The name and address space - PowerPoint PPT Presentation

1 / 52
About This Presentation
Title:

The name and address space

Description:

The name and address space Network Training Workshop San Jose, 13-20 June 1999 – PowerPoint PPT presentation

Number of Views:107
Avg rating:3.0/5.0
Slides: 53
Provided by: George857
Learn more at: https://nsrc.org
Category:
Tags: address | name | space | vsat

less

Transcript and Presenter's Notes

Title: The name and address space


1
The name and address space
Track1 Host Based Internetworking
  • Network Training Workshop
  • San Jose, 13-20 June 1999

2
What is a domain name ?
easy to find
3
What is DNS?
  • Domain Name Service
  • Internet protocol
  • Distributed data base system for objects in a
    computer network
  • Net-wide Database
  • It Maps
  • name to address
  • address to name
  • Set of tools to manage the service

4
IP addresses and names
  • Disadvantages of an address
  • It is too long (192.162.16.201)
  • It has no representation for the organization
  • It is difficult to remember
  • IP addresses can change
  • Names
  • Human users prefer to use names instead of
    numbers
  • A name can be associated to any device that has
    an IP address
  • Advantages of names
  • They make reference to an organization name
    .ibm.com
  • They are easy to remember

5
Why use hierarchical names?
  • Internet hosts and other resources need globally
    unique names
  • Difficult to keep unstructured names unique
  • would require a single list of all names in use
  • Hierarchical names are much easier to make unique

6
Domain Name Hierarchy
Root domain

.
Top-Level-Domains
. . . . . .
edu
com
gov
mil
net
org
ro
fr
at
jp
Second Level Domains
ici
rnc
ase
pub
utt
vsat
ac
co
gv
or . . .
eunet
uni-linz
tuwien
. . . . . . .
univie
roearn ns std
cs
lmn
dsp
cc
mat
exp
itc
. . . . . .
ulise paul
phytia alpha chris
7
Domain name structures
  • The root of system is unnamed
  • Top level domains are
  • Within the United States of America
  • edu - educational institutions
  • com - commercial institutions
  • net - network support organizations
  • gov - government agencies
  • mil - military organizations
  • org - organizations that dont fit in any of the
    above
  • country code according to ISO-3316 (uk, de, pl,
    sk, mk, ...)
  • Flat structure
  • Based on generic categories (ac, co, gv, org,
    net, etc.)
  • Based on geographical locations (waw.pl,
    poznan.pl, etc.)

8
ICANN
  • ICANN
  • Internet Corporation for Assigned Names and
    Numbers
  • ICANN is the overall authority for
  • IP addresses
  • top-level-domains

9
Domain Name Servers
  • Usually host names are used in network commands
    (telnet, ftp, mail, gopher clients, www clients,
    etc. )
  • Network connections always take place based on
    the IP address
  • The system always converts host names to
    addresses before the network connection is made
  • How to associate names with addresses?
  • Host table
  • Domain Name Server

10
Host Table
  • host table is a simple text file (/etc/hosts)
    which contains associations between an IP address
    and a list of host names.
  • Example
  • 130.65.240.254 carlos.t1.isocws.isoc.org carlos
  • Disadvantage
  • The table should contain all the Internet hosts (
    x 1,000,000 entries)
  • The table is very large
  • Difficult to update when new hosts are connected
    to Internet or IP addresses are changed

11
Domain Name Server (DNS)
  • Overcomes the weaknesses of the host table
  • It is a distributed database system
  • Host names are automatically disseminated to
    those who ask to have access

12
BIND - UNIX Name Service
  • In UNIX, DNS is implemented by the Berkeley
    Internet Name Domain (BIND) software
  • It is a client/server software system
  • The client is called resolver it generates
    queries for domain name information that are sent
    to the server
  • The server is a daemon called named.
  • The domain name is actually an argument used by
    the local resolver
  • The resolver is responsible for hiding the
    distribution of data among nameservers from the
    user
  • The resolver is part of the operating system.

13
DNS Operation
  • To establish a connection to a remote host, a
    user program sends a query to the resolover,
    asking the IP number of a specified hostname
  • The resolver starts with knowledge of at least
    one nameserver
  • The resolver processes a user query by asking a
    known nameserver for the information (IP for the
    remote host)
  • If the nameserver has the answer, it will give
    it.
  • The local nameservers knows the addresses of
    other nameservers
  • If the remote host is in a zone for which the
    local nameserver is not authoritative, queries
    will be sent to other nameservers, starting with
    root servers to find out the delegated nameserver
    for the top-level-domain, the subdomain and so on

14
DNS Operation (continue)
  • To minimize the answer time for the next query to
    the same host name, the nameserver caches the
    information obtained by a query the information
    cached is valid a certain time period as defined
    when that zone was configured.
  • Finally, the nameserver delegated for the zone
    containing the remote host is reached and the IP
    addresses is obtained and returned to the host
    which initiated the first query

15
The resolver/server model (diagram)
Authoritative Nameserver
Recursive Nameserver CACHE
Resolver
Resolver
16
Resolver Configuration
  • Configuration file name
  • /etc/resolv.conf.
  • Designates the name servers on the network that
    should be sent queries.
  • The resolver will try to contact a name server
  • The resolv.conf file contains directives
  • comment
  • another comment
  • search search-list
  • nameserver server-address multiple lines

17
Example - Resolver Configuration
  • search t1.isocws.isoc.org
  • nameserver 130.65.37.128
  • nameserver 130.65.37.215

18
Checking DNS using nslookup
  • nslookup commands
  • server ltnameservergt set the server to be
    queriedset type NS queries NS
    resourcesset type SOA queries SOA
    resourcesset type A queries A
    resourcesset type MX queries MX
    resourcesset type CNAME queries CNAME
    resourcesset type PTR queries PTR
    resourcesset type ANY queries ANY
    resourcesls ltdomaingt lists the
    ltdomaingt zonels ltdomaingt gt ltfile-namegt
    gets the zone ltdomaingt into the
  • fileltfile-namegt

19
Checking DNS using dig
  • Dig
  • Tool to manage DNS settings
  • Syntax is
  • dig domain _at_nameserver query-type

20
Exercise 1. Checking DNS using nslookup
  • nslookup commandsserver ltnameservergt set
    the server to be queriedset type NS
    queries NS resourcesset type SOA
    queries SOA resourcesset type A
    queries A resourcesset type MX
    queries MX resourcesset type CNAME
    queries CNAME resourcesset type PTR
    queries PTR resourcesset type ANY
    queries ANY resourcesls ltdomaingt
    lists the ltdomaingt zonels ltdomaingt gt
    ltfile-namegt gets the zone ltdomaingt into
    ltfile-namegtview ltfile-namegt views
    the ltfile-namegt file
  • nslookup
  • gtset typeany
  • gtwww.t1.isocws.isoc.org.
  • gtorg.
  • gtls isoc.org gt file1
  • gtview file1
  • You can check other domains, known to you.

21
Exercise 2. Checking DNS using dig
  • dig command dig zone _at_nameserver
    query-type
  • Exercises
  • dig _at_ns.t1.isocws.isoc.org t1.isocws.isoc.org A
  • dig _at_ns.t1.isocws.isoc.org t1.isocws.isoc.org
    NS
  • dig _at_ns.t1.isocws.isoc.org isocws.isoc.org MX
  • What information does give you?
  • You can check other domains, known to you.

22
Remarks
  • DNS is essential for a proper operation of the
    network
  • If DNS fails, connections to any remote host are
    no more possible
  • To allow network operation in case of failures of
    a nameserver, each nameserver (called primary
    nameserver should have at least another
    nameserver (called secondary nameserver) which
    holds a copy of the zone file
  • The secondary nameserver periodically queries the
    primary nameserver whether the zone was changed.
    In case of the change, it is transferred into its
    cache and also stored in a local file, which will
    be used next time at starting up as initial data
  • When data about a new host should be added to the
    DNS database, or a change of address/name should
    be done, the entry is done only on the primary
    nameserver the secondary nameserver will get it
    automatically.

23
Reverse Lookup
  • When a source host establishes a connection to a
    destination host, the TCP/IP packets carry out
    only IP addresses of the source host
  • For authentication, access rights or accounting
    information, the destination host wants to know
    the name of the source host
  • For this purpose, a special domain in-addr.arpa
    is used
  • The reverse name is obtained by reversing the IP
    number and adding the name in-addr.arpa
  • Example address 130.65.240.254
  • reverse name 254.240.65.130.in-addr.arpa
  • Reverse domains form a hierarchical tree and are
    treated as any other Internet domain.

24
Reverse Domain Hierarchy
.arpa

.in-addr
. . . . . .
187
188
189
190
191
192
193
194
195
157
158
159
160
165
166
167
168 . . .
162
161
163
164
16
15
14
13
12
17
18
19
20
21
3
1
2
4
5
25
Hierarchy of nameservers
  • Root nameserver - delegates nameservers for
    top-level-domains
  • Nameserver for each top level domain - holds
    information about the top level domain, delegates
    nameservers for subdomains
  • Nameserver for each subdomain
  • Nameserver for each reverse domain

26
Requirements for a nameserver
  • A query should be resolved as fast as possible
  • It should be available 24 hours a day
  • It should be reachable via fast communication
    lines
  • It should be located in the central in the
    network topology
  • It should run robust, without errors and
    interrupts.

27
Type of servers
  • DNS server
  • primary for some zones
  • secondary for others,
  • Caching Only Server
  • All servers not authoritative for any zone
  • Forwarding Server
  • always forwards queries it cannot satisfy from
    its cache, to a fixed list of forwarding servers
    the queries to the forwarding servers are
    recursive queries.

28
Files
  • Name server uses several files to load its data
    base
  • This section covers the files and their formats
    needed for named
  • Boot File
  • file - first read when named starts up
  • tells the server what type of server it is, which
    zones it has authority over and where to get its
    initial data.
  • The default location /etc/named.conf
  • Can be changed by setting the BOOTFILE variable
    when you compile named or by specifying the
    location on the command line when named is
    started up.

29
Domain data files
  • Two standard files for specifying the data for a
    domain
  • mapping addresses in names
  • mapping name in addresses
  • These files use the Standard Resource Record
    Format (RR)
  • Note
  • The file names are arbitrary many network
    administrators prefer to name their zone files
    after the domains they contain, especially in the
    average case which is where a given server is
    primary and/or secondary for many different zones.

30
Forward mapping File
  • This file contains all the data about the
    machines in this zone.
  • The location of this file is specified in the
    boot file.
  • Declare in named.conf file

31
Reverse mapping File
  • This file specifies the IN-ADDR.ARPA domain
  • Declared in named.conf file
  • This is a special domain for allowing address to
    name mapping.
  • Special domain formed to allow inverse mapping
  • The IN-ADDR.ARPA domain has four labels preceding
    it. (4 octets of an Internet address)
  • E.g. Internet address 128.32.0.4
  • domain 4.0.32.128.IN-ADDR.ARPA.

32
Standard Resource Record Format (RR)
  • The records in the name server data files are
    called resource records. The Standard Resource
    Record Format (RR) is specified in RFC1035.
  • General description of these records
  • name ttl addr-class Record Type
    Record Specific data
  • the name may be left blank
  • The second field is an optional time to live
    field. (default ttl is specified in the Start Of
    Authority resource record).
  • The third field is the address class currently,
    only one class is supported IN

33
IP address for a host
  • A record
  • Owner is host name
  • Data is IP address
  • IP address of infoserver.xyz.com
  • www.dns.net. 86400 IN A 196.34.13.9

34
Information needed by the DNS infrastructure
itself
  • SOA record
  • Each zone has exactly one SOA record
  • NS records
  • Each zone has several nameservers that are listed
    as having authoritative information about domains
    in the zone
  • One NS record for each such nameserver

35
SOA record
  • Every zone has exactly one SOA record
  • The domain name at the top of the zone owns the
    SOA record
  • Data portion of SOA record contains
  • MNAME - name of master nameserver
  • RNAME - email address of zone administrator
  • The Five Magic Numbers
  • SERIAL - serial number
  • REFRESH RETRY EXPIRE MINIMUM - timing parameters

36
NS record
  • Each zone has several listed nameservers
  • One NS record for each listed nameserver
  • primary and secondary
  • the data portion of each NS record contains the
    domain name of a nameserver
  • Does not contain IP address
  • Get that from an A record for the nameserver

37
SOA and NS record example
  • owner TTL class type data
  • xyz.com. 86400 IN SOA ns1.xyz.com.
    fred.xyz.com. (

  • 199906141 serial
  • 21600
    refresh
  • 3600
    retry

  • 2600000 expire
  • 900
    ) minimum
  • xyz.com. 86400 IN NS ns1.xyz.com.
  • xyz.com. 86400 IN NS ns2.xyz.com.
  • xyz.com. 86400 IN NS server.where.exampl
    e.

38
SOA and NS example using some shortcuts
  • ORIGIN xyz.com.
  • TTL 86400
  • owner TTL class type data
  • _at_ IN SOA ns1.xyz.com.
    fred.xyz.com. (

  • 199710161 serial
  • 21600
    refresh
  • 3600
    retry

  • 2600000 expire
  • 900
    ) minimum
  • NS ns1
  • NS ns2
  • NS
    server.where.example.

39
More RRs above and below zone cuts
  • RRs in the child zone (below the cut)
  • SOA and NS records (authoritative)
  • RRs in the parent zone (above the cut)
  • NS records (should be identical to those in the
    child zone)
  • glue records
  • the child zones nameservers sometimes need A
    records in the parent zone

40
Zone cut example - RRs in the child zone
  • parent is COM zone child is XYZ.COM zone
  • child zone has SOA and NS records, and A records
    for hosts
  • xyz.com. IN SOA xxx xxx xxx xxx
    xxx xxx xxx
  • NS
    ns1.xyz.com.
  • NS
    another.where.edu.
  • ns1.xyz.com. A 193.226.0.3
  • the xyz.com zone does not have an A record
  • for another.where.edu.

41
Zone cut example - RRs in the parent zone
  • parent is COM zone child is XYZ.COM zone
  • parent zone has its own SOA and NS records, plus
    copies of child zones NS records, plus glue
    records
  • COM. IN SOA xxx xxx xxx xxx
    xxx xxx xxx
  • NS xxxxxxx
  • NS yyyyyyy
  • xyz.com. NS ns1.xyz.com.
  • NS
    another.where.ro.
  • ns1.xyz.com. A 192.0.2.3
  • the com zone does not have an A record
  • for another.elsewhere.edu.

42
Hostname for an IP address
  • PTR record
  • Owner is IP address, mapped into the in-addr.arpa
    domain
  • Data is name of host with that IP address
  • host name for IP address 192.0.3.2
  • 3.0.226.193.in-addr.arpa. PTR infoserver.ici.ro.

43
Information about mail routing
  • MX record
  • Owner is name of email domain
  • Data contains preference value, and name of host
    that receives incoming email
  • send xyz.coms email to mailserver or
    backupserver
  • xyz.com. MX 0 mail.xyz.ro.
  • xyz.com. MX 10 backup.xyz.ro.

44
Free form text
  • TXT record
  • Owner is any domain name
  • Data is any text associated with the domain name
  • Very few conventions about how to use it
  • .ro. TXT George Macri -
    Tech-contact

45
Alias to canonical name mapping
  • CNAME record
  • Owner is non-canonical domain name (alias)
  • Data is canonical domain name
  • ftp.rnc.ro is an alias
  • info.ici.ro is the canonical name
  • ftp.rnc.ro. CNAME info.ici.ro.

46
BIND 8 Highlights
  • DNS Dynamic Updates (RFC 2136)
  • DNS Change Notification (RFC 1996)
  • Completely new configuration syntax
  • Flexible, categorized logging system
  • IP-address-based access control for queries, zone
    transfers, and updates that may be specified on a
    zone-by-zone basis
  • More efficient zone transfers
  • Improved performance for servers with thousands
    of zones
  • The server no longer forks for outbound zone
    transfers
  • Many bug fixes

47
Statements
  • A BIND 8 configuration consists of statements and
    comments.
  • Statements end with a semicolon.
  • Statements supported
  • acl
  • defines a named IP address matching list, for
    access control and other uses
  • include
  • includes a file
  • key
  • specifies key information for use in
    authentication and authorization
  • logging
  • specifies what the server logs, and where the log
    messages are sent
  • options
  • controls global server configuration options and
    sets defaults for other statements
  • server
  • zone

48
Example Config File
  • / A simple BIND 8 configuration /
  • options
  • directory "/var/named"
  • zone rnc.ro" in
  • type master
  • file "master/isc.org"

49
Example Config File (cont.)
  • zone ici.ro" in
  • type slave
  • file "slave/vix.com"
  • masters 192.162.16.31
  • zone "." in
  • type hint
  • file "named.cache"
  • zone "0.0.127.in-addr.arpa" in
  • type master
  • file "master/127.0.0"

50
Domain Management
  • Starting named
  • Named signaling processing
  • Debugging DNS
  • Tools
  • nslookup
  • dig
  • host

51
Questions
52
REFERENCES
  • Christian Huitema, Routing in the Internet,
    Prentice Hall, ISBN 013-132192-7, 1996
  • Kevin Dowd, Getting Connected, Internet at 56K
    and Up, OReilly Associates, Inc., Bonn, 1996
  • Network Technology Workshop, Tracks, 1996-1998
  • Craig Hunt, TCP/IP Network Administration,
    OReilly Associates, Inc., Sebastopol, 1993
  • Internetworking Technology Overview, Cisco
    Systems, Inc., 1993
  • Book text of the 4th Network Seminar and
    Intensive Course for Scientists and Network
    Managers from Central Europe, Feb. 1993, Vienna
    University Computer Center
  • E. Comer, Internetworking with TCP/IP, Vol I,
    Principles, Protocols and Architecture, Prentice
    Hall, Englewood Cliffs, New Jersey, 1991.
  • William Stallings, Data and Computer
    Communications, Macmillan Publishing Company, New
    York, 1985.
Write a Comment
User Comments (0)
About PowerShow.com