The Use of DNS Resource Records

Transcription

1 International Journal of Advances in Electrical and Electronics Engineering 230 Available online at & ISSN: Simar Preet Singh Systems Engineer, Infosys Limited, Plot No.-24, Rajiv Gandhi Infotech Park, Phase II, Pune (INDIA) er.simarpreetsingh@gmail.com Abstract: DNS (Domain Name System) is the service which translates between Internet names and Internet addresses. Internet names are the names which we use to refer to hosts on the Internet, such as Internet addresses are the numbers which routers use to move traffic across the Internet, such as DNS records or Zone files are used for mapping URLs to an IP. Located on servers called the DNS servers, these records are typically the connection of your website with the outside world. This paper covers a detailed study of DNS Resource Records. It describes the information of what the DNS Resource Records are and what is purpose to use them. This paper includes all of the various types of resource records with their syntax and suitable examples to depict how DNS records are used. In the end, this paper explains the difference between AAAA and A6 record types. The A6 record is a new DNS record, described in detail in RFC 2874, meant to replace the AAAA record in IPv6 address resolution. Keywords: DNS Resource Records, A Record, AAAA, CNAME, MX, NS, SOA, TXT, A6, A6 Vs AAAA, TTL. I. Introduction A Resource Record (RR) is the basic data element in the domain name system. Resource Records define data types in the Domain Name System (DNS). The resource records are created to help DNS work like zone, so these are also called zone files. DNS records are used for mapping URLs to an IP[1]. These records are typically the connection of your website with the outside world. Requests for your website are forwarded to your DNS servers and then get pointed to the Web Servers that serve the website or to servers that handle the incoming . Resource Records are stored in binary format internally for use by DNS software[2]. But resource records are sent across a network in text format while they perform zone transfers. II. Elements of DNS Record DNS records consist of several elements. Each element needs to be correct for the DNS record as a whole to function. The elements are: Hostname Type Content Time To Live (TTL) www A The DNS zone of your website will be made up of several records, each with these elements. Below we discuss the function of these elements as well as the values that can be used for them. a) Hostname On the Internet a hostname is a domain name label that points to a server, like tagadab.com or which point to a server on the IP address When entered in a DNS record you can normally omit everything from the first. onwards in the domain name as the DNS server fills this information in automatically. For example, a hostname of www in the DNS zone of the domain websites.net will be read as The hostname of a DNS record defines where traffic for that hostname is directed. Legal characters for hostnames are letters a-z, numbers 0-9 and the -. Hostnames cannot start or end with - and must be 1-63 characters long.

2 231 b) Type Ultimately, DNS is a kind of distributed database, and each query or response includes a name, a type, and (for a response) a value. The resource types represent different purposes. We will explain some of the commonly used types of DNS record in the next section. c) Content The content portion of a DNS record refers to the destination of the traffic to the hostname specified in the record. This is commonly an IP address (in the case of A records) but can be another domain name (so long as the domain name is appended with a. ). d) Time to Live (TTL) The TTL is a positive integer that represents a number of seconds. In a DNS record the TTL specifies how long the record can be cached by your ISPs recursive name server. Simply put, the value of a TTL in a record will determine how quickly any DNS changes you make will affect users across the Internet[9]. If the record you are changing had a high TTL (for example or 24 hours) then the changes you are making will take a long time to propagate throughout the Internet. Before making any DNS record changes it is advisable to check the TTLs of your existing records. If they are over an hour (with a TTL value greater than 3600) then you should reduce them to around the mark[3]. After twenty four hours you can then make any further changes to your DNS records knowing that these changes will take effect relatively quickly. III. Resource Record Types Figure 1: The various resource record types There are dozens of resource record types, though only a few are in common usage. The rest are experimental, obsolete, or serve obscure purposes that rarely come up in practice. In practice, there are 23 types of resource record types defined for DNS. The commonly used record types are explained as follows:- a) A Record A Record (Address Record) is an IP Address record, and is the most obvious type of data supported by DNS. Indeed; many users have no idea that DNS deals with anything other than IP addresses. Address Record, assigns an IP address to a domain or subdomain name. When the domain name system was designed it was recommended that no two A records refer to the same IP address. Suppose you have the somedomain.tld domain and want to assign IP address to your web server, then you should create an A record with as Fully Qualified Domain Name and in the value field. From now on, all the requests for will be sent to a server with that IP[4]. Basically, A record is useful when you have subdomains residing on various systems. Example of A Record with Syntax websites.net. IN A Where IN indicates Internet and A indicates the Address record. The above example indicates that the IP Address for the domain websites.net is b) AAAA Record

3 IJAEEE,Volume1,Number 2 Simar Preet Singh et al. An AAAA record or IPv6 address record maps a hostname to a 128-bit IPv6 address. The regular DNS Address resource record is defined for a 32-bit IPv4 address, so a new one was created to allow a domain name to be associated with a 128 bit IPv6 address. The four A s ( AAAA ) are a mnemonic to indicate that the IPv6 address is four times the size of the IPv4 address. The AAAA record is structured in very much the same way as the A record in both binary and master file formats; it is just much larger. The DNS resource record Type value for AAAA is 28. Example of AAAA Record with Syntax linux aaaa 3ffe:1900:4545:2:02d0:09ff:fef7:6d2c The AAAA record provides transition and coexistence between IPv4 and IPv6 networks. An IPv4 nameserver can provide IPv6 addresses. c) CNAME Record A CNAME record or canonical name record makes one domain name an alias of another. The aliased domain gets all the subdomains and DNS records of the original. You should use a CNAME record whenever you want associate a new subdomain to an already existing A record; i.e. you can make to somedomain.tld, which should already have been assigned an IP with an A record.this allows you to have as many subdomains as you wish without having to specify the IP for every record. Use a CNAME if you have more services pointing to the same IP. This way you will have to update only one record in the convenience of a change of IP address. Example of CNAME Record with Syntax mail.example.com IN CNAME mail.example.net where IN indicates Internet and CNAME indicates CNAME record. d) MX Record An MX record or mail exchange record maps a domain name to a list of mail exchange servers for that domain. Example with MX Record Syntax - Single mail servers mydomain.com IN MX 0 mydomain.com. The MX record shows that all mydomain.com should be routed to the mail server at mydomain.com. The DNS record shows that mydomain.com is located at This means that meant for test@mydomain.com will be routed to the server at This finishes the task of the MX record. The server on that server then takes over, collects the and then proceeds to distribute it to the user ``test''. It is important that there be a dot(``.'') after the domain name in the MX record. If the dot is absent, it routes to ``mydomain.com.mydomain.com''. The number 0, indicates Preferance number. Mail is always routed to the server which has the lowest Preferance number. If there is only one mail server, it is safe to mark it 0. Using Multiple mail servers If you want to use multiple mail servers you have to use MX record preferences. The MX record preference values indicate which mail server to use and in which order to try them when they fail or don't respond. A larger preference number is less preferred. Thus, a mail exchanger with a preference of zero (0) is always preferred over all other mail exchangers. Setting preference values to equal numbers makes mail servers equally preferred. Example with MX Record Syntax - Multiple mail servers mydomain.com IN MX 0 mydomain.com. mydomain.com IN MX 30 server2.mydomain.com You can have unlimited MX entries for Fallback or backup purpose. If all the MX records are equal Preference

4 233 numbers, the client simply attempts all equal Preference servers in random order, and then goes to MX record with the next highest Preference number. e) NS Record An NS record or name server record maps a domain name to a list of DNS servers authoritative for that domain. Delegations depend on NS records. NS Record Name Server Record which indicates the Authoritative Name Servers for a particular Domain. The NS records of the Authoritative Name Server for any given Domain will be listed on the Parent Server. These are called as the Delegation Records as these records on the Parent Server indicates the delegation of the domain to the Authoritative servers. The NS record will also be listed in the Zone records of the Authoritative Name Server itself. These records are called as the Authoritative Records. The NS records found on the Parent Server should match the NS records on the Authoritative Server as well. However, you can have NS records listed on the Authoritative server that is not listed in the Parent Server. This arrangement is normally used to configure Stealth Name Servers. Example of NS Record With syntax example.com. IN NS ns1.live.secure.com. where IN indicates the Internet and NS indicates the type of record which Name Server record. The above example indicates that the ns1.live.secure. com is the authoritative server for the domain example.com. f) SOA Record An SOA record or start of authority record specifies the DNS server providing authoritative information about an Internet domain, the of the domain administrator, the domain serial number, and several timers relating to refreshing the zone. An SOA Record is the most essential part of a Zone file. The SOA record is a way for the Domain Administrator to give out simple information about the domain like, how often it is updated, when it was last updated, when to check back for more info, what is the adomins address and so on[7]. A Zone file can contain only one SOA Record. A properly optimized and updated SOA record can reduce bandwidth between nameservers, increase the speed of website access and ensure the site is alive even when the primary DNS server is down. Example of SOA Record with syntax Here is the SOA record. Notice the starting bracket ``(``. This has to be on the same line, otherwise the record gets broken. name TTL class rr Nameserver -address mydomain.com IN SOA ns.mynameserver.com. root.ns.mynameserver.com. ( ; Serial number ; Refresh rate in seconds 7200 ; Update Retry in seconds ; Expiry in seconds 600 ; minimum in seconds ) g) TXT Text (TXT) resource record maps a DNS domain name specified in the owner field to a string of characters in text_string serving as descriptive text. Syntax: Example: owner ttl class TXT text_string websites.net TXT "This is an example of additional domain name information."

5 IJAEEE,Volume1,Number 2 Simar Preet Singh et al. It's generally (but not universally) allowed that one name can have multiple resource records, even more than one of the same type[6]. A common example would be a machine having multiple IP addresses, both of which are entered in DNS: IN A IN A Here, the name has two IP address records associated with it, and both will be returned in answer to an A query for this name. Note that the order of the addresses, as they appear in the file, is not maintained in the responses they're usually shuffled. IV. A6 Record There are new records in DNS for IPv6, which support the ease of maintenance and mobility which are hallmarks of IPv6. These will be available in BIND version 9, which is currently in beta test and is running at the ilabs IPv6 demonstration booth. The A6 and DNAME records, and BINARY LABEL syntax, allow a site to make DNS entries for IPv6 addresses, without the necessity of hard- coding the Provider's address fields. The A6 record is used to represent a 128-bit IPv6 address. When an IPv6 aware application wants to look up the name of an IPv6 server, it will request an A6 record from the DNS server. (Just as in IPv4, applications request the A record to translate names to addresses.) The first several bits (words, actually) of the address are the Provider's prefix. In IPv4, this is analogous to the network number, which is the same for all systems on the network and gets repeated a lot. Since IPv6 addresses are so much longer, we'd rather not hardcode that prefix into the local DNS. The A6 record lets us refer to the Provider's DNS for those bits in the address. This gives Provider and Client more independence from each other's DNS. In addition, if the network changes ISPs, there is no need to modify the DNS[5]. You can simply change the referral record to point to the new ISP. Syntax of A6 Example NAME [TTL] TYPE BITS ADDRESS REFERRAL linux A6 64 ::02d0:09ff:fef7:6d2c SLAnortel.v6.ilabs.interop.net. In the example above, the name given in the Referral field is defined in the Provider's DNS, and would have the first 64 bits of the address being looked up. Thus, when an application looked up the name "linux," it would get the last 64 bits of the address from the address (A6) record above, and then go to SLAnortel.v6.ilabs.interop.net to get the first 64 bits, which it would combine to get a full IPv6 address. V. Difference between A6 and AAAA Record Types The A6 record is a new DNS record, described in detail in RFC 2874, meant to replace the AAAA record in IPv6 address resolution. The primary new feature of A6 records is the possibility to divide the IPv6 address to a chain formed by several A6 records residing on different name servers, to ease the generation of aggregately and renumber able IPv6 addresses. The difference between the A6 and AAAA Record Types can be explained with the following example: Consider the host foo, on site bar.baz. bar.baz has bought their Internet connectivity from ISPs isp-1.baz and isp-2.baz. Both ISPs have their own IPv6 address spaces, with prefixes 2001:1::/32 and 2001:2::/32. Both ISPs have also assigned the number 42 as the next level aggregation identifier for bar.baz. The site bar.baz now has two address ranges, 2001:1:42::/48 and 2001:2:42::/48. For the host foo they have assigned the subnet ID 1 and the interface ID 2a. So the two addresses for foo.bar.baz are 2001:1:42:1::2a and 2001:2:42:1::2a. Using AAAA records, this would be expressed in the zone file of bar.baz as:

6 235 $ORIGIN bar.baz. foo IN AAAA 2001:1:42:1::2a AAAA 2001:2:42:1::2a The drawback for this approach is that the addresses contained in bar.baz would have to be changed, should isp-1 or isp-2 for some reason renumber its network. With A6 records, the site bar.baz only needs to give the part of the IPv6 address they themselves decide (in this case, the last 80 bits), and point out which DNS names contain the A6 records for the prefixes in the first 48 bits. The format of an A6 record is: A6 <prefix-len> <ipv6-address> [dns-name] Here the prefix-len is a decimal number between 0 and 128, inclusive. The prefix length is the amount of bits that are missing from the ipv6-address part, and are supposed to be retrieved querying the name specified, dns-name. In the special case when prefix length is 0 (and the address is complete), the dns-name may be omitted. (Obviously, if the address is complete, there's no need to do further queries.) So, using A6 chains, the addresses for foo.bar.baz would be in the DNS zones like this: On the name servers of bar.baz: On the name servers of isp-1.baz: $ORIGIN bar.baz. foo A6 64 ::2a subnet-1.ip6 subnet-1.ip6 A6 48 0:0:0:1:: ip6 ip6 A6 48 0::0 subscriber-bar.ip6.isp1.baz. ip6 A6 48 0::0 subscriber-bar.ip6.isp2.baz. $ORIGIN isp-1.baz. subscriber-bar.ip6 A6 admin.baz. 32 0:0:42:: isp-1.ip6.tla- On the name servers of isp-2.baz: $ORIGIN isp-2.baz. subscriber-bar.ip6 A6 admin.baz. 32 0:0:42:: isp-2.ip6.tla- On the name servers of tla-admin.baz: $ORIGIN tla-admin.baz. isp-1.ip6 A :1:: isp-2.ip6 A :2:: VI. Conclusion There are various types of DNS Resource Records. Each record is used for a specific purpose. The A record is used to assign an IP address to a domain or subdomain name whereas CNAME record makes one domain name an alias of another. An AAAA record or IPv6 address record maps a hostname to a 128-bit IPv6 address. An MX record or mail exchange record maps a domain name to a list of mail exchange servers for that domain. An

7 IJAEEE,Volume1,Number 2 Simar Preet Singh et al. NS record or name server record maps a domain name to a list of DNS servers authoritative for that domain. Text (TXT) resource record maps a DNS domain name specified in the owner field to a string of characters. Some of the new records are also introduced in DNS for IPv6 like A6, which support the ease of maintenance and mobility which are hallmarks of IPv6. These will be available in BIND version 9. These records allow a site to make DNS entries for IPv6 addresses, without the necessity of hard-coding the Provider's address fields. Currently the A6 record proposal hasn't received much popularity (a bit like the ip6.arpa zone), perhaps because of the added complexity and the fact that very few resolver libraries support the resolving of A6 chains properly. Still, it might very well be the future. References [1] Role of the Domain Name System (DNS), J.C. Klensin, J. Klensin (February 2003). [2] Application Techniques for Checking and Transformation of Names, J.C. Klensin, J. Klensin. [3] Domain Name System (DNS) IANA Considerations, D. Eastlake 3rd (November 2008), Section 3. [4] Clarifications to the DNS Specification, R. Elz, R. Bush (July 1997). [5] Role of the Domain Name System (DNS), J.C. Klensin, J. Klensin (February 2003) [6] Domain Names - Concepts and Facilities, P. Mockapetris, The Internet Society (November 1987) [7] Mockapetris, Paul (April 1989). "DNS Encoding of Network Names and Other Types". [8] Mockapetris, Paul ( ). "Letting DNS Loose". [9] Application Techniques for Checking and Transformation of Names, J.C. Klensin, J. Klensin.