A Network problem with ISP caused all UDP traffic to cease, but DNS still working though I think it is malfunctioning. How to prove for sure using software that my current DNS queries are resolved using TCP ?
Asked
Active
Viewed 394 times
-4
-
1You get a down vote for providing absolutely no details that would allow us to help you. That being said, fire up a network capture, filter the capture for DNS and look at the capture results. – joeqwerty Sep 21 '13 at 16:58
2 Answers
0
Start up a packet capture using wireshark or tcpdump or whatever, logging packet contents. Then, do a DNS lookup and observe the TCP request and response.
Falcon Momot
- 25,244
- 15
- 63
- 92
0
I'm thinking it is pretty unlikely you're using tcp to resolve, but who knows. I've personally never had a resolver fallback to tcp.
The command for *nix-alikes to do as suggested by joequerty and Falcon Momot is
tcpdump -v 'port 53'
and look for the part of the line that says proto TCP or proto UDP.
In windows, install wireshark and look for port 53 traffic. It will tell you the protocol.
Andrew Domaszek
- 5,163
- 1
- 15
- 27