Domain Name System

Domain Name System (DNS)

The Basic Naming Problem:

Internet uses IP addresses like 129.82.100.64
People use names like www.colostate.edu
Solution: The Domain Name System:
application-layer protocol to resolve names
(convert names like www.colostate.edu into IP
addresses like 129.82.100.64)
distributed database implemented in hierarchy
of many name servers
First step in nearly every application:
Use DNS to convert a name into an IP address.
 DNS Development
An Early Centralized
System
Initially created as a
hosts.txt file
Each line in the file
listed the hostname
and corresponding IP
address
distant centralized
database
need one entry for
every Internet host!
When host changes IP,
notify central repository
DNS Today
Distributed organization
Still provides hostname
to IP address mapping
Also provides
Host aliasing
www.colostate.edu is alias
for yuma.colostate.edu
Mail server identification
colostate.edu mail server is
lamar.colostate.edu
Load distribution
Phone numbers, host
locations, service
records, etc, etc.
Domain Name Service Data
A typical host name: chico.cs.colostate.edu. is a
Fully Qualified Domain Name (FQDN) made up of
parts:
chico = Hostname

cs.colostate.edu. = domain name

cs.colostate.edu. = a subdomain of colostate.edu.

which is a subdomain of edu.

edu. is a Top Level Domain (TLD)

. = the root of DNS data and technically all DNS

names should end in . but is typically left out.
 DNS Organization
Data organized as tree

structure. Root
Each zone is authoritative

for its local data.

Each zone operates a set of name

edu mil ru

servers that contain the zone data

(in NS records).
colostate darpa af mil
Change to host.cs.colostate.edu is

entered at cs.colostate.edu servers.

Tree structure directs queries to cs andrews

the appropriate name server.
Root knows how to reach edu

Edu knows how to reach

Picture source http://upload.wikimedia.org/wikipedia/commons/b/b1/Domain_name_space.svg
 DNS Query and Response

www.colostate.edu A? Root DNS Server

www.colostate.edu
End-user A is 129.82.64.100 Caching
DNS Server edu DNS Server

Multiple servers for each zone in case

any one server fails
13 root servers
13 edu servers colostate.edu DNS Server
5 colostate.edu servers
 Types of DNS Servers
Authoritative DNS servers:
Every DNS zone must be assigned a set of authoritative
name servers (information contained in NS record of
parent zone)
provide authoritative records for a particular zone (eg
colostate.edu, cisco.com, edu, uk, etc)
Can be maintained by organization or service provider
Top-level domain (TLD) servers:
Authoritative servers responsible for com, org, net, edu,
etc, and all top-level country domains uk, fr, ca, jp.
Network solutions maintains servers for com TLD
Educause for edu TLD
Caching Servers
Accept queries for end hosts, lookup requested data,
and cache answers for later replies.
 Types of Queries
recursive query: Authoritative
puts burden of root DNS server
name resolution on
contacted name 2
server
heavy load? 3
4 Authoritative
Query 1 is recusive TLD DNS server
5
iterated query:
local DNS
contacted server caching server 6
replies with name of
server to contact 1 8 7
I dont know this
authoritative colostate.edu
name, but ask this DNS server
server requesting host ns.colostate.edu
Queries 2,4, and 6 My laptop
are iterative
 DNS Caching
Local caching name server saves
results:
cache entries timeout (disappear)
after some time
TLD servers typically cached in local
name servers
Thus root name servers not often
visited
DNS changes are slow to propagate
Can immediately change the IP address (A
record) for www.colostate.edu at the
colostate.edu name servers
But many caches will have the old IP
address.
DNS Record Types: SOA
Start of Authority (SOA): Defines global parameters
for a zone which include:
Time To Live (TTL) no. of seconds records may be cached.
Primary DNS server FQDN of an authoritative DNS server.
Email Addr Contact info for domain. e.g.
dnsadmin.colostate.edu.
Serial number Updated when data changes. Used for
replication.
Refresh Interval in seconds a secondary tries to refresh
zone data.
Retry Interval in seconds between refresh attempts after
failure.
Expiry Interval in seconds secondary data is valid without
refresh.
DNS Record Types: SOA
(cont.)
DNS RFC defines a text representation for records
as well as a binary or wire representation. SOA
records have the following text format:

Name TTL Class RType Email address

acns.colostate.edu 3600 IN SOA
dnsadmin.colostate.edu. (
249427 ; sn
900 ; refresh (15 min)
600 ; retry (10 min)
86400 ; expiry (1 day)
3600 ; minTTL ( 1 hour)
)
DNS Record Types: NS
Name Server (NS): Defines the authoritative name
server(s) for a domain. Actually located both at
the root of the zone and at the point of delegation
in the parent zone.
The NS records for acns.colostate.edu reside in the parent zone,
colostate.edu, like this :
Name TTL Class RecordType Data
acns IN NS dns1.colostate.edu
acns IN NS dns2.colostate.edu

And they exist in the acns.colostate.edu zone where they look like:
@ IN NS dns1.colostate.edu
@ IN NS dns2.colostate.edu
DNS Record Types: A, AAAA
IPv4 Address (A): Associates a name with an IPv4
address
The A record for chico.cs.colostate.edu resides in the
cs.colostate.edu zone and looks like:
Name TTL Class RecordType Data
Chico IN A 129.82.45.30

IPv6 Address (AAAA): Associates a name with an

IPv6 address
An AAAA record looks like:
Name TTL Class RecordType Data
Chico IN AAAA 2002:8152:e6d2::8052:f8d1
DNS Record Types: CNAME
Canonical Name (CNAME): Associates an alias with
another DNS name record.
The CNAME record for www.cs.colostate.edu looks like:
Name TTL Class RecordType Data
www IN CNAME parsons.cs.colostate.edu

According to the RFC, you may not create any other records
with the same name as a CNAME record. Recently added
exceptions for DNSSEC record types RRSIG, NSEC and KEY.
DNS Record Types:
Others
There are ~71 record types. The other, more
common records include:
MX Mail Exchanger. Specify mail servers for a mail domain
name.

PTR Pointer. Maps IPv4 addresses to names (reverse lookup).

SRV Service record. Defines network service information

available for zone (LDAP, Kerberos, etc.). Used heavily by
Windows domains.

TXT Text information associated with a name. Basically a

note. Also used in Sender Policy Framework (SPF) system to
validate email.
DNS Forward and Reverse Lookups
Most common use is forward lookup (name to IP).
Also need reverse lookup (IP to name).
This is also a tree structure, delegated in a similar fashion.
All reverse space is rooted in the special domain called
IN-ADDR.ARPA

For delegation to work as in the forward space, the

networks are listed most specific to least specific.

Thus CSUs IP space (129.82.0.0) has a reverse DNS zone

of
82.129.IN-ADDR.ARPA
DNS Reverse Data Organization
DNS Authorities
Internet Assigned Numbers Authority (IANA) and Internet
Network Information Center (InterNIC) originally established by
various US Government agencies and now run under contract by a
private, non-profit organization
Internet Corporation for Assigned Names and Numbers (ICANN)

Responsible for:
Coordination of DNS Root globally
Coordination of IP space globally
Maintaining the list of gTLDs (generic top level domains) and
ccTLDs (country code top level domains).
Root Hints: http://www.internic.net/zones/named.root
DNS Registries and
Registrars
DNS Registry the authoritative source for a DNS
domain.

DNS Registrar entity authorized to manage registry

data.

Registrars sell domains to others and maintain that data in

the registry.
VeriSign operates the current registry for .com and .net but
does not act as a registrar.
Hundreds of Registrars are certified with Verisign to sell
.com domains (e.g. Tucows, GoDaddy, etc.)
Reverse Registries run by regional entities (ARIN, LACNIC,
RIPENCC, AFRINIC, APNIC).
DNS Servers
Software: BIND originally UNIX.
Windows 2000 move to heavy reliance on DNS
Network traffic: UDP and TCP port 53
Authoritative vs. non-authoritative: Servers that host a
zone are authoritative.
Authoritative Only: Servers that *only* respond to queries
for zones they host.
Recursive/Caching Servers: Resolve any DNS request for
clients. Store answers locally to answer other requests.
Replication: Slave and master. Uses zone serial numbers,
refresh and retry intervals to update slaves which have a read
only copy of data.
Dynamic DNS (DDNS) Allows clients to update A and PTR
records on the fly.
DNS Utilities
NSLOOKUP
Get DNS records from given server
Command line parameters and interactive (non-gui).

DIG
Get DNS record info from given server
Command line.

WHOIS
www.whois.net, various registries, command line

Web sites: www.dnstools.com

www.dnsstuff.com
network-tools.com