Domain Name System (DNS) Name resolution for both small and large networks Host names IP Addresses Like a phone book, but stores more information Older Windows OSes used WINS and NetBIOS, Windows Server 2008 depends on DNS Active Directory uses DNS

DNS Details de facto standard for name resolution on the Internet DNS is based on domains –e.g..com,.net,.org – Top level domains (TLD) – umb.edu, name.tld – Second level domains Top level domains are tracked by Internet Consortium of Assigned Names and Numbers (ICANN) Businesses can apply for a second level domain (e.g. thru godaddy.com)

DNS Details (cont’d) Properties of DNS –Hierarchical name space divided into zones –Zones contain IP addresses, services, computers –Zones typically corresponding to domains, but they don’t have to –Zone files distributed over a collection of DNS servers Authoritative DNS server contains a readable and writeable copy of the zone file Secondary DNS servers contain a read-only copy of the zone file –Two types of zones: Forward lookup: Host names -> IP addresses Reverse lookup: IP addresses -> Host names

13 root servers (see Labeled A through M DNS Root Servers B USC-ISI Marina del Rey, CA L ICANN Los Angeles, CA E NASA Mt View, CA F Internet Software C. Palo Alto, CA (and 17 other locations) I Autonomica, Stockholm (plus 3 other locations) m WIDE Tokyo A Verisign, Dulles, VA C Cogent, Herndon, VA (also Los Angeles) D U Maryland College Park, MD G US DoD Vienna, VA H ARL Aberdeen, MD J Verisign, ( 11 locations) K RIPE London (also Amsterdam, Frankfurt)

Domain Name System comeduorgac uk zw arpa unnamed root for reverse lookup bar westeast foomy ac cam usr in- addr generic domainscountry domains my.east.bar.edu usr.cam.ac.uk /24

Zones versus Domains Multiple DNS Zones in 1 domain e.g. 1 zone for cs.umb.edu 1 zone for math.umb.edu Different administrator for each zone since he/she knows the layout of computers in that zone better

Delegate Name Resolution Recursive query –Ask server to get answer for you –e.g. request 2 and response 9 in the next diagram Iterative query –Ask server who to ask next –e.g. all other request-response pairs

DNS Resolver and Local DNS Server Application DNS resolver Local DNS server 1 10 DNS cache DNS query 2 DNS response 9 Root server 3 4 Top-level domain server 5 6 Second-level domain server 7 8 Caching based on a time-to-live (TTL) assigned by the local DNS server responsible for the host name to reduce latency in DNS translation. Delegate name resolution

DNS Caching Performing all these queries take time –And all this before the actual communication takes place –e.g., 1-second latency before starting Web download Caching can substantially reduce overhead –The top-level servers very rarely change –Popular sites (e.g., visited often –Local DNS server often has the information cached How DNS caching works –DNS servers cache responses to queries –Responses include a “time to live” (TTL) field –Server deletes the cached entry after TTL expires

Negative Caching Remember things that don’t work –Misspellings like and –These can take a long time to fail the first time –Good to remember that they don’t work –… so the failure takes less time the next time around

Zone file example $ORIGIN example.com. $TTL SOA dns1.example.com. hostmaster.example.com. ( ; serial ; refresh after 6 hours 3600 ; retry after 1 hour ; expire after 1 week ) ; minimum TTL of 1 day ; NS dns1.example.com. NS dns2.example.com. dns1 A AAAA aaaa:bbbb::1 dns2 A AAAA aaaa:bbbb::2 MX 10 mail.example.com. MX 20 mail2.example.com. mail A AAAA aaaa:bbbb::5 mail2 A AAAA aaaa:bbbb::6 ; ; This sample zone file illustrates sharing the same IP addresses for multiple services: ; services A AAAA aaaa:bbbb::10 A AAAA aaaa:bbbb::11 ftp CNAME services.example.com. www CNAME services.example.com. ; ;

Resource Records Host(A) records – map a hostname to its IP address A Load-balancing using round-robin DNS A A A If the machines are on different subnets, DNS will return one that is “closest” to the requester.

Canonical Name(CNAME) Records Allow you to give multiple hostnames to one IP address One machine answers 1 IP address, but listens to multiple hostnames For example: ftp CNAME collosus.hasselltech.net

Mail Exchanger(MX) Records Identify the mail server(s)for a specific zone or domain Instruct the connecting computers to send all mail destined for a certain domain to a specific machine Multiple MX records can have different preference numbers. The lowest one has the highest priority MX 10 MX 100 queue.perigee.net

Nameserver(NS) Records Defines the nameservers that can answer queries for a specific domain NS NS ns2.hasselltech.net.

Start of Authority (SOA) Records Specifies the primary nameservers that are authoritative for a particular zone Also controls how long a non-authoritative nameserver can keep the information it retrieved from the authoritative one –Refresh interval: how long before it needs to refresh –Retry interval: how long to wait before it is allowed to contact the authoritative one –Minimum TTL: how long they can use the information

Example of SOA IN SOA collossus.hasselltech.net. admin.hasselltech.net. ( ; serial number 100; refresh 50; retry 86400; expire 3600 ); default TTL

Pointer (PTR) Records Similar to A records Perform the mapping of IP addresses to hostnames e.g in-addr.arpa IN PTR alpha.abc.com Internet

Service (SRV) Records Indicate the range and availability of services in a zone Also have a preference number e.g _kerbos._tcp._sites.dc._msdcs 600 SRV colossus.hasselltch.net service TTL preference port server

Using Primary and Secondary Nameservers DNS has built-in redundancy for primary and secondary nameservers Each has a copy of the zone file Each zone has one primary nameserver, but with many secondary nameservers Secondary nameservers have read-only copies of the zone file