Hello I need help answering this multi-part question for Computer Networking.

Exercise: Analyze DNS Functionality with Wireshark Analytical Tool

Part A. Download the (D N S _ L a b . p c a p) file from

(g i t h u b . c o m / l g y n 6 / 4 7 3 0) and open it in Wireshark

Questions for Part A.

i. Locate the DNS standard query to (s d c . i t u . i n t) (use string search). Which transport protocol does it use and what is the source and destination port numbers. The destination port shown is one of the standard ports. What is it normally used for?

ii. Double click on the response number in the DNS Query. How many answer RRs can you see in the response packet? How much time has it taken to get this response? Is the response coming from the port number to which query was sent? What are the answers?

iii. Locate the DNS query to (w w w . i t u . i n t) and check the IP address. Find the city of this address through who is look up tool from IANA.

iv. From the response to the query in question iii. give all the DNS addresses returned.

v. Which DNS has been queried in line 2362? What is the type of DNS in the response and what is its IP address?

Part B.

Run Wireshark. Start packet capture. On your browser type

w w w . i t u . i n t and click the about menu option. Wait a few seconds and stop capture. Answer the following:

Questions for Part B.

i. What is your IP address? You can find this by using ifconfig (Mac) or ipconfig (Windows) on the command window. You can also crosscheck from (w h a t i s m y i p a d d r e s s . c o m) or network setting. Submit one relevant SNAPSHOT.

ii. In Wireshark, filter the packets that are originating or arriving in your computer by using ip.addr== your_IP_address. Take a SNAPSHOT of the window and submit.

iii. Look at any of the DNS packets. Which transport protocol do they use?

iv. Locate the response of the DNS query. Where does the response come from? (hint: use who is IP address lookup)

v. In which layer do you find the destination and source port numbers? Click the corresponding tab and give these numbers. Submit a SNAPSHOT.

vi. Look at the response. How many answers are provided? What are these?

vii. How much time has the response taken?

viii. Select any DNS record and from the details find whether recursive query method was allowed.

ix. Select a DNS response packet. In the DNS tab in the packet details pane, right click on the response time and add it as a column. Now you can see all the DNS response times in the column. Change the name of the column to DNS_Time. Submit a SNAPSHOT

x. Access a few random websites while capturing packets in Wireshark. In the DNS responses you will find a Reply code (rcode) flag set to 0, if there is no DNS error. Do you have any responses where this code is not 0 i.e., there is a DNS error? What is the rcode value and type of error? [If you do not have any erroneous DNS record download the (D N S e r r o r . p c a p) file from (g i t h u b . c o m / l g y n 6 / 4 7 3 0) and answer these questions based on the records in that file]

Please give a proper response to each question and answer every part to each question. Please do not LEAVE OUT THE SCREENSHOTS when asked. Thank you for your assistance.