does the response message provide? Does this response message also provide the IP addresses of the MIT namesers?
不太清楚为什么超时了,开了代理也超时。
Provide a screenshot.
nslookup www.aiit.or.kr bitsy.mit.eduTo what IP address is the DNS query message sent? Is this the IP address of your default local DNS server? If not, what does the IP address correspond to? Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”? Examine the DNS response message. How many “answers” are provided? What does each of these answers contain? Provide a screenshot.
仍旧超时。听说是服务器已经停用。
总结
本次实验是DNS相关的实验,之前对DNS了解的并不算详细,并且实验部分有时效性限制,没有具体的操作指导,也设下了些许困难。
若有收获,就点个赞吧
0 人点赞
