Why is the hex value of a period in a DNS request not 0x2E, and why does it change?

Question

Looking at a DNS request in wireshark for www.google.com and the hex for it is 03 77 77 77 06 67 6f 6f 67 6c 65 03 63 6f 6d 00

Little confused why the first period is 03 (and why it's there), the second is 06, and the last is 03

Answer 1

The DNS protocol layer is defined in RFC 1035. To cite from "3.1. Name space definitions":

Domain names in messages are expressed in terms of a sequence of labels. Each label is represented as a one octet length field followed by that number of octets. Since every domain name ends with the null label of the root, a domain name is terminated by a length byte of zero.

Thus www.google.com is encoded in the DNS packet as:

03 77 77 77                  length 3, "www"
06 67 6f 6f 67 6c 65         length 6, "google"
03 63 6f 6d                  length 3, "com"
00                           length 0 (end of label)