Domain Name System

dns.pcap: The Domain Name System (DNS, RFC 1034) translates one form of address into another—specifically, it translates DNS addresses, such as www.google.com or MARKETING-PC1, into their corresponding IP addresses. Some form of address translation is a requirement, since Layer 3 of the OSI model can only locate a computer if it has its IP address.

DNS translation is a very simple process, and it gets the job done in most cases using only two packets. The first packet is a request to your network's local DNS server that asks, What is the IP address of www.google.com? The second packet is the response from that DNS server, saying that www.google.com resides on a server with an IP address of XX.XX.XX.XXX.

Let's take a look at DNS ...

Get Practical Packet Analysis now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Practical Packet Analysis by

Domain Name System

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly