Hello I need help answering these 2 multi-part questions for Computer Networking.

1. First Exercise: Name Server Lookup

This command can be used to display information about the Domain Name System (DNS). Improperly configured or missing DNS (Domain Name Service) records are a common cause of Internet routing issues. NSLookup is a utility for evaluating whether DNS records are properly configured. This utility can be used to query DNS servers and get DNS resource records. It can be used both on Unix/Windows platforms from command line. It works in both interactive and non-interactive modes. The latter is useful when issuing different types of DNS queries for information about various hosts and domains. Study the details with >nslookup/help (Windows) or >man nslookup (Mac).

Questions for Exercise 1:

i. Explain different types of DNS records, in one sentence each.

ii. Give the general syntax of the nslookup command.

iii. If no type option is specified in the command, then which type of DNS is queried by default?

iv. A canonical name (CNAME) record gives the true name of a server as against the alias that is easier to remember. Find the canonical name of www . microsoft . com. Also, give the canonical name and the name and address of the server that provided the answer?

v. Query www . microsoft . com with type MX. What is the canonical name of the mail server? Was the answer authoritative? What does it mean?

vi. Look up www . fcc . gov. If you get a non-authoritative answer, explain what it means.

vii. Nslookup www . cisco . com and cisco . com for default DNS records. What is the difference in the output of the two queries?

viii. To what IP address is the DNS query message sent in part vi.? Is this the IP address of your default local DNS server?

ix. Find NS record of www . google . com. How many DNSs are listed? What are their IPv4 and IPv6 addresses?

x. Use Google server 8.8.8.8 to query DNS record of www . microsoft . com Provide a screenshot of the output.

2. Second Exercise: Analyze DNS Functionality with Wireshark Analytical Tool

Part a. Download the DNS_Lab.pcap file from

https : // github . com / lgyn6 / 4730 and open it in Wireshark

Questions for Part a.

i. Locate the DNS standard query to sdc . itu . int (use string search). Which transport protocol does it use and what is the source and destination port numbers. The destination port shown is one of the standard ports. What is it normally used for?

ii. Double click on the response number in the DNS Query. How many answer RRs can you see in the response packet? How much time has it taken to get this response? Is the response coming from the port number to which query was sent? What are the answers?

iii. Locate the DNS query to www . itu . int and check the IP address. Find the city of this address through who is look up tool from IANA.

iv. From the response to the query in iii. give all the DNS addresses returned.

v. Which DNS has been queried in line 2362? What is the type of DNS in the response and what is its IP address?

Part b.

Run Wireshark. Start packet capture. On your browser type

www . itu . int and click the about menu option. Wait a few seconds and stop capture. Answer the following:

Questions for Part b.

i. What is your IP address? You can find this by using ifconfig (Mac) or ipconfig (Windows) on the command window. You can also crosscheck from https : // whatismyipaddress . com / or network setting. Submit one relevant snapshot.

ii. In Wireshark, filter the packets that are originating or arriving in your computer by using ip.addr== your_IP_address. Take a snapshot of the window and submit.

iii. Look at any of the DNS packets. Which transport protocol do they use?

iv. Locate the response of the DNS query. Where does the response come from? (hint: use whois IP address lookup)

v. In which layer do you find the destination and source port numbers? Click the corresponding tab and give these numbers. Submit a snapshot.

vi. Look at the response. How many answers are provided? What are these?

vii. How much time has the response taken?

viii. Select any DNS record and from the details find whether recursive query method was allowed.

ix. Select a DNS response packet. In the DNS tab in the packet details pane, right click on the response time and add it as a column. Now you can see all the DNS response times in the column. Change the name of the column to DNS_Time. Submit a snapshot

x. Access a few random websites while capturing packets in Wireshark. In the DNS responses you will find a Reply code (rcode) flag set to 0, if there is no DNS error. Do you have any responses where this code is not 0 i.e., there is a DNS error? What is the rcode value and type of error? [If you do not have any erroneous DNS record download the DNSerror . pcap file from https :// github . com / lgyn6 / 4730 and answer these questions based on the records in that file]

Please give a proper response to each question and answer every part to each question. Also make sure to include the screenshots when asked. Thank you very much.