Presentation is loading. Please wait.

Presentation is loading. Please wait.

DNS Domain Name Service References: Wikipedia 1.

Similar presentations

Presentation on theme: "DNS Domain Name Service References: Wikipedia 1."— Presentation transcript:

1 DNS Domain Name Service References: Wikipedia 1

2 Domain Name System Overview Maps domain names to IP addresses Databases that hold Internet host information Protocol for exchanging host information Library routines that implement the defined protocol BIND - Berkeley Internet Name Domain named - DNS server daemon 2

3 DNS Domain Structure 3

4 DNS Domain Structure Hierarchical ◦ root domain (.) ◦ top-level domains ◦ subdomains ◦ host ◦ FQDN Distributed ◦ DNS servers Replicated 4. (root) ssh

5 Terminology FQDN ◦ ◦ hierarchy is read from right to left ◦ last "." is frequently (usually) omitted domain - each node in the DNS database is called a domain ◦ "." is the root node or root domain - top of hierarchy The separator character between domains is"." Subdomain ◦ Any domain that has a parent  (i.e., any domain other than ".") ◦ Subdomains can resolve to hosts, even if they have children 5

6 More Terminology Resolver ◦ Routines that convert an unqualified domain name into an FQDN ◦ FQDN is passed to DNS to be mapped to an IP address ◦ Always appends the root domain "." to an unqualified domain name first ◦ List additional domain names to try into /etc/resolv.conf file Case Insensitive ◦ DNS considers upper and lower case letters the same (i.e., DNS is case insensitive) 6

7 Zones Administrative groups of domains ◦ A single DNS server is responsible for all domains within a zone. ◦ A zone server also holds pointers to DNS servers that are responsible for the subordinate DNS zones. Root domain ◦ highest zone, contains information for the root domain ◦ does not contain any hosts ◦ contains pointers (delegates) to the DNS servers for the top-level domains ◦ 13 authoritative name servers - responsible for the root and top- level domains. 7

8 Delegation of Authority ICANN - Internet Corporation for Assigned Names and Numbers ◦ Delegates (designates) the (13) authoritative DNS servers for the root and top-level domains Each top-level authoritative DNS server, then delegates (designates) for its own next higher level subdomains. Allows local control over segments of DNS database, while making all segments available to the public. 8

9 Queries Iterative and Recursive Iterative (non-recursive) queries ◦ Sends domain name to DNS server and requests server to provide:  the IP address of the requested domain, OR  The name of the authoritative DNS server for the requested domain (or a parent).  The server does not query other servers to obtain an answer. Recursive queries ◦ Sends a domain name to the DNS server and requests the IP address of the domain ◦ The server may need to query other servers to obtain the answer (recursively) Both types of query can fail to locate the domain 9

10 Clients and Resolvers Client example - web browser ◦ Queries resolver for domain name resolution ◦ Resolver recursively initiates iterative queries to the DNS server DNS servers must answer iterative queries ◦ If not configured to answer recursive queries, DNS servers respond as though they were iterative queries. 10

11 Recursive Queries 11

12 DNS Servers Primary (or master) server ◦ Authoritative server that holds the master copy of zone data ◦ Copies information from the zone or master file - a local file maintained by system administrator ◦ For security and efficiency provide iterative answers only. Slave (or secondary) servers ◦ Authoritative ◦ Copies information from the master server or another slave server DNS caches or caching servers ◦ Not authoritative ◦ Store answers to previous queries in cache. ◦ Responds from cache, if available or forwards to an authoritative server. 12

13 DNS Database Resource records store node (domain) information Over 30 types of resource records Resource record fields: ◦ NameDomain name or IP address ◦ TTLTime to Live (not used in all resource records) ◦ ClassOnly class supported is 1 for IN Internet ◦ TypeRecord type ◦ DataVaries based on record type 13

14 Resource Record Types AAddress. IPv4 address mapping. Ex:nsINA192.168.0.1 AAAAAddress.IPv6 address mapping. Ex:nsINAAAA (ipv6 address) CNAMECanonical Name. Maps alias or nickname. MXMail Exchange.Domain mail destination. Ex:speedyMX10mail NSNameServer.Name of DNS server. 14

15 Resource Record Types PTRPointer. Used for reverse name resolution. (See reverse name resolution later.) Ex:3INPTRgrape TXTText. Quoted character string associated with the domain name. Ex:peach"Refers to the peach subdomain" 15

16 DNS Query Format 1.NameDomain name, FQDN, or IP address 2.ClassClass 1 for IN or Internet class 3.TypeType of Record requested Example request for an address record: fedora.redhat.comINA 16

17 DNS Cache Many DNS servers cache query responses from other DNS servers. A DNS server will first try to respond to a query from cache. If there is no cached response available, the DNS server may query other DNS servers, if configured to do so. Because of DNS caching, it may take several days for DNS changes to propagate throughout the DNS. 17

18 DNS Response Format Header RecordInformation about the query Query RecordRestates the original query Answer RecordsRecords to answer the query Authority RecordsRecords for authoritative servers Additional RecordsAdditional records, such as NS 18


20 Reverse Name Resolution Also referred to as "inverse mapping" or "reverse mapping." Looks up domain names, given an IP address. Uses special domain named Resource record formats for this domain ◦ Name field holds IP addresses. ◦ Records are indexed hierarchically by IP address. ◦ Data fields holds the corresponding FQDN. Used for reverse name resolution ◦ Allows server to retrieve and record domain names of clients. ◦ Verification of the domain of email senders and IP address of sending machine. 20

21 Examples of Reverse Name Resolution $ dig PTR... ;; QUESTION SECTION ; ;; ANSWER SECTION $ dig -x ;; QUESTION SECTION ; ;; ANSWER SECTION $ host name pointer 21

22 DNS Related Utilities whois ◦ Look up domains ◦ Different sites have different capabilities nslookup ◦ Name service lookup ◦ Deprecated, may be removed from future distributions of Linux. dig ◦ Domain Internet Groper ◦ more current than nslookup. 22

Download ppt "DNS Domain Name Service References: Wikipedia 1."

Similar presentations

Ads by Google