Basic DNS. DNS can also potentially do the reverse translating a numeric IP address to a fully qualified domain name.



Similar documents
THE MASTER LIST OF DNS TERMINOLOGY. v 2.0

THE MASTER LIST OF DNS TERMINOLOGY. First Edition

DNS. The Root Name Servers. DNS Hierarchy. Computer System Security and Management SMD139. Root name server. .se name server. .

FAQ (Frequently Asked Questions)

DNS. Computer Networks. Seminar 12

Forouzan: Chapter 17. Domain Name System (DNS)

HTG XROADS NETWORKS. Network Appliance How To Guide: EdgeDNS. How To Guide

Domain Name Server. Training Division National Informatics Centre New Delhi

DNS Best Practices. Mike Jager Network Startup Resource Center

DNS Basics. DNS Basics

Domain Name System (DNS) Fundamentals

Deploying IP Anycast. Core DNS Services for University of Minnesota Introduction and General discussion

BEST PRACTICES FOR IMPROVING EXTERNAL DNS RESILIENCY AND PERFORMANCE

INTERNET DOMAIN NAME SYSTEM

Domain Name Service (DNS) Training Division, NIC New Delhi

How To Guide Edge Network Appliance How To Guide:

Introduction to Network Operating Systems

DNS Root NameServers

DNS and BIND. David White

F5 Intelligent DNS Scale. Philippe Bogaerts Senior Field Systems Engineer mailto: Mob.:

Chapter 25 Domain Name System Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Motivation. Domain Name System (DNS) Flat Namespace. Hierarchical Namespace

DNS : Domain Name System

How to set up the Integrated DNS Server for Inbound Load Balancing

- Domain Name System -

3. The Domain Name Service

DNS Domain Name System

Domain Name System (DNS) Session-1: Fundamentals. Ayitey Bulley

OVERVIEW OF THE DNS AND GLOSSARY OF TERMS

what s in a name? taking a deeper look at the domain name system mike boylan penn state mac admins conference

Computer Networks: Domain Name System

Measuring the Web: Part I - - Content Delivery Networks. Prof. Anja Feldmann, Ph.D. Dr. Ramin Khalili Georgios Smaragdakis, PhD

A Survey of cctld DNS Vulnerabilities. ITU cctld Workshop March 3, 2003

Use Domain Name System and IP Version 6

Decoding DNS data. Using DNS traffic analysis to identify cyber security threats, server misconfigurations and software bugs

Module 2. Configuring and Troubleshooting DNS. Contents:

NET0183 Networks and Communications

Glossary of Technical Terms Related to IPv6

State of the Cloud DNS Report

DNS. Computer networks - Administration 1DV202. fredag 30 mars 12

State of the Cloud DNS Report

Basic DNS Course. Module 1. DNS Theory. Ron Aitchison ZYTRAX, Inc. Page 1 of 24

Networking Domain Name System

KB Windows 2000 DNS Event Messages 1 Through 1614

How to Add Domains and DNS Records

Distributed Systems. 09. Naming. Paul Krzyzanowski. Rutgers University. Fall 2015

Lecture 2 CS An example of a middleware service: DNS Domain Name System

CS3250 Distributed Systems

Network Layers. CSC358 - Introduction to Computer Networks

Computer Networks Prof. S. Ghosh Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture - 34 DNS & Directory

The Canadian Internet Registration Authority (CIRA) manages a 100% up time service - the.ca domain name registry for over 2.

DNS Architecture Case Study: Resiliency and Disaster Recovery

DNS and Interface User Guide

DNS and BIND Primer. Pete Nesbitt linux1.ca. April 2012

Domain Name System (DNS) RFC 1034 RFC

How to Configure the Windows DNS Server

Internet-Praktikum I Lab 3: DNS

Applied Network Services. Janet Services for Resilience. Andrew Davis Network Services Coordinator

ISP Systems Design. ISP Workshops. Last updated 24 April 2013

Domain Name System. DNS is an example of a large scale client-server application. Copyright 2014 Jim Martin

Effect of anycast on K-root

Domain Name System (DNS)

Chapter 23 The Domain Name System (DNS)

Understand Names Resolution

Harness Your Internet Activity!

Copyright International Business Machines Corporation All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure

Understanding DNS By Robert Sterler

Lesson 13: DNS Security. Javier Osuna GMV Head of Security and Process Consulting Division

Citrix NetScaler Global Server Load Balancing Primer:

Domain Name System DNS

Application. Transport. Network. Data Link. Physical. Network Layers. Goal

Internet Load Balancing Guide. Peplink Balance Series. Peplink Balance. Internet Load Balancing Solution Guide

The F5 Intelligent DNS Scale Reference Architecture.

DNS Resolving using nslookup

THE DOMAIN NAME SYSTEM DNS

My Services Online Service Support. User Guide for DNS and NTP services

Application Note Multiple SIParator Distribution

Where is Hong Kong in the secure Internet infrastructure development. Warren Kwok, CISSP Internet Society Hong Kong 12 August 2011

Non-authoritative answer: home.web.cern.ch canonical name = drupalprod.cern.ch. Name: drupalprod.cern.ch Address:

Domain Name System (DNS)

F root anycast: What, why and how. João Damas ISC

CDN SERVICE ICSS ROUTE MANAGED DNS DEUTSCHE TELEKOM AG INTERNATIONAL CARRIER SALES AND SOLUTIONS (ICSS)

APNIC IPv6 Deployment

Network Fundamentals Carnegie Mellon University

The Application Layer: DNS

Building Nameserver Clusters with Free Software

Hostnames. HOSTS.TXT was a bottleneck. Once there was HOSTS.TXT. CSCE515 Computer Network Programming. Hierarchical Organization of DNS

Introduction to DNS CHAPTER 5. In This Chapter

DNS & IPv6. Agenda 4/14/2009. MENOG4, 8-9 April Raed Al-Fayez SaudiNIC CITC rfayez@citc.gov.sa, DNS & IPv6.

Transcription:

DNS SERVER

Basic DNS DNS is the network service that translates a fully qualified domain name, such as www.india.gov.in, to a numeric IP address, such as 164.100.129.97. Client DNS Server data DNS can also potentially do the reverse translating a numeric IP address to a fully qualified domain name. DNS also map different types of records like MX, TXT, CNAME etc. Page 2

DNS Concept Distributed Database to resolve domain name. DNS uses both UDP and TCP protocols for the transport of its queries/zone files. UDP is a connectionless protocol or not a secure protocol. It uses port 53 for both protocols (i.e., ports 53/UDP and 53/TCP for Zone transfer). Common queries such as the translation of a name to an IP address and vice versa are performed by UDP protocol. Page 3

DNS Concept Why DNS Servers Required -4 Using BIND (Berkeley Internet Name Daemon) software for running DNS services. It is the most popular software for providing DNS services Slave DNS Types of name servers Authoritative servers master (primary) slave (secondary) (Caching) recursive servers also caching forwarders Mixture of functionality Master DNS Slave DNS Slave DNS Page 4

Hierarchy of Name Servers Why DNS Servers Required -5 The structure of the DNS system relies on a tree structure where the higher level Domains called TLD ( TOP Level Domain), All TLD attached to a root node represented by a dot. There are two categories of TLD (Top Level Domains): gtld (generic TLD). gtlds are top level generic domain names offering a classification according to the sector of activity. Ex:.com relates to commercial use..edu relates to educational organizations.gov relates to governmental organizations cctld (country code TLD). Ex: Code Country AU Australia HK Hong Kong JP Japan IN India Page 5

DNS Query Resolving Steps Why DNS Servers Required -6 1. Client ask for www.nic.in from caching server. 2. Caching or Recursive server forward request root server. 3. Root server further sent request to known.in server 4..IN server know the location of nic.in server thus send it further to nameserver of nic.in. 5. Nic.in nameserver gives it answer to the crosponding servers. 6. Finally session esablished with desired server having web site www.nic.in. Page 6

NIC Authoritative DNS Servers Overview of NIC DNS Servers S No. DNS server Name IP Address Location of the Server 1 NS1.NIC.IN 164.100.14.3 NIC-HQ Delhi 2 NICNET.NIC.IN 164.100.9.3 NIC- HQ Delhi 3 NS6.NIC.IN 164.100.2.3 NIC-HYD DNS Server registered for 3 rd.4 th level of nic.in domains 4 NS8.NKN.IN 2405:8a00:1000::2 NIC- Shastri Park S No. DNS server Name IP Address Location of the Server 1 NS1.NIC.IN 164.100.14.3 NIC-HQ Delhi 2 NS2.NIC.IN 164.100.10.18 NIC- HQ Delhi 3 NS7.NIC.IN 164.100.2.11 NIC-HYD DNS Server registered for gov.in and other URLs 4 NS10.NKN.IN 2405:8a00:1000::2 NIC-Shastri Park Page 7

Anycast Caching DNS Servers Multiple nodes configured to accept DNS traffic on single IP address. Traffic from different node may follow separate path. Client INTERNET CLOUD 164.100.3.1 Banglore 164.100.3.1 DELHI 164.100.3.1 Gauhatty 164.100.3.1 Kolkatta 164.100.3.1 Hyderabad In this scenario clients choose a nearby DNS server 164.100.3.1 for their DNS query resolving. Overview of NIC DNS Servers Anycast DNS 164.100.3.1 S No. Location 1 Delhi 2 Bhopal 3 Gandhinagar 4 Kolkatta 5 Bhuvneshwer 6 Gauhatty 7 Hyderabad 8 Banglore 9 Chennai 10 Chandigarh Page 8

Benefits of Anycast DNS Server Overview of NIC DNS Servers Automate failover, When an Anycast DNS servers gets down due to power failure or some other reason then route is withdrawn from that server then user query will be resolve from next nearby Anycast DNS server. Thus no need to configure other DNS Decrease latency Improve load distribution Simplify configuration and maintenance Increase resiliency to DoS and DDoS attacks Page 9

Protection from malware domains Overview of NIC DNS Servers Using latest BIND (Berkeley Internet Name Daemon ) software, it is an open source DNS software, it is being maintained by ISC (Internet System Consortium). Maintaining a list of malware domains in 164.100.3.1 & 164.100.17.3 as per instruction from NIC Cyber Security Division. These Caching server are announced for NICNET users. Configured DNS RPZ in all caching servers. It is a service which provides reputation information of domains and accordingly prepare a list of URLs which can be blocked. ISC maintain list of RPZ. We are blocking certain domains or URLs as per instruction from Security Division because these domains can damage users data and even can spread virus/worm in the entire Network. Page 10

DNS resolving tools Nslookup Dig Host Online sites for testing domain resolving 1. http://network-tools.com, 2. http://mxtools.com 3. http://www.kloth.net/services/nslookup.php Page 11

THANKS Page 12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information