DNS Record

1
DNS Record messages

• HAIT
• Shimrit Tzur-David

2
Resource Records

• Every domain can have a set of resource records
  associated with it.
• For a single host, the most common resource
  record is just its IP address, but many other
  kinds of resource records also exist.
• When a resolver gives a domain name to DNS, it
  gets back the resource records associated with
  that name.
• The primary function of DNS is to map domain
  names into resource records.

3
Resource Records Format

• A resource record is a five-tuple
• Domain_name Time_to_live Type Class Value
• Domain_name - the domain to which this record
  applies.
• Time_to_live - gives an indication of how stable
  the record is.
• Class Always IN (for Internet)
• Value the value of the record.

4
Resource Records Type

• Type the type of the record.

5
Resource Records Type Cont.

• A name is hostname, value is IP address.
• MX - value is name of mail-server associated with
  name
• NS - name is domain (e.g. foo.com), value is IP
  address of authoritative name server for this
  domain.
• CNAME - name is alias name for some canonical
  (the real) name, www.ibm.com is really
  servereast.backup2.ibm.com, value is the
  canonical name.
• HINFO - what kind of machine and operating system
  a domain corresponds to.
• TXT - allow domains to identify themselves in
  arbitrary ways.

6
Resource Records - Example
where the domain is located (2 lines)
places to try to deliver e-mail
Sun workstation running UNIX
IP addresses
places to try to deliver e-mail
7
Protocol Messages

• DNS protocol query and reply messages, both
  with same message format.

• msg header
• identification 16 bit number, reply to query
  uses same number as the query id.
• flags
• query or reply
• recursion desired
• recursion available
• reply is authoritative

8
Protocol Messages - Cont
9
DNS query example

• A query for the IP-address of pc2.cs.ucdavis.edu

Name
Type A 1
Class IN 1
10
LDAP

• DNS is extremely important to the correct
  functioning of the Internet.
• DNS does not help locate people, resources,
  services, or objects in general.
• LDAP (Lightweight Directory Access Protocol) -
  locating these things.
• It organizes information as a tree and allows
  searches on different components.
• It can be regarded as a ''white pages'' telephone
  book.

11
LDAP-Aware

• A client programs that can ask LDAP servers to
  look up entries in a wide variety of ways.
• LDAP servers index all the data in their entries,
  and "filters" may be used to select just the
  person or group the client want
• For example, here's an LDAP search translated
  into plain English
• "Search for all people located in Chicago whose
  name contains "Fred" that have an email address.
  Please return their full name, email, title, and
  description."

12
LDAP Permissions

• "Permissions" are set by the administrator to
  allow only certain people to access the LDAP
  database.
• There is an option to keep certain data private.
• LDAP servers also provide "authentication"
  service, so that web, email, and file-sharing
  servers can use a single list of authorized users
  and passwords.