Warning: preg_match(): Delimiter must not be alphanumeric, backslash, or NUL in /var/www/html/activities/books/networking/labbook/exp/exp9.2.php on line 2

Warning: preg_match(): Delimiter must not be alphanumeric, backslash, or NUL in /var/www/html/activities/books/networking/labbook/exp/exp9.2.php on line 2

Warning: preg_match(): Delimiter must not be alphanumeric, backslash, or NUL in /var/www/html/activities/books/networking/labbook/exp/exp9.2.php on line 3

Warning: preg_match(): Delimiter must not be alphanumeric, backslash, or NUL in /var/www/html/activities/books/networking/labbook/exp/exp9.2.php on line 4

Warning: preg_match(): Delimiter must not be alphanumeric, backslash, or NUL in /var/www/html/activities/books/networking/labbook/exp/exp9.2.php on line 5

Warning: preg_match(): Delimiter must not be alphanumeric, backslash, or NUL in /var/www/html/activities/books/networking/labbook/exp/exp9.2.php on line 8

 

 


Douglas E. Comer

Computer Science Department
Purdue University
West Lafayette, IN 47907

webmaster: W. David Laverell


Companion Topics

Home

Book Information

Purpose of Site

Getting Started

Students

Faculty

"What's New"

"Coming Attractions"

"C Pointers"

Acknowledgements

 

  
Hands-On Networking: Experiment 9.2 Home > Student > Experiments > 9.2

Experiment 9.2

Chapter 9
9.1 9.2 9.3

Professor Comer has revised this experimentation to include more information about the Domain Name field.

Standard Second Edition Postscript PDF
Valuepack Second Edition Postscript PDF
Begin by careful consultation of domain.h. What makes this experiment interesting is the putting together of the request and the parsing of the response which is definitely non-trivial.

Be sure to consult the RFC's listed in the experiment.

Here is a short explanation of the syntax of the Domain name field. We think of a domain name as being broken up by dots, ie, www.calvin.edu, but to form a DNS request for that domain you would actually want the following mysterious looking entity: 0x3 'w' 'w' 'w' 0x6 'c' 'a' 'l' 'v' 'i' 'n' 0x3 'e' 'd' 'u' 0x0 . This compact notation is telling you that you have 3 letters, they are w, w, and w; then 6 letters, they are c, a, l, v, i, n; then three letters, they are e, d, and u; and the count byte of zero indicates the end what is a variable length field. (Thanks to Mick Farmer for an illuminating email exchange which enabled me to expand this description.)

The response is also quite interesting. For example, if you try dig, or nslookup, www.cnn.com, you will notice that the answer section includes alias information so you see not only www.cnn.com but also cnn.com. To save space in the response packets the use of pointers is allowed. So suppose you wanted to list cs.calvin.edu and also www.cs.calvin.edu. You could replace the second cs.calvin.edu with a pointer to its first occurence. Suppose the first occurred at 0x07 in the packet. You could use 0x3 'w' 'w' 'w' 0xc0 0x07 . The last two bytes are a pointer. The way it works is that if the size byte begins with two ones, it is a pointer, and if it begins with two zeros, it is a size. A pointer is 16 bits long, the last 14 bits designating the byte to which it points.

MX queries are similar except that the query type is DN_QTMX instead of DN_QTPR and the RDATA section contains an extra 16 bit number which is the priority of the server whose name follows.

David Vos, to whom I owe a great debt in providing these notes, reports that he learned how to do this in three ways: first, by reading HON and Computer Networks and Internets; second, by reading RFC's; and third, by sniffing packets. This suggests that we ought to have some DNS packets for your inspection, and that will soon be attended to.


This site is maintained by W. David Laverell of the Computer Science Department at Calvin College. For assistance or corrections, please contact him at lave@calvin.edu.