This is our old Q&A Site. Please post any new questions and answers at


Could someone validate the explanation given in 2007 (3rd post) for the last ICMP packet in the DNS trace?

I am seeing similar behavior on a Windows client.

Windows Client - Windows DNS Server -

Thank you

asked 11 Oct '16, 08:53

net_tech's gravatar image

accept rate: 13%

I totally agree with that explanation. The DNS client's timeout for arrival of a DNS response does exist, and in your case it is shorter than the server's response time. After expiration of that timeout the client unbinds from the socket, causing icmp destination unreachable to be sent in response to anything arriving to that socket, including a valid DNS response.

If you are interested in details, you can create a batch file like

@echo off
for /l %%x in (1, 1, 60) do (
   echo %%x
   netstat -p udp
   timeout 1

run it with output redirected to a file and initiate, from another window, the DNS query which you know will fail this way. In the output file, you should see for how long the DNS client keeps the socket open.

permanent link

answered 11 Oct '16, 11:12

sindy's gravatar image

accept rate: 24%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 11 Oct '16, 08:53

question was seen: 8,298 times

last updated: 11 Oct '16, 11:12

p​o​w​e​r​e​d by O​S​Q​A