TECH 3101: Computer Systems Architectecture and Administration

TECH 3101: Computer Systems Architectecture and Administration Mohammed A. Saleh http://ifm.ac.tz/staff/msaleh/TECH3101.html

DNS Part 1

Domain Name Service (DNS) • TCP/IP facility that lets you use names rather than numbers to refer to host computers. • Without DNS, you’d buy books from 207.171.182.16 instead of from www.amazon.comand search the Web at 216.239.51.100 instead of at www.google.com. • If you want to review the complete official specifications for DNS, look up RFC 1034 and 1035 at www.ietf.org/rfc/rfc1034.txt and www.ietf/rfc/rfc1035.txt.

Understanding Domain Names • Provides a standardized system for providing names to identify TCP/IP hosts and a way to look up the IP address of a host given the host’s DNS name • For example, if you use DNS to look up the name www.ebay.com, you get the IP address of Ebay’s Web host: 66.135.192.87. • Thus, DNS allows you to access Ebay’s Web site using the DNS name www.ebay.com rather than the site’s IP address

Concepts of DNS • To provide a unique DNS name for every host computer on the Internet, DNS uses a time-tested technique: divide and conquer • Uses a hierarchical naming system • It organizes names into domains • Each domain includes all the names that appear directly beneath it in the DNS hierarchy • Figure 1.0: DNS Domain Tree

Cont …

Cont … • At the very top of the tree is the root domain • Beneath the root domain are four top-level domains, named edu, com, org, and gov (exist more top level domains) • LoweWriter is a personal domain, you have to combine it with the name of its parent domain in order to identify it, hence LoweWriter.com • The parts of the domain name are separated from each other with periods • Beneath the LoweWriter node are four host nodes • The host name with the domain name are combined to get the complete DNS name, server1.LoweWriter.com

Nitty-gritty about DNS Names • DNS names are not case-sensitive • The name of each DNS node can be up to 63 characters long (not including the dot) and can include letters, numbers, and hyphens • A subdomain is a domain that’s beneath an existing domain • DNS is a hierarchical naming system that’s similar to the hierarchical folder system used by Windows. • one crucial difference exists between DNS and the Windows naming convention • DNS names start at the bottom of the tree and work your way up to the root ; doug.LoweWriter.com

Cont … • Windows paths start at the root and work their way down Windows\System32\dns, dns is the lowest node. • The DNS tree can be up to 127 levels deep. Most DNS names have just three levels (not counting the root)

Fully Qualified Domain Names • If a domain name ends with a trailing dot, that trailing dot represents the root domain, and the domain name is said to be a fully qualified domain name (FQDN) • FQDN is also called an absolute name • DNS names that don’t end with a trailing dot are called relative names • relative and FQDN are interchangeable, because the software that interprets them always interprets relative names in the context of the root domain • you can type www.wiley.com — without the trailing dot — rather than www.wiley.com. to go to Wiley’s home page in a Web browser

Top Level Domain • Appears immediately beneath the root domain • come in two categories: generic domains and geographic domains Generic Domains • Popular top-level domains that you see most often on the Internet • Table 2.0: Summarizes the original seven generic top-level domains

Cont … (source: www.isc.org) • Due to an almost unmanageable size in the late 1990s, the Internet authorities approved seven new top-level domains in an effort to take some of the heat off of the com domain

Cont … • They are not very popular.

Cont … Geographic Domains • They correspond to international country designations • About 150 geographic top-level domains exist • Some them are tz (Tanzania), us (United states), za (South Africa), jp (Japan) and many more The Hosts Files • Long ago, network administrators could keep track of it all in a simple text file, called hosts files • Simply listed the name and IP address of every host on the network • The key was to keep the hosts files up to date whenever a new host is added

Cont … • With the growth of the Internet, it became daunting handling the host files and a better solution was needed. • DNS was invented to solve this problem • Why is it important to understand the host files • Hosts files are still used for small networks, can coexist with DNS • It is the precursor to DNS • The exact location of the hosts file depends on the client operating system

Cont …

DNS Servers and Zones • A DNS server is a computer that runs DNS server software, helps to maintain the DNS database, and responds to DNS name resolution requests. • Most popular DNS servers are Bind (UNIX-based) and the Windows DNS service (Windows) • DNS database — that is, the list of all the domains, sub-domains, and host mappings — is a massively distributed database • No single DNS server contains the entire DNS database • The database is delegated to different servers throughout the Internet • What happens if someone requests the IP address of coyote.acme.com from LoweWrite.com DNS server?

Zones • Simplify the management of the DNS database • The entire DNS namespace is divided into zones • Responsibility for each zone is delegated to a particular DNS server • Zones correspond directly to domains • Example, the LoweWriter.com domain will have LoweWriter.com zone responsible for the whole domain • The sub-domains that make up a domain can be parceled out to separate zones

Cont …

Cont … • Figure 3.0 show how zones can be separated • A domain named LoweWriter.com has been divided into two zones • One zone, us.LoweWriter.com • The other zone, LoweWriter.com, is responsible for the entire LoweWriter.com domain except the us.LoweWriter.com sub-domain • Why would you do that? The main reason is to delegate authority for the zone to separate servers

Types of zones • Primary zone • Master copy of a zone • Data is stored in the local database of the DNS server • Only one DNS server can host a particular primary zone • Secondary zone • Read-only copy of a zone • It obtains its copy of the zone from the zone’s primary server by using a process called zone transfer • must periodically check primary servers for updates

Servers • Primary servers • The DNS server hosts a primary zone. • Every zone must have one primary server • Secondary servers • The DNS server obtains the data for a secondary zone from a primary server TIP: A secondary server should be on a different subnet than the zone’s primary server.

Cont … • Root servers • The core of DNS • Authoritative for the entire Internet • The main function of the root servers is to provide the address of the DNS servers that are responsible for each of the top-level domains • A total of13 root servers are located throughout the world • DNS servers learn how to reach the root servers

Caching • An intelligent way of handling the same user requests • A user visits www.wiley.com today, he’ll probably do it again tomorrow. As a result, name servers keep a cache of query results • Cached data can quickly become obsolete • DNS data is given a relatively short expiration time • The expiration value for DNS data is called the TTL, which stands for time to live

DNS Queries • When a DNS client needs to resolve a DNS name to an IP address, it uses a library routine called a resolver to handle the query. • DNS client can make two basic types of queries: recursive and iterative ✦Recursive queries: the server must reply with either the IP address of the requested host name or an error message indicating that the host name doesn’t exist. ✦Iterative queries: it returns the IP address of the requested host name if it knows the address. If it doesn’t know the address, it returns a referral; the address of a DNS server that should know

DNS Part 2

DNS (Domain Name System) • Associate human-friendly names with machine-friendly IP addresses • Resolution of a given hostname to an IP address • Domain Names, as opposed to IP addresses have the top-most element on the right • Each element can be up to 63 characters long, the full name can be no more than 255 characters • Letters, numbers or dashes can be used in a name element

DNS • Allows machines to be grouped logically, by domain name • Right-most element is called the (TLD) Top Level Domain • The full name is referred to as the (FQDN) Fully Qualified Domain Name • lugh.student.comp.dit.ie or lugh • Internet Assigned Numbers Authority (IANA) controls the top-level domains • Host names map to IP addresses in a one-to-many relationship, each machine may have many IP addresses, and each IP address may be associated with many machines

Example: Mail Routing using DNS • Hosts that are designed to perform email routing, mail exchangers, have special-purpose records in DNS, MX records • A domain should have multiple mail exchangers. • Mail that cannot sent to one mail exchanger, can instead be delivered to an alternative server, providing a failsafe redundancy.

Before DNS • Before DNS, name resolution was accomplished solely by text file databases residing on each host (“hosts” files)‏ • The method is not scalable, and it requires centralised management of the text files Internet DNS Hierarchy • Root Name Servers • Provide references to the appropriate zone authoritative name servers for the top-level domains • Zone-Authoritative name servers • Master and slave servers for zones

Root Name Servers • There are 13 root-name servers • Each has an associated letter name (a to m)‏ • No more names can be used because of protocol limitations • UDP packet can only carry 512 bytes reliably • C, F, I, J, K and M servers now exist in multiple locations on different continents

A simplified domain-map (Root)‏ .ie .com .org dit Posedion Taranaki McCool Aisling mccool.dit.ie

Domains • Dividing domains into sub-domains is important in several regards • Division of a namespace into sub-domains in an hierarchical manner • Removes the requirement that the names of individual hosts be unique (FQDNs) must still be unique • It allows for the decentralised management of the entire namespace • Up to 127 levels deep!

Comp.dit.ie domain-map (Root)‏ .ie domain McCool.student.comp.dit.ie. dit Comp ad Student ict MyLaptop Taranki Poseidon Aisling McCool

Zones, Domains and Delegation • A Domain is a complete sub-tree of the hierarchical namespace • A zone is part of the domain managed by a particular server • Sub domains may be delegated into additional zones • A zone may directly manage some sub domains • A zone represents the scope of administration for which one body is responsible

comp.dit.ie zones (?)‏ (Root)‏ .ie domain dit Comp ad Student ict MyLaptop Taranki Poseidon Aisling McCool McCool.student.comp.dit.ie.

Relationship between domains, zones and DNS Servers • The DNS database is effectively spread across all servers • DNS Servers are delegated to manage particular zones and the links to the rest of the database. • Zone is not necessarily equivalent to domain • A DNS server can manage one or more zones

comp.dit.ie DNS servers (Root)‏ Cara: 147.252.224.80 Poseidon: 147.252.224.12 .ie domain dit Comp cara.comp.dit.ie. ad Student ict MyLaptop Taranki Aisling Poseidon McCool Poseidon.ict.ad.dit.ie.

The DNS Server • Server receives request from client • If the server does not have the answer it will either ask a root server or it forwards the request to another name server • This may happen a number of times until a name server is found that knows the answer • When the server gets a response it will place a copy in its local cache and return a copy to the requesting client

Name Server Hierarchy • Master Name Server • Contains the master copy of data for the zone • Slave Name Server • Provides an automatic backup to the master name server • All slave servers maintain synchronisation with their master name server • Both Master and Slave servers contain authoritative data • Zone may have multiple slaves but only one master • Slave may get its data from another slave

Authoritative ? • If the name server responding to a query is authoritative with respect to the query performed, the data returned is said to be authoritative • Alternatively, responses may come from a name server which has cached the information, in which case the response is said to be non-authoritative • The client may choose not to accept non-authoritative information

Resolver • The DNS client is called the resolver • Resolver capability is built into any program that needs it by way of the resolver library calls • DNS Clients and servers communicate using UDP packets in most cases • UDP is fast, but packets can be no larger than 512 bytes • If query or response is larger than 512bytes, it must be sent by TCP

How did I find out the name servers? mafoley@aisling:~$ nslookup > set type=ns > student.comp.dit.ie Server: 147.252.224.80 Address: 147.252.224.80#53 student.comp.dit.ie nameserver = cian.student.comp.dit.ie. student.comp.dit.ie nameserver = lugh.student.comp.dit.ie. student.comp.dit.ie nameserver = oisin.comp.dit.ie. student.comp.dit.ie nameserver = cara.comp.dit.ie. >

Nslookup on aisling mafoley@aisling:~$ nslookup wicklow Server: 147.252.224.80 Address: 147.252.224.80#53 ** server can't find wicklow: SERVFAIL mafoley@aisling:~$ nslookup wicklow.cs.dit.ie Server: 147.252.224.80 Address: 147.252.224.80#53 Name: wicklow.cs.dit.ie Address: 147.252.224.108

Nslookup on my laptop mark@bailey:~$ nslookup wicklow Server: 192.168.2.1 Address: 192.168.2.1#53 ** server can't find wicklow: NXDOMAIN mark@bailey:~$ nslookup wicklow.cs.dit.ie Server: 192.168.2.1 Address: 192.168.2.1#53 Name: wicklow.cs.dit.ie Address: 147.252.224.108

Deeper into nslookup mafoley@aisling:~$ nslookup > set type=mx > comp.dit.ie Server: 147.252.224.80 Address: 147.252.224.80#53 comp.dit.ie mail exchanger = 5 mail.comp.dit.ie. comp.dit.ie mail exchanger = 15 mail.dit.ie. comp.dit.ie mail exchanger = 4 sinead.comp.dit.ie. >

Deeper into nslookup > set type=a > comp.dit.ie Server: 147.252.224.80 Address: 147.252.224.80#53 Name: comp.dit.ie Address: 147.252.224.80 Name: comp.dit.ie Address: 147.252.224.70 >

How DNS resolves a query • myHostName.myDomain.com wants to look up the address for otherHostName.subDomain.otherDomain.com • myHostName asks its local name server, ns.myDomain.com to figure out the answer • Nothing has been already cached and the local server knows nothing about the address, about otherDomain.com or about com • It does know about servers on the root domain and since it's a iterative server it sends a query about otherHostName.subDomain.otherDomain.com to a root server and gets a referral to the servers for com

Cont … • Local server then queries a com server (always about otherHostName.subDomain.otherDomain.com) and gets back a referral to servers for otherDomain.com • If the server at otherDomain.com does not have the answer cached, it returns a referral to a server at subDomain.otherDomain.com • The server at subDomain.otherDomain.com is authoritative for the requested information and returns otherHostName's address • ns.myDomain.com caches otherHostName's address • Also caches data on servers for com, otherDomain.com and subDomain,otherDomain.com

DNS query process for otherHostName.subDomain.otherDomain.com

TECH 3101: Computer Systems Architectecture and Administration

TECH 3101: Computer Systems Architectecture and Administration

Presentation Transcript

High-tech systems and materials

Database Systems Planning and Administration

Computer Tech Support

Tech Systems

Tax Administration and Tax Systems

DT228-3 Computer Systems’ Architecture and Administration

Textiles 3101

CSE 3101

IT-3101 Database Management Systems

CSE 3101

Computer System Administration

Computer System Administration

CSE 3101

Information Systems for Management (MGSC 3101)

Computer System Administration

by S.V. Bytkin , Cand. Tech. Sc. Computer Automatical Systems,

Tech Prep Administration and Program Development

IT-3101 Database Management Systems

CSE 3101

CSE 3101

Computer Tech Service

Operating Systems and System Administration