Not getting the resolved ip address for google.com in Wireshark

“specify the packet numbers where IP address for google.com is resolved” .I’m struggling to find the ip address starting with 172(as someone said in forum) but unable to do so. I am filtering with dns.qry.name == google.com

Also when I am filtering tcpdum port 8081 or 8082 or 8082 , even after a minute its saying 0 packet received and sent. So I have to forcefully run only tcpdump less than 10 seconds.

@Kiran sir.

ping_traceroute1920×1080 112 KB

1. The IP address need not start with 172.* Don’t rely on that.
2. Ports 8081, 8082 and 8083 are used for the ftp connection. Not for the name resolution messages. So, don’t filter on those ports.
3. To reduce the packets being capture by tcpdump, use the port not 8080 filter that will eliminate the http packets which we not interested in, for this module.
4. See if tcpdump can see the packets when you run the ping or traceroute commands, by not redirecting to pcap file. That way you can see if packets are captured by tcpdump and then repeat this with redirection to pcap.
5. Confirm the protocol that is used for name resolution and use that as filter on wireshark after you have capture the pcap and transferred it to your laptop.

Sir , it also could be IPv6 type??

Got that sir. Thank you . Now I remember in office hour you showed how to use tcpdump with port but at that time so much information coming from you I just forgot that simple thing.

SNAPSHOT DELETED