Create /etc/resolv.conf containing:
search presanog.org.bt nameserver 202.144.128.200 nameserver 202.144.128.210
2a. For each command find the answer section and write down the result. Note the TTL as well. Repeat the command. Is the TTL the same?
Are the responses Authoritative?
RESULT
------
# dig www.tiscali.co.uk. a
# dig afnog.org. mx
# dig news.bbc.co.uk. a
# dig <domain of your choice> a
# dig <domain of your choice> mx
# dig tiscali.co.uk. txt
# dig ripe.net. txt
# dig geek.tiscali.co.uk. a
2b. Now send some queries to another caching server. How long did it take each answer to be received? Did anything strange happen?
# dig @ns.cafe.tg. yahoo.com. a # dig @158.152.1.58 news.bbc.co.uk. a # dig @<a server of your choice> <domain of your choice> a
Now try some reverse DNS lookups. Remember to reverse the four parts of the IP address, add '.in-addr.arpa.', and ask for a PTR resource record.
(For 212.74.112.66) # dig 66.112.74.212.in-addr.arpa. ptr
Repeat for an IP address of your choice.
Now try the short form of dig using the '-x' flag for reverse lookups:
# dig -x 212.74.112.66 # dig @<a server of your choice> -x <an IP address of your choice>
# tcpdump -n -s 1500 -i eth0 udp port 53
(Replace 'eth0' with the name of your ethernet interface, e.g. 'fxp0')
This shows all packets going in and out of your machine for UDP port 53 (DNS). Now go to another window and repeat some of the 'dig' queries from earier. Look at the output of tcpdump, check the source and destination IP address of each packet