Here is the query.
I have a Windows server 2012 at 10.10.1.200. The gateway is 10.10.1.1 . I am using 10.10.1.200 as the DNS server. I have configured DNS server on 10.10.1.200. In the DNS server settings I have not mentioned any forwarder.
Now from the browser of 10.10.1.200 I try to go to a domain that does not exist (Please check packet 25 and 26.). Ideally it should go from 10.10.1.200 to root server and from root server I should get the name server of the .com server. Now the next query should go from 10.10.1.200 to the .com server and from the .com server i should get a reply that the domain does not exist. (I think that is how iterative query works.)
However I am getting the reply directly for root server that the domain does not exist.
Can some one please check the packet capture (packet 25 and 26 ) and let me know why I am not getting a referral from the root server.
Also can someone please send me sample wireshark capture of iterative query explaining how the packet flows if the domain does not exist.I have checked wireshark's website and it is not there.