This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Question on DNS Query Type

0
  1. How many answers are there for Query Type= "0x000b"?

The given answer is (0,2). 0x000b is it a WKS? From the attachment of the sample captured file, how should I obtain the answer? Thank you.

Query

Response

asked 06 Apr '14, 13:27

HTHVampire's gravatar image

HTHVampire
1111
accept rate: 0%


One Answer:

0

WKS is an obsolete DNS record type and has a value of 11 (see RFC: 1035, 1123, 1127).

The hexadecimal notation of 11 is B.

Open the below sample capture and look at the first two packets:

http://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=get&target=dns.cap

Compare the packets with the screenshots you posted.

answered 06 Apr '14, 17:22

Roland's gravatar image

Roland
7642415
accept rate: 13%

Somehow, the question required me to find the answers for WKS,but there's no answer under the response packet, so I'm wondering, am I finding the right place as shown in my screen capture. Thank you.

(06 Apr '14, 17:55) HTHVampire

Yes you are looking in the right place.

(07 Apr '14, 11:58) Roland