240 likes | 362 Views
DNS D omain N ame S ervice. america.pcs.cnu.edu->137.155.2.10. BIND an implementation of DNS. Database. A resolver for the client libraries linked into client code A server NAMED Database files with the mapping. Client App. Resolver library. Named. But it’s a little more complicated.
E N D
DNSDomain Name Service america.pcs.cnu.edu->137.155.2.10
BINDan implementation of DNS Database • A resolver for the client • libraries linked into client code • A server NAMED • Database files with the mapping Client App Resolver library Named
But it’s a little more complicated pcs.cnu.edu Server • The client asks the server • Server sometimes has to ask other servers for answers • Each domain (pcs…) has responsibility for its own machines Internet Client
A Distributed System • The internet has a collection of servers • Each domain takes care of its own • If a server can’t find the IP address, it either directly asks or forwards the request to a server which helps. • Redundancy is important • You design your server approach • Physical location of server in domain is NOT required
Domains (root) others com mil edu gov Domains can delegate responsibility for some of the domain to others wm cnu odu pcs math isl
Types of servers • Resolver Only (NO server on client machine • Primary • Secondary • gets info from primary • Caching only (slave) • only caches what it retrieves • does not get updates from servers
A typical design Internet secondary primary secondary secondary slave slave slave slave slave slave
Configuring the client(resolver) • Every machine is a client • The process of looking up a name is configured in a file : resolv.conf • Tells the library linked into your code • how to search for names (domain entries) • where to look for names(nameserver entries) domain pcs.cnu.edu nameserver 137.155.2.10 nameserver 137.155.12.24 Example resolv.conf
domain entry Unix% telnet sappho A user types this What is the IP of this machine? domain pcs.cnu.edu nameserver 137.155.2.10 nameserver 137.155.12.24 RESOLVER Find the IP of sappho.pcs.cnu.edu. server NOTE: multiple domains can be listed (add cnu.edu)
nameserver entry domain pcs.cnu.edu nameserver 137.155.2.10 nameserver 137.155.12.24 RESOLVER First ask 137.155.2.10 what the IP is Second ask 137.155.12.24 what the IP is if there is no answer from 137.155.2.10 Windows has the same info in network/TCPIP/properties
That’s it for the client! Now for the server!Lots more optionsMore types of servers Two entries in resolv.conf
Servers and domains 1-sappho asks its nameserver (america .. from resolv.conf) 2-america doesn’t know so asks rootserver from cache 3- rootserver knows only knows .edu and forwards request 4- edu server responds to america with an answer for wm.edu 5-america contacts wm.edu nameserver WmNs which has delegated a subdomain to BioNs 6- WmNs contacts nameserver BioNs to which is the nameserver for bio.wm.edu 7- BioNs responds to WmNs with the IP for frogs 8- WmNs responds to america with the IP for frogs 9- america responds to sappho with the IP for frogs. As responses are generated, names and servers are cached for subsequent use. E.g. 6-7 could be bypassed if WmNs has already asked BioNs about frogs rootserver rootserver sappho wants to contact frogs.bio.wm.edu 3 edu 2 4 cnu.edu wm.edu drake WmNs 5 6 pcs.cnu.edu bio.wm.edu 7 8 america BioNs 1 9 sappho frogs
Queries • nameserver entry directs the request • Servers can be set up to forward requests or to go directly to rootservers (america bypasses drake in this example) • General approach is to resolve from the top • Results are cached for future use • Nameservers are not always physically located in the domain they serve
Major files at a server • Named.boot • tells the server (named) where its data is stored and for which domains it has responsibility as the primary server • Database files • primary has THE copy of mappings • secondary is told where to get copies and where to store them
named.boot directory /whatever (/etc/named) primary localhost localhost primary 0.0.127.IN-ADDR.ARPA localrev.dns cache . cache Caching only directory /whatever (/etc/named) primary pcs.cnu.edu pcs.dns primary 2.155.137.IN-ADDR.ARPA pcsrev.dns primary localhost localhost primary 0.0.127.IN-ADDR.ARPA localrev.dns cache . cache Primary (for pcs net) (assume at 137.155.2.10) directory /whatever (/etc/named) primary wm.edu wm.dns primary 146.138.IN-ADDR.ARPA wmrev.dns secondary pcs.cnu.edu 137.155.2.10 pcs.dns secondary 2.155.137.IN-ADDR.ARPA pcsrev.dns primary localhost localhost primary 0.0.127.IN-ADDR.ARPA localrev.dns cache . cache Secondary (for pcs but could be located anywhere!) Primary for wm.edu
Primary named.boot This server stores files in /whatever directory usually someplace in /etc like /etc/named Primary (for pcs net) (assume at 137.155.2.10) Primary server for pcs.cnu.edu and stores THE database for that domain in /whatever/pcs.dns Name(pcs.dns) is not important directory /whatever (/etc/named) primary pcs.cnu.edu pcs.dns primary 2.155.137.IN-ADDR.ARPA pcsrev.dns primary localhost localhost primary 0.0.127.IN-ADDR.ARPA localrev.dns cache . cache Reverse dns for the pcs domain All servers take of this for their self Reverse dns for the loopback Cache initialization starts out with rootservers stored in /whatever/cache
Secondary named.boot Secondary (for pcs but could be located anywhere!) Primary for wm.edu Primary server for wm.edu with database in wm.dns Reverse dns for wm.edu which is in 138.146.0.0 subnet directory /whatever (/etc/named) primary wm.edu wm.dns primary 146.138.IN-ADDR.ARPA wmrev.dns secondary pcs.cnu.edu 137.155.2.10 pcs.dns secondary 2.155.137.IN-ADDR.ARPA pcsrev.dns primary localhost localhost primary 0.0.127.IN-ADDR.ARPA localrev.dns cache . cache Secondary dns for pcs.cnu.edu gets files from 137.155.2.10 which is the primary server for that domain Secondary reverse dns for pcs domain
Root servers • Initialize your cache with root servers..done • periodically update the list via ftp from • ftp site nic.ddn.mil • file netinfo/root-servers.txt 99999999 IN NS TERP.UMD.EDU. 99999999 IN NS AOS.BRL.MIL. 99999999 IN NS C.NYSER.NET. 99999999 IN NS A.ISI.EDU. TERP.UMD.EDU. 99999999 IN A 128.8.10.90 AOS.BRL.MIL. 99999999 IN A 192.5.25.82 C.NYSER.NET. 99999999 IN A 192.33.4.12 A.ISI.EDU. 99999999 IN A 26.3.0.103 AND OTHERS ..
DNS Server Database entries An example for localhost for sappho ; @ is used to indicate the domain is the same as ORIGIN ; ORIGIN defined in named.boot for each domain ; here it would be localhost. @ IN SOA localhost. dgame.pcs.cnu.edu. ( 1 ; serial or version # change w/mods 36000 ; refresh every 100 hours 3600 ; retry after 1 hour 3600000; expire after 1000 hours 36000 ; default ttl is 100 hours ) IN NS localhost. IN A 127.0.0.1
Simple server db file ; ORIGIN for this should be defined as pcs.cnu.edu @ IN SOA america.pcs.cnu.edu. root.pcs.cnu.edu. ( ( 10000, 43000, 3600, 3600000, 2592000 ) ; nameservers IN NS america.pcs.cnu.edu. ; NOTE . On end isl IN NS xyz.isl.pcs.cnu.edu. ; delegates subdomain to isl ; name server Ips xyz.isl.pcs.cnu.edu. IN A 137.155.38.12 america.pcs.cnu.edu. IN A 137.155.2.10 sappho IN A 137.155.2.20 endeavor IN A 137.155.2.21 …. ; mail server IN MX 5 mail.pcs.cnu.edu. ;5 is priority ; define mail server mail IN A 137.155.2.10
Reverse DNS 137.155.2.20 -> sappho.pcs.cnu.edu Exists within the DNS system arpa edu com in-addr cnu wm 137 155 2 (db file)
Reverse DNS example db file ; reverse dns for 137.155.0.0 $ORIGIN 155.137.in-addr.arpa. @ SOA drake.cnu.edu. root.cnu.edu. ( 10 80000 3600 3600000 600000 ) IN NS drake.cnu.edu. ; found through normal dns 2 IN NS america.pcs.cnu.edu. 210.12 IN PTR drake.pcs.cnu.edu. 213.12 IN PTR pompeii.pcs.cnu.edu. Example server for cnu.edu (delegate subnet 2) 137.155.12.210 -> drake 137.155.12.213 -> pompeii ; reverse dns for 137.155.2.0 $ORIGIN 2.155.137.in-addr.arpa. @ SOA america.pcs.cnu.edu. root.pcs.cnu.edu. ( 10 80000 3600 3600000 600000 ) IN NS america.pcs.cnu.edu. 20 IN PTR sappho.pcs.cnu.edu. 21 IN PTR endeavor.pcs.cnu.edu. Example server for pcs.cnu.edu (delegated subnet 2) 137.155.2.20 -> sappho 137.155.2.21 -> endeavor
How are these started? • named is in one of your startup scripts • reads basic configuration information from named.boot • reads all of the data base files or contacts the primary servers • resolver does not “start” • part of your application code • checks resolv.conf when application runs • resolver and named create BIND system
Checking it out with nslookup • An interactive program to let you check configuration • Available on unix • Responds with server used and response • Can set type of responses requested • You can control which server is used • Try the exercise on-line at • www.pcs.cnu.edu/~dgame/cs336/topics/DNS/nslookup.html