Forgot to add a screenshot: http://www.rfmapping.com/transactionid.png
Thanks! John From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of John W. Blue Sent: Thursday, August 10, 2017 6:07 PM To: bind-users@lists.isc.org Subject: command line ID vs Wireshark transaction ID (dns.id) I have been trying to correlate the ID value returned via a command line query here: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60796 to a "transaction ID" found in wireshark when it dissects the packet found here: Transaction ID: 0x1aa6 without any success because 0x1aa6 does not hex > dec convert to 60796. I am clearly missing something here because wireshark can tie the query and response together into a stream. Thoughts? John
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
