所以我目前使用Wireshark来调查DNS流量。在命令提示符中,我正在运行查询nslookup
来查找域。在wireshark中,我得到以下响应:
Flags: 0x8183 Standard query response, No such name
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0011 = Reply code: No such name (3)
"No such name"到底是什么意思,为什么要显示它?
查看RFC 1035 section 4.1.1中NXDOMAIN的描述:
https://www.rfc-editor.org/rfc/rfc1035 section-4.1.1
3 Name Error - Meaningful only for
responses from an authoritative name
server, this code signifies that the
domain name referenced in the query does
not exist.