For the example, I run
dig st.um command and see in the wireshark what happens:
The client do standard query connection at default DNS server (my server). In the header I say that I want to translate
st.um adress (of type
The server respond me with same useful information:
Answersection, server response my query and say 'Hey, the register A of the domain is
AA nameserversection indicate what server responde the query. In this case, my primary (
ns1.st.um) and secondary (
Additional Recordsection indicate additional information like the IP of the nameservers.
. In the
answer entry of the header you can see the IP of my request name, and the adress of the DNS server that serve the information:
This process is similar to internal query, but now depend of external DNS.
In this case, I do a
ping google.com and in this process I need first translate
google.com name into a IP name:
The DNS server respond me with a list of availables IPs for
Now, I can continue with my ping!