[cs615asa] [CS615] About monitor DNS packets.

[byu1]

Hi All,

For the first tcpdump exercise: Track down the packets in your tcpdump 
referring to the DNS query from your DNS server to one of the root 
servers, then to the various DNS servers before the DNS information is 
returned to your server by one of Yahoo!'s authoritative DNS servers.

I captured relevant packets are shown below, I am not sure the output 
is right or not since there are not too much obvious information. Can 
anyone give me some advice?

16:33:40.126136 IP ip-10-28-31-11.ec2.internal.filenet-rmi > 
ip-172-16-0-23.ec2.internal.domain: 17203+ AAAA? www.yahoo.com. (31)
16:33:40.126501 IP ip-10-28-31-11.ec2.internal.filenet-pa > 
ip-172-16-0-23.ec2.internal.domain: 37454+ PTR? 
23.0.16.172.in-addr.arpa. (42)
16:33:40.126752 IP ip-172-16-0-23.ec2.internal.domain > 
ip-10-28-31-11.ec2.internal.filenet-pa: 37454 1/13/4 PTR[|domain]
16:33:40.126865 IP ip-10-28-31-11.ec2.internal.filenet-pa > 
ip-172-16-0-23.ec2.internal.domain: 29232+ PTR? 
11.31.28.10.in-addr.arpa. (42)
16:33:40.127064 IP ip-172-16-0-23.ec2.internal.domain > 
ip-10-28-31-11.ec2.internal.filenet-pa: 29232 1/13/4 PTR[|domain]
16:33:40.432554 IP ip-172-16-0-23.ec2.internal.domain > 
ip-10-28-31-11.ec2.internal.filenet-rmi: 17203 3/1/0 CNAME[|domain]
16:33:40.432733 IP ip-10-28-31-11.ec2.internal.filenet-pa > 
ip-172-16-0-23.ec2.internal.domain: 42946+ A? www.yahoo.com. (31)
16:33:40.435703 IP ip-172-16-0-23.ec2.internal.domain > 
ip-10-28-31-11.ec2.internal.filenet-pa: 42946 4/13/4 CNAME[|domain]


Thanks,
Bo