Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 CMPT 471 Networking II DNS © Janice Regan, 2006-2013.

Published byAndrew Tate Modified over 8 years ago

Similar presentations

Presentation on theme: "1 CMPT 471 Networking II DNS © Janice Regan, 2006-2013."— Presentation transcript:

1 1 CMPT 471 Networking II DNS © Janice Regan, 2006-2013

2 2 Host names  In addition to identifying a host by the IP address of a connected interface we also identify the interface by an hostname  Hostnames are easier for a human to use and remember that the IP address  In the early Internet names were recorded at a central registry at the Network Information Center (NIC).  New hosts/names were submitted to the central registry and added to the hosts file  The hosts file was available for distribution to all other sites.  Flat naming structure

3 © Janice Regan, 2006-2013 3 Hierarchical name space  The central naming system worked well until the Internet grew larger than it could handle (soon after TCP/IP was adopted)  The central servers could no longer deal with the volume of traffic  The manual updating of names was slow, and maintaining network wide consistency was difficult  Enforcing the use of unique names became more difficult (then impossible)

4 © Janice Regan, 2006-2013 4 DNS  The primary use of DNS is to answer queries requesting the IP address that corresponds to a given host name.  DNS uses a hierarchical classification system for domain names (domains are groups of hosts and networks)  Responsibilities for administering the DNS namespace are distributed  DNS domain names may represent a network a subnetwork or even a host

5 © Janice Regan, 2006-2013 5 Hierarchical name space  A hierarchical system was designed to replace this original flat namespace  Administration was decentralized using a distributed database  Local administrators were given responsibility for building and maintaining a database relating IP address and name for their designated local networks

6 © Janice Regan, 2006-2013 6 DNS Name Tree cs arpa com edu gov us uk ca fr bc sfu fraser In-addr ny ca sun nasa jpl. hp Labels may have up to 63 characters fraser Labels (names) may refer to domains (hosts +nets) hosts or networks

7 © Janice Regan, 2006-2013 7 DNS Name Tree cs arpa com edu gov us uk ca fr bc sfu fraser In-addr ny ca sun nasa jpl. hp All children of a given parent must have unique names fraser fred hp1 NO!

8 © Janice Regan, 2006-2013 8 Constructing names: name tree  Start at the leaves of the tree  The domain for the chosen leaf will be the first part of the name.  Add a period to the first part of the name  Check the domain name of the root of the current position in the tree.  If it is not the root of the tree  The domain name of the root of the current position in the tree is added after the period  If it is the root of the tree the name is complete  Repeat steps 3 and 4 until the name is complete

9 © Janice Regan, 2006-2013 9 jpl.nasa.gov.. cs arpa com edu gov us uk ca fr bc sfu fraser In-addr ny ca sun nasa jpl hp fraser

10 © Janice Regan, 2006-2013 10 Fully Qualified Domain Name  DNS uses fully qualified domain names  FQDNs are complete domain names including all parts of the domain name from the domain of interest up to the root  Ends in a. to indicate root. For example fraser.sfu.ca.  The terminating. Indicates that the name is absolute ( relative to root, not to any other position in the DNS tree)  Domain names that are not fully qualified (do not end at root, like fraser.sfu) may be interpreted by some software as relative to some particular location (other than root) in the DNS tree. (more later)

11 © Janice Regan, 2006-2013 11 Authority for the DNS namespace  The central internet authority was ICANN (Internet corporation for assigned numbers and names) and is now IANA (Internet assigned numbers authority).  Responsibility for the root level. domain rests with IANA  TLDs, top level directories for the internet namespace include generic TLDs (gTLDs) like.com or.org for classification of domain names by type of use include country code TLDs (ccTLDs) like.ca or.us for geographical classification of domain names  Responsibility for administering the TLDs has been delegated to other contractors by IANA

12 © Janice Regan, 2006-2013 12 DNS Name Tree: Domains “” Root domain arpa com edu gov us uk ca fr bc sfu cs fraser In-addr ny ca nasa jpl hp Generic Top level domains gTLDS Country code Top level domains ccTLDS

13 © Janice Regan, 2006-2013 13 Authority for the DNS namespace  Any organization to which responsibility for a DNS domain is delegated  must provide at least two independent DNS servers to service that domain These DNS servers must be geographically separated These servers must be configured to provide continuous service  may delegate authority for parts of the DNS domain for which they are responsible to other organizations.

14 © Janice Regan, 2006-2013 14 Authority for the DNS namespace  Responsibility for the.ca TLD has been delegated to CIRA (Canadian Internet Registration Authority) by the contractor to IANA  The.ca TLD is administered by CIRA  Similarly CIRA has delegated authority for the sfu.ca domain to SFU  SFU provides three DNS servers, two at SFU (whistler and seymour), and an independent server located at UBC.  SFU also runs an independent server for UBC

15 © Janice Regan, 2006-2013 15 Authority for the DNS namespace  Each DNS server must know the name/address of the servers it has delegated responsibility to. .ca (CIRA) has delegated responsibility for sfu.ca to SFU  The delegated authority has a responsibility to inform the delegator if address or name of the DNS name server changes. This is necessary to guarantee that address queries can be passed down the tree.  The delegator of authority need not inform all organizations it delegates to of changes made by other such organizations. This is an unreasonable load in a rapidly growing/changing internet.

16 © Janice Regan, 2006-2013 16 Domain Name System  A DNS domain is a subtree  The name of the domain is the domain name of the node at the root of the subtree  The domain includes all domains and hosts contained within itself.us domain, includes.ca domain and.ny domain.mycomp domain include.mynet domain and host.myhost  The administrative responsibility for the domain and its subdomains may be arranged in different ways

17 © Janice Regan, 2006-2013 17 DNS Name Tree: sub-trees cs arpa com edu gov us ca fr bc sfu fraser ny ca nasa jpl. mycomp fraser myhost mynet us domain mycomp domain

18 © Janice Regan, 2006-2013 18 How many DNS servers?  Extrapolating this model we discussed before would have a DNS server for each domain  What is the smallest domain?  1 host, host name = domain name Clearly this makes too many servers  1 local network = 2 DNS servers Still too many (lots of small networks)  At some reasonable point we need to stop delegating authority

19 © Janice Regan, 2006-2013 19 Dividing Authority  What about domains that include both hosts and multiple sub-domains?  Can delegate the sub-domains, what about the hosts?  What if you want to delegate only some of the sub-domains?  Need some more flexible administrative unit, the zone

20 © Janice Regan, 2006-2013 20 Zone  An administrative division of the domain name tree  Each zone is the responsibility of one administrative authority  A zone may include hosts and sub-domains  Sub domains in a zone may or may not have authority delegated to other administrative authorities. Any subset of sub-domains may be delegated  The domain name of the zone is the domain name of domain with the same root domain name

21 © Janice Regan, 2006-2013 21 Domain Name System  A DNS zone is a subtree  Any delegated subtree  The administrative authority for the zone must maintain at least two completely independent DNS servers for the zone  A given zone will have a corresponding zone in the arpa subtree to be used for inverse queries  A zone may delegate some of its sub domains and not others

22 © Janice Regan, 2006-2013 22 DNS Name Tree: zones bc ab on qc.ca.ca domain sk sk.ca zone qc.ca zone.ca zone

23 © Janice Regan, 2006-2013 23 Authority for the DNS namespace  A particular DNS name server will service a zone. Its database of name information will contain  entries for any hosts in the zone  delegation information for domains or zones that have been delegated to other authorities Includes the address of (pointer to) the DNS servers for the delegated domains or zones excludes information about further delegation of authority in delegated zones or hosts in delegated domains  Root servers contain the delegation information for all TLDs

24 © Janice Regan, 2006-2013 24 Inverse Queries  Given an IP address what is the name of the host  Uses the in-addr.arpa portion of the address tree  The IP address is used as the ‘name’ in this portion of the tree. The four dot separated fields are used in reverse order  For example if the IP address is 202.48.99.111 then the address read from the tree would be 111.99.48.202

25 © Janice Regan, 2006-2013 25 The in-addr.arpa domain … 0 … … 255 0 … … 0 … 202 49 99 … 0 … 255 111

26 In-addr.arpa, structure  On the surface is seems it would be easier to put the IP address parts (each number between the.’s in the dotted decimal notation) in the opposite order  However, to enable delegation of smaller networks (longer masks) from larger networks (shorter masks) requires that the part of the IP address that is most specific be placed at the bottom of the in-addr.arpa tree © Janice Regan, 2006-2013 26

27 © Janice Regan, 2006-2013 27 DNS  The primary use of DNS is to answer queries requesting the IP address that corresponds to a given host name.  There are two approaches to answering a query  Iterative: the name server receiving the query responds with either the IP address of the host or the name of the next server it would consult (next higher server in the tree)  Recursive: the name server will, if necessary, directly query the next name server, and will return the final answer

28 © Janice Regan, 2006-2013 28 Caching  Each time a DNS query is made by the DNS server, the information in the response is cached  This cached information can be used to improve the efficiency of later queries to the DNS server

29 © Janice Regan, 2006-2013 29 Common DNS implementations  Reference implementation DNS: BIND (Berkeley Internet Name Daemon) managed by ISC  Current release BIND 9  2010, 1st year of 5 year building of BIND 10  Using a recent release is important. Bind 8.2 and 9 include more extensive security features. incremental updates of slave servers (before a full retransmission of the DNS database was necessary for updates). New configuration syntax

30 © Janice Regan, 2006-2013 30 BIND  Bind has two major components  The resolver is a subroutine library that is used by DNS clients to make and interpret queries  The name server daemon named (listens port 53 for UDP and TCP)

31 © Janice Regan, 2006-2013 31 BIND  BIND usually uses UDP to transfer data.  If a response contains more data than will fit in the allowed UDP packet (512 octets) the it will be truncated and flagged. The resolver will then request to have the full response sent using TCP  TCP is also used for transferring or updating the contents of DNS databases from one DNS server to another (master to slave)

32 © Janice Regan, 2006-2013 32 Operation of a DNS server  A DNS name server is initialized, knowing the addresses of the root servers, knowing the addresses of some other servers, or with the zone data files for one or more zones.  As queries are made the information received from the queries is added to a cache.  Entries generally have a long (hours to days) lifetime.  Lifetime (TTL) is set by administrator when configuring the server, or reset by the administrator at a later time Shorter lifetime keeps information up to date but causes increased load of queries to the DNS server  When further queries are made the cache is checked before queries are transmitted

33 © Janice Regan, 2006-2013 33 Types of DNS servers  Primary Master or Master Server:  Each domain has at lease one.  Initializes from a series of files (zone data files) maintained by a system manager.  Authoritative for zone.

34 © Janice Regan, 2006-2013 34 Types of DNS servers  Secondary Master or Slave Server:  Initializes from the master server.  Authoritative for zone.  If a slave server reboots it will first load the DNS data that it had before the server went down. It will then contact the master server and update information as necessary from the current zone data files.

35 DNS Servers  A DNS server may service more than one zone  A DNS server may be Master server for one zone and Slave server for another zone © Janice Regan, 2006-2013 35

36 © Janice Regan, 2006-2013 36 Types of DNS servers  Cache Only Server: Begins with the addresses of the root servers or with the names of a few local name servers to which to forward all queries.  Not Authoritative for any zone..  When the requested information is returned it is cached  When the server replies that the requested information is not available this information is also saved (negative caching)  Must ask primary server in its zone to do lookups for its local zone

37 © Janice Regan, 2006-2013 37 References DNS and DHCP  If you want to know more than we covered in this class I suggest these books as excellent references  The DHCP Handbook (second edition 2002) by Ralph Droms and Ted Lemon  DNS and BIND (4 th edition 2001) by Paul Albitz and Cricket Liu

Download ppt "1 CMPT 471 Networking II DNS © Janice Regan, 2006-2013."

Similar presentations

INTERNET PROTOCOLS Class 9 CSCI 6433 David C. Roberts Entire contents copyright 2011, David C. Roberts, all rights reserved.

INTERNET PROTOCOLS Class 9 CSCI 6433 David C. Roberts Entire contents copyright 2011, David C. Roberts, all rights reserved.
Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.

Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.

Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.
DNS Domain Name System. Domain names and IP addresses People prefer to use easy-to-remember names instead of IP addresses Domain names are alphanumeric.

DNS Domain Name System. Domain names and IP addresses People prefer to use easy-to-remember names instead of IP addresses Domain names are alphanumeric.
DNS Domain Name System. Domain names and IP addresses People prefer to use easy-to-remember names instead of IP addresses Domain names are alphanumeric.

DNS Domain Name System. Domain names and IP addresses People prefer to use easy-to-remember names instead of IP addresses Domain names are alphanumeric.
COS 420 DAY 23. Agenda Assignment 4 Corrected 2 B’s Assignment 5 posted Chap 22-26 Due May 4 Final exam will be take home and handed out May 4 and Due.

COS 420 DAY 23. Agenda Assignment 4 Corrected 2 B’s Assignment 5 posted Chap Due May 4 Final exam will be take home and handed out May 4 and Due.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Chapter 25 Domain Name System.

McGraw-Hill©The McGraw-Hill Companies, Inc., Chapter 25 Domain Name System.
Application Layer At long last we can ask the question - how does the user interface with the network?

Application Layer At long last we can ask the question - how does the user interface with the network?
Domain Name System: DNS

Domain Name System: DNS
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)
25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
DOMAIN NAME SYSTEM. Introduction  There are several applications that follow client server paradigm.  The client/server programs can be divided into.

DOMAIN NAME SYSTEM. Introduction  There are several applications that follow client server paradigm.  The client/server programs can be divided into.
Domain Name System ( DNS )  DNS is the system that provides name to address mapping for the internet.

Domain Name System ( DNS )  DNS is the system that provides name to address mapping for the internet.
TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.

TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.
DNS. Outline r Domain Name System r DNS Hierarchy r Resolution.

DNS. Outline r Domain Name System r DNS Hierarchy r Resolution.
Chapter 25 Domain Name System

Chapter 25 Domain Name System
© Janice Regan, CMPT 128, 2007-2012 CMPT 371 Data Communications and Networking SMTP 0.

© Janice Regan, CMPT 128, CMPT 371 Data Communications and Networking SMTP 0.
Domain Name Services Oakton Community College CIS 238.

Domain Name Services Oakton Community College CIS 238.
Ch25 Ameera Almasoud 1 Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007.

Ch25 Ameera Almasoud 1 Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007.

Similar presentations

Ads by Google