1 / 46

The Internet’s Domain Name System

The Internet’s Domain Name System. ICS 436 Dr. Farag Azzedin fazzedin@kfupm.edu.sa Phone #: 860-3431. Objectives. Understand the domain name service (DNS) Identify the components of DNS Configure zone files Install and configure DNS in Linux Understand name resolution in Windows

wilkinsonb
Download Presentation

The Internet’s Domain Name System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Internet’s Domain Name System ICS 436 Dr. Farag Azzedin fazzedin@kfupm.edu.sa Phone #: 860-3431

  2. Objectives • Understand the domain name service (DNS) • Identify the components of DNS • Configure zone files • Install and configure DNS in Linux • Understand name resolution in Windows • Install and configure DNS in Windows 2000 and 2003 • Troubleshoot DNS • Use WINS to resolve computer names in Windows

  3. Understanding the DNS • DNS is used to map host names to IP addresses on the Internet • Also called name resolution or address resolution • Whenever a host is added, a configuration file has to be manually changed • A host represents a service on a server such as FTP or a Web server • There can be many hosts on a single computer • A Microsoft Windows 2000 or Windows 2003 network uses DNS to resolve computer names on a LAN • DNS in Windows is designed to be dynamic - as computers are added to the network, DNS automatically changes

  4. Clients • On your PC, the TCP/IP configuration contains the address(es) of your DNS server(s) • Whenever you use a URL, whether in a browser, or a utility such as ping, DNS servers are used

  5. Domain Namespaces • The root level domain is "." • Significant in creating DNS files • Top-level domains include com, org, fr • More have been added in 2000 • Second-level domains are often owned by companies and individuals • microsoft.com, devry.edu • A subdomain is a further division of a second-level domain • For devry.edu, there is phx.devry.edu • Not common

  6. Domain Namespaces • Second-level domains, such as devry.edu have control over naming within their domain • Create hosts such as www, ftp, bb • A name such as www.devry.edu is a fully qualified domain name (FQDN) • We could create subdomains such as phx • www.phx.devry.edu

  7. Importance of the Internet • Connecting > 439 million hosts up to July 2006 (Internet Systems Consortium) • Enables new communication and information dissemination means • E-mail • VoIP • Web • Up to September 2003, ISU KACST estimates 1.462.000 users in Saudi Arabia

  8. Domain Name System Root DNS Servers Top Level Domain .org DNS Servers .com DNS Servers .net DNS Servers (TLD) .google.com DNS Servers .yahoo.com DNS Servers

  9. Root Servers

  10. Recursive Queries

  11. Iterative Queries

  12. Open Root Server Network (ORSN) • Private non-profit initiative in European countries (and/or neighboring countries) • Purpose: • To avoid the risk of Internet isolation due to a loss or the modification of the root-server information • A network of alternative root servers (also 13 names) • 100% compatible with ICANN’s root zone • Currently used by 51 ISPs

  13. ORSN Modes • ICANN BASED mode (“normal” mode) • Root zone is automatically updated daily • Root zone is download by FTP • A parser compares the downloaded root zone with the current ORSN database • Changes are incorporated accordingly and new database is generated • INDEPENDENT mode (default mode) • The update is performed manually

  14. When is INDEPENDENT mode activated? • “the political situation of the world - in our opinion - makes this step necessary because the possibility of a modification and/or a downtime of the ICANN root zone exists or we do not want that our root zone will rebuild automatically.”http://european.nl.orsn.net/faq.php

  15. Chinese Government Effort • Struck a deal with Verisign to deploy a root server in China • Purpose: • Ministry of Information: to ensure the reliability, stability and efficiency of the Internet in China • Verisign: to improve the Internet response time and reliability to Chinese users • Allegedly: to enhance DNS hijacking capability

  16. ICANN Reform Proposal • U.N. Working Group on Internet Governance (WGIG) report (2005) points out the unilateral control by the US Government in the administration of the root zone files and system • Purpose: • To address Internet Governance • Proposals from different countries: • The status quo: A new forum to handle public policy issues such as spam and cyber crime; ICANN is still in charge • The hybrid: A new forum has overall control of ICANN with more involvement of international governments • The government approach: ICANN’s responsibilities are taken over by a new body run by governments

  17. Additional Benefit: Performance • Improving access performance for local Internet user • Installation a root server in Dubai results in 71% improvement of the response time (http://www.isc.org/about/press/?pr=2003111400)

  18. New Top-Level Domains • .biz - businesses • .info - anyone can register • .name - must register first and last name • .pro - for professionals only • must provide proof • .aero, .museum, .coop are controlled by organizations

  19. Host Names • The first portion of a URL is typically a host name • Typically different from the name of the computer • Many hosts can be associated with the same Web server

  20. How DNS Works

  21. DNS Components • Name server – also known as DNS server • supports name-to-address and address-to-name resolution • Name resolver – also called DNS client • Can contact DNS server to lookup name • Used by browsers, e-mail clients, and client utilities such as ping and tracert

  22. DNS Servers that Define the Internet • Primary and secondary servers store the host names used on the Internet • Caching and forwarding servers search the Internet for host names

  23. Primary and Secondary Servers • Primary Server • Defines the hosts for the domain • Maintains the database for the domain • It has authority for the domain • Secondary Server • Gets data from primary server • Provides fault tolerance and load distribution • Required for Internet domains

  24. Primary and Secondary Servers • If you use DNS, you will often work with your ISP • In a simple environment, the ISP will have the primary and secondary DNS servers • You contact them for changes • You can also split the servers • ISP has primary, you have secondary • You have primary, ISP has secondary

  25. Primary and Secondary Servers • ISP maintains DNS • You have to send changes to ISP • You have the secondary server which gets updates from the primary server • Your users reference your secondary server which is faster

  26. Primary and Secondary Servers • You have complete control over DNS • You can make changes whenever you want • If your primary DNS goes down, the secondary will continue to function (but not indefinitely)

  27. Resolve Host Names • Caching Server • Resolves host names • Caches (saves) the results • Automatically installed when DNS is installed • No configuration necessary • Forwarding Server • Caching server that has access to the Internet and forwards traffic from other caching servers

  28. Caching and Forwarding Servers

  29. Zones • A zone is a part of the domain namespace • For a domain as small as technowidgets.com, the domain name represents a single zone • For large organizations (such as IBM), subdomains can be divided into separately maintained zones • Each zone typically has a separate DNS

  30. Zones • Zones must be contiguous • admin.devry.edu can be combined with devry.edu • admin.devry.edu cannot be combined with student.devry.edu • There must be one primary DNS server in each zone (plus a secondary server) • Each zone can have multiple secondary DNS servers

  31. Zone File Configuration • Forward Lookup • These zones contain entries that map names to IP addresses • Reverse Lookup • These zones contain entries that map IP addresses to names

  32. Common DNS Records

  33. DNS Configuration in Linux • /etc/named.conf describes the files that configure the zones • There are two primary files that it describes • Forward lookup is described by named.technowidgets.com • It has the host names and how to handle e-mail • Reverse lookup is described by named.0.168.192 • Can be necessary for e-mail (SMTP) and security programs

  34. /etc/named.confCreating a DNS for the technowidgets.com domain • Default setup is for localhost 127.0.0.1 • In named.conf add the following line zone "technowidgets.com" { type master; file “named.technowidgets.com”; }; • This allows technowidgets.com to be resolved by /var/named/named.technowidgets.com • There can be multiple domains in a single named.conf file

  35. /etc/named.conf • Also, we can add the following line zone “0.168.192.in-addr.arpa” IN { type master; file “named.0.168.192”; }; • This allows for reverse lookup for the domain • It uses all or part of the 192.168.0.0 network

  36. /var/named.technowidgets.com $TTL 86400 @ IN SOA web1.technowidgets.com. admn.technowidgets.com. ( 2002072100 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS web1 IN A 192.168.0.100 IN MX 10 mail.technowidgets.com. web1 IN A 192.168.0.100 www IN CNAME web1 research IN A 192.168.0.150 IN MX 10 mail mail IN A 192.168.0.200

  37. named.0.168.192 $TTL 86400 @ IN SOA web1.technowidgets.com. admn.technowidgets.com. ( 2002072100 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS web1 100 IN PTR web1.technowidgets.com. 150 IN PTR research.technowidgets.com. 200 IN PTR mail.technowidgets.com.

  38. Starting DNS in Linux • To start DNS • /etc/rc.d/init.d/named start • To restart DNS • /etc/rc.d/init.d/named restart • To stop DNS • /etc/rc.d/init.d/named stop • Make DNS start when you boot Linux • Add the command to start DNS to /etc/rc.d/rc.local

  39. Configuring Client DNS in Linux • Modify /etc/resolv.config • The following line directs the client to use the DNS server at 192.168.0.100 • nameserver 192.168.0.100 • The following line associates this computer with the technowidgets.com domain • domain technowidgets.com

  40. Test the DNS • Configure a Windows PC to use the DNS server • Start->Settings->Network and Dial-up Connections • Right-click on Local Area Connection and select Properties • Select Internet Protocol (TCP/IP) and click on Properties • Change DNS to 192.168.0.10 • Reboot and ping www.technowidgets.com

  41. Name Resolution in Windows • NetBios (computer) names are broadcast to the local network • Starting with Windows NT, WINS database has computer name to IP address resolution • Windows 2000 introduces Dynamic DNS • DNS is required for Active Directory Services • DNS as described for Linux can also be configured • Wizards guide you through the configuration

  42. Finished DNS Configuration in Windows

  43. Troubleshooting DNSping • ping displays name resolution even if the computer cannot be contacted

  44. Troubleshooting DNSnslookup • nslookup can display information from the DNS server

  45. Troubleshooting DNSdig – available on Linux

  46. Summary • DNS is an application that translates names to IP addresses and IP addresses to names • Organized in a hierarchical structure • Servers come in many forms: primary, secondary, caching, forwarding • To configure DNS, set up a forward and reverse zone • Use ping, nslookup, and dig to troubleshoot DNS

More Related