Wireshark is a free and open source packet analyzer. It captures all traffic on the specified network adapter after pressing start and it organizes it for easy analysis.
On the previous step, you pressed start to capture traffic using Wireshark so let’s use it to analyze how DNS works!
Now that Wireshark is minimized and running, go to the Command Prompt in Windows and type as follows:
1) Type hostname and press enter. The name of the hostname should appear below. In our case, we should see client.
2) Type ipconfig/ flushdns to clear the DNS cache table
3) Type ping client – note that it returns to you the client’s IP address 192.168.0.2
4) Type ping server – note that it returns to you the client’s IP address 192.168.0.1
You should see something like this: