我就不写杂七杂八的东西直接开始操作了
实验之前
做实验之前,清除 Windows 的 DNS 缓存
实验步骤
- 运行 nslookup 以获取一个亚洲的 Web 服务器的 IP 地址。该服务器的 IP 地址
是什么?
前两排是公共DNS的hostname和IP address
非权威应答指通过迭代的方式一级级查询分层的DNS服务器体系, 不是直接访问它的权威DNS
分别为IPV6和IPV4的地址
- 运行 nslookup 来确定一个欧洲的大学的权威 DNS 服务器
使用nslookup -types=NS (域名服务器记录Name Server,返回保存下一级域名信息的服务器地址)
查询最接近MIT.edu的DNS服务器(权威服务器,是官方进行hostname与IP地址转换的永久存储,不需要缓存)
非权威应答, 查询权威DSN服务器也是通过递归查询一级一级得到的,因此是非权威(不直接得到)
通过 NS 查询一级域名(不含 www)和二级域名(含 www)的结果不一样
- 运行 nslookup,使用问题 2 中一个已获得的 DNS 服务器,来查询 Yahoo!邮箱
的邮件服务器。它的 IP 地址是什么?
- Locate the DNS query and response messages. Are then sent over UDP or TCP?
很明显,UDP
- What is the destination port for the DNS query message? What is the source port
of DNS response message?
都是port number:53
查询:
响应:
- To what IP address is the DNS query message sent? Use ipconfig to determine the
IP address of your local DNS server. Are these two IP addresses the same?
DNS查询的是公共DNS服务器不是本地的服务器 这里的地址是114.114.114.114 public1.114dns.com
本地DNS服务器:
貌似这里是一样的
-
Examine the DNS query message. What “Type” of DNS query is it? Does the
query message contain any “answers”?
类型是 type=A,查询请求的IP地址,查询消息不包含任何返回的结果
-
Examine the DNS response message. How many “answers” are provided? What do each of these answers contain?
意思是有4个answer1个queries
9. Consider the subsequent TCP SYN packet sent by your host. Does the destination
IP address of the SYN packet correspond to any of the IP addresses provided in
the DNS response message?
a这题不太好做,你看上面它给的都是IPV6的地址
- This web page contains images. Before retrieving each image, does your host
issue new DNS queries?
a先看本地有没有缓存,有就直接用,没有在查询
- What is the destination port for the DNS query message? What is the source port
of DNS response message?
a 两个端口还是53
-
To what IP address is the DNS query message sent? Is this the IP address of your
default local DNS server?
a先是电脑指定的公共DNS服务器,不是本地 -
Examine the DNS query message. What “Type” of DNS query is it? Does the
query message contain any “answers”?
TYPE = A(IPV4),TYPW=AAAA(IPV6) 查询是不包括任何答案 -
Examine the DNS response message. How many “answers” are provided? What
do each of these answers contain?
a好像和上面重复了,就不管了 -
Provide a screenshot.
a
Now repeat the previous experiment, but instead issue the command:
nslookup –type=NS mit.edu
Answer the following questions 5 : 貌似下面几题都是研究权威DNS服务器的
- To what IP address is the DNS query message sent? Is this the IP address of your
default local DNS server?
a
17. Examine the DNS query message. What “Type” of DNS query is it? Does the
query message contain any “answers”?
a这里类型是CNAME 权威域名的别名
18. Examine the DNS response message. What MIT nameservers does the response
message provide? Does this response message also provide the IP addresses of the
MIT namesers?
a直接给域名不提供IP地址
19. Provide a screenshot.
Now repeat the previous experiment, but instead issue the command:
nslookup www.aiit.or.kr bitsy.mit.edu 本题地址已经弃用
Answer the following questions 6 :
- To what IP address is the DNS query message sent? Is this the IP address of your
default local DNS server? If not, what does the IP address correspond to?
a
21. Examine the DNS query message. What “Type” of DNS query is it? Does the
query message contain any “answers”?
a
22. Examine the DNS response message. How many “answers” are provided? What
does each of these answers contain?
a
23. Provide a screenshot.
- Examine the DNS response message. How many “answers” are provided? What
does each of these answers contain?
a
23. Provide a screenshot.
a