NET0183 Networks and Communications Lecture 25 DNS Domain Name System 8/25/20091 NET0183 Networks and Communications by Dr Andy Brooks
8/25/2009 NET0183 Networks and Communications by Dr Andy Brooks 2 DNS is a distributed database implemented in a hierarchy of many servers. DNS is an application layer protocol that runs over UDP and uses port 53. When someone uses the term “DNS” they might be talking about the servers or they might be talking about the protocol or both.
Webopedia 17/3/10 8/25/2009 NET0183 Networks and Communications by Dr Andy Brooks 3 Short for Domain Name System (or Service or Server), an Internet service that translates domain names into IP addresses. Because domain names are alphabetic, they're easier to remember. The Internet however, is really based on IP addresses. Every time you use a domain name, therefore, a DNS service must translate the name into the corresponding IP address. For example, the domain name might translate to The DNS system is, in fact, its own network. If one DNS server doesn't know how to translate a particular domain name, it asks another one, and so on, until the correct IP address is returned.
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Name Resolution The translation of a domain name into an address is called name resolution and the name is said to be resolved to an address. Software to perform translation is known as a name resolver (or simply resolver). In the socket API, for example, the resolver is invoked by calling function gethostbyname. Each resolver is configured with the address of one or more local DNS servers. The resolver forms a DNS request message and sends the message to the local DNS server. –The resolver the waits for the local DNS server to send a DNS reply message with the answer.
Root server Webopedia 17/3/10 8/25/2009 NET0183 Networks and Communications by Dr Andy Brooks 5 A system of 13 file servers that are distributed around the globe and contain authoritative databases that form a master list of all top-level domain names (TLDs). There is one central, or "A", server that replicates changes to the other servers on a daily basis. Different organizations maintain the servers on the root server system. The U.S. government plays a role in maintaining about half of the servers. “While only 13 names are used for the root nameservers, there are many more physical servers; C, F, I, J, K, L and M servers now exist in multiple locations on different continents, using anycast address announcements to provide decentralized service. As a result most of the physical root servers are now outside the United States, allowing for high performance worldwide.” Root Wikipedia 3/17/2010
Webopedia 17/3/10 8/25/2009 NET0183 Networks and Communications by Dr Andy Brooks 6 Short for top-level domain, and refers to the suffix attached to Internet domain names. There are a limited number of predefined suffixes, and each one represent a top-level domain. Current top-level domains include: com - commercial businesses; this is the most common TLD gov - U.S. government agencies edu - Educational institutions such as universities org - Organizations (mostly nonprofit) mil - Military net - Network organizations ca - Canada th - Thailand
8/25/2009 NET0183 Networks and Communications by Dr Andy Brooks 7
8 Distributed, Hierarchical Database Client wants IP for 1 st approx: Client queries a root server to find com DNS server Client queries com DNS server to get amazon.com DNS server Client queries amazon.com DNS server to get IP address for slide from Kurose & Ross
9 Example r Host at cis.poly.edu wants IP address for gaia.cs.umass.edu slide from Kurose & Ross
10 Recursive queries recursive query: r puts burden of name resolution on contacted name server r heavy load? iterated query: r contacted server replies with name of server to contact r “I don’t know this name, but ask this server” slide from Kurose & Ross
11 DNS: caching r once (any) name server learns a mapping, it caches the mapping r cache entries timeout (disappear) after some time r Top-level domain servers are typically cached in local name servers. Thus root name servers are not often visited. slide from Kurose & Ross
Domain Name Wikipedia 17/3/10 8/25/2009 NET0183 Networks and Communications by Dr Andy Brooks 12 “In principle, authoritative name servers are sufficient for the operation of the Internet. However, with only authoritative name servers operating, every DNS query must start with recursive queries at the root zone of the Domain Name System and each user system must implement resolver software capable of recursive operation.” “To improve efficiency, reduce DNS traffic across the Internet, and increase performance in end-user applications, the Domain Name System supports DNS cache servers which store DNS query results for a period of time determined in the configuration (time-to-live) of the domain name record in question.” “An authoritative-only name server only returns answers to queries about domain names that have been specifically configured by the administrator.”
DNS caching in Web browsers 8/25/2009 NET0183 Networks and Communications by Dr Andy Brooks 13 “DNS has a cost. It typically takes milliseconds for DNS to lookup the IP address for a given hostname. The browser can’t download anything from this hostname until the DNS lookup is completed.” “DNS lookups are cached for better performance. This caching can occur on a special caching server, maintained by the user's ISP or local area network, but there is also caching that occurs on the individual user's computer. The DNS information remains in the operating system's DNS cache (the "DNS Client service" on Microsoft Windows).” “Most browsers have their own caches, separate from the operating system's cache. As long as the browser keeps a DNS record in its own cache, it doesn't bother the operating system with a request for the record.” “Internet Explorer caches DNS lookups for 30 minutes by default, as specified by the DnsCacheTimeout registry setting. Firefox caches DNS lookups for 1 minute, controlled by the network.dnsCacheExpiration configuration setting.”
14 DNS records DNS: a distributed database storing resource records (RR) r Type=NS name is domain (e.g. foo.com) value is hostname of authoritative name server for this domain RR format: (name, value, type, ttl) r Type=A name is hostname value is IP address r Type=CNAME name is alias name for some “canonical” (the real) name is really servereast.backup2.ibm.com value is canonical name r Type=MX value is name of mailserver associated with name slide from Kurose & Ross
15 DNS protocol, messages query & reply messages both have the same message format msg header r Identification: 16 bit # for query, reply to query uses same # r Flags, e.g. query or reply Bit 16 - QR bit. The message is a query if the value is 0. The message is a response if the value is 1. reply is authoritative Bit 21 - AA bit. - Authoritative answer is set if the responding name server is an aurhority for the domain name in question. recursion desired Bit 23 – RD bit. Recursion Desired is set in a query and indicates the query should be persued recursively. slide from Kurose & Ross
16 DNS protocol, messages slide from Kurose & Ross QR