1 / 26

Lecture – DNS

Lecture – DNS. How to find things…. Domain Name System. Associate human-friendly names with machine-friendly IP addresses Resolution of a given hostname to an IP address Domain Names, as opposed to IP addresses have the top-most element on the right

jessie
Download Presentation

Lecture – DNS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Lecture – DNS How to find things…

  2. Domain Name System • Associate human-friendly names with machine-friendly IP addresses • Resolution of a given hostname to an IP address • Domain Names, as opposed to IP addresses have the top-most element on the right • Each element can be up to 63 characters long, the full name can be no more than 255 characters • Letters, numbers or dashes can be used in a name element

  3. DNS • Allows machines to be grouped logically, by domain name • Right-most element is called the (TLD) Top Level Domain • The full name is referred to as the (FQDN) Fully Qualified Domain Name • lugh.student.comp.dit.ie or lugh • Internet Assigned Numbers Authority (IANA) controls the top-level domains • Host names map to IP addresses in a one-to-many relationship, each machine may have many IP addresses, and each IP address may be associated with many machines

  4. Mail Routing using DNS • DNS builds in some application specific information • Hosts that are designed to perform email routing, mail exchangers, have special-purpose records in DNS, MX records • A domain should have multiple mail exchangers. • Mail that cannot sent to one mail exchanger, can instead be delivered to an alternative server, providing a failsafe redundancy.

  5. Before DNS • Before DNS, name resolution was accomplished solely by text file databases residing on each host (“hosts” files) • The method is not scalable, and it requires centralised management of the text files

  6. Internet DNS Hierarchy • Root Name Servers • Provide references to the appropriate zone authoritative name servers for the top-level domains • Zone-Authoritative name servers • Master and slave servers for zones

  7. Root Name Servers • There are 13 root-name servers • Each has an associated letter name (a to m) • No more names can be used because of protocol limitations • UDP packet can only carry 512 bytes reliably • A hint file with more than 13 servers would be larger than 512 bytes • C, F, I, J, K and M servers now exist in multiple locations on different continents

  8. Root name servers

  9. A simplified domain-map (Root) .ie domain .com .org dit hermes Taranaki Wicklow Aisling Wicklow.dit.ie.

  10. Domains • Dividing domains into sub-domains is important in several regards • Division of a namespace into sub-domains in an hierarchical manner • Removes the requirement that the names of individual hosts be unique • but the FQDNs must still be unique • It allows for the decentralised management of the entire namespace • Up to 127 levels deep(!)

  11. cs.dit.ie domain-map (Root) .ie domain Wicklow.cs.dit.ie. dit cs hermes MyLaptop Taranki Wicklow

  12. Zones, Domains and Delegation • A Domain is a complete sub-tree of the hierarchical namespace • A zone is part of the domain managed by a particular server • Sub domains may be delegated into additional zones • A zone may directly manage some sub domains • A zone represents the scope of administration for which one body is responsible

  13. cs.dit.ie zones (?) (Root) .ie domain dit cs Taranki hermes Wicklow MyLaptop ? Wicklow.cs.dit.ie. Aisling

  14. Relationship between domains, zones and DNS Servers • The DNS database is effectively spread across all servers • DNS Servers are delegated to manage particular zones and the links to the rest of the database. • Zone is not necessarily equivalent to domain • A DNS server can manage one or more zones

  15. Comp.dit.ie dns-servers (Root) .ie domain hermes.dit.ie. dit 147.252.224.67 cs hermes Taranki MyLaptop Aisling Wicklow

  16. The DNS Server • Server receives request from client • If the server does not have the answer it will either ask a root server or it forwards the request to another name server • This may happen a number of times until a name server is found that knows the answer • When the server gets a response it will place a copy in its local cache and return a copy to the requesting client

  17. Name Server Hierarchy • Master Name Server • Contains the master copy of data for the zone • Slave Name Server • Provides an automatic backup to the master name server • All slave servers maintain synchronisation with their master name server • Both Master and Slave servers contain authoritative data • Zone may have multiple slaves but only one master • Slave may get its data from another slave

  18. Authoritative ? • If the name server responding to a query is authoritative with respect to the query performed, the data returned is said to be authoritative • Alternatively, responses may come from a name server which has cached the information, in which case the response is said to be non-authoritative • The client may choose not to accept non-authoritative information

  19. Resolver • The DNS client is called the resolver • Resolver capability is built into any program that needs it by way of the resolver library calls • Resolver functions implemented in libresolv.so • DNS Clients and servers communicate using UDP packets in most cases • UDP is fast, but packets can be no larger than 512 bytes • If query or response is larger than 512bytes, it must be sent by TCP

  20. Resolution Configuration Files • /etc/host.conf mainly used to indicate which source of information is to be used and in what orderorder hosts,bind

  21. Resolution Configuration Files • /etc/resolv.conf is used to configure which servers are to be used and whether any domains are assumed for non qualified host namessearch cs.dit.ienameserver 147.252.224.70nameserver 147.252.224.73nameserver 147.252.1.37

  22. How did I find out the name servers? C:\>nslookup Default Server: WL.domain.name Address: 192.168.1.1 > set type=ns > cs.dit.ie Server: WL.domain.name Address: 192.168.1.1 Non-authoritative answer: cs.dit.ie nameserver = cara.comp.dit.ie > microsoft.com Server: WL.domain.name Address: 192.168.1.1 Non-authoritative answer: microsoft.com nameserver = ns2.msft.net microsoft.com nameserver = ns3.msft.net microsoft.com nameserver = ns5.msft.net microsoft.com nameserver = ns1.msft.net microsoft.com nameserver = ns4.msft.net >

  23. rbradley@wicklow:~$ nslookup > set type=ns > cs.dit.ie Server: 147.252.1.37 Address: 147.252.1.37#53 cs.dit.ie nameserver = cara.comp.dit.ie. > microsoft.com Server: 147.252.1.37 Address: 147.252.1.37#53 Non-authoritative answer: microsoft.com nameserver = ns2.msft.net. microsoft.com nameserver = ns3.msft.net. microsoft.com nameserver = ns4.msft.net. microsoft.com nameserver = ns5.msft.net. microsoft.com nameserver = ns1.msft.net. Authoritative answers can be found from: ns1.msft.net internet address = 65.55.37.62 ns2.msft.net internet address = 64.4.59.173 ns3.msft.net internet address = 213.199.161.77 ns4.msft.net internet address = 207.46.75.254 ns5.msft.net internet address = 65.55.226.140 > nslookup on wicklow

  24. Nslookup on my laptop C:\>nslookup wicklow Server: WL.domain.name Address: 192.168.1.1 *** WL.domain.name can't find wicklow: Non-existent domain C:\>nslookup wicklow.cs.dit.ie Server: WL.domain.name Address: 192.168.1.1 Non-authoritative answer: Name: wicklow.cs.dit.ie Address: 147.252.224.108 C:\>

  25. Deeper into nslookup rbradley@wicklow:~$ nslookup > set type=mx > dit.ie Server: 147.252.1.37 Address: 147.252.1.37#53 dit.ie mail exchanger = 5 smtp.dit.ie. dit.ie mail exchanger = 10 staffmail.dit.ie. dit.ie mail exchanger = 15 mymail.dit.ie. > cs.dit.ie Server: 147.252.1.37 Address: 147.252.1.37#53 *** Can't find cs.dit.ie: No answer >

  26. Deeper into nslookup > set type=a > hermes.dit.ie Server: 147.252.1.37 Address: 147.252.1.37#53 Name: hermes.dit.ie Address: 147.252.1.43 • 147.252.1.43 Server: 147.252.1.37 Address: 147.252.1.37#53 43.1.252.147.in-addr.arpa name = hermes.dit.ie. >

More Related