Hello Luigi
There is no error.log, the request simply times out.
I have 3 wireshark-dumps (text only) attached.
squid_2_googleDNS -- squid is asking the DNS servers from google
(squid times out / not working)
squid_2_totd -- squid is asking the NDS server running totd
(squid fetches the web page, everything is fine)
host_2_GoogleDNS -- running "host www.squid.com 8.8.8.8"
(dns data is displayed, the server running squid3 can request the
DNS server)
I hope this helps.
Joerg
No. Time Source Destination Protocol Info
2 0.000536 squid3 8.8.8.8 DNS Standard
query AAAA www.google.com
Frame 2: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
Internet Protocol, Src: squid3 (squid3), Dst: 8.8.8.8 (8.8.8.8)
User Datagram Protocol, Src Port: 46212 (46212), Dst Port: domain (53)
Source port: 46212 (46212)
Destination port: domain (53)
Length: 40
Domain Name System (query)
[Response In: 4]
Transaction ID: 0x762e
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
www.google.com: type AAAA, class IN
Name: www.google.com
Type: AAAA (IPv6 address)
Class: IN (0x0001)
No. Time Source Destination Protocol Info
4 0.030006 8.8.8.8 squid3 DNS Standard
query response CNAME www.l.google.com
Frame 4: 144 bytes on wire (1152 bits), 144 bytes captured (1152 bits)
Internet Protocol, Src: 8.8.8.8 (8.8.8.8), Dst: squid3 (squid3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 46212 (46212)
Source port: domain (53)
Destination port: 46212 (46212)
Length: 110
Domain Name System (response)
[Request In: 2]
[Time: 0.029470000 seconds]
Transaction ID: 0x762e
Flags: 0x8180 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for
domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive
queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion
was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 1
Authority RRs: 1
Additional RRs: 0
Queries
www.google.com: type AAAA, class IN
Name: www.google.com
Type: AAAA (IPv6 address)
Class: IN (0x0001)
Answers
www.google.com: type CNAME, class IN, cname www.l.google.com
Name: www.google.com
Type: CNAME (Canonical name for an alias)
Class: IN (0x0001)
Time to live: 23 hours, 59 minutes, 59 seconds
Data length: 8
Primary name: www.l.google.com
Authoritative nameservers
l.google.com: type SOA, class IN, mname ns1.google.com
Name: l.google.com
Type: SOA (Start of zone of authority)
Class: IN (0x0001)
Time to live: 10 minutes
Data length: 38
Primary name server: ns1.google.com
Responsible authority's mailbox: dns-admin.google.com
Serial number: 1441949
Refresh interval: 15 minutes
Retry interval: 15 minutes
Expiration limit: 30 minutes
Minimum TTL: 1 minute
No. Time Source Destination Protocol Info
19 38.911131 squid3 totd DNS Standard query AAAA
www.google.com
Frame 19: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
Internet Protocol, Src: squid3 (squid3), Dst: totd (totd)
User Datagram Protocol, Src Port: 43525 (43525), Dst Port: domain (53)
Source port: 43525 (43525)
Destination port: domain (53)
Length: 40
Domain Name System (query)
[Response In: 24]
Transaction ID: 0x7b44
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
www.google.com: type AAAA, class IN
Name: www.google.com
Type: AAAA (IPv6 address)
Class: IN (0x0001)
No. Time Source Destination Protocol Info
24 38.912138 totd squid3 DNS Standard query
response
Frame 24: 146 bytes on wire (1168 bits), 146 bytes captured (1168 bits)
Internet Protocol, Src: totd (totd), Dst: squid3 (squid3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 43525 (43525)
Source port: domain (53)
Destination port: 43525 (43525)
Length: 112
Domain Name System (response)
[Request In: 19]
[Time: 0.001007000 seconds]
Transaction ID: 0x7b44
Flags: 0x8180 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for
domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive
queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion
was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 0
Authority RRs: 1
Additional RRs: 0
Queries
www.google.com: type AAAA, class IN
Name: www.google.com
Type: AAAA (IPv6 address)
Class: IN (0x0001)
Authoritative nameservers
l.google.com: type SOA, class IN, mname ns3.google.com
Name: l.google.com
Type: SOA (Start of zone of authority)
Class: IN (0x0001)
Time to live: 10 minutes
Data length: 58
Primary name server: ns3.google.com
Responsible authority's mailbox: dns-admin.google.com
Serial number: 1441945
Refresh interval: 15 minutes
Retry interval: 15 minutes
Expiration limit: 30 minutes
Minimum TTL: 1 minute
No. Time Source Destination Protocol Info
25 38.912428 squid3 totd DNS Standard query A
www.google.com
Frame 25: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
Internet Protocol, Src: squid3 (squid3), Dst: totd (totd)
User Datagram Protocol, Src Port: 43525 (43525), Dst Port: domain (53)
Source port: 43525 (43525)
Destination port: domain (53)
Length: 40
Domain Name System (query)
[Response In: 28]
Transaction ID: 0xf644
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
www.google.com: type A, class IN
Name: www.google.com
Type: A (Host address)
Class: IN (0x0001)
No. Time Source Destination Protocol Info
28 38.913040 totd squid3 DNS Standard query
response CNAME www.l.google.com A 74.125.39.105 A 74.125.39.106 A 74.125.39.147
A 74.125.39.99 A 74.125.39.103 A 74.125.39.104
Frame 28: 398 bytes on wire (3184 bits), 398 bytes captured (3184 bits)
Internet Protocol, Src: totd (totd), Dst: squid3 (squid3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 43525 (43525)
Source port: domain (53)
Destination port: 43525 (43525)
Length: 364
Domain Name System (response)
[Request In: 25]
[Time: 0.000612000 seconds]
Transaction ID: 0xf644
Flags: 0x8180 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for
domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive
queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion
was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 7
Authority RRs: 4
Additional RRs: 4
Queries
www.google.com: type A, class IN
Name: www.google.com
Type: A (Host address)
Class: IN (0x0001)
Answers
www.google.com: type CNAME, class IN, cname www.l.google.com
Name: www.google.com
Type: CNAME (Canonical name for an alias)
Class: IN (0x0001)
Time to live: 6 days, 23 hours, 59 minutes, 38 seconds
Data length: 18
Primary name: www.l.google.com
www.l.google.com: type A, class IN, addr 74.125.39.105
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 39 seconds
Data length: 4
Addr: 74.125.39.105 (74.125.39.105)
www.l.google.com: type A, class IN, addr 74.125.39.106
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 39 seconds
Data length: 4
Addr: 74.125.39.106 (74.125.39.106)
www.l.google.com: type A, class IN, addr 74.125.39.147
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 39 seconds
Data length: 4
Addr: 74.125.39.147 (74.125.39.147)
www.l.google.com: type A, class IN, addr 74.125.39.99
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 39 seconds
Data length: 4
Addr: 74.125.39.99 (74.125.39.99)
www.l.google.com: type A, class IN, addr 74.125.39.103
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 39 seconds
Data length: 4
Addr: 74.125.39.103 (74.125.39.103)
www.l.google.com: type A, class IN, addr 74.125.39.104
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 39 seconds
Data length: 4
Addr: 74.125.39.104 (74.125.39.104)
Authoritative nameservers
google.com: type NS, class IN, ns ns1.google.com
Name: google.com
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 1 day, 23 hours, 59 minutes, 37 seconds
Data length: 16
Name server: ns1.google.com
google.com: type NS, class IN, ns ns4.google.com
Name: google.com
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 1 day, 23 hours, 59 minutes, 37 seconds
Data length: 16
Name server: ns4.google.com
google.com: type NS, class IN, ns ns2.google.com
Name: google.com
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 1 day, 23 hours, 59 minutes, 37 seconds
Data length: 16
Name server: ns2.google.com
google.com: type NS, class IN, ns ns3.google.com
Name: google.com
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 1 day, 23 hours, 59 minutes, 37 seconds
Data length: 16
Name server: ns3.google.com
Additional records
ns1.google.com: type A, class IN, addr 216.239.32.10
Name: ns1.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 3 days, 23 hours, 59 minutes, 37 seconds
Data length: 4
Addr: 216.239.32.10 (216.239.32.10)
ns2.google.com: type A, class IN, addr 216.239.34.10
Name: ns2.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 3 days, 23 hours, 59 minutes, 37 seconds
Data length: 4
Addr: 216.239.34.10 (216.239.34.10)
ns3.google.com: type A, class IN, addr 216.239.36.10
Name: ns3.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 3 days, 23 hours, 59 minutes, 37 seconds
Data length: 4
Addr: 216.239.36.10 (216.239.36.10)
ns4.google.com: type A, class IN, addr 216.239.38.10
Name: ns4.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 3 days, 23 hours, 59 minutes, 37 seconds
Data length: 4
Addr: 216.239.38.10 (216.239.38.10)
No. Time Source Destination Protocol Info
30 38.945182 totd squid3 DNS Standard query
response, No such name
Frame 30: 195 bytes on wire (1560 bits), 195 bytes captured (1560 bits)
Internet Protocol, Src: totd (totd), Dst: squid3 (squid3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 43525 (43525)
Source port: domain (53)
Destination port: 43525 (43525)
Length: 161
Domain Name System (response)
[Request In: 17]
[Time: 0.034661000 seconds]
Transaction ID: 0xcdf8
Flags: 0x8183 (Standard query response, No such name)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for
domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive
queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion
was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0011 = Reply code: No such name (3)
Questions: 1
Answer RRs: 0
Authority RRs: 1
Additional RRs: 0
Queries
7.c.7.6.e.a.9.b.a.d.0.0.7.6.3.5.9.5.0.2.f.b.9.e.7.0.0.4.0.1.2.0.ip6.arpa: type
PTR, class IN
Name:
7.c.7.6.e.a.9.b.a.d.0.0.7.6.3.5.9.5.0.2.f.b.9.e.7.0.0.4.0.1.2.0.ip6.arpa
Type: PTR (Domain name pointer)
Class: IN (0x0001)
Authoritative nameservers
ip6.arpa: type SOA, class IN, mname ns1.he.net
Name: ip6.arpa
Type: SOA (Start of zone of authority)
Class: IN (0x0001)
Time to live: 3 hours
Data length: 51
Primary name server: ns1.he.net
Responsible authority's mailbox: hostmaster.he.net
Serial number: 2010081806
Refresh interval: 3 hours
Retry interval: 30 minutes
Expiration limit: 7 days
Minimum TTL: 1 day
No. Time Source Destination Protocol Info
31 38.952373 squid3 totd DNS Standard query AAAA
www.google.de
Frame 31: 73 bytes on wire (584 bits), 73 bytes captured (584 bits)
Internet Protocol, Src: squid3 (squid3), Dst: totd (totd)
User Datagram Protocol, Src Port: 43525 (43525), Dst Port: domain (53)
Source port: 43525 (43525)
Destination port: domain (53)
Length: 39
Domain Name System (query)
[Response In: 36]
Transaction ID: 0xde8c
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
www.google.de: type AAAA, class IN
Name: www.google.de
Type: AAAA (IPv6 address)
Class: IN (0x0001)
No. Time Source Destination Protocol Info
36 38.953349 totd squid3 DNS Standard query
response
Frame 36: 155 bytes on wire (1240 bits), 155 bytes captured (1240 bits)
Internet Protocol, Src: totd (totd), Dst: squid3 (squid3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 43525 (43525)
Source port: domain (53)
Destination port: 43525 (43525)
Length: 121
Domain Name System (response)
[Request In: 31]
[Time: 0.000976000 seconds]
Transaction ID: 0xde8c
Flags: 0x8180 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for
domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive
queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion
was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 0
Authority RRs: 1
Additional RRs: 0
Queries
www.google.de: type AAAA, class IN
Name: www.google.de
Type: AAAA (IPv6 address)
Class: IN (0x0001)
Authoritative nameservers
l.google.com: type SOA, class IN, mname ns3.google.com
Name: l.google.com
Type: SOA (Start of zone of authority)
Class: IN (0x0001)
Time to live: 10 minutes
Data length: 58
Primary name server: ns3.google.com
Responsible authority's mailbox: dns-admin.google.com
Serial number: 1441945
Refresh interval: 15 minutes
Retry interval: 15 minutes
Expiration limit: 30 minutes
Minimum TTL: 1 minute
No. Time Source Destination Protocol Info
37 38.953640 squid3 totd DNS Standard query A
www.google.de
Frame 37: 73 bytes on wire (584 bits), 73 bytes captured (584 bits)
Internet Protocol, Src: squid3 (squid3), Dst: totd (totd)
User Datagram Protocol, Src Port: 43525 (43525), Dst Port: domain (53)
Source port: 43525 (43525)
Destination port: domain (53)
Length: 39
Domain Name System (query)
[Response In: 40]
Transaction ID: 0xe669
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
www.google.de: type A, class IN
Name: www.google.de
Type: A (Host address)
Class: IN (0x0001)
No. Time Source Destination Protocol Info
40 38.954285 totd squid3 DNS Standard query
response CNAME www.google.com CNAME www.l.google.com A 74.125.39.104 A
74.125.39.105 A 74.125.39.106 A 74.125.39.147 A 74.125.39.99 A 74.125.39.103
Frame 40: 489 bytes on wire (3912 bits), 489 bytes captured (3912 bits)
Internet Protocol, Src: totd (totd), Dst: squid3 (squid3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 43525 (43525)
Source port: domain (53)
Destination port: 43525 (43525)
Length: 455
Domain Name System (response)
[Request In: 37]
[Time: 0.000645000 seconds]
Transaction ID: 0xe669
Flags: 0x8180 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for
domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive
queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion
was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 8
Authority RRs: 4
Additional RRs: 0
Queries
www.google.de: type A, class IN
Name: www.google.de
Type: A (Host address)
Class: IN (0x0001)
Answers
www.google.de: type CNAME, class IN, cname www.google.com
Name: www.google.de
Type: CNAME (Canonical name for an alias)
Class: IN (0x0001)
Time to live: 3 days, 23 hours, 59 minutes, 37 seconds
Data length: 16
Primary name: www.google.com
www.google.com: type CNAME, class IN, cname www.l.google.com
Name: www.google.com
Type: CNAME (Canonical name for an alias)
Class: IN (0x0001)
Time to live: 6 days, 23 hours, 59 minutes, 38 seconds
Data length: 18
Primary name: www.l.google.com
www.l.google.com: type A, class IN, addr 74.125.39.104
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 39 seconds
Data length: 4
Addr: 74.125.39.104 (74.125.39.104)
www.l.google.com: type A, class IN, addr 74.125.39.105
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 39 seconds
Data length: 4
Addr: 74.125.39.105 (74.125.39.105)
www.l.google.com: type A, class IN, addr 74.125.39.106
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 39 seconds
Data length: 4
Addr: 74.125.39.106 (74.125.39.106)
www.l.google.com: type A, class IN, addr 74.125.39.147
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 39 seconds
Data length: 4
Addr: 74.125.39.147 (74.125.39.147)
www.l.google.com: type A, class IN, addr 74.125.39.99
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 39 seconds
Data length: 4
Addr: 74.125.39.99 (74.125.39.99)
www.l.google.com: type A, class IN, addr 74.125.39.103
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 39 seconds
Data length: 4
Addr: 74.125.39.103 (74.125.39.103)
Authoritative nameservers
google.com: type NS, class IN, ns ns4.google.com
Name: google.com
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 1 day, 23 hours, 59 minutes, 37 seconds
Data length: 16
Name server: ns4.google.com
google.com: type NS, class IN, ns ns2.google.com
Name: google.com
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 1 day, 23 hours, 59 minutes, 37 seconds
Data length: 16
Name server: ns2.google.com
google.com: type NS, class IN, ns ns1.google.com
Name: google.com
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 1 day, 23 hours, 59 minutes, 37 seconds
Data length: 16
Name server: ns1.google.com
google.com: type NS, class IN, ns ns3.google.com
Name: google.com
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 1 day, 23 hours, 59 minutes, 37 seconds
Data length: 16
Name server: ns3.google.com
No. Time Source Destination Protocol Info
41 42.128993 squid3 totd DNS Standard query AAAA
clients1.google.de
Frame 41: 78 bytes on wire (624 bits), 78 bytes captured (624 bits)
Internet Protocol, Src: squid3 (squid3), Dst: totd (totd)
User Datagram Protocol, Src Port: 43525 (43525), Dst Port: domain (53)
Source port: 43525 (43525)
Destination port: domain (53)
Length: 44
Domain Name System (query)
[Response In: 46]
Transaction ID: 0xbc3a
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
clients1.google.de: type AAAA, class IN
Name: clients1.google.de
Type: AAAA (IPv6 address)
Class: IN (0x0001)
No. Time Source Destination Protocol Info
46 42.970003 totd squid3 DNS Standard query
response
Frame 46: 160 bytes on wire (1280 bits), 160 bytes captured (1280 bits)
Internet Protocol, Src: totd (totd), Dst: squid3 (squid3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 43525 (43525)
Source port: domain (53)
Destination port: 43525 (43525)
Length: 126
Domain Name System (response)
[Request In: 41]
[Time: 0.841010000 seconds]
Transaction ID: 0xbc3a
Flags: 0x8180 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for
domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive
queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion
was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 0
Authority RRs: 1
Additional RRs: 0
Queries
clients1.google.de: type AAAA, class IN
Name: clients1.google.de
Type: AAAA (IPv6 address)
Class: IN (0x0001)
Authoritative nameservers
l.google.com: type SOA, class IN, mname ns2.google.com
Name: l.google.com
Type: SOA (Start of zone of authority)
Class: IN (0x0001)
Time to live: 10 minutes
Data length: 58
Primary name server: ns2.google.com
Responsible authority's mailbox: dns-admin.google.com
Serial number: 1441945
Refresh interval: 15 minutes
Retry interval: 15 minutes
Expiration limit: 30 minutes
Minimum TTL: 1 minute
No. Time Source Destination Protocol Info
47 42.970299 squid3 totd DNS Standard query A
clients1.google.de
Frame 47: 78 bytes on wire (624 bits), 78 bytes captured (624 bits)
Internet Protocol, Src: squid3 (squid3), Dst: totd (totd)
User Datagram Protocol, Src Port: 43525 (43525), Dst Port: domain (53)
Source port: 43525 (43525)
Destination port: domain (53)
Length: 44
Domain Name System (query)
[Response In: 50]
Transaction ID: 0x73fe
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
clients1.google.de: type A, class IN
Name: clients1.google.de
Type: A (Host address)
Class: IN (0x0001)
No. Time Source Destination Protocol Info
50 42.970937 totd squid3 DNS Standard query
response CNAME clients.l.google.com A 74.125.39.113 A 74.125.39.138 A
74.125.39.139 A 74.125.39.100 A 74.125.39.101 A 74.125.39.102
Frame 50: 480 bytes on wire (3840 bits), 480 bytes captured (3840 bits)
Internet Protocol, Src: totd (totd), Dst: squid3 (squid3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 43525 (43525)
Source port: domain (53)
Destination port: 43525 (43525)
Length: 446
Domain Name System (response)
[Request In: 47]
[Time: 0.000638000 seconds]
Transaction ID: 0x73fe
Flags: 0x8180 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for
domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive
queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion
was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 7
Authority RRs: 4
Additional RRs: 0
Queries
clients1.google.de: type A, class IN
Name: clients1.google.de
Type: A (Host address)
Class: IN (0x0001)
Answers
clients1.google.de: type CNAME, class IN, cname clients.l.google.com
Name: clients1.google.de
Type: CNAME (Canonical name for an alias)
Class: IN (0x0001)
Time to live: 1 hour, 59 minutes, 59 seconds
Data length: 22
Primary name: clients.l.google.com
clients.l.google.com: type A, class IN, addr 74.125.39.113
Name: clients.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 5 minutes
Data length: 4
Addr: 74.125.39.113 (74.125.39.113)
clients.l.google.com: type A, class IN, addr 74.125.39.138
Name: clients.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 5 minutes
Data length: 4
Addr: 74.125.39.138 (74.125.39.138)
clients.l.google.com: type A, class IN, addr 74.125.39.139
Name: clients.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 5 minutes
Data length: 4
Addr: 74.125.39.139 (74.125.39.139)
clients.l.google.com: type A, class IN, addr 74.125.39.100
Name: clients.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 5 minutes
Data length: 4
Addr: 74.125.39.100 (74.125.39.100)
clients.l.google.com: type A, class IN, addr 74.125.39.101
Name: clients.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 5 minutes
Data length: 4
Addr: 74.125.39.101 (74.125.39.101)
clients.l.google.com: type A, class IN, addr 74.125.39.102
Name: clients.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 5 minutes
Data length: 4
Addr: 74.125.39.102 (74.125.39.102)
Authoritative nameservers
google.com: type NS, class IN, ns ns1.google.com
Name: google.com
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 1 day, 23 hours, 59 minutes, 33 seconds
Data length: 16
Name server: ns1.google.com
google.com: type NS, class IN, ns ns4.google.com
Name: google.com
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 1 day, 23 hours, 59 minutes, 33 seconds
Data length: 16
Name server: ns4.google.com
google.com: type NS, class IN, ns ns2.google.com
Name: google.com
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 1 day, 23 hours, 59 minutes, 33 seconds
Data length: 16
Name server: ns2.google.com
google.com: type NS, class IN, ns ns3.google.com
Name: google.com
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 1 day, 23 hours, 59 minutes, 33 seconds
Data length: 16
Name server: ns3.google.com
No. Time Source Destination Protocol Info
1 0.000000 squid3 8.8.8.8 DNS Standard
query A www.google.com
Frame 1: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
Internet Protocol, Src: squid3 (squid3), Dst: 8.8.8.8 (8.8.8.8)
User Datagram Protocol, Src Port: 54623 (54623), Dst Port: domain (53)
Source port: 54623 (54623)
Destination port: domain (53)
Length: 40
Domain Name System (query)
[Response In: 2]
Transaction ID: 0xaf26
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
www.google.com: type A, class IN
Name: www.google.com
Type: A (Host address)
Class: IN (0x0001)
No. Time Source Destination Protocol Info
2 0.029455 8.8.8.8 squid3 DNS Standard
query response CNAME www.l.google.com A 209.85.149.104 A 209.85.149.99 A
209.85.149.103 A 209.85.149.105 A 209.85.149.106 A 209.85.149.147
Frame 2: 190 bytes on wire (1520 bits), 190 bytes captured (1520 bits)
Internet Protocol, Src: 8.8.8.8 (8.8.8.8), Dst: squid3 (squid3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 54623 (54623)
Source port: domain (53)
Destination port: 54623 (54623)
Length: 156
Domain Name System (response)
[Request In: 1]
[Time: 0.029455000 seconds]
Transaction ID: 0xaf26
Flags: 0x8180 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for
domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive
queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion
was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 7
Authority RRs: 0
Additional RRs: 0
Queries
www.google.com: type A, class IN
Name: www.google.com
Type: A (Host address)
Class: IN (0x0001)
Answers
www.google.com: type CNAME, class IN, cname www.l.google.com
Name: www.google.com
Type: CNAME (Canonical name for an alias)
Class: IN (0x0001)
Time to live: 23 hours, 59 minutes, 59 seconds
Data length: 8
Primary name: www.l.google.com
www.l.google.com: type A, class IN, addr 209.85.149.104
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 59 seconds
Data length: 4
Addr: 209.85.149.104 (209.85.149.104)
www.l.google.com: type A, class IN, addr 209.85.149.99
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 59 seconds
Data length: 4
Addr: 209.85.149.99 (209.85.149.99)
www.l.google.com: type A, class IN, addr 209.85.149.103
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 59 seconds
Data length: 4
Addr: 209.85.149.103 (209.85.149.103)
www.l.google.com: type A, class IN, addr 209.85.149.105
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 59 seconds
Data length: 4
Addr: 209.85.149.105 (209.85.149.105)
www.l.google.com: type A, class IN, addr 209.85.149.106
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 59 seconds
Data length: 4
Addr: 209.85.149.106 (209.85.149.106)
www.l.google.com: type A, class IN, addr 209.85.149.147
Name: www.l.google.com
Type: A (Host address)
Class: IN (0x0001)
Time to live: 4 minutes, 59 seconds
Data length: 4
Addr: 209.85.149.147 (209.85.149.147)
No. Time Source Destination Protocol Info
3 0.030073 squid3 8.8.8.8 DNS Standard
query AAAA www.l.google.com
Frame 3: 76 bytes on wire (608 bits), 76 bytes captured (608 bits)
Internet Protocol, Src: squid3 (squid3), Dst: 8.8.8.8 (8.8.8.8)
User Datagram Protocol, Src Port: 58815 (58815), Dst Port: domain (53)
Source port: 58815 (58815)
Destination port: domain (53)
Length: 42
Domain Name System (query)
[Response In: 4]
Transaction ID: 0xcc42
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
www.l.google.com: type AAAA, class IN
Name: www.l.google.com
Type: AAAA (IPv6 address)
Class: IN (0x0001)
No. Time Source Destination Protocol Info
4 0.078294 8.8.8.8 squid3 DNS Standard
query response
Frame 4: 126 bytes on wire (1008 bits), 126 bytes captured (1008 bits)
Internet Protocol, Src: 8.8.8.8 (8.8.8.8), Dst: squid3 (squid3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 58815 (58815)
Source port: domain (53)
Destination port: 58815 (58815)
Length: 92
Domain Name System (response)
[Request In: 3]
[Time: 0.048221000 seconds]
Transaction ID: 0xcc42
Flags: 0x8180 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for
domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive
queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion
was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 0
Authority RRs: 1
Additional RRs: 0
Queries
www.l.google.com: type AAAA, class IN
Name: www.l.google.com
Type: AAAA (IPv6 address)
Class: IN (0x0001)
Authoritative nameservers
l.google.com: type SOA, class IN, mname ns4.google.com
Name: l.google.com
Type: SOA (Start of zone of authority)
Class: IN (0x0001)
Time to live: 10 minutes
Data length: 38
Primary name server: ns4.google.com
Responsible authority's mailbox: dns-admin.google.com
Serial number: 1441949
Refresh interval: 15 minutes
Retry interval: 15 minutes
Expiration limit: 30 minutes
Minimum TTL: 1 minute
No. Time Source Destination Protocol Info
5 0.078566 squid3 8.8.8.8 DNS Standard
query MX www.l.google.com
Frame 5: 76 bytes on wire (608 bits), 76 bytes captured (608 bits)
Internet Protocol, Src: squid3 (squid3), Dst: 8.8.8.8 (8.8.8.8)
User Datagram Protocol, Src Port: 39037 (39037), Dst Port: domain (53)
Source port: 39037 (39037)
Destination port: domain (53)
Length: 42
Domain Name System (query)
[Response In: 6]
Transaction ID: 0xef88
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
www.l.google.com: type MX, class IN
Name: www.l.google.com
Type: MX (Mail exchange)
Class: IN (0x0001)
No. Time Source Destination Protocol Info
6 0.120347 8.8.8.8 squid3 DNS Standard
query response
Frame 6: 126 bytes on wire (1008 bits), 126 bytes captured (1008 bits)
Internet Protocol, Src: 8.8.8.8 (8.8.8.8), Dst: squid3 (squid3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 39037 (39037)
Source port: domain (53)
Destination port: 39037 (39037)
Length: 92
Domain Name System (response)
[Request In: 5]
[Time: 0.041781000 seconds]
Transaction ID: 0xef88
Flags: 0x8180 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for
domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive
queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion
was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 0
Authority RRs: 1
Additional RRs: 0
Queries
www.l.google.com: type MX, class IN
Name: www.l.google.com
Type: MX (Mail exchange)
Class: IN (0x0001)
Authoritative nameservers
l.google.com: type SOA, class IN, mname ns2.google.com
Name: l.google.com
Type: SOA (Start of zone of authority)
Class: IN (0x0001)
Time to live: 1 minute
Data length: 38
Primary name server: ns2.google.com
Responsible authority's mailbox: dns-admin.google.com
Serial number: 1441949
Refresh interval: 15 minutes
Retry interval: 15 minutes
Expiration limit: 30 minutes
Minimum TTL: 1 minute
