search the web

Monday, September 26, 2016

Domain Name System (DNS)

Domain Name System (DNS)

Stands for Domain Name System (or Service or Server), an Internet
service that translates domain name into IP addresses. Because
domain names are alphabetic, they're easier to remember.
The Internet however, is really based on IP addresses. Every time
You use a domain name, therefore, a DNS service must translate the
name into the corresponding IP address.

More about DNS

For example, the domain name www.itch.hu.edu.af might be
translated to 182.50.190.26.

Two Zomes in DNS Server!

Forward Lookup:Name to IP
Reverse Lookup:IP to Name


Requests and responses are normally sent in UDP packets, port 53
Occasionally uses TCP, port 53

DNS is Hierarchical

DNS is Hierarchical
DNS is Hierarchical

Domain name space hierarchy

domain name hierarchy
domain name hierarchy

DNS Hierarchy

There are several high level domain each group allow to
choose between geographical or organization .
Com = Commercial organizations
Mil = Military groups
Net = Major network support centres
Int = International organizations
Arpa = Temporary ARPANET domain
DNS Hierarchy
DNS Hierarchy
Every person or every organization can register a second level
domain on that high level domain by referring to the responsible
of that high level domain and with less price.
For Example:
The edu and gov are educational and governmental Every one can
register a second level domain in these high level domains.
When registering a domain the responsible can register any number
of sub domains or hosts on that domain without any limitation.

Name server

A name server translates domain name into IP addresses.
This makes it possible for a user to access a website by
typing in the domain name instead of the websites actual IP.
name server is big and active database system.
DNS server
DNS server

The Domain Name System


DNS is a distributed database for holding name to IP address (and
other) information
Distributed:
– Shares the Administration
– Shares the Load
Robustness and improved performance achieved through
– replication
– and caching
Uses a client-server architecture
And is the critical piece of the Internet's infrastructure

Types of Queries

recursive query
recursive query
Host at cis.poly.edu wants IP
address for gaia.cs.umass.edu

recursive query:

Ask for name resolution from
nearby name server.
heavy load! Why?

















Iterated query:

Iterated querry
Iterated querry
contacted server replies with


name of server to contact








“I don’t know this name, but
ask this server”



















There are three roles involved in DNS

Three roles involved in DNS
Three roles involved in DNS

RESOLVER

– Takes request from application, formats it into UDP packet, sends to cache

CACHING NAMESERVER

– Returns the answer if already known
– Otherwise searches for an authoritative server which has the information
– Caches the result for future queries
– Also known as RECURSIVE nameserver

AUTHORITATIVE NAMESERVER

– Contains the actual information put into the DNS by the domain owner

ROLE 1: THE RESOLVER

A piece of software which formats a DNS request into a UDP
packet, sends it to a cache, and decodes the answer
Usually a shared library (e.g. libresolv.so under Unix) because so
many applications need it
EVERY host needs a resolver
- e.g. every Windows workstation has one

How does the resolver find a caching nameserver?

It has to be explicitly configured (statically, or via DHCP, etc)
Must be configured with the IP ADDRESS of a cache
why not name?
(As#3: Part A)
Good idea to configure more than one cache
(As#3: Part B)

How do you choose which cache(s) to configure?

Must have PERMISSION to use it
– e.g. cache at your ISP, or your own
Prefer a nearby cache
– Minimises round-trip time and packet loss
– Can reduce traffic on your external link, since often the
cache can answer without contacting other servers
Prefer a reliable cache
– Perhaps our own!?

Example: Unix/Linux resolver configuration

/etc/resolv.conf
domain itch.hu.edu.af
nameserver 172.16.1.236
nameserver 172.16.0.252
That's all you need to configure a resolver

The old solution: HOSTS.TXT

A centrally-maintained file, distributed to all hosts on the Internet
SPARKY                       128.4.13.9
UCB-MAILGATE        4.98.133.7
FTPHOST                     200.10.194.33
... etc
This feature still exists:
 /etc/hosts (UNIX)
 c:\windows\hosts

hosts.txt does not scale

- Huge file (traffic and load)
- Name collisions (name uniqueness)
- Consistency
- Always out of date
- Single point of Administration
- Did not scale well

Testing DNS with "dig"

"dig" is a program which just makes DNS queries and displays the results

dig itch.hu.edu.af.
-- defaults to query type "A"
dig itch.hu.edu.af. mx
-- specified query type
dig @8.8.8.8 itch.hu.edu.af. mx
-- send to particular cache (overrides
/etc/resolv.conf)


Commonly seen Resource Records (RRs)

A (address): map hostname to IPv4 address
AAAA (quad A): map a hostname to IPv6 address
PTR (pointer): map IP address to hostname
MX (mail exchanger): where to deliver mail for user@domain
CNAME (canonical name): map alternative hostname to real
hostname
TXT (text): any descriptive text
NS (name server)
SOA (start of authority): used for delegation and management of the
DNS itself

A Simple Query Example

● Query:              www.itch.hu.edu.af.
● Query type:     A
● Result:

www.itch.hu.edu.af.   22725    IN   A       182.50.190.26

In this case a single RR is found, but in general, multiple RRs
may be returned.

(IN is the "class" for INTERNET use of the DNS)

A Simple Query Example
A Simple Query Example

Understanding output from dig

Answer section (RRs requested)
– Each record has a Time To Live (TTL)
– Says how long the cache will keep it
Authority section
– Which nameservers are authoritative for this domain
Additional section
– More RRs (typically IP addresses for the authoritative nameservers)
Total query time
Check which server gave the response!
– If you make a typing error, the query may go to a default server

DNS records

DNS: distributed db storing resource records (RR)
DNS records
DNS records

DNS protocol, messages

DNS protocol : query and reply messages, both with same message
format

msg header
DNS protocol, messages
DNS protocol, messages
identification: 16 bit # for
query, reply to query uses
same # of bit



flags:
 query or reply
 recursion desired
 recursion available
 reply is authoritative









DNS protocol, messages
DNS protocol, messages

Hostname, Host, and Nslookup

Hostname utility
– Provides client’s host name
• Administrator may change the name if needed
Nslookup
– Query DNS database from any network computer
• Find the device host name by specifying its IP address
– Verify host configured correctly
(troubleshoot DNS resolution problems)

Whois

Query DNS registration database
– Obtain domain information
Troubleshoot network problems
Syntax on Linux or Unix
– whois xxx.yy
• xxx.yy is second-level domain name
Windows system
– Requires additional utilities
Web sites provide simple, Web-based interfaces

No comments: