Beruflich Dokumente
Kultur Dokumente
WIT COMP3170
IP Addresses
Names vs IP Addresses
Names, a.k.a. hostnames, provide two
key advantages over IP addresses
They are easier to remember
They provide meaningful context in the
name, rather than just a string of numbers,
which can often be used to identify the
organization involved (e.g., google.com)
However, it means we must have a way
to map between hostnames and IP
addresses
WIT COMP3170 3 Do. Learn.
Wentworth Institute of
Technology Engineering & Technology
DNS
Domain Name System
Used for name resolution, specifically to translate
hostnames to IP addresses (like a phone book for
names to phone numbers)
www.wit.edu -> 69.43.65.41
www.amazon.com -> 72.21.215.232
Thousands of DNS servers distributed around the
world to support the DNS protocol
Defined in RFCs 1034, 1035 (and others)
Primarily uses UDP, port 53
WIT COMP3170 4 Do. Learn.
Wentworth Institute of
Technology Engineering & Technology
DNS Concepts
Domains and host names
Records
Namespace
Queries
Zones
DNS Names
Examples
lconnect.wit.edu
lconnect is the hostname
wit.edu is the domain name
www.engadget.com
www is the hostname
engadget.com is the domain name
www.cs.wit.edu
www is the hostname
cs.wit.edu is the domain name
WIT COMP3170 7 Do. Learn.
Wentworth Institute of
Technology Engineering & Technology
Resource Records
All the actual mappings between
hostnames and IP addresses are stored in
records
For example, lifehacker.com is mapped to
the IP address 23.235.33.64
So, when you go to http://lifehacker.com,
your web browser has to find that mapping
before it can send the HTTP request
To find the mapping, your computer must
locate the record for8 lifehacker.comDo. Learn.
WIT COMP3170
Wentworth Institute of
Technology Engineering & Technology
Resource Records
DNS actually stores more than just
hostname to IP address mappings
There are many different types of records
depending on what is being stored
The DNS system is actually nothing more
than a distributed database of information
The records are, in general, mapping one
value to another value
Really used as a general translation
mechanism for the Internet
WIT COMP3170 9 Do. Learn.
Wentworth Institute of
Technology Engineering & Technology
Resource Records
The standard record type is an "A" record, which
is the hostname to IP address mapping
Other types include:
PTR: Pointer, IP address to host name (reverse
mapping)
AAAA: IPv6, host name to IPv6 address
CNAME: Canonical Name (alias), additional names
associated with an existing A record
MX: Mail eXchange, for finding email servers for a
domain
SOA: Start Of Authority, used to start a new zone
NS: Name Server, finding DNS servers for subdomains
WIT COMP3170 10 Do. Learn.
Wentworth Institute of
Technology Engineering & Technology
Resource Records
DNS Namespace
Namespace
Hierarchical structure of names
Root Domain .
Top-Level
com net edu org gov
Domains
Second-Level
wit northeaster simmon wustl
Domains n s
Hosts
www email lconne bb
or
ct
Subdomains
Namespace
Every domain at every level of the tree is
managed by at least one DNS server (and
often more)
This server is responsible for two things
The records in that domain
The IP addresses of the DNS servers for any
subdomains
There are several thousand DNS servers
in the Internet today that are structured
in a hierarchy based on the DNS
namespace
WIT COMP3170 14 Do. Learn.
Wentworth Institute of
Technology Engineering & Technology
Queries
To find the IP address for a hostname,
computers issue a DNS query
Also called resolving the address
Queries are sent to DNS servers in the DNS
hierarchy
At some point, a response will be sent back that
either contains the IP address or an error
message stating that the hostname does not
exist
There are two main types of queries
Iterative
WIT COMP3170 15 Do. Learn.
Wentworth Institute of
Technology Engineering & Technology
Query:
Query:
Query:
who
who
who
isisis Internet Ask .edu server:
www.wit.edu?
www.wit.edu?
www.wit.edu? 192.5.6.30
LAN
How does it Internet
know to send to .edu TLD Server
Client 2 192.5.6.30
192.36.148.17?
Query: who is
www.wit.edu?
wit.edu DNS Ask wit.edu server:
69.43.67.6 Answer: 69.43.67.6
69.43.65.41
Exercise
Answer
Exercise
Answer
Bootstrapping
How does the local DNS server know the
IP address of a root server?
When the DNS server software is
installed, it includes a special file called
the root hints file
This hints file contains a list of the IP
addresses for some of the root servers
Once you have the IP address for one of
them, you can query it to get an updated
list of all of them 25
WIT COMP3170 Do. Learn.
Wentworth Institute of
Technology Engineering & Technology
Root Servers
The root servers for the root domain are
some of the most critical pieces of the
Internet infrastructure today
There are officially 13 root servers, but
each one is replicated across many sites
Officially called a.root-servers.net through
m.root-servers.net
See http://root-servers.org
Wireshark
DNS Tools
nslookup
Command line tool for Windows and
Unix/Linux
Issues DNS requests to resolve names to IPs
For example: nslookup lifehacker.com
First entries are the
hostname and IP
address of your DNS
Next is the actual
record that was
queried, including the
hostname and IP
address
WIT COMP3170 28 Do. Learn.
Wentworth Institute of
Technology Engineering & Technology
Client Information
Most clients needs to be told who the local DNS
servers are when you join a network
Unless you are using statically configured DNS
servers, e.g., OpenDNS or Google Public DNS
How does a client learn this information? DHCP
options!
DHCP also includes options for telling clients
what the local DNS domain is
For example, on campus your laptop will be part of
the wit.private domain
Example
In Windows, start Wireshark and filter on dns
packets
Open a command prompt
Issue a DNS query for www.google.com using
nslookup: nslookup www.google.com
Look at the DNS packets in Wireshark and you
should see queries for
www.google.com.wit.private and then for
www.google.com (both A and AAAA)
Now issue a query for www.google.com. (dot at
the end!), and you should
WIT COMP3170 31
see only queries for
Do. Learn.
Wentworth Institute of
Technology Engineering & Technology
DNS Tools
whois
Allows you to get information about the
organization that is in charge of a particular
domain name
Includes domain registration dates and
domain expiration dates
Command line tool for Unix/Linux
Can also use
http://www.internic.net/whois.html
Domain Registration
Dynamic DNS
One common way DNS is used by tech savvy
consumers is via dynamic DNS
Most residential ISPs use dynamic IP address
assignment (with DHCP) for their customers
So, the IP address might change from time to time
If you want remote access to your home
network, you can use a dynamic DNS service to
map your IP address to a domain name
A simple script can be used to check your
current IP, and if it has changed, then update
the DNS record
WIT COMP3170 34 Do. Learn.
Wentworth Institute of
Technology Engineering & Technology
Security
Unfortunately, DNS was designed in the era
before the Internet become a scary place
DNS does not have any means to
cryptographically sign or verify queries or
answers
More recently, a number of RFCs have defined a
suite of security extensions known as DNSSEC
The basic idea is to provide authentication
mechanisms and data integrity guarantees
Zones
Zones are the basic unit of configuration
and administration in a DNS domain
A zone consists of all the mappings from
names to IPs for a domain
Every zone must have at least one
authoritative server that handles the
mappings in that zone
There are different types of zones:
primary, secondary, forward, and reverse
WIT COMP3170 37 Do. Learn.
Wentworth Institute of
Technology Engineering & Technology
Reverse Lookups
When you actually issue a reverse query
for a PTR record to find the host name
associated with a given IP address, it uses
the in-addr.arpa domain
Specifically, the four IP address bytes are
reversed and then in-addr.arpa is
appended
For example, if you lookup 69.43.65.41
the actual query will be for
41.65.43.69.in-addr.arpa
WIT COMP3170 40 Do. Learn.
Wentworth Institute of
Technology Engineering & Technology
Wrap Up