Eda387 Lecture DNS

Computer Networks
Computer Networks
Internet Interconnections
The Domain Name System DNS
Ali Salehson
1
2012 Ali Salehson, Chalmers, CSE Networks and Systems
Computer Networks
Internetworking with TCP/IP

Ch 2: Ethernet & MAC frame (review) Ch 3: Internetworking Concept (review) Ch 4: IPv4 Addressing Ch 5: ARP protocol & operation Ch 6: IPv4 Protocol (self-study) Ch 7: Forwarding IP Datagrams Ch 8: ICMP and TCP/IP Utilities (self-study) Ch 9: IPv4 CIDR
Computer Networks
Internetworking with TCP/IP
Ch 23: Domain Name System (DNS) Ch 31: IPv6 & ICMPv6
Computer Networks
Internet Names
IP 32-bit addresses used for specifying the source and destination in datagrams. Humans prefer pronounceable, easily remembered names rather than numeric addresses. Two possibilities for a name system:
Flat namespace (does not scale for Internet) Hierarchical namespace with organizational structure
4
Computer Networks
Internet Naming Hierarchy

Decentralizing the naming mechanism Delegating authority for parts of the namespace such that it:
supports efficient name mapping guarantees autonomous control of name assignment
Distributing the responsibility for the mapping between names and addresses among all the involved organizations.
Computer Networks
Internet Naming Hierarchy

Flexible hierarchy
Universal naming scheme Each organization determines internal naming structure
Each organization obtains authority for parts of the namespace

Names are assigned according to the structure of organization, not necessarily according to the physical structure of its networks
6
Computer Networks
Internet Domain Name System

Domain Name System (DNS)
Provides mainly name to address mapping for hosts
It specifies:
The name syntax Rules for delegating authority over names
It specifies:
The implementation of a distributed database system in a hierarchy of many name servers (NS). A core and necessary Internet service implemented as application-layer protocol used by hosts, routers, name servers to resolve names (name-address translation). Keeping complexity at networks edge.
Computer Networks
Domain Name System

Set of labels separated by delimiter character (dot) Example: cse.chalmers.se Three labels: cse, chalmers and se se is Top-level domain chalmers.se is domain of the University cse.chalmers.se is a subdomain for the CSE department belonging to the University One computers host name and IP address: www.cse.chalmers.se 129.16.221.33
Computer Networks
DNS Servers and Clients

DNS client software known as resolver DNS server known as Name Server (NS)
DNS relies on a large set of on-line NSs Servers are arranged in tree Given server can handle entire subtree
DNS servers are mainly Root, TLD or

domain Authoritative servers
Root server handles all top-level domains

Computer Networks
Global Root Name Servers

a Verisign, Dulles, VA c Cogent, Herndon, VA (also LA) d U Maryland College Park, MD g US DoD Vienna, VA h ARL Aberdeen, MD j Verisign, e NASA Mt View, CA f Internet Sys. Consortium, Palo Alto, CA k RIPE London i Autonomica/NORDUNet, Stockholm
m WIDE Tokyo
b USC-ISI Marina del Rey, CA l ICANN Los Angeles, CA
13 global root name servers worldwide + replicas ( http://www.root-servers.org )

10
Computer Networks
;; QUESTION SECTION: ;. ;; ANSWER SECTION: . 139826 . 139826 . 139826 . 139826 . 139826 . 139826 . 139826 . 139826 . 139826 . 139826 . 139826 . 139826 . 139826 ;; ADDITIONAL SECTION: a.root-servers.net. 337865 a.root-servers.net. 3717 b.root-servers.net. 350299 c.root-servers.net. 350299 d.root-servers.net. 350299 d.root-servers.net. 3717 e.root-servers.net. 350299 f.root-servers.net. 350299 f.root-servers.net. 3717 g.root-servers.net. 350299 h.root-servers.net. 350299 h.root-servers.net. 3717 i.root-servers.net. 350299 i.root-servers.net. 3717
IN IN IN IN IN IN IN IN IN IN IN IN IN IN IN IN IN IN IN IN IN IN IN IN IN IN IN IN
NS NS NS NS NS NS NS NS NS NS NS NS NS NS A AAAA A A A AAAA A A AAAA A A AAAA A AAAA e.root-servers.net. k.root-servers.net. j.root-servers.net. a.root-servers.net. h.root-servers.net. i.root-servers.net. g.root-servers.net. m.root-servers.net. b.root-servers.net. l.root-servers.net. f.root-servers.net. c.root-servers.net. d.root-servers.net. 198.41.0.4 2001:503:ba3e::2:30 192.228.79.201 192.33.4.12 128.8.10.90 2001:500:2d::d 192.203.230.10 192.5.5.241 2001:500:2f::f 192.112.36.4 128.63.2.53 2001:500:1::803f:235 192.36.148.17 2001:7fe::53 11
Computer Networks
TLD and Authoritative Servers

Top-Level Domain (TLD) servers:
Each of TLD-servers is responsible for domains; com, org, net, edu, , or each of the country code top-level domains uk, fr, ca, jp, se, ...
Authoritative DNS servers:

organizations DNS servers, mainly providing authoritative hostname to IP mappings for the organizations servers (e.g., web, mail) and other hosts. can be maintained by the organization or a service provider (ISP).
12
Computer Networks
Top-Level Domains (TLD)

Domain Name arpa* com net org aero biz edu gov mil int . country code
Assigned To (generic) Infrastructure domain Commercial organizations (gTLD) Major network support centers (gTLD) Organizations other than above (gTLD) Air Transport Industry (sTLD) Business Educational institutions (4-year) Government institutions (U.S.) Military groups (U.S.) International organizations . Each country (geographic ccTLD)
* Address and Routing Parameter Area
13
Computer Networks
;; QUESTION SECTION: ;com. IN NS ;; ANSWER SECTION: com. 3898 IN NS com. 3898 IN NS com. 3898 IN NS com. 3898 IN NS com. 3898 IN NS com. 3898 IN NS com. 3898 IN NS com. 3898 IN NS com. 3898 IN NS com. 3898 IN NS com. 3898 IN NS com. 3898 IN NS com. 3898 IN NS ;; ADDITIONAL SECTION: a.gtld-servers.net. 83813 IN a.gtld-servers.net. 26196 IN b.gtld-servers.net. 83813 IN b.gtld-servers.net. 26196 IN c.gtld-servers.net. 26196 IN d.gtld-servers.net. 26196 IN e.gtld-servers.net. 26196 IN f.gtld-servers.net. 83813 IN g.gtld-servers.net. 26196 IN h.gtld-servers.net. 64222 IN i.gtld-servers.net. 26196 IN j.gtld-servers.net. 26196 IN k.gtld-servers.net. 83813 IN l.gtld-servers.net. 37901 IN m.gtld-servers.net. 26196 IN
f.gtld-servers.net. c.gtld-servers.net. g.gtld-servers.net. m.gtld-servers.net. e.gtld-servers.net. k.gtld-servers.net. j.gtld-servers.net. b.gtld-servers.net. i.gtld-servers.net. l.gtld-servers.net. d.gtld-servers.net. h.gtld-servers.net. a.gtld-servers.net. A 192.5.6.30 AAAA 2001:503:a83e::2:30 A 192.33.14.30 AAAA 2001:503:231d::2:30 A 192.26.92.30 A 192.31.80.30 A 192.12.94.30 A 192.35.51.30 A 192.42.93.30 A 192.54.112.30 A 192.43.172.30 A 192.48.79.30 A 192.52.178.30 A 192.41.162.30 A 192.55.83.30 14
Computer Networks
Domain Name Resolution

For non-local lookups, resolver must search from root of tree downward
Every name server knows location (IP address) of a root server Query root server for the name server of TLD and obtain answer containing also IP address. Query TLD server for the authoritative name server of the domain and obtain answer. Query the authoritative name server of the domain to obtain final answer about the mapping.
15
Computer Networks
Distributed Hierarchical DB
Root DNS Servers
Top-Level Domain (TLD) Servers
com DNS servers yahoo.com google.com DNS servers DNS servers
org DNS servers pbs.org DNS servers
edu DNS servers purdue.edu poly.edu DNS servers DNS servers
Independent DNS client wants IP address for www.google.com: client queries a root-server to find com TLD servers client queries com TLD-server to get google.com DNS servers client queries one authoritative DNS-server ns1.google.com to get IP address for www.google.com
16
Computer Networks
DNS Database
Resource Record (name, type)
Type specifies type of object Name is mapped to object Object may be host, email exchanger, A given name may map to more than one item in the domain system. The client specifies the type of object desired when resolving a name, and the server returns objects of that type.
17
Computer Networks
DNS Resource Records

DNS: distributed database storing resource records (RR) RR format: (name, type, TTL, value)
Type = A (IP Address) name is hostname value is IP Address Type = CNAME (Canonical) name is alias name for some canonical (the real) name www.ibm.com is really named as www.ibm.com.cs186.net value is canonical name Type = MX (Mail eXchanger) name is domain name value is name of mail server associated with domain name
18
Type = NS (Name Server)

name is domain name (e.g. cisco.com) value is hostname of authoritative name server responsible for this domain
Computer Networks
Efficient Resolution
Most lookups refer to local domain names Name-to-Address bindings (A-type) do not change frequently User is likely to repeat same lookup Many local users may query same lookups To increase efficiency:
Initial contact begins with local name server (host can learn address of DNS server from DHCP) Local server caches answers (owner specifies cache timeout by including TTL in answer)
19
Computer Networks
DNS Queries and Answers

Host in chalmers.se wants IP address for www.google.com A local name server
Local DNS server res1.chalmers.se
Root NS server 2 3 4 5
Top-Level Domain (TLD) NS server (com)
acts as proxy for clients 6 7 8 1 often cache-only server normally owned by ISP Authoritative DNS server or organization ns1.google.com requesting host sends questions to other Ju-020-11.studat.chalmers.se NSs in hierarchy
www.google.com
20
Computer Networks
DNS Queries and Answers

iterative answer:
Contacted server replies
Queries
2 3 iterative answers 4 5
Top-Level Domain (TLD) NS server (com)
Root NS server
with name of server to further contact Local DNS server Official DNS servers res1.chalmers.se
recursive answer:
Puts burden of name
recursive answer
8 1
resolution on contacted local name server

Normal operation is as
Authoritative DNS server ns1.google.com
shown in figure Ju-020-11.studat.chalmers.se (queries, iterative + recursive)

requesting host
www.google.com
21
Computer Networks
DNS Message Format

DNS protocol: query and reply messages, same message format Message Header includes
identification:
16-bit # for query, reply uses same #
Parameter: 16 bits
1 bit: query or response 4 bits: Opcode standard 7 bits: flags e.g.
answer authoritative recursion desired recursion available
4 bits: reply code (errors)

22
Computer Networks
DNS Message Sections

Name, type, class fields for a query RRs in response to query records for authoritative servers additional helpful info that may be used
23
Computer Networks
Inserting Records into DNS

example: new startup company Network Engineering register name neteng.se at DNS registrar
Need to provide registrar with names and IP addresses of your authoritative name servers (primary and secondary) Registrars can be found, for example at iis.se web site iis.se lists more than 50 registrars for .se and other domains Cost depends on domain and registrar, typically $20-100
Registrar inserts two RRs into the .se TLD server:

(neteng.se, NS, dns1.neteng.se) (dns1.neteng.se, A, 212.212.212.1)
How do people get IP address of the companys Web site?

The administrator places in the companys authoritative server:
Type A record for www.neteng.se and may be also good to have type MX record for neteng.se, and so on .
24
Computer Networks
More about DNS

Inverse mappings e.g. PTR records (in lab) Dynamic DNS updates and notifications Interaction with DHCP servers Consistency with replicas (backup) DNS security and load distribution Compressed name format in messages Lookup with name abbreviation IPv6 Resource Records type AAAA
25
Computer Networks
Summary
Domain Name System provides mapping from pronounceable names to IP addresses Domain names are hierarchical: Top-Level Domains are controlled by a central authority Organizations can choose how to structure their domain names DNS uses on-line servers to answer queries Lookup begins with local caching server
26
Computer Networks
Questions?
Thank You!
27

Eda387 Lecture DNS

Загружено:

Сведения о документе

Исходное описание:

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Eda387 Lecture DNS

Загружено:

Авторское право:

Доступные форматы

Computer Networks

2012 Ali Salehson, Chalmers, CSE Networks and Systems

Internetworking with TCP/IP

Internetworking with TCP/IP

Ch 23: Domain Name System (DNS) Ch 31: IPv6 & ICMPv6

2012 Ali Salehson, Chalmers, CSE Networks and Systems

2012 Ali Salehson, Chalmers, CSE Networks and Systems

Internet Naming Hierarchy

Internet Naming Hierarchy

Each organization obtains authority for parts of the namespace

2012 Ali Salehson, Chalmers, CSE Networks and Systems

Internet Domain Name System

Domain Name System

DNS Servers and Clients

DNS servers are mainly Root, TLD or

Root server handles all top-level domains

Global Root Name Servers

b USC-ISI Marina del Rey, CA l ICANN Los Angeles, CA

13 global root name servers worldwide + replicas ( http://www.root-servers.org )

TLD and Authoritative Servers

Authoritative DNS servers:

Top-Level Domains (TLD)

Domain Name Resolution

2012 Ali Salehson, Chalmers, CSE Networks and Systems

com DNS servers yahoo.com google.com DNS servers DNS servers

org DNS servers pbs.org DNS servers

edu DNS servers purdue.edu poly.edu DNS servers DNS servers

DNS Resource Records

Type = NS (Name Server)

2012 Ali Salehson, Chalmers, CSE Networks and Systems

DNS Queries and Answers

DNS Queries and Answers

resolution on contacted local name server

Authoritative DNS server ns1.google.com

shown in figure Ju-020-11.studat.chalmers.se (queries, iterative + recursive)

DNS Message Format

4 bits: reply code (errors)

DNS Message Sections

2011 Ali Salehson, Chalmers, CSE Networks and Systems

Inserting Records into DNS

Registrar inserts two RRs into the .se TLD server:

How do people get IP address of the companys Web site?

More about DNS

2012 Ali Salehson, Chalmers, CSE Networks and Systems

Вам также может понравиться