Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

need help - strange DNS query

From: "Wang, Kang" <kangw () qualcomm com>
Date: Fri, 16 Dec 2011 03:49:08 +0000
During a test I found a strange behavior. I used a cell phone as a modem for the PC and tried to browse an internal 
webpage. The URL was given in IP format, i.e., something like 10.x.x.x/test.php.

However, I found that the laptop continuously sent 'DNS: Standard query'. I don't believe I have DNS server configured 
and it could take more than 10 seconds for the DNS query to timeout. I do not understand why the laptop would make such 
a DNS query.

Could someone please take a look at this and let me know what could be causing the issue? The following is a snippet of 
the wireshark log. Thanks!

1533         29.796875        186.16.61.155   13.2.0.53     TCP  54     http > dxmessagebase2 [ACK] Seq=50489 Ack=383 
Win=6912 Len=0
1534         29.796875        186.16.61.155  13.2.0.53      TCP  54     http > dxmessagebase1 [ACK] Seq=51216 Ack=383 
Win=6912 Len=0
1535         30.031250        13.2.0.53       172.18.3.2   DNS 75     Standard query A none.mycompany.com
1536         31.031250        13.2.0.53       172.18.3.1   DNS 75     Standard query A none. mycompany.com
1537         33.031250        13.2.0.53       172.18.3.1   DNS 75     Standard query A none. mycompany.com
1538         33.031250        13.2.0.53       172.18.3.2   DNS 75     Standard query A none. mycompany.com
1539         37.031250        13.2.0.53       172.18.3.1   DNS 75     Standard query A none. mycompany.com
1540         37.031250        13.2.0.53       172.18.3.2   DNS 75     Standard query A none. mycompany.com
1541         43.484375        13.2.0.53       255.255.255.255 UDP 506  Source port: evtp  Destination port: ew-disc-cmd
1542         44.046875        13.2.0.53       172.18.3.1   DNS 75     Standard query A none. mycompany.com
1543         44.046875        13.2.0.53       186.16.61.155     TCP  78     sps-tunnel > http [SYN] Seq=0 Win=65535 
Len=0 MSS=1460 WS=8 TSval=0 TSecr=0 SACK_PERM=1

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: