x.x.224.16 is a client machine.
x.x.70.4 is a DNS server.
-
x.x.70.4 is replying to the client with "Server Failure". Can we tell from the screenshot alone that the problem is on x.x.70.4? Or could the problem still lie on an upstream server that x.x.70.4 forwards the request to? (I don't know the OS of the DNS server)
-
Why is the client sending an ICMP here? It's a Linux machine but I'm not sure what flavor at this time.
-
[SOLVED: dns.id == 0xc43b] How can I filter on the Standard query/response hex code?
note: I only have the client side of the capture and do not have access to capture on the DNS side.
Any other advice or input would also be appreciated. Thank you.
edit: I'm completely new to troubleshooting DNS and UDP.
No comments:
Post a Comment