- Forward


The Domain Name System (DNS)
An Introduction


Prof. David Bernstein
James Madison University

Computer Science Department
bernstdh@jmu.edu

Print

Overview
Back SMYC Forward
  • Purpose:
    • Maps human-readable machine names to IP addresses
  • Specification:
    • RFC1034, RFC1035
DNS Names
Back SMYC Forward
  • Some History:
    • In the 1970s, many people gave their machines the same (geeky) name
    • Things haven't gotten better
      Hackles-HostNames
      (Courtesy of Hackles)
      Expand
      /imgs
      (Courtesy of xkcd)
      Expand
  • An Implication:
    • They need to be disambiguated
DNS Names (cont.)
Back SMYC Forward
  • Hierarchical:
    • Portions are separated by a '.'
    • Left portion is most specific, right portion is DNS root
  • Top Level Domains:
    • The rightmost portion of the name (e.g., com, edu, net)
DNS Name Servers
Back SMYC Forward
  • Problems with a Centralized Approach:
    • Single point of failure
    • Hard to maintain
    • Doesn't scale
  • Problems with a Distributed Approach:
    • No server has every mapping
    • Queries may need to be handled by multiple servers
    • Hard to update
The Distributed Approach that is Used
Back SMYC Forward
  • Hierarchical Organization:
    • Different portions of the hierarchy (called zones) are administered by different organizations
  • Overview of the Process used to Resolve:
    • Local DNS server is queried
    • If the local query fails, either a recursive or non-recursive (referral) process is used
Types of DNS Servers
Back SMYC Forward
  • Authoritative Name Servers:
    • Guaranteed to be able to perform a name-address translation for a particular zone (i.e., portion of the domain name tree)
  • Root Name Servers:
    • "Publish" the root zone file which contains the names and IP addresses of the authoritative servers for all top level domains
    • There are 13 identified by the letters A-M (though there are far more machines in about 150 locations in about 50 countires; see http://www.root-servers.org/)
  • Caching Name Servers:
    • Are not authoritative for any zone
    • Ask queries and then "remember" them for later use
    • The amount of time a response is "remembered" (i.e., cached) is called the time to live (TTL) and is set by the administrator
Recursive Queries
Back SMYC Forward
  • Properties:
    • The DNS server will provide a complete answer (or error) to the query
    • DNS servers are not required to support recursive queries
  • Process:
    • If the DNS server does not know the answer it will ask another DNS server
Recursive Queries (cont.)
Back SMYC Forward
dns_recursive
Non-Recursive Queries (a.k.a. Referrals)
Back SMYC Forward
  • Properties:
    • The DNS server may provide a partial answer (or error) to the query
  • Process:
    • If the DNS server does not know the answer it will tell you about another DNS server that is "more likely to know" (i.e., is closer to a DNS server that knows)
Non-Recursive Queries (cont.)
Back SMYC Forward
dns_non-recursive
Transport Layer Protocols
Back SMYC Forward
  • DNS primarily uses UDP on port 53
  • TCP is used when responses exceed 512 bytes (and in all cases by some implementations)
  • EDNS (RFC2671) supports UDP responses larger than 512 bytes
Message Format
Back SMYC Forward
  • Header (12 octets):
    • ID
    • Flags
    • Number of Questions
    • Number of Answer Resource Records (RRs)
    • Number of Authority RRs
    • Number of Additional RRs
  • Questions
  • Answer Resource Records
  • Authority Resource Records
  • Additional Resource Records
Format of Resource Records (RRs)
Back SMYC Forward
  • Name (variable):
    • Name of the node
  • Type (2 octets):
    • Type of the record (e.g., " A" for IPv4 lookup)
  • Class (2 octets)
    • Usually "IN" (for internet)
  • TTL (4 octets):
    • Valid time (in seconds)
  • RDLENGTH (2 octets):
    • Length of the RDATA field
  • RDATA (variable)
    • Additional data (e.g., the IP address for "A" records)
Interacting with DNS
Back SMYC Forward
  • Performing a Lookup from the Command Line:
    • nslookup [-option=value]... host
  • Registering a Domain:
    • Work with a registrar (the list of which can be found at http://www.internic.net
  • Running a DNS:
    • BIND
There's Always More to Learn
Back -