- Run nslookup to obtain the IP address of the web server for the Indian Institute of Technology in Bombay, India: www.iitb.ac.in. What is the IP address of www.iitb.ac.in
IP地址为103.21.124.10。
- What is the IP address of the DNS server that provided the answer to your nslookup command in question 1 above?
DNS服务器为4.2.2.1。
- Did the answer to your nslookup command in question 1 above come from an authoritative or non-authoritative server?
非权威服务器。
- Use the nslookup command to determine the name of the authoritative name server for the iit.ac.in domain. What is that name? (If there are more than one authoritative servers, what is the name of the first authoritative server returned by nslookup)? If you had to find the IP address of that authoritative name server, how would you do so?
返回的第一个权威服务器:dns1.iitb.ac.in
如果要得到对应的IP地址:
(采用了教材官方提供的wireshark抓包结果,因为后续部分nslookup命令出现超时问题)
- Locate the first DNS query message resolving the name gaia.cs.umass.edu. What is the packet number[1] in the trace for the DNS query message? Is this query message sent over UDP or TCP?
No.15;
UDP。
- Now locate the corresponding DNS response to the initial DNS query. What is the packet number in the trace for the DNS response message? Is this response message received via UDP or TCP?
No.17;
UDP。
- What is the destination port for the DNS query message? What is the source port of the DNS response message?
- Dest Port: 53
Source Port: 53
- To what IP address is the DNS query message sent?
75.75.75.75
- Examine the DNS query message. How many “questions” does this DNS message contain? How many “answers” answers does it contain?
1个问题,0个答案
- Examine the DNS response message to the initial query message. How many “questions” does this DNS message contain? How many “answers” answers does it contain?
1个问题,1个答案。
- The web page for the base file http://gaia.cs.umass.edu/kurose_ross/ references the image object http://gaia.cs.umass.edu/kurose_ross/header_graphic_book_8E_2.jpg , which, like the base webpage, is on gaia.cs.umass.edu. What is the packet number in the trace for the initial HTTP GET request for the base file http://gaia.cs.umass.edu/kurose_ross/? What is the packet number in the trace of the DNS query made to resolve gaia.cs.umass.edu so that this initial HTTP request can be sent to the gaia.cs.umass.edu IP address? What is the packet number in the trace of the received DNS response? What is the packet number in the trace for the HTTP GET request for the image object http://gaia.cs.umass.edu/kurose_ross/header_graphic_book_8E2.jpg? What is the packet number in the DNS query made to resolve gaia.cs.umass.edu so that this second HTTP request can be sent to the gaia.cs.umass.edu IP address? Discuss how DNS caching affects the answer to this last question.
如上图标记所示:
No.22;
No.15;
No.17;
No.205;
No.30;
DNS请求向maxcdn.bootstrapcdn.com发送。
- What is the destination port for the DNS query message? What is the source port of the DNS response message?
Dest Port: 53
Source Port: 53
- To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server?
75.75.75.75
是的(我采用了教材提供的wireshark抓包文件,理论上应该是作者的默认本地DNS服务器)。
- Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”?
Type=A;
没有“答案”。
- Examine the DNS response message to the query message. How many “questions” does this DNS response message contain? How many “answers”?
1个问题,1个答案。
- To what IP address is the DNS query message sent? Is this the IP address of your default local DNS server?
75.75.75.75
是的(我采用了教材提供的wireshark抓包文件,理论上应该是作者的默认本地DNS服务器)。
- Examine the DNS query message. How many questions does the query have? Does the query message contain any “answers”?
1个问题。没有包含回答。
- Examine the DNS response message. How many answers does the response have? What information is contained in the answers? How many additional resource records are returned? What additional information is included in these additional resource records?
三个回答。
答案包含了三条域名NS类型查询,展示了权威服务器域名。
有三条additional records。
包含了三条域名A类型查询,展示了权威服务器的ip地址。
代理服务器补充实验
实验步骤
a) 设置代理服务器(如左图)
百度“IP代理”,找当日经过验证的免费代理,一般北京的代理IP可用。设置完成,看能否打开网页,如能正常打开,则代理可用。
b) 清理浏览器缓存
c) Wireshark启动抓包
d) 浏览器中访问:http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file1.html
e) 停止抓包
f) HTTP过滤
回答下面问题:
设置代理:
不设置代理:
19.试分析设置代理服务器与不设置代理服务器的DNS与HTTP过程的异同。
a. 是否有DNS查询过程?
设置代理服务器后没有DNS查询过程。
b. HTTP请求发给谁?
如图所示,发给目标ip: 58.11.20.16,即所设置的代理服务器
[1] Remember that this “packet number” is assigned by Wireshark for listing purposes only; it is NOT a packet number contained in any real packet header.