Lecture 9: Naming in IP - DNS
|
|
- Molly Hensley
- 7 years ago
- Views:
Transcription
1 DD2392/EP2120 p Lecture 9: Naming in IP - DNS The Domain Name System- DNS Olof Hagsand KTH CSC 1
2 Literature Forouzan Chapter 19 The book material is good but too high-level. You need more material to understand the subject (and the lab) Compression in Sec 19.7 can be skipped, Fig is not correct Lab 2/3: Domain Name System BIND 9 reference manual Intro Chapter 1 Zone files Chapter 3 RFC 1034 and RFC 1035 (Reference only) Liu and Albitz, DNS and BIND, O'Reilly (Reference) IANA Lots of web material 2
3 Name and address hierarchy in IP URL: Service: http Name: DNS Port: 80 Logical (IP) address: ARP Physical address: 00:11:11:9e:72:56 3
4 Why do we need names? In the underlying network and transport layers it is all about addresses. Interfaces, TCP, routing, etc. In IP, names are translated directly to addresses And then we deal with addresses only No names in the network Why don't we just stick with addresses? Names are better for humans fe80::216:d3ff:fecc:c00d Names add another abstraction layer One name can map to several logical addresses One logical address can map to several names Names can be used for other things than just addresses load balancing, mail direction, descriptions, finding services, 4
5 5
6 It started with a single file: HOSTS.TXT A single file maps between name and address Flat name space NCP had max 256 nodes TCP/IP has many more nodes,... In the mid-1980s it proved too difficult to distribute the HOSTS.TXT file. Something had to be done about names and name lookup structure Hierarchical name space The remnant of HOSTS.TXT is /etc/hosts: # Do not remove the following line, or various programs # that require network functionality will fail beethoven localhost.localdomain localhost ::1 localhost6.localdomain6 localhost6 6
7 Architecture DNS is based on a distributed database maybe largest and most distributed around It gives a general method to map structured names into records DNS uses both UDP and TCP DNS is an application layer protocol Structured data: Names Records: Addresses Text Info Names 7
8 Domain names Inverted tree with root at the top Name max 255 chars. Max 128 levels Each node max 63 characters Each node in the tree has a domain name A sequence of labels separated by dots Name consists of A-Z,a-z,0-9,'-' Other signs are constructed using International Domain Names rksmrgs-5wao1o.se The root label is null A full domain name always ends in a dot Fully Qualified Domain Name (FQDN) Most specific first IP (and file system) is least specific first The dots have nothing to do with dots in IPv4 addresses! Example xen.netlab.csc.kth.se cf
9 DNS tree. com edu se uk arpa kth co ac in-addr ip6 csc 192 netlab 71 xen 24 Generic domains Country domains 5 9
10 Top domains - TLDs Last label (except root) in a FQDN Generic domains (GTLD) aero, biz, com, edu, gov, mil, net, org,... Country Domains (cctld) fi, fr, dk, nu, cc, se, uk The rules of cctlds are very different depending on country Inverse domain addresses names 10
11 ARPA Inverse mapping ARPA - Address and Routing Parameter Area Domain (Used to be Advanced Research Projects Agency) Handles inverse mappings Mainly IPv4 addresses to names Also IPv6 addresses Telephone numbers (E164), etc. Structured data in DNS is most specific first Entry xen.netlab.csc.kth.se with address : in-addr.arpa Note: delegation can only be at nodes: only at /8, /16, /24, /32 See RFC2317 delegation for classless addresses IPv6: 2001:2040:3:a011:260:e0ff:fe43:c40a: a.0.4.c.3.4.e.f.f.f.0.e ip6.arpa 11
12 Organization International organization ICANN / IANA delegates to each TLD Some countries loose policies (eg.se) Other countries have stricter policies Swedish organization.se Björn Eriksen at KTHNOC managed the swedish top-domain until Internetstiftelsen (IIS) independently from the swedish government 12
13 Delegation Authority is delegated from the root downwards ICANN handles the root ICANN delegates SE to IIS IIS delegates KTH to the Royal Institute of Technology KTH delegates CSC to the school of computer science (KTH CSC) KTH CSC delegates netlab to us We delegate to you (when you lab) You can delegate at every point in the tree You dont have to delegate at every point Example: xen is not delegated from netlab Delegation is the primary way to distribute the DNS database 13
14 Zones Delegation requires administrative units ZONES Similar to autonomus systems in routing A zone is a domain minus everything that has been delegated The parent zone points to a nameserver of the delegated zone There should be more than one nameserver per zone The distribution of the DNS database is thus made by sequences of delegations from parent zone to child 14
15 DNS zones and delegations com edu se uk arpa. zones kth csc netlab delegations xen 15
16 Master and slaves One or several nameservers are authoritive for a zone They are responsible for their part of the namespace A nameserver need not be dedicated to a single zone A server may handle several zones (or none) One server is master (primary server) Other servers are slaves (secondary servers) A single server can be master for some domains and slave for others Slaves are for redundancy Changes are made by administrator on the master by editing the zone file Changes are distributed to slaves: Zone transfer over TCP Zone file Master Zone transfer Slave 1 Slave n 16
17 Zone transfers AXFR Full zone transfer Master modifies serial number on every change Slaves query master periodically If changed, slave requests full zone transfer Master sends the complete zone information IXFR Incremental zone transfer Master sends delta between slave's and master's zone data Master must keep record of incremental changes DNS Notify (Zone change notification) RFC 1996 Master sends notifications to slaves when changed Slave can then make zone transfer query And master perform zone transfer Database backends One can also keep all authoritative nameservers updated using an out-of-band mechanism Outside the DNS protocol 17
18 Dynamic DNS Traditionally, a DNS zone is managed by editing a file This is what you will do in the lab But many records may change often, For example, if DHCP is used Then you need a dynamic mechanism: DDNS (RFC 2136) You can communicate with the master using messages You can add or delete individual or sets of records Slaves are kept consistent using zone transfer mechanism Client Update Request Master Zone transfer Slave 1 Slave n 18
19 DNS data records Data records are written in a zone file as follows: name TTL Class Type Rdata TTL How long entries are valid (for cache) Often skipped, default TTL used Class IN (Internet class) Type Resource record type Rdata Type specific data 19
20 DNS resource record types Type Description A IPv4 address AAAA IPv6 address PTR Pointer: Address to name MX To where mail should be sent SOA Data about the zone CNAME Canonical name. Name of host that should be used HINFO Host information TXT General free text SRV Service 20
21 SOA and the start of a zone file The SOA record defines a zone. Always first record in a zone file Default caching Default nameserver Mail to administrator (@ -->.) $TTL IN SOA toystory.movie.edu. al.movie.edu. ( ; Serial 8H ; Refresh after 8 hours 1h ; Retry after 1 hour 1w ; Expire after 1 week 60 ) ; negative caching TTL 1 min Zone: Expanded to zone name (movie.edu) Class Type Zone transfer settings Alternative: 1,2,.. Example from DNS and BIND, ed 5 21
22 A - AAAA A - IPv4 address AAAA - IPv6 address Blank means repeat violin IN A guitar IN A harp IN A IN A piano IN A IN AAAA 2001:db80:1:2:3:4:567:891b One name can map to several addresses Eg multi-homed hosts Double-stack Ipv4, IPv6 Several names can map to same address 22
23 CNAME - Canonical name Aliases - Several names to same address If CNAME is used, name cannot be re-used for other record piano IN CNAME guitar guitar IN A flute IN CNAME oboe oboe IN A IN A What address does flute resolve to? 23
24 NS - Nameserver There must be at least one nameserver per zone There must also be A records somewhere kth.se IN NS nic.lth.se. kth.se IN NS b.ns.kth.se. kth.se IN NS ns2.chalmers.se. kth.se IN NS a.ns.kth.se. You cannot see which is primary and which is secondary It should not matter for a resolving server A parent zone must include NS records for child zones! This is how delegation works But there may be more NS records than visible in parent Example A records associated with the NS entries above: a.ns.kth.se IN A a.ns.kth.se IN AAAA 2001:6b0:1::246 b.ns.kth.se IN A nic.lth.se IN A ns2.chalmers.se IN A ns2.chalmers.se IN AAAA 2001:6b0:2:20::1 24
25 MX - Mail exchanger MX is used for mail routing Where to send mail to a node or zone A preference value (lower is better) Example # dig kth.se MX kth.se. 7 IN MX 10 mx.kth.se. kth.se. 7 IN MX 20 mx2.kth.se. Mails to kth.se. are sent to mx.kth.se If mx is unaccessible, then try mx2. But the kth domain is actually declared as follows (do you see the difference?): # dig kth.se MX kth.se. 7 IN MX 10 mx.kth.se. mx.kth.se IN A mx.kth.se IN A mx.kth.se IN A mx.kth.se IN AAAA 2001:6b0:1:1300:20e:7fff:fef0:f8bb mx.kth.se IN AAAA 2001:6b0:1:1300:20e:7fff:fe26:4fe1 25
26 PTR - POINTER Appears in arpa zones Maps address to names in-addr.arpa. IN PTR xen.netlab.csc.kth.se a.0.4.c.3.4.e.f.f.f.0.e ip6.arpa \ IN PTR xen.netlab.csc.kth.se 26
27 DNS Messages Query and Response messages Either TCP or UDP Except AXBR which is always TCP (why?) Header Question section Header Question section Answer section Authority section Additional section Forouzan Section 19.6 and
28 Header fields Query identification - for matching query and response Flags QR - Query / Response OpCode AA - Authoritative answer TC - Truncated RD - recursion desired RA - recursion available rcode - Response error status Number of question records Number of answer records Number of authoritative records Number of additional records 28
29 Resolving process Iterative query Resolving server Query Referral to se root nameserver. Query Referral to kth se nameserver se Query xen.netlab.csc.kth.se Query Referral to csc kth nameserver kth Client Stub-Resolver Response: Recursive query Query Referral to netlab Query Response: Forouzan fig is not the way it is done csc nameserver netlab nameserver csc netlab xen 29
30 Name-address resolution: stub-resolver When a client requests a NAME -> ADDRESS resolution, it invokes a stub-resolver in the client getaddrinfo() (old: gethostbyname) getnameinfo() (old: gethostbyaddr) The application may specify AF_INET, AF_INET6, or AF_UNSPEC. If unspec, the resolver requests both A and AAAA. The stub-resolver is typically linked into the client program Configured using /etc/resolv.conf /etc/resolv.conf can be generated by DHCP Typically configured to look in /etc/hosts first, then DNS The stub resolver formulates one (or several) query, sends it to a resolving server (local nameserver), waits for a reply and presents the result to the application 30
31 Resolving server and Nameservers A local nameserver that acts on behalf of a client stub resolver It asks the nameservers to get the reply How does it know where to start? Root servers are pre-configured in a hint file:. IN NS A.ROOT-SERVERS.NET. IN NS B.ROOT-SERVERS.NET. IN NS C.ROOT-SERVERS.NET. IN NS D.ROOT-SERVERS.NET A.ROOT-SERVERS.NET. IN A B.ROOT-SERVERS.NET. IN A C.ROOT-SERVERS.NET. IN A D.ROOT-SERVERS.NET. IN A There are 13 root nameservers (you can fit 13 ns in 536 bytes which is the guaranteed non-fragmentable UDP msg) A resolving server uses iterative calls to nameservers to get the authorattive results. Note that a single DNS server is usually both a resolving server and name server!! 31
32 Caching A resolving nameserver caches the results. Decrements the TTL obtained from the authorative nameserver Later queries will use the cached results But they will have lower TTL Queries may result in caching of other results than the queried data Eg Authorative nameserver posts Lowers burden on root servers High TTL --> stable and less communication Low TTL --> More dynamic: data can change faster Client Client Response TTL = 8000 Response TTL = 5753 Caching Nameserver Query Response TTL = 8000 Authorative (Master/Slave) 32
33 Glue records and delegation When you delegate a query from a parent zone to a child zone child IN NS ns.child But how does the resolving server know the IP address of ns.child? The mother zone must include an A record of the child NS: child IN NS ns.child ns.child IN A glue record But parent is not authorative of the child's result records But necessary for delegation to work The A record is called a glue record 33
34 Tools dig Preferred tool. dig <post> <type> (+trace) Read the man page! host simpler tool nslookup traditionally used but dig is better 34
35 Using dig > dig xen.netlab.csc.kth.se A ; <<>> DiG P2 <<>> xen.netlab.csc.kth.se A ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 ;; QUESTION SECTION: ;xen.netlab.csc.kth.se. IN A ;; ANSWER SECTION: xen.netlab.csc.kth.se. 60 IN A ;; AUTHORITY SECTION: xen.netlab.csc.kth.se. 60 IN NS ns2.nada.kth.se. xen.netlab.csc.kth.se. 60 IN NS ns1.nada.kth.se. xen.netlab.csc.kth.se. 60 IN NS ns.xen.netlab.csc.kth.se. ;; ADDITIONAL SECTION: ns2.nada.kth.se IN A ns1.nada.kth.se IN A ns.xen.netlab.csc.kth.se. 60 IN A ;; Query time: 232 msec ;; SERVER: #53( ) ;; WHEN: Sun Feb 8 19:32: ;; MSG SIZE rcvd:
36 Using dig +trace > dig xen.netlab.csc.kth.se A +trace ; <<>> DiG P2 <<>> xen.netlab.csc.kth.se A +trace ;; global options: printcmd IN NS F.ROOT-SERVERS.NET IN NS M.ROOT-SERVERS.NET IN NS I.ROOT-SERVERS.NET. ;; Received 500 bytes from #53( ) in 2 ms se IN NS C.NS.se. se IN NS A.NS.se.... se IN NS G.NS.se. ;; Received 446 bytes from #53(G.ROOT-SERVERS.NET) in 320 ms kth.se IN NS a.ns.kth.se. kth.se IN NS nic.lth.se. kth.se IN NS b.ns.kth.se. ;; Received 144 bytes from #53(E.NS.se) in 145 ms netlab.csc.kth.se IN NS ns2.nada.kth.se. netlab.csc.kth.se IN NS ns.netlab.csc.kth.se. netlab.csc.kth.se IN NS ns1.nada.kth.se. ;; Received 145 bytes from #53(b.ns.kth.se) in 170 ms xen.netlab.csc.kth.se. 60 IN A xen.netlab.csc.kth.se. 60 IN NS ns2.nada.kth.se. xen.netlab.csc.kth.se. 60 IN NS ns1.nada.kth.se. xen.netlab.csc.kth.se. 60 IN NS ns.xen.netlab.csc.kth.se. ;; Received 161 bytes from #53(ns2.nada.kth.se) in 237 ms 36
37 DNS Security DNS is an open protocol It is also very tolerant to failures But there are many ways to attack DNS, or use DNS in attacks DNSSEC is currently being deployed for this purpose Not covered in this course Application-layer security (eg SSL/HTTPS) ensures authenticity of the information on the application layer Some common attacks: DNS cache poisoning Contaminate DNS cache with wrong A entries Resolves will be re-directed to other IP address Using DNS in DDOS attacks Send many queries for '.' and spoofed source address Will result in large UDP replies DOS of DNS servers Make many recursive lookups 37
38 DNS Lab Create zone files (11, 12, 21,... f1, f2) under experiment.xen.netlab.csc.kth.se Edit files and test with dig In groups of two There are a lot about syntax in zone files and how to use dig You must make preparation questions in advance! experiment.xen.netlab.csc.kth.se. experiment.xen.netlab.csc.kth.se. x x experiment.xen.netlab.csc.kth.se. sub x y sub y x sub 38
39 DNS Lab: what should you do? Delegate experiment.xen.netlab.csc.kth.se. x Sub-zone experiment.xen.netlab.csc.kth.se. x sub Delegate sub-zone experiment.xen.netlab.csc.kth.se. x y sub y x sub 39
40 DNS Lab: what should you do? PTR records. Must be done with IPv6 since you do not have /24:s Secondary nameservers a1.experiment.xen.netlab.csc.kth.se. a2.experiment.xen.netlab.csc.kth.se. Verify your domain on 40
41 Recitation material (answers after lecture) 41
42 Resolving server vs advertizing nameserver Suppose you have a combined resolving server and advertising nameserver (most are). You therefore have a zone for which you are authorative, and a number of clients that you serve. a)when should the server accept recursive queries and when should it accept iterative queries? Motivate your answer. b)how can you protect against external recursive queries? c)can this affect which nameservers you register in your parent zone? If so how? 42
43 Forwarders In certain situations, a set of resolving nameservers can use a forwarder to increase the cache-effectiveness. The resolving nameservers then forward their requests (recursive query) for external queries to the forwarder instead of iterative quering the advertizing nameservers. In what networking situations would a forwarder make sense? 43
44 DNS cache poisoning DNS cache poisoning is an attack where the DNS cache is contaminated with illegal entries. a)what can the effects be of a DNS poisoning attack? b)how is it detectable by an end user? c)there are several ways to cause a cache poisoning. Here is a zone file of a DNS server that has been taken over by an attacker. How can this cause a DNS cache poisoning? rouge.com IN SOA... NS ns1.google.com ns1.google.com A d)what effects may this have? What scope: who may be affected? 44
45 Blocking traffic with DNS Suppose you wish to block traffic from web-cites x,com Easiest is to add an entry in your hosts file: localhost x.com Can you also do this on an organisational level? How would you do it? Are there any loopholes? Are there ethical aspects? 45
46 IPv6 Suppose you wish to communicate with host piano in a remote domain. The nameserver entries of piano are shown below: piano IN A IN AAAA 2001:db80:1:2:3:4:567:891b How do you think your host (application/stub resolver) selects between the two addresses? Note that this differs between different operating systems and applications. 46
DNS : Domain Name System
1/30 DNS : Domain Name System Surasak Sanguanpong nguan@.ac.th http://www...ac.th/~nguan Last updated: May 24, 1999 Outline 2/30 DNS basic name space name resolution process protocol configurations Why
More informationMotivation. Domain Name System (DNS) Flat Namespace. Hierarchical Namespace
Motivation Domain Name System (DNS) IP addresses hard to remember Meaningful names easier to use Assign names to IP addresses Name resolution map names to IP addresses when needed Namespace set of all
More informationThe Domain Name System
DNS " This is the means by which we can convert names like news.bbc.co.uk into IP addresses like 212.59.226.30 " Purely for the benefit of human users: we can remember numbers (e.g., telephone numbers),
More informationForouzan: Chapter 17. Domain Name System (DNS)
Forouzan: Chapter 17 Domain Name System (DNS) Domain Name System (DNS) Need System to map name to an IP address and vice versa We have used a host file in our Linux laboratory. Not feasible for the entire
More informationDomain Name System. DNS is an example of a large scale client-server application. Copyright 2014 Jim Martin
Domain Name System: DNS Objective: map names to IP addresses (i.e., high level names to low level names) Original namespace was flat, didn t scale.. Hierarchical naming permits decentralization by delegating
More information19 Domain Name System (DNS)
CHAPTER 9 Domain Name System (DNS) I n this chapter, we discuss the second application program, Domain Name System (DNS). DNS is a client/server application program used to help other application programs.
More informationDomain Name System (DNS) Fundamentals
Domain Name System (DNS) Fundamentals Mike Jager Network Startup Resource Center mike.jager@synack.co.nz These materials are licensed under the Creative Commons Attribution-NonCommercial 4.0 International
More informationInternet-Praktikum I Lab 3: DNS
Kommunikationsnetze Internet-Praktikum I Lab 3: DNS Mark Schmidt, Andreas Stockmayer Sommersemester 2015 kn.inf.uni-tuebingen.de Motivation for the DNS Problem IP addresses hard to remember for humans
More informationDNS Domain Name System
Domain Name System DNS Domain Name System The domain name system is usually used to translate a host name into an IP address Domain names comprise a hierarchy so that names are unique, yet easy to remember.
More informationDNS. The Root Name Servers. DNS Hierarchy. Computer System Security and Management SMD139. Root name server. .se name server. .
Computer System Security and Management SMD139 Lecture 5: Domain Name System Peter A. Jonsson DNS Translation of Hostnames to IP addresses Hierarchical distributed database DNS Hierarchy The Root Name
More informationDNS Service on Linux. Supawit Wannapila CCNA, RHCE supawit.w@cmu.ac.th
DNS Service on Linux Supawit Wannapila CCNA, RHCE supawit.w@cmu.ac.th Host Name Resolution Common Host Name Service Files (/etc/hosts and /etc/networks) DNS (/etc/resolv.conf) Multiple client-side resolvers:
More informationDomain Name System (DNS)
Chapter 18 CSC465 Computer Networks Spring 2004 Dr. J. Harrison These slides are based on the text TCP/IP Protocol Suite (2 nd Edition) Domain Name System (DNS) CONTENTS NAME SPACE DOMAIN NAME SPACE DISTRIBUTION
More informationTHE DOMAIN NAME SYSTEM DNS
Announcements THE DOMAIN NAME SYSTEM DNS Internet Protocols CSC / ECE 573 Fall, 2005 N. C. State University copyright 2005 Douglas S. Reeves 2 Today s Lecture I. Names vs. Addresses II. III. IV. The Namespace
More informationApplications and Services. DNS (Domain Name System)
Applications and Services DNS (Domain Name Service) File Transfer Protocol (FTP) Simple Mail Transfer Protocol (SMTP) Malathi Veeraraghavan Distributed database used to: DNS (Domain Name System) map between
More informationDomain Name System (DNS) Session-1: Fundamentals. Ayitey Bulley abulley@ghana.com
Domain Name System (DNS) Session-1: Fundamentals Ayitey Bulley abulley@ghana.com Computers use IP addresses. Why do we need names? Names are easier for people to remember Computers may be moved between
More informationApplication Protocols in the TCP/IP Reference Model. Application Protocols in the TCP/IP Reference Model. DNS - Concept. DNS - Domain Name System
Application Protocols in the TCP/IP Reference Model Application Protocols in the TCP/IP Reference Model File Transfer E-Mail Network Management Protocols of the application layer are common communication
More informationnetkit lab dns Università degli Studi Roma Tre Dipartimento di Informatica e Automazione Computer Networks Research Group Version Author(s)
Università degli Studi Roma Tre Dipartimento di Informatica e Automazione Computer Networks Research Group netkit lab dns Version Author(s) E-mail Web Description 2.2 G. Di Battista, M. Patrignani, M.
More informationDomain Name System. CS 571 Fall 2006. 2006, Kenneth L. Calvert University of Kentucky, USA All rights reserved
Domain Name System CS 571 Fall 2006 2006, Kenneth L. Calvert University of Kentucky, USA All rights reserved DNS Specifications Domain Names Concepts and Facilities RFC 1034, November 1987 Introduction
More informationHostnames. HOSTS.TXT was a bottleneck. Once there was HOSTS.TXT. CSCE515 Computer Network Programming. Hierarchical Organization of DNS
Hostnames CSCE 515: Computer Network Programming ------ Address Conversion Function and DNS RFC 1034, RFC 1035 Wenyuan Xu http://www.cse..edu/~wyxu/ce515f07.html Department of Computer Science and Engineering
More informationDomain Name System. 188lecture12.ppt. Pirkko Kuusela, Markus Peuhkuri, Jouni Karvo
Domain Name System 88lecture2.ppt Pirkko Kuusela, Markus Peuhkuri, Jouni Karvo S-38.88 - Computer Networks - Spring 2003 Outline What and why? Structure of DNS Management of Domain Names Name Service in
More informationApplication Protocols in the TCP/IP Reference Model
Application Protocols in the TCP/IP Reference Model File Transfer E-Mail Network Management WWW Virtual Terminal Name Service File Transfer HTTP FTP Telnet SMTP DNS SNMP TFTP Internet protocols TCP UDP
More informationDNS - Domain Name System
DNS - Domain Name System TCP/IP class 1 outline introduction naming scheme protocol format record types how it works reverse lookup implementation - named config files summary - futures 2 bibliography
More informationDNS. Computer networks - Administration 1DV202. fredag 30 mars 12
DNS Computer networks - Administration 1DV202 DNS History Who needs DNS? The DNS namespace How DNS works The DNS database The BIND software Server and client configuration The history of DNS RFC 882 and
More informationChapter 23 The Domain Name System (DNS)
CSC521 Communication Protocols 網 路 通 訊 協 定 Chapter 23 The Domain Name System (DNS) 吳 俊 興 國 立 高 雄 大 學 資 訊 工 程 學 系 Outline 1. Introduction 2. Names For Machines 3. Flat Namespace 4. Hierarchical Names 5.
More informationLecture 2 CS 3311. An example of a middleware service: DNS Domain Name System
Lecture 2 CS 3311 An example of a middleware service: DNS Domain Name System The problem Networked computers have names and IP addresses. Applications use names; IP uses for routing purposes IP addresses.
More informationDNS Domain Name System
DNS Domain Name System Domain names and IP addresses People prefer to use easy-to-remember names instead of IP addresses Domain names are alphanumeric names for IP addresses e.g., neon.cs.virginia.edu,
More informationGoal of this session
DNS refresher Overview Goal of this session What is DNS? How is DNS built and how does it work? How does a query work? Record types Caching and Authoritative Delegation: domains vs zones Finding the error:
More informationHow-to: DNS Enumeration
25-04-2010 Author: Mohd Izhar Ali Email: johncrackernet@yahoo.com Website: http://johncrackernet.blogspot.com Table of Contents How-to: DNS Enumeration 1: Introduction... 3 2: DNS Enumeration... 4 3: How-to-DNS
More informationDomain Name Server. Training Division National Informatics Centre New Delhi
Domain Name Server Training Division National Informatics Centre New Delhi Domain Name Service (DNS) I. History of DNS II. DNS structure and its components III. Functioning of DNS IV. Possible Configurations
More informationTable of Contents DNS. How to package DNS messages. Wire? DNS on the wire. Some advanced topics. Encoding of domain names.
Table of Contents DNS Some advanced topics Karst Koymans Informatics Institute University of Amsterdam (version 154, 2015/09/14 10:44:10) Friday, September 11, 2015 DNS on the wire Encoding of domain names
More informationLocal DNS Attack Lab. 1 Lab Overview. 2 Lab Environment. SEED Labs Local DNS Attack Lab 1
SEED Labs Local DNS Attack Lab 1 Local DNS Attack Lab Copyright c 2006 Wenliang Du, Syracuse University. The development of this document was partially funded by the National Science Foundation s Course,
More informationApplication Protocols in the TCP/IP Reference Model. Application Protocols in the TCP/IP Reference Model. DNS - Domain Name System
Application Protocols in the TCP/IP Reference Model Application Protocols in the TCP/IP Reference Model File Transfer E-Mail Network Management Protocols of the application layer are common communication
More informationInternetworking with TCP/IP Unit 10. Domain Name System
Unit 10 Domain Name System Structure 10.1 Introduction 10.2 Fully Qualified Domain Names (FQDNs) Generic Domains Country Domains 10.3 Mapping domain names to IP addresses 10.4 Mapping IP Addresses to Domain
More informationDomain Name System E-mail WWW. Application Layer. Mahalingam Ramkumar Mississippi State University, MS. September 15, 2014.
Application Layer Mahalingam Mississippi State University, MS September 15, 2014 Outline 1 DNS Records DNS Components 2 Message Transfer Fetching Emails 3 Applications We will focus on 3 applications DNS
More informationDNS at NLnet Labs. Matthijs Mekking
DNS at NLnet Labs Matthijs Mekking Topics NLnet Labs DNS DNSSEC Recent events NLnet Internet Provider until 1997 The first internet backbone in Holland Funding research and software projects that aid the
More informationDomain Name System. Overview. Domain Name System. Domain Name System
Overview Domain Name System We look first at how the Domain Name System (DNS) is implemented and the role it plays in the Internet We examine some potential DNS vulnerabilities and in particular we consider
More informationDomain Name System (DNS) RFC 1034 RFC 1035 http://www.ietf.org
Domain Name System (DNS) RFC 1034 RFC 1035 http://www.ietf.org TCP/IP Protocol Suite Application Layer DHCP DNS SNMP HTTP SMTP POP Transport Layer UDP TCP ICMP IGMP Network Layer IP Link Layer ARP ARP
More informationECE 4321 Computer Networks. Network Programming
ECE 4321 Computer Networks Network Programming Name Space System.Net Domain Name System (DNS) To resolve computer naming Host database is split up and distributed among multiple systems on the Internet
More informationDistributed Systems. 22. Naming. 2013 Paul Krzyzanowski. Rutgers University. Fall 2013
Distributed Systems 22. Naming Paul Krzyzanowski Rutgers University Fall 2013 November 21, 2013 2013 Paul Krzyzanowski 1 My 15 MacBook Pro The rightmost computer on my desk Paul s aluminum laptop, but
More informationDNS Basics. DNS Basics
DNS Basics 1 A quick introduction to the Domain Name System (DNS). Shows the basic purpose of DNS, hierarchy of domain names, and an example of how the DNS protocol is used. There are many details of DNS
More informationDistributed Systems. 09. Naming. Paul Krzyzanowski. Rutgers University. Fall 2015
Distributed Systems 09. Naming Paul Krzyzanowski Rutgers University Fall 2015 October 7, 2015 2014-2015 Paul Krzyzanowski 1 Naming things Naming: map names to objects Helps with using, sharing, and communicating
More informationKAREL UCAP DNS AND DHCP CONCEPTS MANUAL MADE BY: KAREL ELEKTRONIK SANAYI ve TICARET A.S. Organize Sanayi Gazneliler Caddesi 10
KAREL UCAP DNS AND DHCP CONCEPTS MANUAL MADE BY: KAREL ELEKTRONIK SANAYI ve TICARET A.S. Organize Sanayi Gazneliler Caddesi 10 Sincan 06935 Ankara, Turkey Version Table Manual Version/Date AAA/22.03.2011
More informationThe Domain Name System (DNS)
The Domain Name System (DNS) Columbus, OH 43210 Jain@CIS.Ohio-State.Edu http://www.cis.ohio-state.edu/~jain/ 24-1 Overview Naming hierarchy hierarchy Name resolution Other information in name servers 24-2
More informationCS3250 Distributed Systems
CS3250 Distributed Systems Lecture 4 More on Network Addresses Domain Name System DNS Human beings (apart from network administrators and hackers) rarely use IP addresses even in their human-readable dotted
More informationwhat s in a name? taking a deeper look at the domain name system mike boylan penn state mac admins conference
what s in a name? taking a deeper look at the domain name system mike boylan penn state mac admins conference whoami work for robert morris university, pittsburgh, pa primarily mac and voip admin @mboylan
More informationDNS. Computer Networks. Seminar 12
DNS Computer Networks Seminar 12 DNS Introduction (Domain Name System) Naming system used in Internet Translate domain names to IP addresses and back Communication works on UDP (port 53), large requests/responses
More informationUse Domain Name System and IP Version 6
Use Domain Name System and IP Version 6 What You Will Learn The introduction of IP Version 6 (IPv6) into an enterprise environment requires some changes both in the provisioned Domain Name System (DNS)
More informationFAQ (Frequently Asked Questions)
FAQ (Frequently Asked Questions) Specific Questions about Afilias Managed DNS What is the Afilias DNS network? How long has Afilias been working within the DNS market? What are the names of the Afilias
More informationBasic DNS Course. Module 1. DNS Theory. Ron Aitchison ZYTRAX, Inc. Page 1 of 24
Basic DNS Course Module 1 Ron Aitchison ZYTRAX, Inc. Page 1 of 24 The following are the slides used in this Module of the course. Some but not all slides have additional notes that you may find useful.
More informationIntroduction to DNS CHAPTER 5. In This Chapter
297 CHAPTER 5 Introduction to DNS Domain Name System (DNS) enables you to use hierarchical, friendly names to easily locate computers and other resources on an IP network. The following sections describe
More informationDNS. Some advanced topics. Karst Koymans. (with Niels Sijm) Informatics Institute University of Amsterdam. (version 2.6, 2013/09/19 10:55:30)
DNS Some advanced topics Karst Koymans (with Niels Sijm) Informatics Institute University of Amsterdam (version 2.6, 2013/09/19 10:55:30) Friday, September 13, 2013 Karst Koymans (with Niels Sijm) (UvA)
More informationDNS Conformance Test Specification For Client
DNS Conformance Test Specification For Client Revision 1.0 Yokogawa Electric Corporation References This test specification focus on following DNS related RFCs. RFC 1034 DOMAIN NAMES - CONCEPTS AND FACILITIES
More informationSome advanced topics. Karst Koymans. Friday, September 11, 2015
DNS Some advanced topics Karst Koymans Informatics Institute University of Amsterdam (version 154, 2015/09/14 10:44:10) Friday, September 11, 2015 Karst Koymans (UvA) DNS Friday, September 11, 2015 1 /
More informationPart 5 DNS Security. SAST01 An Introduction to Information Security 2015-09-21. Martin Hell Department of Electrical and Information Technology
SAST01 An Introduction to Information Security Part 5 DNS Security Martin Hell Department of Electrical and Information Technology How DNS works Amplification attacks Cache poisoning attacks DNSSEC 1 2
More informationComputer Networks Prof. S. Ghosh Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture - 34 DNS & Directory
Computer Networks Prof. S. Ghosh Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture - 34 DNS & Directory Good day. Today we will take up two topics, DNS and
More informationNetworking Domain Name System
System i Networking Domain Name System Version 5 Release 4 System i Networking Domain Name System Version 5 Release 4 Note Before using this information and the product it supports, read the information
More informationMotivation. Users can t remember IP addresses. Implemented by library functions & servers. - Need to map symbolic names (www.stanford.
Motivation 2 cs.princeton.edu User 1 user @ cs.princeton.edu Name server Mail program 192.12.69.5 3 TCP 192.12.69.5 4 192.12.69.5 5 IP Users can t remember IP addresses - Need to map symbolic names (www.stanford.edu)
More informationDomain Name System 2015-04-28 17:49:44 UTC. 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement
Domain Name System 2015-04-28 17:49:44 UTC 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents Domain Name System... 4 Domain Name System... 5 How DNS Works
More informationIntroduction to Network Operating Systems
As mentioned earlier, different layers of the protocol stack use different kinds of addresses. We can now see that the Transport Layer (TCP) uses port addresses to route data to the correct process, the
More informationCoordinación. The background image of the cover is desgned by http://www.freepik.com/ GUIDE TO DNS SECURITY 2
Autor Antonio López Padilla Coordinación Daniel Fírvida Pereira This publication belongs to INTECO (Instituto Nacional de Tecnologías de la Comunicación) and is under an Attribution- NonCommercial 3.0
More informationDNS & IPv6. Agenda 4/14/2009. MENOG4, 8-9 April 2009. Raed Al-Fayez SaudiNIC CITC rfayez@citc.gov.sa, www.nic.net.sa. DNS & IPv6.
DNS & IPv6 MENOG4, 8-9 April 2009 Raed Al-Fayez SaudiNIC CITC rfayez@citc.gov.sa, www.nic.net.sa Agenda DNS & IPv6 Introduction What s next? SaudiNIC & IPv6 About SaudiNIC How a cctld Registry supports
More informationIntroduction BIND. The DNS Protocol. History (1) DNS. History (2) Agenda
History (1) DNS Domain Name System The Internet's Name Service even in the early days of the Internet, hosts have been also identified by s e.g. /etc/hosts.txt file on UNIX systems all s have been maintained
More informationApplies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
How DNS Works 210 out of 241 rated this helpful Updated: March 28, 2003 Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2 How DNS Works
More informationDomain Name System Security
Abstract Domain Name System Security Ladislav Hagara hgr@vabo.cz Department of Automated Command Systems and Informatics Military Academy in Brno Brno, Czech Republic Domain Name System (DNS) is one of
More informationCS3600 SYSTEMS AND NETWORKS
CS3600 SYSTEMS AND NETWORKS FALL 2011 Lecture 19: DNS Prof. Alan Mislove (amislove@ccs.neu.edu) Slides used with permissions from Edward W. Knightly, T. S. Eugene Ng, Ion Stoica, Hui Zhang Human Involvement
More informationConfiguring the BIND name server (named) Configuring the BIND resolver Constructing the name server database files
Configuring DNS BIND: UNIX Name Service Configuring the BIND name server (named) Configuring the BIND resolver Constructing the name server database files Zone: a collection of domain information contained
More informationNetworking Domain Name System
System i Networking Domain Name System Version 6 Release 1 System i Networking Domain Name System Version 6 Release 1 Note Before using this information and the product it supports, read the information
More informationAgenda. Network Services. Domain Names. Domain Name. Domain Names Domain Name System Internationalized Domain Names. Domain Names & DNS
Agenda Network Services Domain Names & DNS Domain Names Domain Name System Internationalized Domain Names Johann Oberleitner SS 2006 Domain Names Naming of Resources Problems of Internet's IP focus IP
More informationThe Domain Name System: An Integral Part of the Internet. By Keiko Ishioka
The Domain Name System: An Integral Part of the Internet By Keiko Ishioka The Domain Name System (otherwise known as the Domain Name Server system) (DNS) is a distributed database that is accessed by anyone
More informationDNS Resolving using nslookup
DNS Resolving using nslookup Oliver Hohlfeld & Andre Schröder January 8, 2007 Abstract This report belongs to a talk given at the networking course (Institue Eurecom, France) in January 2007. It is based
More informationTeldat Router. DNS Client
Teldat Router DNS Client Doc. DM723-I Rev. 10.00 March, 2003 INDEX Chapter 1 Domain Name System...1 1. Introduction...2 2. Resolution of domains...3 2.1. Domain names resolver functionality...4 2.2. Functionality
More informationHow to Add Domains and DNS Records
How to Add Domains and DNS Records Configure the Barracuda NextGen X-Series Firewall to be the authoritative DNS server for your domains or subdomains to take advantage of Split DNS or dead link detection.
More informationComputer Networks: Domain Name System
Computer Networks: Domain Name System Domain Name System The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses DNS www.example.com 208.77.188.166 http://www.example.com
More informationIPv6 support in the DNS
IPv6 support in the DNS How important is the DNS? Getting the IP address of the remote endpoint is necessary for every communication between TCP/IP applications Humans are unable to memorize millions of
More informationApplications & Application-Layer Protocols: The Domain Name System and Peerto-Peer
CPSC 360 Network Programming Applications & Application-Layer Protocols: The Domain Name System and Peerto-Peer Systems Michele Weigle Department of Computer Science Clemson University mweigle@cs.clemson.edu
More informationAutomated domain name registration: DNS background information
IBM eserver Automated domain name registration: DNS background information ^business on demand software ADNRbackground.ppt Page 1 of 14 Overview of z/os DNS solutions Two z/os name servers supported ƒdns
More informationUnderstanding DNS (the Domain Name System)
Understanding DNS (the Domain Name System) A white paper by Incognito Software January, 2007 2007 Incognito Software Inc. All rights reserved. Understanding DNS (the Domain Name System) Introduction...2
More informationDomain Name System DNS
CE443 Computer Networks Domain Name System DNS Behnam Momeni Computer Engineering Department Sharif University of Technology Acknowledgments: Lecture slides are from Computer networks course thought by
More informationDNS Session 4: Delegation and reverse DNS. Joe Abley AfNOG 2006 workshop
DNS Session 4: Delegation and reverse DNS Joe Abley AfNOG 2006 workshop How do you delegate a subdomain? In principle straightforward: just insert NS records for the subdomain, pointing at someone else's
More informationCopyright 2012 http://itfreetraining.com
In order to find resources on the network, computers need a system to look up the location of resources. This video looks at the DNS records that contain information about resources and services on the
More information- Domain Name System -
1 Name Resolution - Domain Name System - Name resolution systems provide the translation between alphanumeric names and numerical addresses, alleviating the need for users and administrators to memorize
More informationChapter 25 Domain Name System. 25.1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Chapter 25 Domain Name System 25.1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 25.2 Figure 25.1 Example of using the DNS service 25-1 NAME SPACE To be unambiguous,
More informationDNS Protocol and Attacks
Lecture Notes (Syracuse University) DNS Protocol and Attacks: 1 DNS Protocol and Attacks An interesting story related to DNS In the 2004 presidential debate between John Edward and the vice president Dick
More informationNET0183 Networks and Communications
NET0183 Networks and Communications Lecture 25 DNS Domain Name System 8/25/2009 1 NET0183 Networks and Communications by Dr Andy Brooks DNS is a distributed database implemented in a hierarchy of many
More informationDomain Name System (DNS)
Lab Objectives Domain Name System (DNS) Acquiring skills related to the Domain Name System (DNS) functions Practical studying of DNS protocol in the process of its functioning Background Information DNS
More informationLesson 13: DNS Security. Javier Osuna josuna@gmv.com GMV Head of Security and Process Consulting Division
Lesson 13: DNS Security Javier Osuna josuna@gmv.com GMV Head of Security and Process Consulting Division Introduction to DNS The DNS enables people to use and surf the Internet, allowing the translation
More informationCS 348: Computer Networks. - DNS; 22 nd Oct 2012. Instructor: Sridhar Iyer IIT Bombay
CS 348: Computer Networks - DNS; 22 nd Oct 2012 Instructor: Sridhar Iyer IIT Bombay Domain Name System Map between host names and IP addresses People: many identifiers: name, Passport #, Internet hosts:
More information3. The Domain Name Service
3. The Domain Name Service n Overview and high level design n Typical operation and the role of caching n Contents of DNS Resource Records n Basic message formats n Configuring/updating Resource Records
More informationCopyright International Business Machines Corporation 2001. All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure
iseries DNS iseries DNS Copyright International Business Machines Corporation 2001. All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure restricted by GSA ADP Schedule
More informationDNS Pharming Attack Lab
CNT 5410 - Fall 2014 1 DNS Pharming Attack Lab (This is a modified version of the exercise listed below. Modifications are to provide tighter configuration so as to minimize the risk of traffic leaving
More informationNetworking Domain Name System
IBM i Networking Domain Name System Version 7.2 IBM i Networking Domain Name System Version 7.2 Note Before using this information and the product it supports, read the information in Notices on page
More informationIntroduction to DNS and Application Issues related to DNS. Kirk Farquhar
Introduction to DNS and Application Issues related to DNS Kirk Farquhar 1 Content What is DNS? How it all works Setting up your domain Creating your nameserver files The Resolver Testing Firewall configuration
More information416 Distributed Systems. Feb 24, 2016 DNS and CDNs
416 Distributed Systems Feb 24, 2016 DNS and CDNs Outline DNS Design Content Distribution Networks 2 Naming How do we efficiently locate resources? DNS: name à IP address Challenge How do we scale this
More informationUnderstand Names Resolution
Understand Names Resolution Lesson Overview In this lesson, you will learn about: Domain name resolution Name resolution process steps DNS WINS Anticipatory Set 1. List the host name of 4 of your favorite
More informationDNS + DHCP. Michael Tsai 2015/04/27
DNS + DHCP Michael Tsai 2015/04/27 lubuntu.ova http://goo.gl/bax8b8 DNS + DHCP DNS: domain name < > IP address DHCP: gives you a IP + configuration when you joins a new network DHCP = Dynamic Host Configuration
More informationDomain Name System Richard T. B. Ma
Domain Name System Richard T. B. Ma School of Computing National University of Singapore CS 3103: Compute Networks and Protocols Names Vs. Addresses Names are easier for human to remember www.comp.nus.edu.sg
More informationIPv6 Support in the DNS. Workshop Name Workshop Location, Date
IPv6 Support in the DNS Workshop Name Workshop Location, Date Agenda How important is the DNS? DNS Resource Lookup DNS Extensions for IPv6 Lookups in an IPv6-aware DNS Tree About Required IPv6 Glue in
More informationThe Domain Name System (DNS) Jason Hermance Nerces Kazandjian Long-Quan Nguyen
The Domain Name System (DNS) Jason Hermance Nerces Kazandjian Long-Quan Nguyen Introduction Machines find 32-bit IP addresses just peachy. Some Computer Science majors don t seem to mind either Normal
More informationDomain Name Service (DNS) Training Division, NIC New Delhi
Domain Name Service (DNS) Training Division, NIC New Delhi Domain Name Service (DNS) I. History of DNS II. DNS structure and its components III. Functioning of DNS IV. Replicating DNS V. Dynamic update
More informationAn Introduction to the Domain Name System
An Introduction to the Domain Name System Olaf Kolkman Olaf@nlnetlabs.nl October 28, 2005 Stichting NLnet Labs This Presentation An introduction to the DNS Laymen level For non-technologists About protocol
More information