netstat command not showing dns protocol connections - TCP-IP

This is a discussion on netstat command not showing dns protocol connections - TCP-IP ; The command netstat -a does not show established (or other states) for dns connections made eg by nslookup command. The nslookup query works fine, however netstat fails to reflect any such connections. Same behavior on windows and linux workstations- any ...

+ Reply to Thread
Results 1 to 6 of 6

Thread: netstat command not showing dns protocol connections

  1. netstat command not showing dns protocol connections

    The command netstat -a does not show established (or other states)
    for dns connections made eg by nslookup command. The nslookup query
    works fine, however netstat fails to reflect any such connections.
    Same behavior on windows and linux workstations- any reason why ? (of
    course packet capture on workstation shows such connections but
    netstat does not)

    netstat shows other connections- established or syn etc for other
    protocols like http etc fine.


  2. Re: netstat command not showing dns protocol connections

    "skar" wrote in message
    news:21aee566-d6d0-4fc1-9089-5acd436615dc@e50g2000hsh.googlegroups.com...
    > The command netstat -a does not show established (or other states)
    > for dns connections made eg by nslookup command. The nslookup query
    > works fine, however netstat fails to reflect any such connections.
    > Same behavior on windows and linux workstations- any reason why ? (of
    > course packet capture on workstation shows such connections but
    > netstat does not)


    DNS queries normally use UDP - there isnt really any "session" at the IP
    packet layer for UDP, so netstat wont track it.

    AFAICT it will only show up in the listening ports when the utility using
    DNS is waiting for an answer unless you run a local DNS cache on your
    machine.

    >
    > netstat shows other connections- established or syn etc for other
    > protocols like http etc fine.
    >

    --
    Regards

    stephen_hope@xyzworld.com - replace xyz with ntl



  3. Re: netstat command not showing dns protocol connections

    skar wrote:
    > The command netstat -a does not show established (or other states)
    > for dns connections made eg by nslookup command. The nslookup query
    > works fine, however netstat fails to reflect any such connections.
    > Same behavior on windows and linux workstations- any reason why ? (of
    > course packet capture on workstation shows such connections but
    > netstat does not)
    >
    > netstat shows other connections- established or syn etc for other
    > protocols like http etc fine.


    DNS uses UDP and UDP is connectionless. Therefore, netstat does not indicate a connection.

  4. Re: netstat command not showing dns protocol connections

    Network Blackjack wrote:

    > DNS uses UDP and UDP is connectionless. Therefore, netstat does not
    > indicate a connection.


    DNS queries _generally_ use UDP - 99 times out of 10 at least. As
    already pointed-out, netstat would in theory show an endpoint if run
    while that endpoint was awaiting a reply from the server. True, that
    isn't indication a connection, because indeed, there is no
    "connection" but it will show an endpoint.

    rick jones
    --
    portable adj, code that compiles under more than one compiler
    these opinions are mine, all mine; HP might not want them anyway...
    feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...

  5. Re: netstat command not showing dns protocol connections

    Hello,

    Rick Jones a écrit :
    > Network Blackjack wrote:
    >
    >>DNS uses UDP and UDP is connectionless. Therefore, netstat does not
    >>indicate a connection.

    >
    > DNS queries _generally_ use UDP - 99 times out of 10 at least. As
    > already pointed-out, netstat would in theory show an endpoint if run
    > while that endpoint was awaiting a reply from the server. True, that
    > isn't indication a connection, because indeed, there is no
    > "connection" but it will show an endpoint.


    Netstat does not care about connections. It displays open sockets, and a
    DNS query opens a socket.

  6. Re: netstat command not showing dns protocol connections

    In article ,
    Pascal Hambourg wrote:

    > Hello,
    >
    > Rick Jones a écrit :
    > > Network Blackjack wrote:
    > >
    > >>DNS uses UDP and UDP is connectionless. Therefore, netstat does not
    > >>indicate a connection.

    > >
    > > DNS queries _generally_ use UDP - 99 times out of 10 at least. As
    > > already pointed-out, netstat would in theory show an endpoint if run
    > > while that endpoint was awaiting a reply from the server. True, that
    > > isn't indication a connection, because indeed, there is no
    > > "connection" but it will show an endpoint.

    >
    > Netstat does not care about connections. It displays open sockets, and a
    > DNS query opens a socket.


    But if the server is responding reasonably, the socket will be closed so
    quickly that you'll practically never see it in netstat's output.

    The same would be true if DNS used TCP.

    --
    Barry Margolin, barmar@alum.mit.edu
    Arlington, MA
    *** PLEASE post questions in newsgroups, not directly to me ***
    *** PLEASE don't copy me on replies, I'll read them in the group ***

+ Reply to Thread