实验报告 DNS协议分析
DNS 协议分析实验报告姓名:学号:200841903327班级:08级计算机3班实验目的:熟悉nslookup 命令的使用深入理解DNS 工作原理实验原理DNS 工作原理实验内容:分析下面三个命令产
DNS 协议分析实验报告
姓名:
学号:200841903327
班级:08级计算机3班
实验目的:
熟悉nslookup 命令的使用
深入理解DNS 工作原理
实验原理
DNS 工作原理
实验内容:
分析下面三个命令产生的DNS 数据报 Server: dns1.cs.hn.cn
Address: 202.103.96.68
Non-authoritative answer:
Name: www.hunau.net
Address: 61.187.55.40
Server: dns1.cs.hn.cn
Address: 202.103.96.68
hunau.net
primary name server = ns.timeson.com.cn
responsible mail addr = hostmaster.ns.timeson.com.cn serial = 2001082925
refresh = 3600 (1 hour)
retry = 900 (15 mins)
expire = 1209600 (14 days)
default TTL = 43200 (12 hours)
Server: ns.timeson.com.cn
Address: 202.103.64.138
,Name: www.hunau.net
Address: 61.187.55.40
实验步骤:
1.设置首选dns 服务器地址:202.103.96.112
2.清空本地dns 缓存信息 3.启动wireshark ,设置抓包状态
4.抓取下面3个命令产生的数据报
(1)nslookup www.hunau.net
(2)nslookup -type=ns www.hunau.net
(3)nslookup www.hunau.net ns.timeson.com.cn
说明:正常情况通常产生14个数据包,其中第1个命令为第1-4个数据包,第2
个命令为5-8,第3个命令为9-14
实验结果分析:
要求:对域名www.hunau.net 的IP 地址解析请求和应答报文应逐字段分析,其
它报文指出其主要功能即可。
本地IP :
本地MAC :
No. Time Source Destination Protocol Info
1 0.000000 172.16.14.22 202.103.96.112 DNS Standard query PTR 112.96.103.202.in-addr.arpa
0000 00 d0 f8 c6 05 26 00 10 5c cb 14 81 08 00 45 00 .....&.......E. 0010 00 49 03 51 00 00 80 11 52 55 ac 10 0e 16 ca 67 .I.Q....RU.....g 0020 60 70 04 93 00 35 00 35 93 a5 00 01 01 00 00 01 `p...5.5........ 0030 00 00 00 00 00 00 03 31 31 32 02 39 36 03 31 30 .......112.96.10 0040 33 03 32 30 32 07 69 6e 2d 61 64 64 72 04 61 72 3.202.in-addr.ar 0050 70 61 00 00 0c 00 01 pa.....
功能:请求报文,112.96.103.202的反向域名解析是由哪台DNS 服务器负责的.
No. Time Source Destination Protocol Info
,2 0.008353 202.103.96.112 172.16.14.22 DNS Standard query response PTR dns2.cs.hn.cn
0000 00 10 5c cb 14 81 00 d0 f8 c6 05 26 08 00 45 00 ..........&..E. 0010 00 64 59 7b 40 00 f5 11 47 0f ca 67 60 70 ac 10 .dY{@...G..g`p.. 0020 0e 16 00 35 04 93 00 50 6f d8 00 01 81 80 00 01 ...5...Po....... 0030 00 01 00 00 00 00 03 31 31 32 02 39 36 03 31 30 .......112.96.10 0040 33 03 32 30 32 07 69 6e 2d 61 64 64 72 04 61 72 3.202.in-addr.ar 0050 70 61 00 00 0c 00 01 c0 0c 00 0c 00 01 00 00 79 pa.............y 0060 54 00 0f 04 64 6e 73 32 02 63 73 02 68 6e 02 63 T...dns2.cs.hn.c 0070 6e 00 n.
功能:应答报文,dns2.cs.hn.cn 负责112.96.103.202的反向域名解析。
No. Time Source Destination Protocol Info
3 0.014369 172.16.14.22 202.103.96.112 DNS Standard query A www.hunau.net
0000 00 d0 f8 c6 05 26 00 10 5c cb 14 81 08 00 45 00 .....&.......E. 0010 00 3b 03 52 00 00 80 11 52 62 ac 10 0e 16 ca 67 .;.R....Rb.....g 0020 60 70 04 94 00 35 00 27 52 b9 00 02 01 00 00 01 `p...5.'R....... 0030 00 00 00 00 00 00 03 77 77 77 05 68 75 6e 61 75 .......www.hunau 0040 03 6e 65 74 00 00 01 00 01 .net.....
功能:客户端向DNS 请求解析www.hunau.net 的IP 地址。00 02表示标识,01 00 为标志字
段,该字段设置了QR 为0为查询报文,RD 为0表示期望递归没有一个权威回答,TC 为1表示该报文是
可截断的,00 01 查询报文数量为1,00 00 00 00 00 00 表示回答,授权和额外信息都为0,03 77 77 77
05 68 75 6e 61 75 03 6e 65 74 00表示查询名字为。 00 01表示类型,1为A
查询,00 01表示类,1为Internet 数据。
No. Time Source Destination Protocol Info
4 0.020048 202.103.96.112 172.16.14.22 DNS Standard query response A 61.187.55.40
0000 00 10 5c cb 14 81 00 d0 f8 c6 05 26 08 00 45 00 ..........&..E. 0010 00 4b 80 27 40 00 f5 11 20 7c ca 67 60 70 ac 10 .K.'@... |.g`p.. 0020 0e 16 00 35 04 94 00 37 02 6f 00 02 81 80 00 01 ...5...7.o...... 0030 00 01 00 00 00 00 03 77 77 77 05 68 75 6e 61 75 .......www.hunau 0040 03 6e 65 74 00 00 01 00 01 c0 0c 00 01 00 01 00 .net............ 0050 00 73 d9 00 04 3d bb 37 28 .s...=.7(
功能:DNS 回答客户端关于www.hunau.net 的IP 地址为61.187.55.40。00 02表示标识,
81 80 为标志字段, 其中设置了QR = 1表示应答报文,RD = 1期望递归有一个权威回答,RA = 1表示服
务器支持递归查询,00 01表示问题数为1,00 01表示回答数为1,授权和额外信息资源数都为0. 03 77
77 77 05 68 75 6e 61 75 03 6e 65 74 00表示查询名字为www.hunau.net 。00 01表示类
型,1为A 查询,00 01表示类,1为Internet 数据。c0 0c 表示为域名指针,00 01表示类型,
,00 01表示类,1为Internet 数据,00 00 74 74为生存时间,00 04表示数据长度,3d bb 37 28为
www.hunau.net 的IP 地址表示为61.187.55.40
No. Time Source Destination Protocol Info
5 4.677584 172.16.14.22 202.103.96.112 DNS Standard query PTR 112.96.103.202.in-addr.arpa
0000 00 d0 f8 c6 05 26 00 10 5c cb 14 81 08 00 45 00 .....&.......E.
0010 00 49 03 53 00 00 80 11 52 53 ac 10 0e 16 ca 67 .I.S....RS.....g
0020 60 70 04 95 00 35 00 35 93 a3 00 01 01 00 00 01 `p...5.5........
0030 00 00 00 00 00 00 03 31 31 32 02 39 36 03 31 30 .......112.96.10
0040 33 03 32 30 32 07 69 6e 2d 61 64 64 72 04 61 72 3.202.in-addr.ar
0050 70 61 00 00 0c 00 01 pa.....
功能:请求报文,112.96.103.202的反向域名解析是由哪台DNS 服务器负责的.
No. Time Source Destination Protocol Info
6 4.692879 202.103.96.112 172.16.14.22 DNS Standard query response PTR dns2.cs.hn.cn
0000 00 10 5c cb 14 81 00 d0 f8 c6 05 26 08 00 45 00 ..........&..E.
0010 00 64 f2 81 40 00 f5 11 ae 08 ca 67 60 70 ac 10 .d..@......g`p..
0020 0e 16 00 35 04 95 00 50 af d5 00 01 81 80 00 01 ...5...P........
0030 00 01 00 00 00 00 03 31 31 32 02 39 36 03 31 30 .......112.96.10
0040 33 03 32 30 32 07 69 6e 2d 61 64 64 72 04 61 72 3.202.in-addr.ar
0050 70 61 00 00 0c 00 01 c0 0c 00 0c 00 01 00 00 7a pa.............z
0060 14 00 0f 04 64 6e 73 32 02 63 73 02 68 6e 02 63 ....dns2.cs.hn.c
0070 6e 00 n.
功能:应答报文,dns2.cs.hn.cn 负责112.96.103.202的反向域名解析
No. Time Source Destination Protocol Info
7 4.699007 172.16.14.22 202.103.96.112 DNS Standard query NS www.hunau.net
0000 00 d0 f8 c6 05 26 00 10 5c cb 14 81 08 00 45 00 .....&.......E.
0010 00 3b 03 54 00 00 80 11 52 60 ac 10 0e 16 ca 67 .;.T....R`.....g
0020 60 70 04 96 00 35 00 27 51 b7 00 02 01 00 00 01 `p...5.'Q.......
0030 00 00 00 00 00 00 03 77 77 77 05 68 75 6e 61 75 .......www.hunau
0040 03 6e 65 74 00 00 02 00 01 .net.....
功能:客户端向DNS 正向解析www.hunau.net 的域名是哪个服务器负责的。
No. Time Source Destination
,Protocol Info
8 4.712852 202.103.96.112 172.16.14.22 DNS Standard query response
0000 00 10 5c cb 14 81 00 d0 f8 c6 05 26 08 00 45 00 ..........&..E. 0010 00 7b f2 82 40 00 f5 11 ad f0 ca 67 60 70 ac 10 .{..@......g`p.. 0020 0e 16 00 35 04 96 00 67 e4 c8 00 02 81 80 00 01 ...5...g........ 0030 00 00 00 01 00 00 03 77 77 77 05 68 75 6e 61 75 .......www.hunau 0040 03 6e 65 74 00 00 02 00 01 c0 10 00 06 00 01 00 .net............ 0050 00 1c cc 00 34 02 6e 73 07 74 69 6d 65 73 6f 6e ....4.ns.timeson 0060 03 63 6f 6d 02 63 6e 00 0a 68 6f 73 74 6d 61 73 .com.cn..hostmas 0070 74 65 72 c0 2b 77 46 1a 2d 00 00 0e 10 00 00 03 ter. wF.-....... 0080 84 00 12 75 00 00 00 a8 c0 ...u.....
功能:DNS 对客户端的应答。
No. Time Source Destination Protocol Info
9 9.599577 172.16.14.22 202.103.96.112 DNS Standard query A ns.timeson.com.cn
0000 00 d0 f8 c6 05 26 00 10 5c cb 14 81 08 00 45 00 .....&.......E. 0010 00 3f 03 55 00 00 80 11 52 5b ac 10 0e 16 ca 67 .?.U....R[.....g 0020 60 70 04 97 00 35 00 2b e8 1c be 18 01 00 00 01 `p...5. ........ 0030 00 00 00 00 00 00 02 6e 73 07 74 69 6d 65 73 6f .......ns.timeso 0040 6e 03 63 6f 6d 02 63 6e 00 00 01 00 01 n.com.cn.....
功能:请求报文,ns.timeson.com.cn 域名解析所对应的IP 地址是多少。
No. Time Source Destination Protocol Info
10 9.613102 202.103.96.112 172.16.14.22 DNS Standard query response A 202.103.64.138
0000 00 10 5c cb 14 81 00 d0 f8 c6 05 26 08 00 45 00 ..........&..E. 0010 00 4f 59 c4 40 00 f5 11 46 db ca 67 60 70 ac 10 .OY.@...F..g`p.. 0020 0e 16 00 35 04 97 00 3b e5 7c be 18 81 80 00 01 ...5...;.|...... 0030 00 01 00 00 00 00 02 6e 73 07 74 69 6d 65 73 6f .......ns.timeso 0040 6e 03 63 6f 6d 02 63 6e 00 00 01 00 01 c0 0c 00 n.com.cn........ 0050 01 00 01 00 00 33 7d 00 04 ca 67 40 8a .....3}...g@.
功能:DNS 对客户端的应答所对应的地址是202.103.64.138
No. Time Source Destination Protocol Info
11 9.617611 172.16.14.22 202.103.64.138 DNS Standard query PTR 138.64.103.202.in-addr.arpa
,0000 00 d0 f8 c6 05 26 00 10 5c cb 14 81 08 00 45 00 .....&.......E. 0010 00 49 03 56 00 00 80 11 72 36 ac 10 0e 16 ca 67 .I.V....r6.....g 0020 40 8a 04 98 00 35 00 35 b3 83 00 01 01 00 00 01 @....5.5........ 0030 00 00 00 00 00 00 03 31 33 38 02 36 34 03 31 30 .......138.64.10 0040 33 03 32 30 32 07 69 6e 2d 61 64 64 72 04 61 72 3.202.in-addr.ar 0050 70 61 00 00 0c 00 01 pa.....
功能:请求报文, 地址138.64.103.202是哪个负责的正向解析的。
No. Time Source Destination Protocol Info
12 9.638111 202.103.64.138 172.16.14.22 DNS Standard query response PTR ns.timeson.com.cn
0000 00 10 5c cb 14 81 00 d0 f8 c6 05 26 08 00 45 00 ..........&..E. 0010 00 a7 00 00 40 00 35 11 80 2e ca 67 40 8a ac 10 ....@.5....g@... 0020 0e 16 00 35 04 98 00 93 d1 f1 00 01 85 00 00 01 ...5............ 0030 00 01 00 02 00 02 03 31 33 38 02 36 34 03 31 30 .......138.64.10 0040 33 03 32 30 32 07 69 6e 2d 61 64 64 72 04 61 72 3.202.in-addr.ar 0050 70 61 00 00 0c 00 01 c0 0c 00 0c 00 01 00 01 51 pa.............Q 0060 80 00 13 02 6e 73 07 74 69 6d 65 73 6f 6e 03 63 ....ns.timeson.c 0070 6f 6d 02 63 6e 00 c0 10 00 02 00 01 00 01 51 80 om.cn.........Q. 0080 00 02 c0 39 c0 10 00 02 00 01 00 01 51 80 00 05 ...9........Q... 0090 02 64 62 c0 3c c0 66 00 01 00 01 00 00 96 00 00 .db.<.f......... 00a0 04 ca 67 40 8b c0 39 00 01 00 01 00 00 96 00 00 ..g@..9......... 00b0 04 ca 67 40 8a ..g@.
功能:应答报文,是ns.timeson.com.cn 负责正向解析的。
No. Time Source Destination Protocol Info
13 9.649104 172.16.14.22 202.103.64.138 DNS Standard query A www.hunau.net
0000 00 d0 f8 c6 05 26 00 10 5c cb 14 81 08 00 45 00 .....&.......E. 0010 00 3b 03 57 00 00 80 11 72 43 ac 10 0e 16 ca 67 .;.W....rC.....g 0020 40 8a 04 99 00 35 00 27 72 9a 00 02 01 00 00 01 @....5.'r....... 0030 00 00 00 00 00 00 03 77 77 77 05 68 75 6e 61 75 .......www.hunau 0040 03 6e 65 74 00 00 01 00 01 .net.....
功能:请求报文,www.hunau.net 所对应的地址是多少?
No. Time Source Destination Protocol Info
14 9.669273 202.103.64.138 172.16.14.22 DNS Standard query response A 61.187.55.40
,0000 00 10 5c cb 14 81 00 d0 f8 c6 05 26 08 00 45 00 ..........&..E. 0010 00 9b 00 00 40 00 35 11 80 3a ca 67 40 8a ac 10 ....@.5..:.g@... 0020 0e 16 00 35 04 99 00 87 1c 68 00 02 85 00 00 01 ...5.....h...... 0030 00 01 00 02 00 02 03 77 77 77 05 68 75 6e 61 75 .......www.hunau 0040 03 6e 65 74 00 00 01 00 01 c0 0c 00 01 00 01 00 .net............ 0050 00 a8 c0 00 04 3d bb 37 28 c0 10 00 02 00 01 00 .....=.7(....... 0060 00 a8 c0 00 13 02 64 62 07 74 69 6d 65 73 6f 6e ......db.timeson 0070 03 63 6f 6d 02 63 6e 00 c0 10 00 02 00 01 00 00 .com.cn......... 0080 a8 c0 00 05 02 6e 73 c0 3e c0 3b 00 01 00 01 00 .....ns.>.;..... 0090 00 96 00 00 04 ca 67 40 8b c0 5a 00 01 00 01 00 ......g@..Z..... 00a0 00 96 00 00 04
8a ......g@. .
功能:应答报文,所对应的地址是61.187.55.40。
ca 67 40