Internetworking II Organizational Communications and Technologies Prithvi Rao H. John Heinz III School of Public Policy and Management Carnegie Mellon University

Objectives Understand how DNS works Present a DNS scenario

Naming Hosts Nameserver is vehicle for mapping a name to a network telnet akasha.tic.com vs telnet Network object is passed to transport protocol interface Naming evolved with other protocols

History of Naming Predecessor of Internet was ARPANET Most important resource was IP address Used naming authority to assign IP addresses Most hosts had single network interfaces; hostname were synonymous to interface Central registry to maintained names and corresponding IP addresses Administrator received a host and IP address for each new machine to be added to network IP address known when network was established Name collision avoided by searching a host file

History of Naming Host files were copied to each machine Unix systems consisted of /etc/hosts file Operating systems supported lookup using library functions gethostbyname() and gethostbyaddr() Worked well for small number of hosts (100s) Other operating systems used similar mechanisms but basically the same Worked well because relatively few requests and table size relatively small

History of Naming Exponential growth of the internet made static host table impractical Load on servers hosting registry introduced delays in access Names had to be unique to avoid name clashes Solution to support growing internet was Domain Name System (DNS)

Domain Name System Internet’s official naming system Distributed naming system Database is scattered across many hosts Maintained by many organizations (each has a small part) Defines resource named and protocols used to communicate between nameservers that maintain the database

Domain Name System Delegation Naming is delegated leaving central registry to register only naming authorities Every host is not named by central authority Dynamic Distribution Name lookup is dynamically distributed Site administrators did not have to copy host files Redundancy Lookup algorithms were redundant; no single server Reliability was improved

Domain Name System Extensibility Not necessarily restricted to IP addresses

Delegation Defines a name space that is a tree structure Each node owned by single authority Child nodes can be created Each child node must have a unique name Domain is any node and its descendant nodes Domain name uniquely indentifies single node within domain Node names are written with separated period

Delegation root edu comorgnz co ac ……. cmu andrew tic kiwilabs unix5 akasha

Delegation Children of root are “top-level domains” Domain name that traverses from node to root is called a Fully Qualified Domain Name (FQDN) Always ends with a period cs.edu(.) Practically the period is dropped cs.edu Some applications (mail) do not permit the appending of a period Domain name traversing part of node is called a Relative Domain Name

Dynamic Distribution Descendants of a domain called subdomains kiwilabs.com has authority for all names under kiwilabs.com Grant of authority is given when new subdomain is registered Naming authority can assign subdomain names arbitrarily Child node must be unique ux4.sp.cs.cmu.edu? Hierarchy is broader than deeper

Extensibility Name gives resource a convenient reference; name is mapped to resource Can map DNS name to other resources DNS uses a typed resource record to identify resource being named <domain-name ttl IN resource_type resource_value) domain_name is the FQDN for the resource that is key to identifying resource

Extensibility ttl is the time to live value Time that the resource record can be cached before being discarded Field is decremented every second and resource is discarded when ttl reaches zero IN identifies resource as belonging to TCP/IP or INternet protocol

Extensibility resource_type is a unique identifier for type of resource named During lookup resource_type is used to distinguish between resource records mqpped to the domain name resource_value is value of resource. Can be single value (IP address) or record with multiple values DNS has standard set of resource record types

Resource Types IP addresses domain_name A ip_addresses Example ticmac.tic.com A and A is the record type corresponding to IP addresses maps domain name ticmac.tic.com to

IP Address Multi-homed host or router has an A record for each network interface router.tic.com A router.tic.com A This illustrates mapping of name router.tic.com to two IP addresses. Machine has two interface cards

Host Information HINFO record indentifies and operating system of host with given domain name domain_name HINFO hardware os Example akasha.tic.com HINFO Sun SunOs

Alias Alias is CNAME record associating domain name with another domain name domain_name CNAME canonical_name Example mac.tic.com CNAME ticmac.tic.com says that name mac.tic.com is alias for ticmac.tic.com

DNS Operational Architecture Server Resolver library Application Query or reply To/from another server query reply function call function return

DNS Query Format header question answer authority additional

DNS Operational Architecture question contains the target domain name and the type and class of query Can match resource record type or be wildcarded to ask for any resource answer is completed by nameserver that replies to query authority can name other authority that can answer query

DNS Operational Architecture additional completed by nameserver and assists client with needed information

DNS Operational Steps Application sends DNS query to nameserver and waits for response from resolver Resolver generates query and and transmits it to nameserver and handles response and retransmits a query request Examples of API for DNS gethostbyname() and gethostbyservice()

DNS Zones root edu comorgnz co ac ……. cmu andrew tic kiwilabs unix5 akasha

DNS Zones Each DNS zone has its own zone database Primary name-server exists for each zone and maintains an up-to- date copy of zone database Copies maintained in secondary nameservers (reliability)

DNS Scenario 1)Query from machine able.widget.com is sent to nameserver on ns.widget.com for the IP address for the domain name baker.austin.tic.com: step 1 2)ns.widget.com has no cached resource records for baker.austin.tic.com so the nameserver tries to find an NS record for the parent domain austin.tic.com 3)Finding no cached records for that domain it attempts to find an NS record for the tic.com domain. It looks for the com domain without success. It forwards original query to a root nameserver: step 2

DNS Scenario 4) Root nameserver repeats step 3 and finds an NS record for the com server and passes the query to that server 5) Nameserver for com domain once again repeats above algorithm and finds NS record and associated A record for the domain tic.com and returns information to nameserver on ns.widget.com: step 4 6) Information is cached on ns.widget.com (NS and A records) and sends original query to server for tic.com. Second server for that domain is contacted if timeout occurs: step 5

DNS Scenario 7) Server for tic.com receiving query forwards it to server for austin.tic.com domain: step 6 8) Destination server has answer desired by original node (baker.austin.tic.com) and returns answer to tic.com (7) which then sends answer to ns.widget.com (8) which in turn returns answer to able.widget.com (9) and this machine caches answer for later use

Query Example ns.austin.tic.com ns.widget.comrootserver akasha.tic.com comserver able.widget.com

Summary Presented a brief history of domains and host naming Examined the use of resource records Presented DNS query example