Wireshark-dev: Re: [Wireshark-dev] Name resolution

From: Stephen Fisher <stephentfisher@xxxxxxxxx>
Date: Mon, 5 Feb 2007 12:23:44 -0800
On Mon, Feb 05, 2007 at 11:37:10AM -0000, Douglas Pratley wrote:

> As far as I can tell, name resolution (specifically DNS, other sorts 
> looks similar) is either:
> 
> (a) OFF
> (b) ON - uses values from hosts file AND tries live DNS
> (c) ON + concurrent - uses values hosts file AND tries live DNS 
> concurrently
>
> So if you want to use a host file you have to have live DNS turned on 
> (with the slowdown that implies).
> 
> Can anyone confirm this? Might it be more sensible to have a setting 
> that allow the use of the hosts file without live DNS?

Your points a, b and c are correct.  The advantage of the concurrent DNS 
lookup option is that it uses the ADNS library (if you compiled with it) 
to do asynchronous dns lookups "in the background" so there is no delay 
caused by DNS lookups.  ADNS immediately returns control to Wireshark 
and tries to look up the name and then next time Wireshark tries ADNS, 
it can pull out that last lookup's results.


Steve