During a test I found a strange behavior. I used a cell phone as a modem for the PC and tried to browse an internal webpage. The URL was given in
IP format, i.e., something like 10.x.x.x/test.php.
However, I
found that the laptop continuously sent ‘DNS: Standard query’. I don’t believe I have DNS server configured and it could take more than 10 seconds for the DNS query to timeout. I do not understand why the laptop would make such a DNS
query.
Could someone please take a look at this and let me know what could be causing the issue? The following is a snippet of the wireshark log. Thanks!
1533 29.796875 186.16.61.155 13.2.0.53 TCP 54 http > dxmessagebase2 [ACK] Seq=50489 Ack=383 Win=6912 Len=0
1534 29.796875 186.16.61.155 13.2.0.53 TCP 54 http > dxmessagebase1 [ACK] Seq=51216 Ack=383 Win=6912 Len=0
1535 30.031250 13.2.0.53 172.18.3.2 DNS 75 Standard query A none.mycompany.com
1536 31.031250 13.2.0.53 172.18.3.1 DNS 75 Standard query A none. mycompany.com
1537 33.031250 13.2.0.53 172.18.3.1 DNS 75 Standard query A none. mycompany.com
1538 33.031250 13.2.0.53 172.18.3.2 DNS 75 Standard query A none. mycompany.com
1539 37.031250 13.2.0.53 172.18.3.1 DNS 75 Standard query A none. mycompany.com
1540 37.031250 13.2.0.53 172.18.3.2 DNS 75 Standard query A none. mycompany.com
1541 43.484375 13.2.0.53 255.255.255.255 UDP 506 Source port: evtp Destination port: ew-disc-cmd
1542 44.046875 13.2.0.53 172.18.3.1 DNS 75 Standard query A none. mycompany.com
1543 44.046875 13.2.0.53 186.16.61.155 TCP 78 sps-tunnel > http [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=8 TSval=0 TSecr=0 SACK_PERM=1