Beruflich Dokumente
Kultur Dokumente
DNS COMPSCI 742 S2C, 2010 – p. 1/18 DNS COMPSCI 742 S2C, 2010 – p. 2/18
DNS COMPSCI 742 S2C, 2010 – p. 3/18 DNS COMPSCI 742 S2C, 2010 – p. 4/18
DNS: Root Servers Configuring a Nameserver
There are 13 root servers, A-M; e.g. f.root-servers.net, run Nameserver configuration is commonly stored in a zone file
by various different organisations A zone file is a set of DNS Resource Records (RRs), each
There are also 13 gTLD servers, A-M, run by Verisign with several parts, separated by spaces ..
Many of the root servers are anycast Label host or subdomain name (no trailing .)
All instances use the same IP address and AS number Class network: IN = Internet
The global (BGP) routing system finds the ‘best’ instance for Type acronym indicating resource
each user Data varies according to Type
For example, F root has 36 instances. Our closest one is at
APE, floor 54 of the SkyTower Comment starts with a semicolon
Likewise, I root has an instance at WIX in Wellington Values and Identifiers for the RR fields are set out in
Anycast servers share the query load, and make the DNS http://www.bind9.net/dns-parameters
more resilient against attacks An RRset is a group of RRs with the same
Label, Class and Type
More info at http://www.root-servers.org/
You can inspect configurations using dig, the
Domain Information Groper
DNS COMPSCI 742 S2C, 2010 – p. 5/18 DNS COMPSCI 742 S2C, 2010 – p. 6/18
DNS COMPSCI 742 S2C, 2010 – p. 7/18 DNS COMPSCI 742 S2C, 2010 – p. 8/18
RFC 1035: DNS Message Specifications DNS Header Format (1)
+---------------------+ 1 1 1 1 1 1
| Header | 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+---------------------+ +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| Question | the question for the name server | ID |
+---------------------+ +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| Answer | RRs answering the question |QR| Opcode |AA|TC|RD|RA| Z | RCODE |
+---------------------+ +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| Authority | RRs pointing toward an authority | QDCOUNT |
+---------------------+ +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| Additional | RRs holding additional information | ANCOUNT |
+---------------------+ +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| NSCOUNT |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| ARCOUNT |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
All five fields above have 16 bits
ID A 16 bit identifier assigned by the program that
Header begins every DNS Message, it points to the four generates any kind of query. This identifier is copied
following sections the corresponding reply and can be used by the requester
to match up replies to outstanding queries.
Next four fields are counts, giving the number of question, QR A one bit field that specifies whether this message is a
query (0), or a response (1).
answer, authority and additional RRs OPCODE Query type. 0 = Standard Query
AA Authoritative Answer.
A count will be zero if there are no RRs of that type
TC TrunCation - specifies that this message was truncated.
DNS COMPSCI 742 S2C, 2010 – p. 9/18 DNS COMPSCI 742 S2C, 2010 – p. 10/18
DNS COMPSCI 742 S2C, 2010 – p. 11/18 DNS COMPSCI 742 S2C, 2010 – p. 12/18
RR Format Definitions (2) FQDN format in Questions and Answers
TTL a 32 bit signed integer that specifies the time interval A domain name is represented as a sequence of labels,
that the resource record may be cached before the source where each label consists of a length octet followed by
of the information should again be consulted. Zero that number of octets. The domain name terminates with
values are interpreted to mean that the RR can only be the zero length octet for the null label of the root.
used for the transaction in progress, and should not be
cached. Note that this field may be an odd number of octets; no
padding is used.
Resolvers cache looked-up names, with lifetimes (TTLs) Example: 0x3 w w w 0x8 a u c k l a n d 0x2 a c 2 n z 0x0
specified by the nameserver
TLD = .nz
Setting a short lifetime is sometimes used as a form of
server load balancing. This is not a good idea
DNS COMPSCI 742 S2C, 2010 – p. 13/18 DNS COMPSCI 742 S2C, 2010 – p. 14/18
DNS Query-Response Times (RTTs) RTT distributions: Plotted with log y scale
A 742 assignment in 2008 gave students a trace file of DNS % 100
DNS RTTs for three TLDs at U Auckland, April 2008
packets, and asked them to plot distributions of the RTTs for .au
.nz
three TLDs, .nz, .au and .com .com
0.001
0 50 100 150 200 250 300 350 400 450
Request/Response time (ms)
DNS COMPSCI 742 S2C, 2010 – p. 15/18 DNS COMPSCI 742 S2C, 2010 – p. 16/18
Comments on the RTT plots Another Research Example: Root Server RTTs
All three TLDs show the same sort of distribution Nevil has been measuring Query-Response times to root
spikes at RTTs corresponding to continents and gTLD servers from several locations since 2001
gaps at RTTs corresponding to oceans
The measurement system stores RTT plots in a database
.com has nameservers on all continents, highest There is a web page you can use to look at any of the data ..
concentration on US West Cost one day we’ll find a student to do some statistical analysis of
long-term trends in this data!
.au has its highest concentration of nameservers in Australia
.nz has lots of nameservers in New Zealand, but its highest http://www.caida.org/cgi-bin/dns_perf/main.pl
concentration is in the US!
that’s because it’s cheaper for NZ content providers to have
their servers outside New Zealand
DNS COMPSCI 742 S2C, 2010 – p. 17/18 DNS COMPSCI 742 S2C, 2010 – p. 18/18