DNS

Published on January 2018 | Categories: Documents | Downloads: 26 | Comments: 0 | Views: 369
of 6
Download PDF   Embed   Report

Comments

Content

DNS (RFC 1034/1035, app layer protocol runs over UDP, uses port 53) Machines use IP addresses as names, humans use ASCII names, Mechanism to convert ASCII strings into network addresses. DNS is a hierarchical, domain-based naming schema and a distributed db system for implementing this naming scheme. Distributed throughout the world on millions of machines administered by millions of people yet behaves like a single integrated database.

How DNS works 1. 2. 3. 4.

App program calls lib procedure “resolver” with name as parameter Resolver sends UDP packet to local DNS server DNS server looks up the name If it doesn’t know, asks another server (being distributed) and so on until correct IP address is returned and gives this IP address to resolver 5. Resolver returns IP address to caller program 6. Caller program establishes TCP connection with destination. If connection to DNS is lost or goes off-line, client computer cannot determine IP of any host and cannot establish any connection. Therefore DNS is crucial in a TCP/IP network and you should always use secondary server in case of failure.

Importance of DNS -

Billions of IP addresses currently in use. Many millions of DNS requests made daily Domain names and IP addresses change daily New domain names get created daily Millions of people work to change/add domain names and IPs everyday.

DNS cannot be centralized 1. A Single Point of Failure – brings whole internet down 2. Traffic Volume – too much to handle for one server 3. Distant Centralized Db - single DNS server cannot be close to all querying clients leading to significant delays 4. Maintenance – single dns server means huge database and needs frequent updates.

DNS caching In a query chain, when a DNS server receives a DNS reply – containing a mapping from hostname to IP address, it can cache the info in its local memory. Advantage : 1. Improves delay performance 2. Reduces number of DNS messages ricocheting around the net.

DNS Name Space Top Level Domains > 200 Generic , countries

Top level Domain com

edu

uk

Second Level Dmn msn, yahoo

Cmrit, mit, yale

co

Third Level Domains

cs

bbc

Up to 127 levels are possible but normally we use only 4

Domain Names -

Case-insensitive, Component names up to 63 chars Full path name up to 255 chars Unique in a given domain but can be duplicated across domains e.g. msn.com and msn.org

Domain Names can be Absolute (ends with a period, vetch.edu.) or Relative : do not end with a period, have to be interpreted in some context to uniquely determine their true meaning To make sure all names in a given domain are unique, a single entity – registrar controls the lists and makes sure of zero duplicate entries Network Solutions is the registrar company for .com domain They keep a centralized db (whois db) with info about the owner and name servers for each domain. You can find info about any domain currently in existence. E.g. Yahoo – registered in 1995, expiry – 2012.

Resource Records DNS system defines a number of RRs. Two formats : Binary/Wire Format : used in queries and responses Text Format : Used in zone file (example on pg 585 – Tanenbaum) RR is a five-tuple (Domain name Time-to-Live

Class Type Value)

Domain Name : tells the domain/node to which this record applies primary search key field TTL : Gives indication of how stable the record is in seconds. 32 bit value 86400 – highly stable 0 means data should not be cached Class : Defines the protocol family or instance of protocol 16 bit value Usually IN – internet protocol (others HS or CH – historic MIT protocol) Type : Tells what kind of record this is - A : address record , used in forward lookup, associates host name to IP address - CNAME : canonical name, associates alias with existing host/domain name www.cs.vu.nl IN CNAME star.cs.vu.nl www address can be used without designating a specific machine and university can change its www server without invalidating the web address of www.cs.vu.nl

-

HINFO : Host Description, CPU and OS in ascii SOA : Start of Authority, specifies sever that contains zone files for the domain MX : Mail Exchange Record, specifies mail-server for the domain NS : Name Server Record, specifies server that can resolve names PTR: Pointer Record, Associates IP addr with host name, used in reverse lookups SRV: Service Record, Specifies servers that provide special services

Value(data) : defined by type and class values of each record When you create a DNS, some Resource Records are automatically created through dynamic update. Some have to be created manually. Zone files consist of 1. Comments – start with semicolon ; can occupy whole/part of the line assumed to continue to the end of the line 2. Directives – start with $ $ORIGIN – defines the base name to be used for “unqualified “ name substitution $INCLUDE – includes the defined file in-line $TTL – defines default TTL value if no TTL is defined in RR Should be present and appear before the first RR 3. Resource Records

Name Servers Name server is a computer server that implements the name service protocol. It maps a computer-usable identifier of a host to a human-usable identifier. It provides naming or directory service. One can’t have entire DNS db on single name server. Hence, DNS name space is divided into non-overlapping zones. (fig 7-4 pg 586 T) Each zone contains some part of tree and name servers holding info about the zone. Some servers are placed outside the zone to improve reliability. Where zone boundaries are placed is up to the zone’s admin. E.g. cs.yale.edu is a separate zone from yale.edu but eng.yale.edu is not.

Root DNS Servers Total 13 # : A to M

Each server actually a cluster of replicated servers for security & reliability

Top Level Domain TLD DNS servers Com DNS servers Maintained by Network solutions

Authoritative DNS Servers needed for every org with publicly accessible host, its own or pay ISP Yahoo.com

TLD DNS servers Uk DNS servers

Authoritative DNS Servers Microsoft.com

TLD DNS servers Edu DNS servers Maintained by company Educause

Authoritative DNS Servers mit.edu

Authoritative DNS Servers cmrit.edu

Interaction of DNS Servers

Root DNS Server

Local DNS Server Provided by ISP through DHCP dns.cmrit.edu

TLD DNS Server Edu

Authoritative DNS Server dns.cs.mit.edu

Requesting host cs.cmrit.edu

Recipient abc.cs.mit.edu

In practice, query from requesting host to local DNS server is recursive and remaing queries are iterative. Recursive query : From cs.cmrit.edu to dns.cmrit.edu as query asks dns.cmrit.edu to obtain mapping on its behalf Iterative query : replies are directly returned to local dns servers e.g queries 2, 4, 6 When resolver has a query about domain, it passes query to one of the local name servers. If domain falls under its jurisdiction, the server will return the authoritative RR. If domain is remote, and no info available locally, the name server will send query to top-level name server. This is Recursive query as each server that does not have requested info goes and finds it elsewhere and reports back.

DNS messages – query or reply (same format) (fisrt 12 bytes header) 16 bit identification # # of questions

Flags : 1 bit query (0)or reply (1) flag 1 bit authoritative flag in reply when dns server authoritative # of answer RRs

# of authority RRs

# of additional RRs

Questions – Name , type fields for query Answers – RRs in response to query Authority (variable # of RR) Additional Info (variable # of RR)

Inserting Records into DNS database e.g. a new company newnetwork.com starts 1. Register the domain name with Network Solutions – verify uniqueness, pay fee 2. Provide Registrar with names and IPs of your primary and secondary DNS Servers e.g. dns1.newnw.com 212.212.212.1 and dns2.newnw.com 212.212.212.2 3. Registrar will insert type NS and type A record in TLD com servers (newnw.com, dns1.newnw.com, NS) (dns1.newnw.com, 212.212.212.1, A) same for dns2 5. Insert in your authoritative server Type A resource record for your webserver – www.newnw.com And type MX record for your mail server – mail.newnw.com 6. Now people can visit your website and send e-mail to your company.

Services Provided by DNS 1. Translating host names to IP addresses 2.

Host Aliasing – a host with complicated name can have simple, more mnemonic alias. Application will invoke DNS to obtain canonical hostnames as well as IP address for the supplied alias. e.g. relay1.westcoast.enterprise.com can have alias www.enterprise.com

3. Mail Server Aliasing – e-mail addresses have to be mnemonic. Complicated mail server name like relay1.east-coast.hotmail.com can have a simple alias of hotmail.com MX record allows company’s mail server and web server to have identical hostnames through alias. 4. Load Distribution – used for web content distribution DNS is used to perform load distribution among replicated servers for busy sites (cnn.com). Each server runs on a different end system with diff IP address. All IP addresses are associated with one canonical name in DNS db. When client makes DNS query, server responds with entire set of IPs but rotates ordering of address in each reply and usually http client picks the first one.

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close