Presentation is loading. Please wait.

Presentation is loading. Please wait.

Domain Name System (DNS)

Published byBethany Freeman Modified over 6 years ago

Similar presentations

Presentation on theme: "Domain Name System (DNS)"— Presentation transcript:

1 Domain Name System (DNS)
G53ACC 11/17/2018 Domain Name System (DNS) G53ACC Chris Greenhalgh School of Computer Science and IT DNS

2 Contents Introduction DNS names and name space Resource records
G53ACC 11/17/2018 Contents Introduction DNS names and name space Resource records Applications Administration and zones Query patterns Message format Cacheing Books: Comer Ch. 31 DNS

3 Domain Name System (DNS)
G53ACC 11/17/2018 Domain Name System (DNS) DNS provides name-to-value mapping through: hierarchical domain-based naming scheme distributed database system Primarily for mapping host names to IP addresses E.g. as used in URLs (other local solutions, e.g. Sun NIS, MS ActiveDirectory) Defined in RFC1034 and RFC1035. DNS

4 G53ACC 11/17/2018 DNS Name Space The Internet is divided into several hundred top-level domains Each domain covers many hosts Each domain is partitioned into subdomains these too are further partitioned, and so on. These domains can be represented by a tree: DNS

5 A Portion of the DNS Name Tree
G53ACC 11/17/2018 A Portion of the DNS Name Tree com edu gov mil org uk mit ac co ftp nottingham warwick demon cs ccc much DNS

6 Names A domain is named by the path from it to the (unnamed) root.
G53ACC 11/17/2018 Names A domain is named by the path from it to the (unnamed) root. The components are separated by “dots”. e.g. a Nottingham CS machine might be much.cs.nottingham.ac.uk Hierarchical, so much at CS (much.cs.nott.ac.uk) is not much at Warwick (much.warwick.ac.uk) DNS

7 Names Restrictions Domain names are case insensitive
G53ACC 11/17/2018 Names Restrictions Domain names are case insensitive edu and EDU mean the same thing Component names can be up to 63 characters long Full path names must not exceed 255 characters DNS

8 G53ACC 11/17/2018 DNS Resource Records Each domain has a set of “resource records” associated with it. For a single host, the most common resource record is just its IP address but many other kinds of resource records exist… When a query is directed to a domain, the result is the relevant resource record(s) associated with that name DNS

9 Resource Record structure
Each resource record comprises: Owner = domain name Type = entry type, 16 bits, e.g. A, CNAME, … Class = protocol or protocol family, 16 bits, e.g. IN (the INternet) TTL = time, 32 bits, seconds, that this resource record can be cached RDATA = type-specific information, e.g. IP address for type A record

10 Resource record Types Type Meaning Value
G53ACC 11/17/2018 Resource record Types Type Meaning Value SOA Start of Authority Parameters for this zone A IP address of a host 32bit integer MX Mail Exchange Priority, domain willing to accept CNAME Canonical Name Domain Name PTR Pointer Alias for an IP address HINFO Host Description CPU and OS in ASCII (security risk – rarely used) TXT Text Uninterpreted ASCII text DNS

11 A Simple Example Resource Records for Much
G53ACC 11/17/2018 A Simple Example Resource Records for Much (Class (‘IN’) and TTL are nameserver defaults) much A MX 1 marian MX 2 pat MX 5 nfs-relay.ac.uk HINFO Sparc UNIX DNS

12 Applications (1) Host Naming ASCII names Numerical addresses
G53ACC 11/17/2018 Applications (1) Host Naming ASCII names e.g. marian.cs.nott.ac.uk human readable memorable Numerical addresses e.g needed by network (e.g. for routing) DNS host name = domain name, ‘A’ record contains numerical IP address DNS

13 Applications (2) Host aliases
G53ACC 11/17/2018 Applications (2) Host aliases ‘CNAME’ records, e.g. ‘ –> ‘pat.cs.nott.ac.uk’ Note: a node with a CNAME record should only have a CNAME record – All other queries are answered using records for the pointed-to domain name ‘PTR’ records, which just point to another domain name Other queries not automatically forwarded E.g. reverse lookup… DNS

14 Applications (3) Reverse lookup: IP address to host name
Special domain IN-ADDR.ARPA is root of tree with (reversed) dot-separated IP addresses as nodes/sub-nodes. PTR records identify host domain name records IN-ADDR.ARPA => (PTR) picasso.mrl.nottingham.ac.uk picasso.mrl.nottingham.ac.uk => (A) Why? for security (delegation of sub-zones follows IP address allocation) Is this really the machine which it says it is? Is it entitled to use this IP address?

15 Email addresses (Internet) for example, mjr@cs.nott.ac.uk
Applications (4) addresses (Internet) for example, MX record - Mail eXchanger –> host to deliver mail to for the given address for cs.nott.ac.uk the answer is (with priority, low best): MX pat.cs.nott.ac.uk. MX marian.cs.nott.ac.uk. MX pat.ccc.nottingham.ac.uk.

16 Administration: Name Allocation
G53ACC 11/17/2018 Administration: Name Allocation Naming follows organisational boundaries, not physical networks Departments sharing the same LAN can have distinct domains Hosts in departments split over several buildings can have the same domain ac.uk … nottingham warwick … cs ccc … much … DNS

17 Administration: Domain Allocation
G53ACC 11/17/2018 Administration: Domain Allocation Each domain controls how it allocates domains underneath it. To create a new domain, permission is required of the domain in which it will be included e.g. to create psychology.nott.ac.uk needs permission from nott.ac.uk A new domain can create sub-domains without needing external permission Top-level domains are administered by registries, e.g. interNIC for .com, .org, .net, .edu DNS

18 Administration: Zones
A zone is a fully connected subset of the domain name space which is administered as a single unit. A zone will be a single sub-tree, less those sub-sub-trees which have been delegated to other administrative zones. A zone must have at least two name servers, and must identify all sub-zone name servers. Root zone information is cached by hand at most/all name servers.

19 A Portion of the DNS Name Space with Possible Zones
G53ACC 11/17/2018 A Portion of the DNS Name Space with Possible Zones uk ac co nott warwick demon cs ccc mrl DNS

20 DNS Protocol Operation
Simple request-response protocol over UDP… Client forms request uses UDP sends to default server (e.g. from /etc/resolv.conf) Server receives request sends response back to client may make additional (recursive) queries to other servers (if permitted by query flag RD)…

21 DNS Message Format (i) [bytes 0,1] Client query identification no.
[2,3] Flags, including: QR (1 bit) query (0), response (1) AA (1 bit) authoritative answer, i.e. by DNS server responsible for the domain in question. RD (1 bit) recursion desired RA (1 bit) recursion available (from server) RCODE (4 bits) ok/error response (from server)

22 DNS Message Format (ii)
[4,5] number of questions [6,7] number of answers [8,9] number of authority records [10,11] number of additional records Followed by questions, answers, authority records, and additional records in turn. Question comprises domain name, type (can be ‘any’) and class. Answers and other records comprise standard resource records (see earlier) Standard encodings and compression scheme using for domain names defined in RFC.

23 DNS Recursive Query (normal)
G53ACC 11/17/2018 DNS Recursive Query (normal) .com DNS .foo.com Client DNS DNS wu.foo.com? (A records, INternet) marian: .cs.nott.ac.uk 1. Client queries default (local) DNS server. 2. If server cannot resolve query, it in turn queries a DNS server which is responsible for the root of that domain. 3. That server may pass the request on to another DNS server responsible for a more specific sub-domain. And so on. DNS

24 DNS Iterative Query 4. 3. 2. 1. 1. Query sent to local DNS server
G53ACC 11/17/2018 DNS Iterative Query 4. DNS 3. Client DNS 2. 1. DNS 1. Query sent to local DNS server 2. Local server cannot resolve it, but returns address of DNS to query next (server with authority for domain) 3. Client queries authority DNS server 4. That server returns results of query, or goto step 2. DNS

25 Response Caching DNS servers (and clients) can cache responses to previous recursive queries gives a “non-authoritative” answer the server in not responsible for that domain but has a recent response Needed for scalability, e.g. avoid accessing US for every .com domain name request (also uses replication of servers) Can optionally cache negative responses (e.g. common typos or defunct domains)

26 Tools Command-line dig nslookup … Web sites Various…
E.g. “dig any cs.nott.ac.uk” nslookup Web sites Various… Providing access to similar facilities (and more)

Download ppt "Domain Name System (DNS)"

Similar presentations

Web Server Administration

Web Server Administration
Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.

Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
20101 The Application Layer Domain Name System Chapter 7.

20101 The Application Layer Domain Name System Chapter 7.
Application Layer At long last we can ask the question - how does the user interface with the network?

Application Layer At long last we can ask the question - how does the user interface with the network?
Domain Name System: DNS

Domain Name System: DNS
CPSC 441: DNS1 Instructor: Anirban Mahanti Office: ICT 745 Class Location: ICT 121 Lectures: MWF 12:00 – 12:50 Notes derived.

CPSC 441: DNS1 Instructor: Anirban Mahanti Office: ICT Class Location: ICT 121 Lectures: MWF 12:00 – 12:50 Notes derived.
TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.

TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.
The Domain Name System (DNS)

The Domain Name System (DNS)
Domain Name Services Oakton Community College CIS 238.

Domain Name Services Oakton Community College CIS 238.
Domain Name System (DNS) Ayitey Bulley Session-1: Fundamentals.

Domain Name System (DNS) Ayitey Bulley Session-1: Fundamentals.
CS 4396 Computer Networks Lab

CS 4396 Computer Networks Lab
NAME SERVICES. Names and addresses File names -------/etc/passwd URLS ----http://www.yahoo.com Internet domain names—dcs.qmw.ac.uk Identifiers- ROR, NFS.

NAME SERVICES. Names and addresses File names /etc/passwd URLS Internet domain names—dcs.qmw.ac.uk Identifiers- ROR, NFS.
1 Domain Name System (DNS). 2 DNS: Domain Name System Internet hosts: – IP address (32 bit) - used for addressing datagrams – “name”, e.g., www.yahoo.com.

1 Domain Name System (DNS). 2 DNS: Domain Name System Internet hosts: – IP address (32 bit) - used for addressing datagrams – “name”, e.g.,
Netprog: DNS and name lookups1 Address Conversion Functions and The Domain Name System Refs: Chapter 9 RFC 1034 RFC 1035.

Netprog: DNS and name lookups1 Address Conversion Functions and The Domain Name System Refs: Chapter 9 RFC 1034 RFC 1035.
TELE 301 Lecture 11: DNS 1 Overview Last Lecture –Scheduled tasks and log management This Lecture –DNS Next Lecture –Address assignment (DHCP)

TELE 301 Lecture 11: DNS 1 Overview Last Lecture –Scheduled tasks and log management This Lecture –DNS Next Lecture –Address assignment (DHCP)
Domain Names System The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the.

Domain Names System The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the.
DNS: Domain Name System

DNS: Domain Name System
14 DNS : The Domain Name System. 14 Introduction - Problem Computers are used to work with numbers Humans are used to work with names ==> IP addresses.

14 DNS : The Domain Name System. 14 Introduction - Problem Computers are used to work with numbers Humans are used to work with names ==> IP addresses.
October 15, 2002Serguei A. Mokhov, 1 Intro to DNS SOEN321 - Information Systems Security.

October 15, 2002Serguei A. Mokhov, 1 Intro to DNS SOEN321 - Information Systems Security.
Chapter 17 Domain Name System

Chapter 17 Domain Name System

Similar presentations

Ads by Google