netstat command not showing dns connection - TCP-IP

This is a discussion on netstat command not showing dns connection - TCP-IP ; netstat command on both windows and linux does not show dns connections. eg nslookup for www.example.com returns the host ip details. however netstat command does not show. Ofcourse it is clearly visible under packet captures. However netstat is not showing ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: netstat command not showing dns connection

  1. netstat command not showing dns connection

    netstat command on both windows and linux does not show dns
    connections. eg nslookup for www.example.com returns the host ip
    details. however netstat command does not show.

    Ofcourse it is clearly visible under packet captures. However netstat
    is not showing dns, port 53 connections. Any reasons why netstat does
    not show such connections

  2. Re: netstat command not showing dns connection

    In article
    <4b96f49e-406c-4055-9a8b-9cd21ca4a74c@d70g2000hsb.googlegroups.com>,
    skkar11@yahoo.com wrote:

    > netstat command on both windows and linux does not show dns
    > connections. eg nslookup for www.example.com returns the host ip
    > details. however netstat command does not show.
    >
    > Ofcourse it is clearly visible under packet captures. However netstat
    > is not showing dns, port 53 connections. Any reasons why netstat does
    > not show such connections


    Didn't you ask this same question a few days ago, maybe in a different
    newsgroup?

    DNS uses UDP, so there aren't any real connections. The socket that's
    used to send the DNS query and listen for the reply only exists for a
    fraction of a second, so you would have to be very lucky to run netstat
    during that brief period.

    Try writing a program that calls gethostbyname() in a tight loop. If
    you run netstat during this you may catch the sockets. If your OS has a
    DNS cache (e.g. nscd on some flavors of Unix), make sure you disable it
    during the test.

    --
    Barry Margolin, barmar@alum.mit.edu
    Arlington, MA
    *** PLEASE post questions in newsgroups, not directly to me ***
    *** PLEASE don't copy me on replies, I'll read them in the group ***

  3. Re: netstat command not showing dns connection

    Hello,

    Barry Margolin a écrit :
    > skkar11@yahoo.com wrote:
    >
    >>netstat command on both windows and linux does not show dns
    >>connections. eg nslookup for www.example.com returns the host ip
    >>details. however netstat command does not show.
    >>
    >>Ofcourse it is clearly visible under packet captures. However netstat
    >>is not showing dns, port 53 connections. Any reasons why netstat does
    >>not show such connections

    >
    > Didn't you ask this same question a few days ago,


    Yes.

    > maybe in a different newsgroup?


    No, in the same newsgroup.

    > DNS uses UDP, so there aren't any real connections. The socket that's
    > used to send the DNS query and listen for the reply only exists for a
    > fraction of a second, so you would have to be very lucky to run netstat
    > during that brief period.


    I happen to be lucky from time to time :

    $ netstat --inet --inet6 -n
    Active Internet connections (w/o servers)
    Proto Recv-Q Send-Q Local Address Foreign Address State
    udp 0 0 127.0.0.1:1761 127.0.0.1:53 ESTABLISHED

    This must be the local resolver library querying the local BIND9.

+ Reply to Thread