380 likes | 573 Views
DNS—Domain Name System RFC: 1034, 1035. 學生 : 朱家彥 陶宛琳. 指導教授 : 梁德昭 老師. Introduction — Why DNS. ARPAnet – Administrators typically emailed their changes to the NIC, and periodically ftped to SRI-NIC and grabbed the current HOSTS.TXT. Problems with Host.txt
E N D
DNS—Domain Name System RFC: 1034, 1035 學生: 朱家彥 陶宛琳 指導教授: 梁德昭 老師
Introduction —Why DNS • ARPAnet – Administrators typically emailed their changes to the NIC, and periodically ftped to SRI-NIC and grabbed the current HOSTS.TXT. • Problems with Host.txt • Traffic and load • Name collisions • Consistency
Introduction — What is DNS • DNS is used primarily to map between hostnames and IP addresses
Introduction — DNS Design Goal • Consistency • Can be maintained in a distributed manner(decentralize) • Source of data should control the tradeoff • Not restricted to a single application • Can be used with different protocol families • Independent from communication systems • Be useful across a wide spectrum of host capabilities
DNS — Major Components • DOMAIN NAME SPACE AND RESOURCE RECORDS • NAME SERVERS • RESOLVERS
DOMAIN NAME SPACE • Tree structure (inverted tree ) • Each node and leaf on the tree corresponds to a resource set and has a label • Length of every label is limited to 63 octets • Brother nodes may not have the same label • The null label ( 0 octet ) is reserved for the root • Depth of of the tree structure is limited to 127 levels
DOMAIN NAME—1 • The domain name of a node in the domain name space is the list of labels on the path from the node to the list • Domain names are printed or read left of right, ie.from the most specific (lowest, farthest from the root) to the least specific (highest, closest to the root). Example: www.tku.edu.tw
DOMAIN NAME — 2 • Upper case, lower case • How users use domain names • Absolute(FQDN-Fully qualified domain name) • Relative(PQDN-Partial qualified domain name) • The total number of octets that represent a domain name is limited to 255
DOMAIN • A domain is a sub tree of the domain name space • A domain is identified by a domain name. And this domain name is the same as the very top node in the domain. • A domain is a subdomain of another domain if it is contained with in that domain.
Delegation • As mentioned before, a main goal of DNS is to decentralize administration. This is achieved through Delegation. • Delegation is done by giving the administration power of an subdomain to another organization
NAME SERVER AND ZONE — Name Server • The programs that store information about the domain name space are called name servers. • Name servers generally have complete information of some part of the domain name space, called a zone • The name server is said to have authority of the zone • Name servers can be authoritative to multiple zones • The principal activity of name servers is to answer standard queries
NAME SERVER AND ZONE — Zone • Every zone has at least one node for which it is authoritative, and all of the nodes in a particular zone are connected • The name of the node in the zone that is closer than any other nodes in the zone, is the name of the zone
NAME SERVER AND ZONE — Types of name servers • Primary Name Server • A primary name server gets the information of the zone it authorizes from files on local • Secondary Name Server • Gets zone information from the primary name server of the zone • Periodically contact to the primary name server for latest information. If updates has been made in the primary name server. Then zone transfer have to be taken place
Caching • To store data for future reference • Speed up query
假設先前已經查詢過 eecs.berkeley.edu這個位址
Resolver • Programs that interface user programs to domain name servers. • The resolver is located on the same machine as the program that requests the resolver’s services, but it may need to consult name servers on other hosts. • Eliminate name server load. • Interpret response. (RRs or error)
“” name server Recursive “ ” tw name server jp Name server tw edu name server co edu tku name server tku Resolver im name server 163.13.200.193 im Userprogram QNAME=im2.im.tku.edu.tw. QTYPE=A
“” name server Non-Recursive(interative) “ ” tw name server local name server jp tw edu name server co edu Resolver tku name server tku im name server 163.13.200.193 im Userprogram QNAME=im2.im.tku.edu.tw. QTYPE=A
DNS Message Format 0 15 16 31 Flag Header Section Flag 16 bits
Resource Record • A domain name identifies a node. Each node has a set of resource information, composed of separate resource records(RRs). 1. Owner: domain name where the RR pertain. 2. Type:
Resource Record 3. CLASS: identify a protocol family. 4. TTL: time interval to live, 32 bit integer. 0 => not be cached. 5. RDATA: describe the resource data, string.
Resource Record(example) @ IN SOA im.tku.edu.tw. root.mail.im.tku.edu.tw. ( 1999081006 ; Serial 86400 ; Refresh - 1 days 1800 ; Retry 1728000 ; Expire - 20 days 259200 ) ; Minimum TTL - 3 days IN NS mail.im.tku.edu.tw. IN MX 0 mail.im.tku.edu.tw. IN MX 2 mis.im.tku.edu.tw. mail IN A 163.13.200.222 herbert IN A 163.13.200.222 wwwbbs IN A 163.13.200.37 www IN CNAME sun 40 IN PTR bbs.im.tku.edu.tw. 32 IN PTR mis.im.tku.edu.tw.
Configuration related files • BIND 8 • /etc/named.conf • /etc/namedb $ ls named.hosts named.local named.rev root.cache
named.conf options { directory “/etc/namedb”; }; zone “.” in { type hint; file “root.cache”; }; zone “im.tku.edu.tw” in { type master; file “named.hosts”; }; zone “200.13.163.in-addr.arpa” in { type master; file “named.rev”; }; zone “0.0.127.in-addr.arpa” in { type master; file “named.local”; };
named.hosts @ IN SOA im1.im.tku.edu.tw. root.im1.im.tku.edu.tw. ( 1999110319 ; Serial 43200 ; Refresh 3600 ; Retry 3600000 ; Expire 2419200) ; Time to live ; Define the nameservers and the mail servers. IN MX 1 mail.im.tku.edu.tw. IN MX 2 mis.im.tku.edu.tw. IN NS im1.im.tku.edu.tw. im1 IN A 163.13.200.222 wwwbbs IN A 163.13.200.37 backup IN CNAME ftp
named.rev @ IN SOA im1.im.tku.edu.tw. root.im1.im.tku.edu.tw. ( 1999110319 ; Serial 43200 ; Refresh 3600 ; Retry 3600000 ; Expire 2419200 ) ; Minimum IN NS im1.im.tku.edu.tw. IN NS tkgis.tku.edu.tw. ; ; Define address-to-host mappings is this zone (163.13.200) 40 IN PTR bbs.im.tku.edu.tw. 39 IN PTR ftp.im.tku.edu.tw. 37 IN PTR wwwbbs.im.tku.edu.tw.
named.local @ IN SOA im1.im.tku.edu.tw. root.im1.im.tku.edu.tw. ( 95071603 ; Serial 43200 ; Refresh 3600 ; Retry 3600000 ; Expire 2419200 ) ; Minimum IN NS im1.im.tku.edu.tw. 1 IN PTR localhost. ;
Zone Transfer 1. Secondary servers refresh authoritative data from Primary servers. 2. Periodically check SERIAL number. Primary Secondary Check serial Zone Transfer Serial: 98112301 Serial: 98112301 Serial: 98112203
Tool -----nslookup • Domain name->IP address • IP address-> Domain name • ex: %nslookup Default Server: mail.im.tku.edu.tw Address: 163.13.200.222 > bbs.im.tku.edu.tw <---enter Name: bbs.im.tku.edu.tw Address: 163.13.200.40
Tool -----nslookup %nslookup Default Server: mail.im.tku.edu.tw Address: 163.13.200.222 > server xxx.xxx.xxx.xxx > ls im.tku.edu.tw > im.dns > set type=NS > set type=MX
Reference • RFC: 1034, 1035 • TCP/IP illustrated, Volume 1 中譯本