Domain Name System DNS

1
Domain Name System(DNS)

• G53ACC

Chris Greenhalgh School of Computer Science and IT
2
Contents

• Introduction
• DNS names and name space
• Resource records
• Applications
• Administration and zones
• Query patterns
• Message format
• Cacheing
• Books Comer Ch. 31

3
Domain Name System (DNS)

• DNS provides name-to-value mapping through
• hierarchicaldomain-based naming scheme
• distributed database system
• Primarily for mapping host names to IP addresses
• E.g. as used in URLs
• (other local solutions, e.g. Sun NIS, MS
  ActiveDirectory)
• Defined in RFC1034 and RFC1035.

4
DNS Name Space

• The Internet is divided into several hundred
  top-level domains
• Each domain covers many hosts
• Each domain is partitioned into subdomains
• these too are further partitioned, and so on.
• These domains can be represented by a tree

5
A Portion of the DNS Name Tree
com
edu
gov
mil
org
uk
ac
co
mit
nottingham
warwick
demon
ftp
cs
ccc
much
6
Names

• A domain is named by the path from it to the
  (unnamed) root.
• The components are separated by dots.
• e.g. a Nottingham CS machine might
  bemuch.cs.nottingham.ac.uk
• Hierarchical, so
• much at CS (much.cs.nott.ac.uk) is notmuch at
  Warwick (much.warwick.ac.uk)

7
Names Restrictions

• Domain names are case insensitive
• edu and EDU mean the same thing
• Component names can be up to 63 characters long
• Full path names must not exceed 255 characters

8
DNS Resource Records

• Each domain has a set of resource records
  associated with it.
• For a single host, the most common resource
  record is just its IP address
• but many other kinds of resource records exist
• When a query is directed to a domain, the result
  is the relevant resource record(s) associated
  with that name

9
Resource Record structure

• Each resource record comprises
• Owner domain name
• Type entry type, 16 bits, e.g. A, CNAME,
• Class protocol or protocol family, 16 bits,
  e.g. IN (the INternet)
• TTL time, 32 bits, seconds, that this resource
  record can be cached
• RDATA type-specific information, e.g. IP
  address for type A record

10
Resource record Types
Type Meaning Value SOA Start of
Authority Parameters for this zone A IP address
of a host 32bit integer MX Mail
Exchange Priority, domain willing to accept
email CNAME Canonical Name Domain
Name PTR Pointer Alias for an IP
address HINFO Host Description CPU and OS in
ASCII (security risk rarely
used) TXT Text Uninterpreted ASCII text
11
A Simple Example
Resource Records for Much (Class (IN) and TTL
are nameserver defaults) much A
128.243.21.21 MX 1 marian MX 2 pat MX
5 nfs-relay.ac.uk HINFO Sparc UNIX
12
Applications (1)

• Host Naming
• ASCII names
• e.g. marian.cs.nott.ac.uk
• human readable
• memorable
• Numerical addresses
• e.g. 128.243.21.16
• needed by network (e.g. for routing)
• DNS host name domain name, A record contains
  numerical IP address

13
Applications (2)

• Host aliases
• CNAME records, e.g. www.cs.nott.ac.uk gt
  pat.cs.nott.ac.uk
• Note a node with a CNAME record should only have
  a CNAME record
• All other queries are answered using records for
  the pointed-to domain name
• PTR records, which just point to another domain
  name
• Other queries not automatically forwarded
• E.g. reverse lookup

14
Applications (3)

• Reverse lookup IP address to host name
• Special domain IN-ADDR.ARPA is root of tree with
  (reversed) dot-separated IP addresses as
  nodes/sub-nodes.
• PTR records identify host domain name records
• 131.21.243.128.IN-ADDR.ARPA gt (PTR)
  picasso.mrl.nottingham.ac.uk
• picasso.mrl.nottingham.ac.uk gt (A)
  128.243.21.131
• Why?
• for security (delegation of sub-zones follows IP
  address allocation)
• Is this really the machine which it says it is?
• Is it entitled to use this IP address?

15
Applications (4)

• Email addresses (Internet)
• for example, mjr_at_cs.nott.ac.uk
• MX record - Mail eXchanger gt host to deliver
  mail to for the given address
• for cs.nott.ac.uk the answer is (with priority,
  low best)MX 5 pat.cs.nott.ac.uk.MX 8
  marian.cs.nott.ac.uk.MX 10
  pat.ccc.nottingham.ac.uk.

16
Administration Name Allocation

• Naming follows organisational boundaries, not
  physical networks
• Departments sharing the same LAN can have
  distinct domains
• Hosts in departments split over several buildings
  can have the same domain

ac.uk
nottingham
warwick
cs
ccc
much
17
Administration Domain Allocation

• Each domain controls how it allocates domains
  underneath it.
• To create a new domain, permission is required of
  the domain in which it will be included
• e.g. to create psychology.nott.ac.uk needs
  permission from nott.ac.uk
• A new domain can create sub-domains without
  needing external permission
• Top-level domains are administered by registries,
  e.g. interNIC for .com, .org, .net, .edu

18
Administration Zones

• A zone is a fully connected subset of the domain
  name space which is administered as a single
  unit.
• A zone will be a single sub-tree, less those
  sub-sub-trees which have been delegated to other
  administrative zones.
• A zone must have at least two name servers, and
  must identify all sub-zone name servers.
• Root zone information is cached by hand at
  most/all name servers.

19
A Portion of the DNS Name Space with Possible
Zones
uk
ac
co
warwick
demon
nott
cs
ccc
mrl
20
DNS Protocol Operation

• Simple request-response protocol over UDP
• Client forms request
• uses UDP
• sends to default server (e.g. from
  /etc/resolv.conf)
• Server receives request
• uses UDP
• sends response back to client
• may make additional (recursive) queries to other
  servers (if permitted by query flag RD)

21
DNS Message Format (i)

• bytes 0,1 Client query identification no.
• 2,3 Flags, including
• QR (1 bit) query (0), response (1)
• AA (1 bit) authoritative answer, i.e. by DNS
  server responsible for the domain in question.
• RD (1 bit) recursion desired
• RA (1 bit) recursion available (from server)
• RCODE (4 bits) ok/error response (from server)

22
DNS Message Format (ii)

• 4,5 number of questions
• 6,7 number of answers
• 8,9 number of authority records
• 10,11 number of additional records
• Followed by questions, answers, authority
  records, and additional records in turn.
• Question comprises domain name, type (can be
  any) and class.
• Answers and other records comprise standard
  resource records (see earlier)
• Standard encodings and compression scheme using
  for domain names defined in RFC.

23
DNS Recursive Query (normal)
.com
.foo.com
Client
wu.foo.com? (A records, INternet)
marian .cs.nott.ac.uk
1. Client queries default (local) DNS server. 2.
If server cannot resolve query, it in turn
queries a DNS server which is responsible for
the root of that domain. 3. That server may pass
the request on to another DNS server
responsible for a more specific sub-domain. And
so on.
24
DNS Iterative Query
4.
3.
Client
2.
1.
1. Query sent to local DNS server 2. Local server
cannot resolve it, but returns address of DNS to
query next (server with authority for
domain) 3. Client queries authority DNS server 4.
That server returns results of query, or goto
step 2.
25
Response Caching

• DNS servers (and clients) can cache responses to
  previous recursive queries
• gives a non-authoritative answer
• the server in not responsible for that domain but
  has a recent response
• Needed for scalability, e.g. avoid accessing US
  for every .com domain name request
• (also uses replication of servers)
• Can optionally cache negative responses(e.g.
  common typos or defunct domains)

26
Tools

• Command-line
• dig
• E.g. dig any cs.nott.ac.uk
• nslookup
• Web sites
• Various
• Providing access to similar facilities (and more)