Used to respond to a DNS query, includes an answer feild at the end of the packet

Used to respond to a DNS query, includes an answer feild at the end of the packet

Domain Name Service (DNS)

 

·         Provides the means for client computers to request an IP address for a known fully Qualified domain name (FQDN) or an FQDN for a known ip address

 

DNS Header Fields

 

·         Transaction ID, Flags, Questions, Answer Records

 

DNS Transaction ID

 

·         (2 Bytes) Used to match DNS requests and response packets

 

DNS Flags

 

·         (2 Bytes) Indicates if record is a DNS query or response and provides request status

 

DNS Query Flags

 

·         DNS Flags 0000 - 7FFF

 

DNS Response Flags

 

·         DNS Flags 8000 - FFFF

 

DNS Questions

 

·         (2 Bytes) Number of DNS Question records in the request

 

DNS Answer Records

 

·         (2 Bytes) Number of DNS answer records in the response

 

DNS Record Type: A

 

·         DNS Mapping

 

DNS Record Type: CNAME

 

·         DNS Canonical Name, Mapping, Alias

 

DNS Record Type: MX

 

·         DNS Mail REcords

 

DNS Record Type: AXFR

 

·         DNS Zone Transfers

 

DNS Record Type: PTR

 

·         DNS Pointer Records

 

DNS Query

 

·         Used to request an IP address for a known FQDN or to request a FQDN for a known IP address. Iterative or Recursuvie

 

DNS Iterative Query

 

·         Queries from DNS server to DNS server

 

DNS Recursive Query

 

·         Queries from client to DNS server and back to client

 

DNS Reply

 

·         Used to respond to a DNS query, includes an answer feild at the end of the packet which indicates whether the lookup was successful or not

 

DNS Zone Transfer

 

·         Used between DNS servers to provide a means of keeping their respective DNS tables up to date

 

DNS Field 1:

 

·         DNS Transaction ID

 

DNS Field 2:

 

·         DNS Flags

 

DNS Field 3:

 

·         DNS Questions

 

DNS Field 4:

 

·         DNS Answer Records