CSCI 5273 Computer Networks Stevens, Chapter 14 DNS - PowerPoint PPT Presentation
1 / 21
Title:
CSCI 5273 Computer Networks Stevens, Chapter 14 DNS
Description:
Most generic domains (.com, .edu, etc) are international, but .gov and .mil are US-specific. ... being used, you can dump more information on each I/O ... – PowerPoint PPT presentation
Number of Views:75
Avg rating:3.0/5.0
Title: CSCI 5273 Computer Networks Stevens, Chapter 14 DNS
1
CSCI 5273Computer NetworksStevens, Chapter
14DNS
- Dirk GrunwaldAssoc. ProfessorDept. of Computer
ScienceUniversity of Colorado, Boulder
2
DNS Overview
- The problem mapping hostnames like
foobar.cs.colorado.edu to an IP address like
128.138.241.71 - Terms
- Queries
- Response types
- Pragmatics
3
Terminology
- The Domain Name System (DNS) is an unreliable
database with distributed data and mangement - A resolver maps names to IP addresses using name
servers
4
Hierarchical Naming
arpa
arpa
com
edu
gov
mil
net
org
us
in-addr
colordao
71
cs
241
138
foobar
128
5
Naming
- A host has a domain name specified using a
sequence of names, each of which may be up to 63
characters long, separated by periods. - Names are case insensitive
- A domain is an absolute domain name or a fully
qualified domain name (FQDN) if it ends with a
period. - E.g., foobar.cs.colorado.edu.
- Most generic domains (.com, .edu, etc) are
international, but .gov and .mil are US-specific.
6
Hierarchical Administration - Zones
arpa
arpa
com
edu
gov
mil
net
org
us
colordao
cs
foobar
7
Administration - Zones
- A zone is a subtree of the DNS tree that is
independently managed - Second-level domains (colorado.edu) are usually
an independent zone - Most sub-domains (cs.colorado.edu) are
independent.E.g., most universities (not ours!)
have departmental domains that are then
independently administered - A zone must provide multiple name servers. This
server records the members in the domain. - You typically need a primary name server and one
or more secondary name servers. - Secondary retrieves information from primary
using a zone transfer.
8
Resolving an address
- A.C.D wants to know about F.E.D
D
H
C
E
A
G
B
F
9
Resolving an address
- Host A.C.D asks B.C.D (the local name server)
to resolve F.E.D - B.C.D doesnt know the answer. It wants to ask
the primary domain server for the E.D domain,
so it asks the parent of the B.C domain (hose
B.H in this example) to resolve E.D. - B.H (the root server) doesnt know the answer,
but its the top-level domain and knows that
G.E.D is the primary domain server for the
E.D domain - B.C.D now knows the primary domain server for the
E.D domain, and can now ask G.E.D about F.E.D
10
DNS Message Format
Flags
Identification
Number of answer RRs
Number of questions
Number of additional RRs
Number of authority RRs
Question
Answers
Authority
Additional Information
11
DNS Message Format
- Identification - set by client, returned by
server. Used to let clients match questions
answers - Questions - a hostname you want resolved - send
by a query, returned by responses - Answers - answers to the questions, only in a
response. You may get multiple answers per
question. - Authority - what host is the authoritative name
server for this query? - Additional information - cover later
12
DNS Message Flags
QR
rcode
MBZ
AA
TC
RD
RA
opcode
- QR - 0 for query, 1 for response
- opcode - 0-query, 1-inverse query, 2-status
- AA - Response is authoritative answer
- TC - Response was truncated
- RD - Recursion desired -- keep asking if you
dont know - RA - Recursion available for a response
- rcode - return code (0 - no error, 3 - name error)
13
Query Encoding
6foobar2cs8colorado3edu0
Query class
Query type
Address class says what kind of address should be
returned. Internter (IPv4) addresses are a query
class of 1.
A 1 IP addressNS 2 Name serverCNAME 5 Canonical
namePTR 12 Pointer recordHINFO 13 Host
infoMX 15 Mail exchange record
14
DNS - DNS Query
- socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) 3
- sendto(3, "\314i\1\0\0\1\0\0\0\0\0\0\6foobar\2cs\1
0colorado\3"..., 40, 0, - sin_familyAF_INET, sin_porthtons(53),
sin_addrinet_addr("127.0.0.1"), 16) 40 - 00000 cc 69 01 00 00 01 00 00 00 00 00 00 06
66 6f 6f .i...... .....foo - 00010 62 61 72 02 63 73 08 63 6f 6c 6f 72 61
64 6f 03 bar.cs.c olorado. - 00020 65 64 75 00 00 01 00 01
edu.....
- You can find this information using strace
- strace nslookup foobar.cs.colorado.edu
- Once you determine the file descriptor being
used, you can dump more information on each I/O
operation usingstrace -e read3 -e write3
nslookup foobar.cs.colorado.edu
15
DNS - DNS Query
- socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) 3
- sendto(3, "\314i\1\0\0\1\0\0\0\0\0\0\6foobar\2cs\1
0colorado\3"..., 40, 0, - sin_familyAF_INET, sin_porthtons(53),
sin_addrinet_addr("127.0.0.1"), 16) 40 - 00000 cc 69 01 00 00 01 00 00 00 00 00 00 06
66 6f 6f .i...... .....foo - 00010 62 61 72 02 63 73 08 63 6f 6c 6f 72 61
64 6f 03 bar.cs.c olorado. - 00020 65 64 75 00 00 01 00 01
edu.....
identification
Types Class
Flags (RD1)
16
Response Record Format
6foobar2cs8colorado3edu0
Query class
Query type
TTL
Resource data length
Resource data
17
Responses
- For a query class of 1 (address), return data is
a 4-byte IP address in network byte order
18
DNS Response
- select(4, 3, NULL, NULL, 5, 0) 1 (in
3, left 5, 0) - recvfrom(3, "\314i\201\200\0\1\0\1\0\7\0\v\6foobar
\2cs\10colorado\3"..., 65536, 0, - sin_familyAF_INET, sin_porthtons(53),
sin_addrinet_addr("127.0.0.1"), 16) 387 - 00000 cc 69 81 80 00 01 00 01 00 07 00 0b 06
66 6f 6f .i...... .....foo - 00010 62 61 72 02 63 73 08 63 6f 6c 6f 72 61
64 6f 03 bar.cs.c olorado. - 00020 65 64 75 00 00 01 00 01 c0 0c 00 01 00
01 00 00 edu..... ........ - 00030 00 da 00 04 80 8a f1 4e 02 63 73 08 63
6f 6c 6f .......N .cs.colo - 00040 72 61 64 6f 03 65 64 75 00 00 02 00 01
00 00 0f rado.edu ........ - 00050 e9 00 02 c0 38 c0 38 00 02 00 01 00 00
0f e9 00 ....8.8. ........ - 00060 07 04 6d 6f 65 74 c0 38 c0 38 00 02 00
01 00 00 ..moet.8 .8...... - 00070 0f e9 00 08 05 70 69 70 65 72 c0 38 c0
38 00 02 .....pip er.8.8.. - 00080 00 01 00 00 0f e9 00 09 06 61 6e 63 68
6f 72 c0 ........ .anchor. - 00090 38 c0 38 00 02 00 01 00 00 0f e9 00 0a
07 76 75 8.8..... ......vu - 000a0 6c 74 75 72 65 c0 38 c0 38 00 02 00 01
00 00 0f lture.8. 8....... - 000b0 e9 00 0e 08 70 61 63 69 66 69 65 72 03
63 6f 6d ....paci fier.com - 000c0 00 c0 38 00 02 00 01 00 00 0f e9 00 06
03 78 6f ..8..... ......xo - 000d0 72 c0 bc c0 38 00 01 00 01 00 00 0f e9
00 04 80 r...8... ........ - 000e0 8a f3 97 c0 61 00 01 00 01 00 00 0d d3
00 04 80 ....a... ........ - 000f0 8a f3 89 c0 61 00 01 00 01 00 00 0d d3
00 04 80 ....a... ........
19
DNS Response
- select(4, 3, NULL, NULL, 5, 0) 1 (in
3, left 5, 0) - recvfrom(3, "\314i\201\200\0\1\0\1\0\7\0\v\6foobar
\2cs\10colorado\3"..., 65536, 0, - sin_familyAF_INET, sin_porthtons(53),
sin_addrinet_addr("127.0.0.1"), 16) 387 - 00000 cc 69 81 80 00 01 00 01 00 07 00 0b 06
66 6f 6f .i...... .....foo - 00010 62 61 72 02 63 73 08 63 6f 6c 6f 72 61
64 6f 03 bar.cs.c olorado. - 00020 65 64 75 00 00 01 00 01 c0 0c 00 01 00
01 00 00 edu..... ........ - 00030 00 da 00 04 80 8a f1 4e 02 63 73 08 63
6f 6c 6f .......N .cs.colo
20
Resource Records
- A - IP address returned as 32-bit value (see
example) - PTR - pointer queries. IP address is
represented as a domain name (70.241.138.128.in-ad
dr.arpa). - CNAME - canonical name
- HINFO - host info
- MX - mail exchange
- NS - name server record
21
Dynamic DNS
Recommended
CrystalGraphics Presentations
