Forouzan: Chapter 17. Domain Name System (DNS)

Similar documents
Domain Name System (DNS)

19 Domain Name System (DNS)

Chapter 25 Domain Name System Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Motivation. Domain Name System (DNS) Flat Namespace. Hierarchical Namespace

DNS : Domain Name System

The Domain Name System

Applications and Services. DNS (Domain Name System)

THE DOMAIN NAME SYSTEM DNS

Domain Name System. DNS is an example of a large scale client-server application. Copyright 2014 Jim Martin

Table of Contents DNS. How to package DNS messages. Wire? DNS on the wire. Some advanced topics. Encoding of domain names.

Teldat Router. DNS Client

Domain Name System (DNS) Fundamentals

DNS Conformance Test Specification For Client

Lecture 2 CS An example of a middleware service: DNS Domain Name System

Some advanced topics. Karst Koymans. Friday, September 11, 2015

Internetworking with TCP/IP Unit 10. Domain Name System

1 DNS Packet Structure

DNS. Some advanced topics. Karst Koymans. (with Niels Sijm) Informatics Institute University of Amsterdam. (version 2.6, 2013/09/19 10:55:30)

1. Domain Name System

DNS Domain Name System

Domain Name System (DNS) Session-1: Fundamentals. Ayitey Bulley

Understand Names Resolution

More Internet Support Protocols

DNS Domain Name System

Introduction to Network Operating Systems

ETSF10 Part 3 Lect 2

3. The Domain Name Service

Domain Name System. CS 571 Fall , Kenneth L. Calvert University of Kentucky, USA All rights reserved

Measurement of the Usage of Several Secure Internet Protocols from Internet Traces

DNS - Domain Name System

Computer Networks Prof. S. Ghosh Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture - 34 DNS & Directory

Internet-Praktikum I Lab 3: DNS

KAREL UCAP DNS AND DHCP CONCEPTS MANUAL MADE BY: KAREL ELEKTRONIK SANAYI ve TICARET A.S. Organize Sanayi Gazneliler Caddesi 10

The Domain Name System

How-to: DNS Enumeration

The Domain Name System (DNS)

Goal of this session

Hostnames. HOSTS.TXT was a bottleneck. Once there was HOSTS.TXT. CSCE515 Computer Network Programming. Hierarchical Organization of DNS

Application Protocols in the TCP/IP Reference Model

Application Protocols in the TCP/IP Reference Model. Application Protocols in the TCP/IP Reference Model. DNS - Concept. DNS - Domain Name System

- Domain Name System -

Domain Name System (DNS) RFC 1034 RFC

Networking Domain Name System

Configuring the BIND name server (named) Configuring the BIND resolver Constructing the name server database files

ICS 351: Today's plan. DNS WiFi

netkit lab dns Università degli Studi Roma Tre Dipartimento di Informatica e Automazione Computer Networks Research Group Version Author(s)

DNS. Computer Networks. Seminar 12

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Part 5 DNS Security. SAST01 An Introduction to Information Security Martin Hell Department of Electrical and Information Technology

IP addresses have hierarchy (network & subnet) Internet names (FQDNs) also have hierarchy. and of course there can be sub-sub-!!

Chapter 23 The Domain Name System (DNS)

NET0183 Networks and Communications

DNS at NLnet Labs. Matthijs Mekking

Georgia College & State University

Applications & Application-Layer Protocols: The Domain Name System and Peerto-Peer

Distributed Systems. 09. Naming. Paul Krzyzanowski. Rutgers University. Fall 2015

Use Domain Name System and IP Version 6

Coordinación. The background image of the cover is desgned by GUIDE TO DNS SECURITY 2

How to Add Domains and DNS Records

what s in a name? taking a deeper look at the domain name system mike boylan penn state mac admins conference

DNS Basics. DNS Basics

1 Introduction: Network Applications

CS3250 Distributed Systems

Networking Domain Name System

How do I get to

Distributed Systems. 22. Naming Paul Krzyzanowski. Rutgers University. Fall 2013

Introduction to DNS CHAPTER 5. In This Chapter

Understanding DNS (the Domain Name System)

Domain Name Server. Training Division National Informatics Centre New Delhi

Domain Name Resolver (DNR) Configuration

DNS Resolving using nslookup

DNS. Computer networks - Administration 1DV202. fredag 30 mars 12

Introduction BIND. The DNS Protocol. History (1) DNS. History (2) Agenda

KB Windows 2000 DNS Event Messages 1 Through 1614

Domain Name Servers. Domain Types WWW host names. Internet Names. COMP476 Networked Computer Systems. Domain Name Servers

Domain Name System (DNS)

DNS. The Root Name Servers. DNS Hierarchy. Computer System Security and Management SMD139. Root name server. .se name server. .

TCP/IP Fundamentals. OSI Seven Layer Model & Seminar Outline

Copyright International Business Machines Corporation All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure

Domain Name System Security

Cape Girardeau Career Center CISCO Networking Academy Bill Link, Instructor. 2.,,,, and are key services that ISPs can provide to all customers.

Domain Name System Richard T. B. Ma

Chapter 9: Name Services. 9.1 Introduction 9.2 Name services and the DNS 9.3 Directory services 9.6 Summary

The Domain Name System (DNS) Jason Hermance Nerces Kazandjian Long-Quan Nguyen

ECE 4321 Computer Networks. Network Programming

Domain Name System (DNS)

DNS (Domain Name System) is the system & protocol that translates domain names to IP addresses.

Networking Test 4 Study Guide

Domain Name System :49:44 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

The Domain Name System

Application Layer. CMPT Application Layer 1. Required Reading: Chapter 2 of the text book. Outline of Chapter 2

Domain Name System WWW. Application Layer. Mahalingam Ramkumar Mississippi State University, MS. September 15, 2014.

Application Layer -1- Network Tools

The Domain Name System (DNS)

Application Protocols in the TCP/IP Reference Model. Application Protocols in the TCP/IP Reference Model. DNS - Domain Name System

Computer Networks - CS132/EECS148 - Spring

AS/400e. Networking DNS

Datacommunication. Internet Infrastructure IPv4 & IPv6

HTG XROADS NETWORKS. Network Appliance How To Guide: EdgeDNS. How To Guide

Chakchai So-In, Ph.D.

Transcription:

Forouzan: Chapter 17 Domain Name System (DNS)

Domain Name System (DNS) Need System to map name to an IP address and vice versa We have used a host file in our Linux laboratory. Not feasible for the entire Internet. Thus, divide huge amount of info and store in parts on many different computers. Host needing info contacts the closest server containing the needed info. This is DNS. Hierarchical Name Space is used. Names are made up of several parts: acme.gatech.edu Domain Name Space: names are defined in an inverted tree structure. Read names from node up to root of tree. Source: TCP/IP Protocol Suite by Forouzan

CONTENTS NAME SPACE DOMAIN NAME SPACE DISTRIBUTION OF NAME SPACE DNS IN THE INTERNET RESOLUTION DNS MESSAGES TYPES OF RECORDS COMPRESSION EXAMPLES DDNS ENCAPSULATION

17.2 DOMAIN NAME SPACE

Domain name space

Domain names and labels

FQDN and PQDN

Domains

17.3 DISTRIBUTION OF NAME SPACE

DNS servers are used to distribute the info among many servers. We use a hierarchy of servers just like the hierarchy of names.

What a server has authority for is called a zone. A root server s zone is the whole tree. We use primary and redundant servers.

A primary server loads all information from the disk file; the secondary server loads all information from the the primary server. When the primary downloads information from the secondary, it is called zone transfer.

17.4 DNS IN THE INTERNET

DNS in the Internet

Generic domains There are now 20 generic domains, including.biz,.info,.jobs, etc.

Country domains

Inverse domain

17.5 RESOLUTION

Resolution DNS uses a client server architecture. A host needing info contacts a client named a resolver. The resolver client contacts a DNS server. Recursive Resolution: The resolver asks for a recursive answer from a DNS server. The server must respond with the complete answer. If it does not know the answer the server itself asks a parent server in the hierarchy. If the parent does not know, the parent asks a higher level server in the hierarchy. Eventually the resolver will be told the answer by the first DNS server the resolver contacted. Iterative Resolution: If client does not specify a recursive answer, client will get an iterative answer. This means if the first server contacted does not know the answer, the server returns the IP address of what the server thinks is a smarter server. This continues until the answer is found.

Protocol that transports DNS messages DNS uses either TCP or UDP. Always port 53. UDP is used when messages are less than 512 bytes because many UDP implementations have a 512 byte maximum size limit. If message larger than 512 bytes: If client knows message is larger than 512 it will use a TCP connection If client does not know size of message opens a UDP port to server, but if the response is larger than 512, server truncates response and sets the TC bit as a sign to the client to try again using a TCP connection instead.

Recursive resolution

Here is a typical list of root servers held by a typical name server: ; This file holds the information on root name servers ; needed to initialize cache of Internet domain name ; servers (e.g. reference this file in the ; "cache. <file>" configuration file of BIND domain : name servers). ; ; This file is made available by InterNIC registration ; services under anonymous FTP as ; file /domain/named.root ; on server FTP.RS.INTERNIC.NET ; last update: Aug 22, 1997 ; related version of root zone: 1997082200 ; ; ; formerly NS.INTERNIC.NET ;. 3600000 IN NS A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 ; ; formerly NS1.ISI.EDU ;. 3600000 NS B.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107 ; ; formerly C.PSI.NET ;. 3600000 NS C.ROOT-SERVERS.NET. ETC Source:http://computer.howstuffworks.com/dns5.htm

Iterative resolution

17.6 DNS MESSAGES

DNS messages

Two basic types: Query and Response DNS Message Formats

Header: Identification: 2 byte field so client may match response to the question. Client creates number, Server just repeats the number in the request Flags: QR Query/Response: One bit 0=query 1=response Opcode: four bits define type of query or response 0=normal, 1=inverse, 2=server status is requested AA authoritative answer: One bit value of 1 means server responding is authoritative server TC truncated: One bit if it equals 1 means answer was larger than than 512 bytes and was truncated RD recursion desired: one bit if set to 1 means we want a recursive answer RA recursion available: One bit when set to 1 means a recursive response is available. This is set only in the response message Reserved: three bit field set to 000 rcode: Four bit field contains error status Number of Question Records: two byte field with number of queries in the question section of the message Number of Answer Records: two byte field with number of answers contained in answer section of the message Number of Authoritative Records: Two byte field containing the number of authoritative records in the authoritative records section of a response message Number of Additional Records: Two byte field containing the number additional records in the additional section of a response message.

Remainder of DNS Message Format Question Section: Section consisting of one or more question records. Exists in both query and response Answer Section: Section consisting of one or more answer records. Exists in response only. Authoritative Section: Section consisting of one or more resource records. Exists in response only. This contains the domain name about one or more of the authoritative servers for the query. Additional Info Section: Contains one or more resource records. Exists in response only.

17.7 TYPES OF RECORDS

Types of Records Two Types of Records in DNS Question Records are found in Query section and response section of DNS messages. We echo the question record in the response in case you forgot your question before you get your answer :>) Resource Records are used in the answer section, authoritative section, and additional section of a response message Question Record Question Record used to get info from server. Resource Record Resource records are returned from server to client

Question Record Format (Each count byte is a binary value between 0 and 63, count bytes are not ASCII) Query Name: Variable length field containing a domain name Query Type: 2 byte field containing the type of query: Type Mnemonic Details 1 A IP Address. Convert domain name to IP address 2 NS Name Server. IDs authoritative server for a zone 5 CNAME Canonical Name. Check if name is an alias 12 PTR Convert IP address to domain name (inverse query) etc Query Class: 2 Byte field specifying the protocol using DNS. Internet has a value of 1.

Resource Record Format Resource records are returned from server to client Domain Name: Variable length field containing domain name Domain Type: Same as query type field from before but a reduced Query type list Domain Class: 2 Byte field specifying the protocol using DNS. Internet has a value of 1. Time to Live: 4 byte field with number of seconds answer is valid. Receiver can cache this answer for this period of time (0 means do not cache) Resource Data Field Length: 2 bytes representing the length of the resource data field Resource Data: Variable length field containing answer to query

17.8 COMPRESSION

Format of an offset pointer

EXAMPLES

Example 1 A resolver sends a query message to a local server to find the IP address for the host chal.fhda.edu.. We discuss the query and response messages separately.

Example 1 Query Resolver sends query to a local server to find the IP address for chal.fhda.edu ID = 0x1333 is used to match response to this query ID. Flags: QR=0 Opcode=0000 AA=0 TC=0 RD=1 RA=0 Reserved=000 rcode=0000 So QR defines this message as a query not a response; opcode means standard query, Recursion desired, one question record for the domain chal.fhda.edu; query type=1 so This is an IP address query, last two bytes =1 means we are using Internet protocol.

Example 1 Response Header Question record echoed Answer section with One answer record Flags: QR=1 Opcode=0000 AA=0 TC=0 RD=1 RA=1 Reserved=000 rcode=0000 QR=1 response; Opcode=0000 standard response; RA and RD = 1 meaning recursion desired and recursion available; the next two fields=1 meaning message contains one question record and one answer record; next two fields = 0 meaning no authoritative and no additional records; The question record is echoed; Next field is domain name but using a DNS offset pointer (see next slide) The Domain type=1 meaning IP address; The Domain class = 1 meaning Internet; Time to Live = 12000 seconds; The Resource data length = 4 meaning returning 4 bytes, the last Four fields are the returned IP address of 153.18.8.105

DNS does not repeat a domain name in an answer record when we have it echoed in the question section of the same message. This is called compression. Instead of repeating DNS messages use an offset value to say how many bytes after the beginning of the message we can find the domain name already included in the message. The pointer has the format: DNS Offset Pointer Where the address of the beginning byte is counted in bytes from the beginning of the entire message. Start counting with zero as the first byte. So in our example 0xC00C is 1100 0000 0000 1100 which means 1100 offset which is 12 bytes from the beginning of the entire DNS message. Whew!

Example 2 An FTP server has received a packet from an FTP client with IP address 153.2.7.9. The FTP server wants to verify that the FTP client is an authorized client.

Example 2 Query Client asks for inverse query to find name for an IP address of 153.2.7.9 ID = 0x1200 is used to match response to this query ID. Flags = QR=0 Opcode=0001 AA=0 TC=0 RD=1 RA=0 Reserved=000 rcode=0000 So QR defines this message as a query; opcode means inverse query, Recursion desired, one question record for the domain 9.7.2.153.in-addr.arpa. query type=12 so PTR meaning convert IP address to a domain name, last two bytes =1 means this is Internet protocol we are using

Example 2 Response Flags: QR=1 Opcode=0001 AA=1 TC=0 RD=1 RA=1 Reserved=000 rcode=0000 QR=1 response; Opcode=0001 standard response; AA=1 Authoritative answer; TC = 0 using UDP and message fits; RA and RD = 1 meaning recursion desired and recursion available; the next two fields=1 meaning message contains one question record and one answer record;next two fields = 0 meaning no authoritative and no additional records;the question record is echoed; Next field is a DNS offset pointer 0xC00C; The Domain type=12 meaning domain name; The Domain class = 1 meaning Internet; Time to Live = 24000 seconds; The Resource data length = 10 meaning returning 10 bytes, the last field is the name mhhe.com.

17.9 DDNS

Dynamic Domain Name Service DNS master database must be updated dynamically After a binding between a name and an IP has taken place, DHCP sends this info to a primary DNS server Primary Server updates the zone and sends message to secondary server BIND (Berkeley Internet Name Domain) is an implementation of DNS, both server and client. See: http://www.intac.com/~cdp/cptd-faq/

17.10 ENCAPSULATION

DNS can use the services of UDP or TCP using the well-known port 53.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information