From the course: Wireshark Essential Training
Unlock the full course today
Join today to access over 23,200 courses taught by industry experts.
Dissecting DNS - Wireshark Tutorial
From the course: Wireshark Essential Training
Dissecting DNS
- [Instructor] Domain Name System or DNS resides at the Application Layer of the OSI Model. DNS is an important protocol, as it maps a host name to an IP address. It uses UDP port 53 for requests and uses TCP port 53 for zone transfer. With DNS, a client will send a query to a DNS server for an IP address. The server will respond with the information. The server can ask other DNS servers for the information. With DNS, there's a number of types of records. Some commonly seen records are a type A record, that's for an IP version 4 address. You might also see a mail exchange record. This will redirect mail to a mail server. And a quad A. This shows the IP version 6 address. Now, why is it called quad A? Well, IP version 4 is a 32-bit address. IP version 6 has 128 bits, it's four times as large as an IP version 4 address, and that's why it's called a quad A. Within the DNS header, you'll see questions, answers, authority…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.