1. ITEC350 Networks I Lecture 3

2. DNS (Domain Name Service)

3. Address “translation” Domain Name Service (DNS)  Given a Domain Name (e.g., yahoo.com), lookup the IP address.  Command nslookup returns: DNS Server name & IP addr IP address(es) of the domain Microsoft Windows 2000 [Version 5.00.2195] (C) Copyright 1985-2000 Microsoft Corp. H:\>nslookup yahoo.com Server: newriver.radford.edu Address: 137.45.26.19 Non-authoritative answer: Name: yahoo.com Addresses: 64.58.79.230, 66.218.71.198

4. U.S. Top Level Domains

5. Address Resolution Early Internet had no Domain Name System – Just HOSTS file  Win2K: C:\WINNT\system32\drivers\etc\HOSTS  Unix\Linux: /etc/hosts Ancient History: Before DNS,  The master HOSTS file was maintained by SRI International  Periodically, every computer in the internet reloaded HOSTS file ~1984 someone realized that millions of computers and domains needed a central database – DNS was born Still, when a host needs to translate yahoo.com,  First, HOSTS file is scanned  Then DNS is used.

6. Domain Name Service (DNS) Developed by Postel & Mockapetris www.internic.net is a good site to browse www.internic.net The phone book of the internet  But more restrictive … Each entry must be Unique Authentic  Universal Resolvability is ensured  Distributed Database

7. Figure 1.27: Domain Name System (DNS) DNS Request Message “The host name is Voyager.cba.hawaii.edu” Originating Host DNS Server

8. Figure 1.27: Domain Name System (DNS) DNS Table Host Name … Voyager.cba.hawaii.edu … IP Address … 128.171.17.13 … DNS Response Message “The IP address is 128.171.17.13” Originating Host DNS Server

9. DNS 13 Identical Root Servers  All Top Level Domain (TLD) Registries  Database for each TLD.com.org.edu.biz …. (gTLDs).fr.ca etc. country-specific TLDs, or ccTLDs Root Servers are  Authoritative  Maintained by ICANN, www.icann.orgwww.icann.org (International Corporation for Assigned Names and Numbers)

13. DNS Why does Radford have a DNS server called newriver.radford.edu ?  The 13 authoritative servers could not handle the load of billions of name resolutions  Faster to have a “non-authoritative” local server  If there is a domain name that newriver.radford.edu does not have Newriver can contact one of the authoritative root servers

14. DNS Names Hierarchical, right to left  nth level ……. Top Level Domain (Label)  yadda.yadda.yadda.yadda……….edu TLD, or Label may be up to 63 chars long Total length of name must be <= 255 chars Total length <= 127 labels DNS Names are either  Relative (newriver)  Fully qualified (newriver.radford.edu, an actual host or server)

15. Sidebar on Domain Names in USA ISO 3166 is a standard that defines a unique TLD for each country (i.e.,.fr = France) Why don’t we see radford.edu.us?  Because the USA, alone among all other countries, decided not to bother using the ISO’s TLD scheme Other variations adopted by some countries include “sub-domains” e.g.:  In the UK, ac.uk, co.uk, and sch.uk are reserved for academic, company and schools  In Australia, a blend of the US and ISO is used:.edu.au,.com.au

16. The root zone, AKA DNS Zones: Any collection of hosts.edu radford.edu Network lab in DA214.

17. DNS Servers Each DNS zone has  A domain name  At least a primary server  Probably a secondary server as well A computer that maintains a single master list of DNS Names and IP Addresses for a zone  Has Authority for that Zone  Is known as the primary server for the zone

18. Application (Host Process) Interfaces Given a domain Name there are several methods of resolution  Host table lookup (on Unix, /etc/hosts is a text file )  Local name server process (on Unix, named)  Send msg to a DNS primary or secondary server

19. NSlookup – DNS Translation Manual Page for nslookup can be found at http://www.stopspam.org/usenet/mmf/man/nslookup.html http://www.kloth.net/services/nslookup-man.php It is for Unix shell, but most operation is same for WIN2K or up. The command nslookup allows DNS translation to a DOS cmd window.

20. H:\>nslookup Default Server: newriver.radford.edu Address: 137.45.26.19 > ? Commands: (identifiers are shown in uppercase, [] means optional) NAME - print info about the host/domain NAME using default server NAME1 NAME2 - as above, but use NAME2 as server help or ? - print info on common commands set OPTION - set an option all - print options, current server and host [no]debug - print debugging information [no]d2 - print exhaustive debugging information [no]defname - append domain name to each query [no]recurse - ask for recursive answer to query [no]search - use domain search list [no]vc - always use a virtual circuit domain=NAME - set default domain name to NAME srchlist=N1[/N2/.../N6] - set domain to N1 and search list to N1,N2, etc. root=NAME - set root server to NAME retry=X - set number of retries to X timeout=X - set initial time-out interval to X seconds type=X - set query type (ex. A,ANY,CNAME,MX,NS,PTR,SOA,SRV) querytype=X - same as type class=X - set query class (ex. IN (Internet), ANY) [no]msxfr - use MS fast zone transfer ixfrver=X - current version to use in IXFR transfer request server NAME - set default server to NAME, using current default server lserver NAME - set default server to NAME, using initial server finger [USER] - finger the optional NAME at the current default host root - set current default server to the root ls [opt] DOMAIN [> FILE] - list addresses in DOMAIN (optional: output to FILE) -a - list canonical names and aliases -d - list all records -t TYPE - list records of the given type (e.g. A,CNAME,MX,NS,PTR etc.) view FILE - sort an 'ls' output file and view it with pg exit - exit the program

21. (Example) Nslookup Server newriver.radford.edu  Not authoritative for yahoo.com  Authoritative for neelix Relative form used C:\>nslookup yahoo.com Server: newriver.radford.edu Address: 137.45.26.19 Non-authoritative answer: Name: yahoo.com Addresses: 64.58.79.230, 66.218.71.198 C:\>nslookup neelix Server: newriver.radford.edu Address: 137.45.26.19 Name: neelix.RADFORD.EDU Addresses: 137.45.192.213, 137.45.192.215

22. DNS records Domain Name Servers get their information from a database maintained by the domain administrator. A client sends a message to the DNS using the UDP protocol. A server has different types of entries

23. DNS Query types A, CNAME, NS, MX, PTR, SOA, TXT  http://www.kloth.net/services/nslookup-man.php http://www.kloth.net/services/nslookup-man.php Each query type returns slightly different subset of the total information. Following slides were the output from http://www.kloth.net/services/nslookup.php http://www.kloth.net/services/nslookup.php  Using radford.edu as the domain  Each different query type selected in turn

24. DNS Resource Records (RR) Start of Authority (SOA) – denotes the primary DNS and time limits. Address (A) – supplies a host name's IP address Canonical Name (CNAME) – provides alias host names Mail Exchanger (MX) – defines a domain's mail systems Name Server (NS) – defines a domain's name servers

25. RR example acme.com. IN SOA origin = acme.com. mail addr = jef.acme.com. serial = 2004020712 (Date format) refresh = 10800 (3 Hours) retry = 1200 (20 Minutes) expire = 604800 (1 Week) minimum = 3600 (1 Hours) acme.com. IN NS dns.acme.com. acme.com. IN MX 20 mail.acme.com. dns.acme.com. IN A 192.168.210.2 ftp.acme.com. IN CNAME www.acme.com.

26. RR example acme.com. IN SOA dns.acme.com. dnsowner.acme.com. ( 20010313 ; serial # (date format) 10800 ; refresh (3 hours) 3600 ; retry (1 hour) 604800 ; expire (1 week) 86400) ; TTL (1 day) acme.com. IN NS dns.acme.com. IN NS ns1.isp.net. acme.com. IN MX 20 mail.acme.com. IN MX 40 mail.isp.com. dns.acme.com. IN A 192.168.210.2 mail.acme.com. IN A 192.168.210.4 www.acme.com. IN A 192.168.210.5 ftp.acme.com. IN CNAME www.acme.com. pc.acme.com. IN A 192.168.210.6

27. All DNS records for Radford.edu Server: www-coastland-49.highertech.net Address: 66.129.3.49 Non-authoritative answer: radford.edu nameserver = GNS1.NOMINUM.COM radford.edu nameserver = GNS2.NOMINUM.COM radford.edu nameserver = RUACAD.radford.edu radford.edu nameserver = RUSERVE.radford.edu radford.edu nameserver = WEBWORK.radford.edu radford.edu origin = RUSERVE.radford.edu mail addr = bbuskill.radford.edu serial = 2004020110 refresh = 10800 (3H) retry = 3600 (1H) expire = 604800 (1W) minimum = 900 (15M) Authoritative answers can be found from: radford.edu nameserver = GNS1.NOMINUM.COM radford.edu nameserver = GNS2.NOMINUM.COM radford.edu nameserver = RUACAD.radford.edu radford.edu nameserver = RUSERVE.radford.edu radford.edu nameserver = WEBWORK.radford.edu GNS1.NOMINUM.COM internet address = 198.133.199.1 GNS2.NOMINUM.COM internet address = 192.100.59.2 RUACAD.radford.edu internet address = 137.45.128.4 RUSERVE.radford.edu internet address = 137.45.128.132 WEBWORK.radford.edu internet address = 137.45.28.30

28. DNS uses two request flavors A recursive request will respond with the answer or an error message if the host is not known. This is the type of request made by a client when the user program executes a “gethostbyname” function. An Interactive request will respond with the answer or the name of a DNS that may be able to answer the question. This type of request is usually used between Domain Name Servers. http://cr.yp.to/djbdns/intro-dns.html

29. DNS Search Example. (ROOT) Newriver.radford.edu Cist_hp_da.radford. edu.COM DNS zone Server DNS.yahoo.com yahoo.com Cist_hp_da.radford.edu needs the address of a web server on yahoo.com 1 23 4 5 6 7 8 Radford University Yahoo One of the 13 root servers Each blue oval is a network operated by a distinct organization. (ISP networks not shown)

30. Second DNS Search Example. (ROOT) Newriver.radford.edu Cist_da_hp.radford. edu.COM DNS DNS.yahoo.com ftp.yahoo.com cist_da_hp.radford.edu needs the address of ftp.yahoo.com after finding yahoo.com

31. .arpa An explicit way to signal for reverse translation http://cr.yp.to/djbdns/dot-arpa.html Reverse lookups http://cr.yp.to/djbdns/intro-dns.html#reverse