270 likes | 466 Views
Domain Name System (DNS). G53ACC. Chris Greenhalgh School of Computer Science and IT. Contents. Introduction DNS names and name space Resource records Applications Administration and zones Query patterns Message format Cacheing Books: Comer Ch. 31. Domain Name System (DNS).
E N D
Domain Name System(DNS) G53ACC Chris Greenhalgh School of Computer Science and IT
Contents • Introduction • DNS names and name space • Resource records • Applications • Administration and zones • Query patterns • Message format • Cacheing Books: Comer Ch. 31
Domain Name System (DNS) • DNS provides name-to-value mapping through: • hierarchicaldomain-based naming scheme • distributed database system • Primarily for mapping host names to IP addresses • E.g. as used in URLs • (other local solutions, e.g. Sun NIS, MS ActiveDirectory) • Defined in RFC1034 and RFC1035.
DNS Name Space • The Internet is divided into several hundred top-level domains • Each domain covers many hosts • Each domain is partitioned into subdomains • these too are further partitioned, and so on. • These domains can be represented by a tree:
A Portion of the DNS Name Tree com edu gov mil org uk mit ac co ftp nottingham warwick demon cs ccc much
Names • A domain is named by the path from it to the (unnamed) root. • The components are separated by “dots”. • e.g. a Nottingham CS machine might bemuch.cs.nottingham.ac.uk • Hierarchical, so • much at CS (much.cs.nott.ac.uk) is notmuch at Warwick (much.warwick.ac.uk)
Names Restrictions • Domain names are case insensitive • edu and EDU mean the same thing • Component names can be up to 63 characters long • Full path names must not exceed 255 characters
DNS Resource Records • Each domain has a set of “resource records” associated with it. • For a single host, the most common resource record is just its IP address • but many other kinds of resource records exist… • When a query is directed to a domain, the result is the relevant resource record(s) associated with that name
Resource Record structure • Each resource record comprises: • Owner = domain name • Type = entry type, 16 bits, e.g. A, CNAME, … • Class = protocol or protocol family, 16 bits, e.g. IN (the INternet) • TTL = time, 32 bits, seconds, that this resource record can be cached • RDATA = type-specific information, e.g. IP address for type A record
Resource record Types Type Meaning Value SOA Start of Authority Parameters for this zone A IP address of a host 32bit integer MX Mail Exchange Priority, domain willing to accept email CNAME Canonical Name Domain Name PTR Pointer Alias for an IP address HINFO Host Description CPU and OS in ASCII (security risk – rarely used) TXT Text Uninterpreted ASCII text
A Simple Example Resource Records for Much (Class (‘IN’) and TTL are nameserver defaults) much A 128.243.21.21 MX 1 marian MX 2 pat MX 5 nfs-relay.ac.uk HINFO Sparc UNIX
Applications (1) • Host Naming • ASCII names • e.g. marian.cs.nott.ac.uk • human readable • memorable • Numerical addresses • e.g. 128.243.21.16 • needed by network (e.g. for routing) • DNS host name = domain name, ‘A’ record contains numerical IP address
Applications (2) • Host aliases • ‘CNAME’ records, e.g. ‘www.cs.nott.ac.uk’ –> ‘pat.cs.nott.ac.uk’ • Note: a node with a CNAME record should only have a CNAME record – • All other queries are answered using records for the pointed-to domain name • ‘PTR’ records, which just point to another domain name • Other queries not automatically forwarded • E.g. reverse lookup…
Applications (3) • Reverse lookup: IP address to host name • Special domain IN-ADDR.ARPA is root of tree with (reversed) dot-separated IP addresses as nodes/sub-nodes. • PTR records identify host domain name records • 131.21.243.128.IN-ADDR.ARPA => (PTR) picasso.mrl.nottingham.ac.uk • picasso.mrl.nottingham.ac.uk => (A) 128.243.21.131 • Why? • for security (delegation of sub-zones follows IP address allocation) • Is this really the machine which it says it is? • Is it entitled to use this IP address?
Applications (4) • Email addresses (Internet) • for example, mjr@cs.nott.ac.uk • MX record - Mail eXchanger –> host to deliver mail to for the given address • for cs.nott.ac.uk the answer is (with priority, low best):MX 5 pat.cs.nott.ac.uk.MX 8 marian.cs.nott.ac.uk.MX 10 pat.ccc.nottingham.ac.uk.
Administration: Name Allocation • Naming follows organisational boundaries, not physical networks • Departments sharing the same LAN can have distinct domains • Hosts in departments split over several buildings can have the same domain ac.uk … nottingham warwick … cs ccc … much …
Administration: Domain Allocation • Each domain controls how it allocates domains underneath it. • To create a new domain, permission is required of the domain in which it will be included • e.g. to create psychology.nott.ac.uk needs permission from nott.ac.uk • A new domain can create sub-domains without needing external permission • Top-level domains are administered by registries, e.g. interNIC for .com, .org, .net, .edu
Administration: Zones • A zone is a fully connected subset of the domain name space which is administered as a single unit. • A zone will be a single sub-tree, less those sub-sub-trees which have been delegated to other administrative zones. • A zone must have at least two name servers, and must identify all sub-zone name servers. • Root zone information is cached by hand at most/all name servers.
A Portion of the DNS Name Space with Possible Zones uk ac co warwick demon nott cs ccc mrl
DNS Protocol Operation • Simple request-response protocol over UDP… • Client forms request • uses UDP • sends to default server (e.g. from /etc/resolv.conf) • Server receives request • uses UDP • sends response back to client • may make additional (recursive) queries to other servers (if permitted by query flag RD)…
DNS Message Format (i) • [bytes 0,1] Client query identification no. • [2,3] Flags, including: • QR (1 bit) query (0), response (1) • AA (1 bit) authoritative answer, i.e. by DNS server responsible for the domain in question. • RD (1 bit) recursion desired • RA (1 bit) recursion available (from server) • RCODE (4 bits) ok/error response (from server)
DNS Message Format (ii) • [4,5] number of questions • [6,7] number of answers • [8,9] number of authority records • [10,11] number of additional records • Followed by questions, answers, authority records, and additional records in turn. • Question comprises domain name, type (can be ‘any’) and class. • Answers and other records comprise standard resource records (see earlier) • Standard encodings and compression scheme using for domain names defined in RFC.
DNS DNS DNS DNS Recursive Query (normal) .com .foo.com Client wu.foo.com? (A records, INternet) marian: .cs.nott.ac.uk 1. Client queries default (local) DNS server. 2. If server cannot resolve query, it in turn queries a DNS server which is responsible for the root of that domain. 3. That server may pass the request on to another DNS server responsible for a more specific sub-domain. And so on.
DNS DNS DNS DNS Iterative Query 4. 3. Client 2. 1. 1. Query sent to local DNS server 2. Local server cannot resolve it, but returns address of DNS to query next (server with authority for domain) 3. Client queries authority DNS server 4. That server returns results of query, or goto step 2.
Response Caching • DNS servers (and clients) can cache responses to previous recursive queries • gives a “non-authoritative” answer • the server in not responsible for that domain but has a recent response • Needed for scalability, e.g. avoid accessing US for every .com domain name request • (also uses replication of servers) • Can optionally cache negative responses(e.g. common typos or defunct domains)
Tools • Command-line • dig • E.g. “dig any cs.nott.ac.uk” • nslookup • … • Web sites • Various… • Providing access to similar facilities (and more)