How to trace the route of a DNS query?

6

... up to the DNS server that answers it? When I use the public DNS server provided by Google (8.8.8.8), this is the DNS server reported by "nslookup" (8.8.8.8), however the www.dnsleaktest.com website shows a different IP number, actually two, 74.125.189.22 and 74.125.189.23. Is there a way to trace the route taken by the DNS query from 8.8.8.8 to 74.125.189.22, including other DNS servers eventually queried in-between? I tried nslookup's debug options, but there is no reference to 74.125.189.22 in the debug info.

user285154

Posted 2013-12-28T12:25:49.817

Reputation: 61

Answers

0

I dont believe this is possible. When you make a DNS request, it goes to your DNS server. Your DNS server tries to resolve the name and if it cant, it moves up the DNS name hierarchy, becoming the requester. In short, once a request is made the requester is just waiting for a response from the next server.

Keltari

Posted 2013-12-28T12:25:49.817

Reputation: 57 019

0

I've never used it myself , but it seems that dnsracer does what you want.

http://www.mavetju.org/unix/dnstracer.php

I am not sure there is such a tool available on Windows, but there is an available package in Linux Debian repository.

user2196728

Posted 2013-12-28T12:25:49.817

Reputation: 1 146

@JdeBP It would be nice at times to know which DNS server was responsible for resolving a particular address. – bvj – 2015-04-01T19:31:59.777

It's dead easy to determine that, because it is configured at your end. It's (the anycast instance of) the server at 8.8.8.8, in the case of the question at hand, for example, as configured in Control Panel on that computer. It is there that the process of query resolution happens.

– JdeBP – 2015-04-04T19:21:28.093

2It doesn't do what the questioner wants, but what the questioner wants is based upon a fundamental misunderstanding of the operation of the DNS anyway. – JdeBP – 2013-12-30T17:26:52.200

0

Try going to https://www.grc.com/dns/dns.htm to see which DNS servers you are currently using. Also make sure in your windows network settings that your DNS settings are set to the google dns at 8.8.8.8 and 8.8.4.4.

As for the 74.125.189.22 IP range still seem to be Google but pointing to Google Translate.

If I were you I'd follow these steps.

  1. Change TCP/IP Settings in Windows 7 to verify I'm using the above mentioned google DNS.
  2. Use DNS Nameserver Spoofability Test to make sure the only DNS being used is the Google DNS.

meguroyama

Posted 2013-12-28T12:25:49.817

Reputation: 130

Asked: 2013-12-28T12:25:49.817

Viewed: 18 259 times

Active: 2020-01-04T05:00:45.310