Presentation is loading. Please wait.

Presentation is loading. Please wait.

Domain Name System William Tevie network computer systems.

Published byAlannah Douglas Modified over 8 years ago

Similar presentations

Presentation on theme: "Domain Name System William Tevie network computer systems."— Presentation transcript:

1 Domain Name System William Tevie tevie@ghana.com network computer systems

2 AFNOG 2002 TRACK 1The Domain Name System2 Some DNS topics zWhat the Internet’s DNS isWhat the Internet’s DNS is zConfiguring a resolver on a Unix-like systemConfiguring a resolver on a Unix-like system zConfiguring a nameserver on a Unix-like systemConfiguring a nameserver on a Unix-like system zExercises: Create and install a simple zoneExercises: Create and install a simple zone

3 AFNOG 2002 TRACK 1The Domain Name System3 What the Internet’s DNS is zA systematic namespace called the domain name spaceA systematic namespace called the domain name space zDifferent people or organisations are responsible for different parts of the namespaceDifferent people or organisations are responsible for different parts of the namespace zInformation is associated with each nameInformation is associated with each name zA set of conventions for using the informationA set of conventions for using the information zA distributed database systemA distributed database system zProtocols that allow retrieval of information, and synchronisation between serversProtocols that allow retrieval of information, and synchronisation between servers

4 AFNOG 2002 TRACK 1The Domain Name System4 A systematic namespace - the domain name space zSeveral components (called labels) ywritten separated by dots yoften written terminated by a dot zHierarchical structure yLeftmost label has most local scope yRightmost label has global scope yTerminal dot represents root of the hierarchy zDomain names are case independent

5 AFNOG 2002 TRACK 1The Domain Name System5 Why use hierarchical names? zInternet hosts and other resources need globally unique names zDifficult to keep unstructured names unique ywould require a single list of all names in use zHierarchical names are much easier to make unique ycat.abc.gh. is different from cat.abc.tg.

6 AFNOG 2002 TRACK 1The Domain Name System6 What are domain names used for? zTo identify computers (hosts) on the Internet xaustin.ghana.com zTo identify organisations xafnog.org zTo map other information to a form that is usable with the DNS infrastructure xIP addresses, Telephone numbers, AS numbers

7 AFNOG 2002 TRACK 1The Domain Name System7 Examples of domain names z. zCOM. zGH. zCO.ZA. zwww.afnog.org. zin-addr.arpa.

8 AFNOG 2002 TRACK 1The Domain Name System8 Domain Name Hierarchy. edu Root domain comgovmilnetorg frnggh... sn icirncasepubuttvsat roearn ns std cslmndsp ulise paul educomgovmil... knustucc....... eunet cc legon matexpitc...... physics alpha chris Top-Level-Domains Second Level Domains

9 AFNOG 2002 TRACK 1The Domain Name System9 Different uses of the term “domain” zSometimes, the term “domain” is used to refer to a single name ysuch as www.afnog.org zSometimes, the term “domain” is used to refer to all the names (subdomains) that are hierarchically below a particular name yin this usage, the afnog.org domain includes www.afnog.org, t1.ws.afnog.org,etc.

10 AFNOG 2002 TRACK 1The Domain Name System10 Other information mapped to domain names zAlmost any systematic namespace could be mapped to the domain name space zNeed an algorithm agreed to by all people who will use the mapping

11 AFNOG 2002 TRACK 1The Domain Name System11 Different people responsible for diff. parts zAdministrator responsible for a domain may delegate authority for a subdomain zEach part that is administered independently is called a zone zDomain or zone administrator may choose to put subdomains in same zone as parent domain, or in different zone, depending on policy and convenience

12 AFNOG 2002 TRACK 1The Domain Name System12 The DNS is a distributed database system zWhat makes it a distributed database?What makes it a distributed database? zHow is data partitioned amongst the servers?How is data partitioned amongst the servers? zWhat about reliability?What about reliability?

13 AFNOG 2002 TRACK 1The Domain Name System13 What makes it a distributed database? zThousands of servers around the world zEach server has authoritative information about some subset of the namespace zThere is no central server that has information about the whole namespace zIf a question gets sent to a server that does not know the answer, that is not a problem

14 AFNOG 2002 TRACK 1The Domain Name System14 What about reliability? zIf one server does not reply, clients will ask another server zThat’s why there are several servers for each zone zZone administrators should choose servers that are not all subject to a single point of failure

15 AFNOG 2002 TRACK 1The Domain Name System15 What is a zone? (1) zThink of the namespace as a tree or graph of nodes joined by arcs yEach node represents a domain name

16 AFNOG 2002 TRACK 1The Domain Name System16 What is a zone? (diagram 1). A B X.A Y.A Z.A J.B K.BL.B CAT.K.B DOG.K.B

17 AFNOG 2002 TRACK 1The Domain Name System17 What is a zone? (2) zThink of the namespace as a tree or graph of nodes joined by arcs yEach node represents a domain name zNow cut some of the arcs yEach cut represents a delegation of administrative control

18 AFNOG 2002 TRACK 1The Domain Name System18 What is a zone? (diagram 2). A B X.A Y.A Z.A J.B K.BL.B CAT.K.B DOG.K.B Zone cut

19 AFNOG 2002 TRACK 1The Domain Name System19 What is a zone? (3) zEach zone consists of a set of nodes that are still joined to each other through paths that do not involve arcs that have been cut yThe name “CAT.K.B” is in the “B” zone yThe name “DOG.K.B” is in the “DOG.K.B” zone yThe “DOG.K.B” zone is a child of the “B” zone

20 AFNOG 2002 TRACK 1The Domain Name System20 What is a zone? (diagram 3). A B X.A Y.A Z.A J.B K.BL.B CAT.K.B DOG.K.B Zone Zone cut Root zone A zone B zone DOG.K.B zone

21 AFNOG 2002 TRACK 1The Domain Name System21 Information is associated with each domain name zSeveral types of records (Resource Records, RRs), all with a similar formatSeveral types of recordsall with a similar format zEach RR contains some information that is associated with a specific domain name zEach domain name can have several RRs of the same type or of different types

22 AFNOG 2002 TRACK 1The Domain Name System22 A set of conventions for using the information zHow to represent the relationship between host names and IP addresses zWhat records are used to control mail routing, and how the mail system should use those records zHow to use the DNS to store IP netmask information zMany other things

23 AFNOG 2002 TRACK 1The Domain Name System23 General format of RRs zOwner name - the domain name that this record belongs to zTTL - how long copies of this RR may be cached (measured in seconds) zClass - almost always IN zType - there are many typesType - there are many types zData - different RR types have different data formats

24 AFNOG 2002 TRACK 1The Domain Name System24 Several types of RRs zIP address for a hostIP address for a host zInformation needed by the DNS infrastructure itselfInformation needed by the DNS infrastructure itself zHostname for an IP addressHostname for an IP address zInformation about mail routingInformation about mail routing zFree form textFree form text zAlias to canonical name mappingAlias to canonical name mapping zMany more (but less commonly used)

25 AFNOG 2002 TRACK 1The Domain Name System25 IP address for a host zA record zOwner is host name zData is IP address ; IP address of austin.gh.com austin.ghana.com. 86400 IN A 196.3.64.1

26 AFNOG 2002 TRACK 1The Domain Name System26 Information needed by the DNS infrastructure itself zSOA recordSOA record yEach zone has exactly one SOA record zNS recordsNS records yEach zone has several nameservers that are listed as having authoritative information about domains in the zone yOne NS record for each such nameserver zZone cuts are marked by these RRsZone cuts are marked by these RRs

27 AFNOG 2002 TRACK 1The Domain Name System27 SOA record zEvery zone has exactly one SOA record zThe domain name at the top of the zone owns the SOA record zData portion of SOA record contains: yMNAME - name of master nameserver yRNAME - email address of zone administrator ySERIAL - serial number yREFRESH RETRY EXPIRE MINIMUM - timing parameters

28 AFNOG 2002 TRACK 1The Domain Name System28 NS record zEach zone has several listed nameservers zOne NS record for each listed nameserver ymaster/primary and slaves/secondaries zthe data portion of each NS record contains the domain name of a nameserver zDoes not contain IP address yGet that from an A record for the nameserver

29 AFNOG 2002 TRACK 1The Domain Name System29 SOA and NS record example ; owner TTL class type data ghana.com. 86400 IN SOA austin.gh.com. support.gh.com. ( 199710161 ; serial 10800 ; refresh after 3 hours 3600 ; retry after 1 hour 604800 ; expire after 1 week 86400 ) ; negative TTL rfc2308 ghana.com. 86400 IN NS ns1.ghana.com. ghana.com. 86400 IN NS ns2.ghana.com. ghana.com. 86400 IN NS server.elsewhere.example.

30 AFNOG 2002 TRACK 1The Domain Name System30 SOA and NS example using some shortcuts $ORIGIN ghana.com. $TTL 86400 ; owner TTL class type data @ IN SOA austin.gh.com. Support.gh.com. ( 199710161 ; serial 10800 ; refresh after 3 hours 3600 ; retry after 1 hour 604800 ; expire after 1 week 86400 ) ; negative TTL rfc2308 NS ns1 NS ns2 NS server.elsewhere.example.

31 AFNOG 2002 TRACK 1The Domain Name System31 Hostname for an IP address zPTR record zOwner is IP address, mapped into the in- addr.arpa domain zData is name of host with that IP address ; host name for IP address 196.3.64.1 1.64.3.196.in-addr.arpa. PTR austin.ghana.com.

32 AFNOG 2002 TRACK 1The Domain Name System32 Information about mail routing zMX record zOwner is name of email domain zData contains preference value, and name of host that receives incoming email ; send ghana.com’s email to mailserver or backupserver ghana.com. MX 0 mail.ghana.com. ghana.com. MX 10 backupmail.ghana.com.

33 AFNOG 2002 TRACK 1The Domain Name System33 Alias to canonical name mapping zCNAME record zOwner is non-canonical domain name (alias) zData is canonical domain name ; ftp.xyz.com is an alias ; ftp.ghana.com is the canonical name ftp.ghana.com. CNAME austin.ghana.com

34 AFNOG 2002 TRACK 1The Domain Name System34 Free form text zTXT record zOwner is any domain name zData is any text associated with the domain name zVery few conventions about how to use it net.ghana.com. TXT “NETWORKS R US”

35 AFNOG 2002 TRACK 1The Domain Name System35 Reverse Lookup zWhen a source host establishes a connection to a destination host, the TCP/IP packets carry out only IP addresses of the source host; zFor authentication, access rights or accounting information, the destination host wants to know the name of the source host; zFor this purpose, a special domain “in-addr.arpa” is used; zThe reverse name is obtained by reversing the IP number and adding the name “in-addr.arpa”; zExample: address: 130.65.240.254 reverse name: 254.240.65.130.in-addr.arpa zReverse domains form a hierarchical tree and are treated as any other Internet domain. zRfc2317 Classless In-ADDR.ARPA delegation

36 AFNOG 2002 TRACK 1The Domain Name System36 Reverse Domain Hierarchy 187 188189190191192 193194195... 157158159160165166167168....in-addr.arpa 162161163164 161514 13121718192021 31245

37 AFNOG 2002 TRACK 1The Domain Name System37 Requirements for a nameserver zA query should be resolved as fast as possible; zIt should be available 24 hours a day; zIt should be reachable via fast communication lines; zIt should be located in the central in the network topology; zIt should run robust, without errors and interrupts.

38 AFNOG 2002 TRACK 1The Domain Name System38 How is data partitioned amongst the servers? zThe namespace is divided into zones zEach zone has two or more authoritative nameservers yOne primary or master yOne or more secondaries or slaves ySlaves periodically update from master zEach server is authoritative for any number of zones (zero or more)

39 AFNOG 2002 TRACK 1The Domain Name System39 DNS Protocols zClient/server question/answer yWhat kinds of questions can clients ask?What kinds of questions can clients ask? yThe resolver/server modelThe resolver/server model yWhat if the server does not know the answer?What if the server does not know the answer? zMaster and slave serversMaster and slave servers yConfiguration by zone administrator yPeriodic update of slaves from master

40 AFNOG 2002 TRACK 1The Domain Name System40 What kinds of questions can clients ask? zAll the records of a particular type for a particular domain name yAll the A records, or all the MX records zAll records of any type for a particular domain name zA complete zone transfer of all records in a particular zone yUsed to synchronise slave with master server

41 AFNOG 2002 TRACK 1The Domain Name System41 What if the server does not know the answer? zServers that receive queries for which they have no information can return a referral to another server zReferral may include SOA, NS records and A records zClient can recursively follow the referral zServer may recurse on behalf of client, if client so requests and server is willing

42 AFNOG 2002 TRACK 1The Domain Name System42 Master and slave servers za.k.a. primary and secondary zzone administrator sets up primary/master zasks friends or ISPs to set up slaves/secondaries zslave periodically checks with master to see if data has changed ztransfers new zone if necessary zserial number in SOA record in each zone

43 AFNOG 2002 TRACK 1The Domain Name System43 Location of servers zone master and at least one slave zon different networks zavoid having a single point of failure zRFC 2182- SELECTION AND OPERATION OF SECONDARY DNS SERVERS zRFC2181- CLARIFICATIONS TO THE DNS SPECIFICATION

44 AFNOG 2002 TRACK 1The Domain Name System44 Configuring a resolver on a Unix-like system zUnix-like systems use /etc/resolv.conf file zresolver is part of libc or libresolv, compiled into application programs zresolv.conf says which nameservers should be used by the resolver zresolv.conf also has other functions, see the resolver or resolv.conf man pages

45 AFNOG 2002 TRACK 1The Domain Name System45 resolv.conf example z/etc/resolv.conf file contains the following lines domain t1.ws.afnog.org nameserver 80.248.72.100 nameserver 80.248.72.254

46 AFNOG 2002 TRACK 1The Domain Name System46 The resolver/server model zuser software asks resolver a question zresolver asks server zserver gives answer, error, or referral to a set of other servers zserver may recurse, or expect resolver to recurse zcaching zauthoritative/non-authoritative answers

47 AFNOG 2002 TRACK 1The Domain Name System47 The resolver/server model (diagram) Authoritative Nameserver Recursive Nameserver CACHE Resolver First query is forwarded, and reply is cached Next query is answered from cache

48 AFNOG 2002 TRACK 1The Domain Name System48 Configuring a nameserver on a Unix-like system zBIND is the most common implementation zup to version 4.9.* use /etc/named.boot file zfrom version 8.* use /etc/named.conf file zcache name zprimary/master zone name and file name zsecondary/slave zone name, master IP address, backup file name

49 AFNOG 2002 TRACK 1The Domain Name System49 named.boot example z/etc/named.boot contains the following lines directory /etc/namedb ; type zone master file name cache. root.cache primary t1.ws.afnog.org afnog.org secondary gh.com 196.3.64.1 sec/gh.com

50 AFNOG 2002 TRACK 1The Domain Name System50 named.conf example z/etc/named.conf contains the following lines options { directory "/etc/namedb"; }; zone "." { type ; file "root.cache"; }; zone ”t1.ws.afnog.org" { type master; file ”afnog.org"; }; zone ”gh.com" { type slave; masters { 196.3.64.1; }; file "sec/gh.com"; };

51 AFNOG 2002 TRACK 1The Domain Name System51 Checking DNS using nslookup znslookup commands: server ; set the server to be queried set type = NS ;queries NS resources set type = SOA ;queries SOA resources set type = A ;queries A resources set type = MX ;queries MX resources set type = CNAME ;queries CNAME resources set type = PTR ;queries PTR resources set type = ANY ;queries ANY resources ls ;lists the zone ls > ;gets the zone into the file

52 AFNOG 2002 TRACK 1The Domain Name System52 Checking DNS using dig zDig yTool to manage DNS settings ySyntax is: dig [domain] @nameserver [query-type]

53 AFNOG 2002 TRACK 1The Domain Name System53 Best Practices zUpgrade to latest version of BIND zAlways Increment your serial number zInform hostmasters of orgs you to run name service for you. zMX servers should know about your domain otherwise mail bounces. zAlways signal to reload after making changes

54 AFNOG 2002 TRACK 1The Domain Name System54 Best Practices zDon’t forget to add reverse delegation zmake sure you don’t have syntax errors in conf file and zone files zdon’t forget to add trailing dots in database file zProper Subdomain delegation ymissing subdomain delegation yincorrect subdomain delegation

55 AFNOG 2002 TRACK 1The Domain Name System55 Best Practices zSyntax error in resolv.conf zdon’t forget to set your default domain

56 AFNOG 2002 TRACK 1The Domain Name System56 Checking for DNS correctness zSeveral Programs available zftp://ftp.isc.org/isc/bind/src/8.1.1/bind- contrib.tar.gz zwww.domtools.com

57 AFNOG 2002 TRACK 1The Domain Name System57 Questions

Download ppt "Domain Name System William Tevie network computer systems."

Similar presentations

ISOC NTW 2000 - T2The Domain Name System1. ISOC NTW 2000 - T2The Domain Name System2 Some DNS topics zWhat the Internet’s DNS isWhat the Internet’s DNS.

ISOC NTW T2The Domain Name System1. ISOC NTW T2The Domain Name System2 Some DNS topics zWhat the Internet’s DNS isWhat the Internet’s DNS.
Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.

Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.
Web Server Administration

Web Server Administration
2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.

2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.
Web Server Administration Chapter 4 Name Resolution.

Web Server Administration Chapter 4 Name Resolution.
Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.

Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
DNS Session 4: Delegation and reverse DNS Joe Abley AfNOG 2006 workshop.

DNS Session 4: Delegation and reverse DNS Joe Abley AfNOG 2006 workshop.
1 Guide To TCP/IP Domain Name System. 2 DNS – TCP/IP Application Protocol Name resolution protocol - robust, reliable & stable Distributed database technology.

1 Guide To TCP/IP Domain Name System. 2 DNS – TCP/IP Application Protocol Name resolution protocol - robust, reliable & stable Distributed database technology.
1 DNS. 2 BIND DNS –Resolve names to IP address –Resolve IP address to names (reverse DNS) BIND –Berkeley Internet Name Domain system Version 4 is still.

1 DNS. 2 BIND DNS –Resolve names to IP address –Resolve IP address to names (reverse DNS) BIND –Berkeley Internet Name Domain system Version 4 is still.
The Domain Name System. CeylonLinux DNS concepts using BIND 2 Hostnames IP Addresses are great for computers –IP address includes information used for.

The Domain Name System. CeylonLinux DNS concepts using BIND 2 Hostnames IP Addresses are great for computers –IP address includes information used for.
Domain Name System (DNS) Network Information Center (NIC) : HOSTS.TXT.

Domain Name System (DNS) Network Information Center (NIC) : HOSTS.TXT.
The Domain Name System Unix System Administration Download PowerPoint Presentation.

The Domain Name System Unix System Administration Download PowerPoint Presentation.
Domain Name System: DNS

Domain Name System: DNS
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
Reverse DNS. Overview Principles Creating reverse zones Setting up nameservers Reverse delegation procedures.

Reverse DNS. Overview Principles Creating reverse zones Setting up nameservers Reverse delegation procedures.
Domain Name Services Oakton Community College CIS 238.

Domain Name Services Oakton Community College CIS 238.
11.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,

11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
Domain Name System (DNS) Ayitey Bulley Session-1: Fundamentals.

Domain Name System (DNS) Ayitey Bulley Session-1: Fundamentals.
DNS. Introduction What is DNS? –Hierarchy or Tree –Dot used as a separator.

DNS. Introduction What is DNS? –Hierarchy or Tree –Dot used as a separator.

Similar presentations

Ads by Google