1 / 24

The Domain Name System

The Domain Name System. Group 20. James Brown Simon Gingold Yue Lai Jun Ma Haobin Song Thomas Stewart David Weinberg. Presentation Structure. Introduction & History How a resolver looks up a remote name. Domain Name space Practical DNS The Domain Name Space Root Name Server

ponce
Download Presentation

The Domain Name System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Domain Name System Group 20 James BrownSimon GingoldYue LaiJun MaHaobin SongThomas StewartDavid Weinberg

  2. Presentation Structure • Introduction & History • How a resolver looks up a remote name. • Domain Name space • Practical DNS • The Domain Name Space • Root Name Server • uk. The United Kingdom’s TLD • WHOIS – Database Of Registrants • Registering a co.uk.domain • Inside a DNS Server • Resolving • Caching • Updating • Two DNS Servers • BIND • Microsoft DNS Server • The DNS Packets • Conclusions

  3. Introduction & History • In the beginning…a file named hosts.txt was maintained and distributed. • - The internet moved to TCP/IP and grew • - Hosts.txt became: • ·Large • · Slow to download • · Didn’t dictate ‘uniqueness of names’ property • · Quickly obsolete name records. • DNS created in 1981 to overcome hosts.txt problems - When a user accesses the internet, the nearest DNS server translates URL’s into IP’s. - DNS is a distributed database – reduces server load. - Indexed for fast searching. Search key = domain name. - DNS can force name uniqueness - Domain Names are like: “microsoft.com” - The zones are separated by ‘.’ - Optionally contain hosts within the domain name. - Allows same names on different hosts, but different domains (e.g. woodstock.man.ac.uk and woodstock.umist.ac.uk) People remember meaningful names far more easily than collections of numbers. . uk ac umist man woodstock woodstock

  4. How a resolver looks up a remote name Suppose a client wants to resolve the name cicade.cs.princeton.edu Copied from Larry L. Peterson & Bruce S. Davie (2000) “Computer Networks – A system approach”, Morgan Kaufmann Publishers, pp 633.

  5. How a resolver looks up a remote name • Step 1: the client sends query containing the domain name to the local name server • Step 2: the local name server may not have the information about the domain name, so it sends the query to one of the root server • Step3: the root server cannot match the entire name, returns best match – the NS (name resolution) record for princeton.edu and it also returns all records which is related to this record • Step 4: the client sends the same query to the name server at Princeton University’s domain • Step 5: This name server also cannot match the entire name, so returns its best match and a NS record: ns1.cs.princeton.edu • Step 6: the client sends the same query to the name server authoritative for the CS Zone (ns1.cs.princeton.edu) • Step 7: the server has a information about cicade.cs.princeton.edu and returns the answer: IP address = 192.12.69.60 • Step 8: armed with the IP address, the client can establish a TCP connection with the destination.

  6. Practical DNS • The domain name space is controlled to enforce a tree structure to it. • Tree is both distributable and efficient. • All domains are children of the . (root) domain. • Top level domains, TLDs are the direct children • Two types: • Generic. eg. com. org. edu. • Country specific. uk. de. il. • All other domains must be under a TLD. • Domains are administered by different organisations.

  7. The Domain Name Space • Hierarchical, tree structure makes domain name space distributable yet still navigable. • Shows com., mynet.com., rivers.mynet.com., seas.mynet.com., lakes.mynet.com., acme.com., rumba.acme.com., samba.acme.com., and tango.acme.com. • rivers, seas and lakes are separate zones • rumba, samba and tango are part or acme.com. Copied from http://ou800doc.caldera.com/NET_tcpip/dnsN.how.html The domain name space diagram

  8. Root name servers • There are 13 root name servers. • a.root-servers.net - m.root-servers.net • Authoritative for the TLDs. • Queries start to the root servers when no cache is available. • Coordinated by IANA (Internet Assigned Numbers Authority) • Many of the root servers are in the USA and run by American organisations. • K.ROOT-SERVERS.NET. is in London and is jointly run by LINX and RIPE NCC. • Creation of TLDs is restricted.

  9. uk. The United Kingdom’s TLD • uk. is divided into second-level domains. • Nominet UK is the the registrar and administrator of the first seven. • plc.uk. and ltd.uk. are restricted • Only registered companies can be part of this domain • Can only register your own company name

  10. WHOIS queries the database of ownership of the domain. Gives name and contact details of the owner of the domain. Gives name and contact details of the administrator of the domain. Lists the name servers that are authoritative for the domain. Not part of DNS but is used to help manage delegation and ownership sub domains. Available at www.whois.co.uk Domain Name: WEINBERG.CO.UK Registered For: Leslie Bunder Domain Registered By: WEBFUSION Registered on 18-Sep-1999. Record last updated on 28-Aug-2001 by domreg@123-reg.co.uk. Domain servers listed in order: NS.HOSTEUROPE.COM 212.67.202.2 NS2.HOSTEUROPE.COM (unable to validate IP) WHOIS database last updated at 19:12:00 17-Apr-2002 WHOIS – Database Of Registrants

  11. Registering a co.uk. domain • Choose the name you want - for example: weinberg.co.uk. • Check using the WHOIS service that this domain name does not already exist. • Inform your registrant of the owners name and address as well as the administrators name and address. • Inform them of the name servers that they will be authoritative for. • Pay for the domain. This ensures ownership and helps Nominet recover its costs. • Running name servers • Maintaining the name servers • Update DNS information • Resolve and try to avoid disputes over names

  12. RESOLVING • When a user (resolver) needs to know an IP Address for a host name, the query is made in one of two ways, recursively or iteratively. • Both methods check to see if the answer is already known, but if not… • 1.Recursive Requests • Look for the name server closest to the answer. • For example, if the location of lion.umist.ac.uk is unknown, but if the location of name servers for umist.ac.uk is known, these would be the closest name servers. If these were unknown the .ac.uk name servers are tried, until the root servers (“.”) are reached. • Ask the closest name server for their best answer in a ‘polite,’ iterative fashion • Continually ask name servers for the best answer they can give. • Always ask the exact original Domain name in these queries. • Train station analogy: ask staff “When is the 10:30 train to London?”, rather than “Where is the person who can tell me about train timetables?” • In the lion.umist.ac.uk example, always ask exactly that. • All the work is done by the initial name server. • This server is given the opportunity to cache the resource records it learns about. • 2.Iterative Requests • All work done by the resolver. • Name servers just respond with their best answer which they know. • This technique used for security reasons. • Not favourable for network traffic.

  13. lion.umist.ac.uk lion.umist.ac.uk uk lion.umist.ac.uk ac lion.umist.ac.uk umist.ac.uk 130.88.96.40 Question: lion.umist.ac.uk Answer: 130.88.96.40 Resolving - recursion • A Recursive Query • The local name server does most of the work.

  14. Resolving – iteration Vs recursion The iterative and recursive queries are shown. R=recursive, I=iterative

  15. Caching • A critical process in the DNS • For every query, a cache of the result and every intermediate step, is maintained. • For example, to find umist.ac.uk, the address of uk, ac.uk and umist.ac.uk name servers could be cached. • When a query is received… • The first step is to check whether this server is authoritative for the zone being queried. • If yes, then no caching is performed. • Otherwise, the local cache is checked. • If the zone is in the cache, then the answer will be returned immediately • Otherwise, the ‘closest known’ (authoritative) name servers are checked and the results cached as the query progresses. • But, DNS records are dynamic • A ‘time to live’ is assigned to the name server. • After this specified time, the cache information for associated record must be flushed. • Typical value is 3 days

  16. Updating • All name servers know the internet’s root servers at the start. • Most updating comes from the ‘experience’ of answering queries and caching. • Some manual updating does occur • Only local Name Servers can have forced updates • Use the ‘Update’ command and specify the resource records to change • In Perl, an update of IP Addresses for a domain’s webserver (called a A Record) looks like this: • $update->push("update", rr_add(“umist.ac.uk, 86400, A, 130.88.0.1")); • When someone accesses “umist.ac.uk,” they are directed to “130.88.0.1” • The local DHCP servers can also inform the DNS server of any updates to IP addresses that have been allocated.

  17. Resource Records • Where the settings for the DNS server are stored • Can be divided into classes • Internet, Chaosnet and Hesiod • Common types:- • TTL, SOA, NS, A, CNAME, PTR, MX, TXT • Many more

  18. Types of Records • TTL – The time to live • SOA record – The authority for this zone • NS record – The name server for this zone • A – A name to address mapping • CNAME – Canonical name, used for aliases • PTR – Address to name mapping • MX – Used for email names • TXT – Used for text entries

  19. BIND • BIND (Berkeley Internet Name Domain) is the main DNS server used on the internet • Cross platform program that was originally coded for UNIX • Linux, BSD and Windows • See Linux DNS HOWTO for more info

  20. Features of Microsoft DNS Server • Active Directory Storage and Replication Integration • Windows 2000 DNS has the option of using the Active Directory (AD) service as the data storage and replication engine. In short, the AD service integration simplifies the administration of DNS namespace.Ask the closest name server for their best answer in a ‘polite,’ iterative fashion • Incremental Zone Transfer •   The Windows 2000 DNS incorporates an algorithm that actively notifies name servers of changes to a DNS database. The Incremental Zone Transfer also incorporates something called the NOTIFY extension of DNS. • Dynamic Update • Automatic assignment of addressing with dynamic DNS updates. • Aging and Scavenging Windows 200 DNS ‘scavenges’ outdated records and deletes them. Administrators have the following controls over scavenging: which servers can scavenge zones, which zones can be scavenged and which records must be scavenged if they become outdated.

  21. Features of Microsoft DNS Server continued… • Uniced Character Support The Windows 2000 implementation of DNS is designed to support UTF-8 character encoding. Specifically, the UTF-8 character set allows the use of characters from most of the worlds written language. • Caching Resolver • A service with the sole purpose of improving name lookup performance and to reduce network traffic associated with name lookups by minimising the number of name resolution round trips. • Administrative Tools  • Windows 2000 DNS incorporated, as a new feature, A DNS Manager. The DNS manager provides facilities to administer DNS server, its zones, security issues, etc. • Performance Statistics • Preliminary testing of the Windows 2000 DNS server shows the following performance: 900 queries/second, 100 dynamic updates per second and 30% processor utilization. Tests were done using an Intel P-II 400MHz processor, 256MB RAM and 4GB HDD.

  22. The DNS Packets All communications inside of the domain protocol are carried in a single format called a message. The top level format of message is divided into 5 sections (some of which are empty in certain cases): Header

  23. The DNS Packets • The header section includes fields that specify: • which of the remaining sections are present • whether the message is a query or a response • The question section contains: • Queries for which answers are desired • The client fills in only the question section • Each question has: • Query Domain Name • Query Type • Query Class fields • the server returns the question and answers with its response. • The answer section contains: • RRs (resource records) that answer the question • The authority section contains: • RRs that point toward an authoritative name server • The additional information section contains: • RRs which relate to the query, but are not strictly answers for the question

  24. CONCLUSION • Should understand: - DNS history - Name server configuration - Zone hierarchy - Name server operations - DNS clients (The resolver) • DNS used to resolve 14 322 950 hostnames (March 2000) • DNS is very reliable and scalable • Improvements are proposed • Name-service – acts as a ‘layer’ on top of DNS • Allows everyday naming schemes ( e.g. http://james ) • Looks up official (corresponding) domain name first, then IP address. • Resource Locator Service (RLS) • Incorporates ‘timestamping’ into URL’s • Eliminates link ‘rot’ • Generates more name space • Runs side by side with DNS • DNS is still ‘de facto’, and likely to remain so for several years.

More Related