1. Run nslookup to obtain the IP address of a Web server in Asia. What is the IP address of that server?
I used nslookup on http://www.gundam.jp.
The IP address of the server is 60.32.7.37.
2. Run nslookup to determine the authoritative DNS servers for a university in Europe.
University of Cambridge was the target of this nslookup at http://www.cam.ac.uk.
The authoritative DNS server for Cambridge is authdns0.csx.cam.ac.uk.
3. Run nslookup so that one of the DNS servers obtained in Question 2 is queried for the mail servers for Yahoo! mail. What is its IP address?
The IP address is 98.139.237.162.
4. Locate the DNS query and response messages. Are then sent over UDP or TCP?
The query and response messages are sent via UDP.
5. What is the destination port for the DNS query message? What is the source port of DNS response message?
The destination port is port 53, and the source port is port 49927.
6. To what IP address is the DNS query message sent? Use ipconfig to determine the IP address of your local DNS server. Are these two IP addresses the same?
The DNS query message was sent to 10.40.4.44. This is the same IP address as the local DNS server.
7. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
This query was a type A query. It did not contain any “answers”.
8. Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?
This DNS response message provided only one answer. The answer contains the address of the website that it was queried for.
9. Consider the subsequent TCP SYN packet sent by your host. Does the destination IP address of the SYN packet correspond to any of the IP addresses provided in the DNS response message?
The destination IP address of the SYN packet corresponds to the address provided by the DNS response, 12.22.58.30.
10. This web page contains images. Before retrieving each image, does your host issue new DNS queries?
Yes, the host issues new DNS queries for each image.
11. What is the destination port for the DNS query message? What is the source port of DNS response message?
The destination port for the DNS query message is port 53. The source port of the DNS response message is also port 53.
12. To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server?
The DNS query message is sent to IP 10.40.4.44. This is the same IP address of my local DNS server.
13. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
This message is of type PTR. This query contains no answers.
14. Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?
The first DNS response message contains one answer. This answer contains the next DNS server to query en route to http://www.mit.edu.
15. Provide a screenshot.
16. To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server?
The IP address that the DNS query message is sent to 10.40.4.44, which is the same as my local DNS server.
17. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
It is a type PTR DNS query that contains no answers.
There is also two type NS DNS queries that contain no answers.
18. Examine the DNS response message. What MIT nameservers does the response message provide? Does this response message also provide the IP addresses of the MIT namesers?
It provides http://www.mit.edu and http://www.mit.edu.edgekey.net. This response message does not include IP addresses.
19. Provide a screenshot.
20. To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server? If not, what does the IP address correspond to?
The DNS query message is sent to 18.72.0.3 which is not the same as my local DNS server. This IP address corresponds to www.aiit.or.kr.
21. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
The DNS query message is a Domain name pointer, type PTR, and does not contain any answers.
22. Examine the DNS response message. How many “answers” are provided? What does each of these answers contain?
There are no response messages.
23. Provide a screenshot.
ECSU Net-Centric Computing 