Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 The name and address space Network Training Workshop San Jose, 13-20 June 1999 Track1: Host Based Internetworking.

Published byAshlee Washington Modified over 8 years ago

Similar presentations

Presentation on theme: "1 The name and address space Network Training Workshop San Jose, 13-20 June 1999 Track1: Host Based Internetworking."— Presentation transcript:

1 1 The name and address space Network Training Workshop San Jose, 13-20 June 1999 Track1: Host Based Internetworking

2 2 What is a domain name ? Networking language 137.138.131.253hard to remember Network Training Workshop www.isoc.org Intermediate language not easy to find still difficult to remember DNS: Domain Name Service easy to find

3 3 What is DNS? zDomain Name Service yInternet protocol yDistributed data base system for objects in a computer network yNet-wide Database yIt Maps xname to address xaddress to name ySet of tools to manage the service

4 4 IP addresses and names zDisadvantages of an address yIt is too long (192.162.16.201) yIt has no representation for the organization yIt is difficult to remember yIP addresses can change zNames yHuman users prefer to use names instead of numbers yA name can be associated to any device that has an IP address zAdvantages of names yThey make reference to an organization name: *.ibm.com yThey are easy to remember

5 5 Why use hierarchical names? zInternet hosts and other resources need globally unique names zDifficult to keep unstructured names unique ywould require a single list of all names in use zHierarchical names are much easier to make unique

6 6 Domain Name Hierarchy. edu Root domain comgovmilnetorg rofrat... jp icirncasepubuttvsat roearn ns std cslmndsp ulise paul accogvor... uni-linztuwien....... eunet cc univie matexpitc...... phytia alpha chris Top-Level-Domains Second Level Domains

7 7 Domain name structures zThe root of system is unnamed zTop level domains are: yWithin the United States of America xedu - educational institutions xcom - commercial institutions xnet - network support organizations xgov - government agencies xmil - military organizations xorg - organizations that don’t fit in any of the above ycountry code according to ISO-3316 (uk, de, pl, sk, mk,...) zFlat structure zBased on generic categories (ac, co, gv, org, net, etc.) zBased on geographical locations (waw.pl, poznan.pl, etc.)

8 8 ICANN zICANN yInternet Corporation for Assigned Names and Numbers zICANN is the overall authority for: yIP addresses; ytop-level-domains;

9 9 Domain Name Servers zUsually host names are used in network commands (telnet, ftp, mail, gopher clients, www clients, etc. ); zNetwork connections always take place based on the IP address; zThe system always converts host names to addresses before the network connection is made; zHow to associate names with addresses? yHost table yDomain Name Server

10 10 Host Table zhost table is a simple text file (/etc/hosts) which contains associations between an IP address and a list of host names. zExample: y130.65.240.254carlos.t1.isocws.isoc.org carlos zDisadvantage yThe table should contain all the Internet hosts ( x 1,000,000 entries); yThe table is very large; yDifficult to update when new hosts are connected to Internet or IP addresses are changed

11 11 Domain Name Server (DNS) zOvercomes the weaknesses of the host table zIt is a distributed database system zHost names are automatically disseminated to those who ask to have access

12 12 BIND - UNIX Name Service zIn UNIX, DNS is implemented by the Berkeley Internet Name Domain (BIND) software; zIt is a client/server software system; zThe client is called “resolver”; it generates queries for domain name information that are sent to the server; zThe server is a daemon called named. zThe domain name is actually an argument used by the local resolver; zThe resolver is responsible for hiding the distribution of data among nameservers from the user; zThe resolver is part of the operating system.

13 13 DNS Operation zTo establish a connection to a remote host, a user program sends a query to the resolover, asking the IP number of a specified hostname; zThe resolver starts with knowledge of at least one nameserver; zThe resolver processes a user query by asking a known nameserver for the information (IP for the remote host); zIf the nameserver has the answer, it will give it. zThe local nameservers knows the addresses of other nameservers; zIf the remote host is in a zone for which the local nameserver is not authoritative, queries will be sent to other nameservers, starting with root servers to find out the delegated nameserver for the top-level- domain, the subdomain and so on;

14 14 DNS Operation (continue) zTo minimize the answer time for the next query to the same host name, the nameserver caches the information obtained by a query; the information cached is valid a certain time period as defined when that zone was configured. zFinally, the nameserver delegated for the zone containing the remote host is reached and the IP addresses is obtained and returned to the host which initiated the first query;

15 15 The resolver/server model (diagram) Authoritative Nameserver Recursive Nameserver CACHE Resolver

16 16 Resolver Configuration zConfiguration file name y/etc/resolv.conf. zDesignates the name servers on the network that should be sent queries. zThe resolver will try to contact a name server zThe resolv.conf file contains directives y; comment y# another comment ysearch search-list ynameserver server-address; multiple lines

17 17 Example - Resolver Configuration search t1.isocws.isoc.org nameserver 130.65.37.128 nameserver 130.65.37.215

18 18 Checking DNS using nslookup znslookup commands: server ; set the server to be queried set type = NS ;queries NS resources set type = SOA ;queries SOA resources set type = A ;queries A resources set type = MX ;queries MX resources set type = CNAME ;queries CNAME resources set type = PTR ;queries PTR resources set type = ANY ;queries ANY resources ls ;lists the zone ls > ;gets the zone into the file

19 19 Checking DNS using dig zDig yTool to manage DNS settings ySyntax is: dig [domain] @nameserver [query-type]

20 20 Exercise 1. Checking DNS using nslookup znslookup commands: server ; set the server to be queried set type = NS ;queries NS resources set type = SOA ;queries SOA resources set type = A ;queries A resources set type = MX ;queries MX resources set type = CNAME ;queries CNAME resources set type = PTR ;queries PTR resources set type = ANY ;queries ANY resources ls ;lists the zone ls > ;gets the zone into view ;views the file #nslookup >set type=any >www.t1.isocws.isoc.org. >org. >ls isoc.org > file1 >view file1 You can check other domains, known to you.

21 21 Exercise 2. Checking DNS using dig zdig command: # dig [zone] @nameserver [query-type] zExercises y# dig @ns.t1.isocws.isoc.org t1.isocws.isoc.org A y# dig @ns.t1.isocws.isoc.org t1.isocws.isoc.org NS y# dig @ns.t1.isocws.isoc.org isocws.isoc.org MX zWhat information does give you? You can check other domains, known to you.

22 22 Remarks zDNS is essential for a proper operation of the network; zIf DNS fails, connections to any remote host are no more possible; zTo allow network operation in case of failures of a nameserver, each nameserver (called primary nameserver should have at least another nameserver (called secondary nameserver) which holds a copy of the zone file; zThe secondary nameserver periodically queries the primary nameserver whether the zone was changed. In case of the change, it is transferred into its cache and also stored in a local file, which will be used next time at starting up as initial data; zWhen data about a new host should be added to the DNS database, or a change of address/name should be done, the entry is done only on the primary nameserver; the secondary nameserver will get it automatically.

23 23 Reverse Lookup zWhen a source host establishes a connection to a destination host, the TCP/IP packets carry out only IP addresses of the source host; zFor authentication, access rights or accounting information, the destination host wants to know the name of the source host; zFor this purpose, a special domain “in-addr.arpa” is used; zThe reverse name is obtained by reversing the IP number and adding the name “in-addr.arpa”; zExample: address: 130.65.240.254 reverse name: 254.240.65.130.in-addr.arpa zReverse domains form a hierarchical tree and are treated as any other Internet domain.

24 24 Reverse Domain Hierarchy 187 188189190191192 193194195... 157158159160165166167168....in-addr.arpa 162161163164 161514 13121718192021 31245

25 25 Hierarchy of nameservers zRoot nameserver - delegates nameservers for top-level-domains; zNameserver for each top level domain - holds information about the top level domain, delegates nameservers for subdomains; zNameserver for each subdomain zNameserver for each reverse domain

26 26 Requirements for a nameserver zA query should be resolved as fast as possible; zIt should be available 24 hours a day; zIt should be reachable via fast communication lines; zIt should be located in the central in the network topology; zIt should run robust, without errors and interrupts.

27 27 Type of servers zDNS server xprimary for some zones xsecondary for others, zCaching Only Server xAll servers & not authoritative for any zone zForwarding Server xalways forwards queries it cannot satisfy from its cache, to a fixed list of forwarding servers; the queries to the forwarding servers are recursive queries.

28 28 Files zName server uses several files to load its data base zThis section covers the files and their formats needed for named zBoot File yfile - first read when named starts up ytells the server what type of server it is, which zones it has authority over and where to get its initial data. yThe default location /etc/named.conf xCan be changed by setting the BOOTFILE variable when you compile named or by specifying the location on the command line when named is started up.

29 29 Domain data files zTwo standard files for specifying the data for a domain ymapping addresses in names ymapping name in addresses zThese files use the Standard Resource Record Format (RR) Note: The file names are arbitrary; many network administrators prefer to name their zone files after the domains they contain, especially in the average case which is where a given server is primary and/or secondary for many different zones.

30 30 Forward mapping File zThis file contains all the data about the machines in this zone. zThe location of this file is specified in the boot file. zDeclare in named.conf file

31 31 Reverse mapping File zThis file specifies the IN-ADDR.ARPA domain zDeclared in named.conf file zThis is a special domain for allowing address to name mapping. zSpecial domain formed to allow inverse mapping zThe IN-ADDR.ARPA domain has four labels preceding it. (4 octets of an Internet address) yE.g. Internet address 128.32.0.4 ydomain 4.0.32.128.IN-ADDR.ARPA.

32 32 Standard Resource Record Format (RR) zThe records in the name server data files are called resource records. The Standard Resource Record Format (RR) is specified in RFC1035. zGeneral description of these records: y{name} {ttl} addr-class Record Type Record Specific data xthe name may be left blank xThe second field is an optional time to live field. (default ttl is specified in the Start Of Authority resource record). xThe third field is the address class currently, only one class is supported: IN

33 33 IP address for a host zA record zOwner is host name zData is IP address ; IP address of infoserver.xyz.com www.dns.net. 86400 IN A 196.34.13.9

34 34 Information needed by the DNS infrastructure itself zSOA recordSOA record yEach zone has exactly one SOA record zNS recordsNS records yEach zone has several nameservers that are listed as having authoritative information about domains in the zone yOne NS record for each such nameserver

35 35 SOA record zEvery zone has exactly one SOA record zThe domain name at the top of the zone owns the SOA record zData portion of SOA record contains: yMNAME - name of master nameserver yRNAME - email address of zone administrator yThe Five Magic Numbers xSERIAL - serial number xREFRESH RETRY EXPIRE MINIMUM - timing parameters

36 36 NS record zEach zone has several listed nameservers zOne NS record for each listed nameserver yprimary and secondary zthe data portion of each NS record contains the domain name of a nameserver zDoes not contain IP address yGet that from an A record for the nameserver

37 37 SOA and NS record example ; owner TTL class type data xyz.com. 86400 IN SOA ns1.xyz.com. fred.xyz.com. ( 199906141 ; serial 21600 ; refresh 3600 ; retry 2600000 ; expire 900 ) ; minimum xyz.com. 86400 IN NS ns1.xyz.com. xyz.com. 86400 IN NS ns2.xyz.com. xyz.com. 86400 IN NS server.where.example.

38 38 SOA and NS example using some shortcuts $ORIGIN xyz.com. $TTL 86400 ; owner TTL class type data @ IN SOA ns1.xyz.com. fred.xyz.com. ( 199710161 ; serial 21600 ; refresh 3600 ; retry 2600000 ; expire 900 ) ; minimum NS ns1 NS ns2 NS server.where.example.

39 39 More RRs above and below zone cuts zRRs in the child zone (below the cut) ySOA and NS records (authoritative) zRRs in the parent zone (above the cut) yNS records (should be identical to those in the child zone) zglue records ythe child zone’s nameservers sometimes need A records in the parent zone

40 40 Zone cut example - RRs in the child zone zparent is COM zone; child is XYZ.COM zone zchild zone has SOA and NS records, and A records for hosts xyz.com. IN SOA xxx xxx xxx xxx xxx xxx xxx NS ns1.xyz.com. NS another.where.edu. ns1.xyz.com. A 193.226.0.3 ; the xyz.com zone does not have an A record ; for another.where.edu.

41 41 Zone cut example - RRs in the parent zone zparent is COM zone; child is XYZ.COM zone zparent zone has its own SOA and NS records, plus copies of child zone’s NS records, plus glue records COM. IN SOA xxx xxx xxx xxx xxx xxx xxx NS xxxxxxx NS yyyyyyy xyz.com. NS ns1.xyz.com. NS another.where.ro. ns1.xyz.com. A 192.0.2.3 ; the com zone does not have an A record ; for another.elsewhere.edu.

42 42 Hostname for an IP address zPTR record yOwner is IP address, mapped into the in- addr.arpa domain yData is name of host with that IP address ; host name for IP address 192.0.3.2 3.0.226.193.in-addr.arpa. PTR infoserver.ici.ro.

43 43 Information about mail routing zMX record yOwner is name of email domain yData contains preference value, and name of host that receives incoming email ; send xyz.com’s email to mailserver or backupserver xyz.com. MX 0 mail.xyz.ro. xyz.com. MX 10 backup.xyz.ro.

44 44 Free form text zTXT record yOwner is any domain name yData is any text associated with the domain name yVery few conventions about how to use it.ro. TXT “George Macri - Tech-contact”

45 45 Alias to canonical name mapping zCNAME record yOwner is non-canonical domain name (alias) yData is canonical domain name ; ftp.rnc.ro is an alias ; info.ici.ro is the canonical name ftp.rnc.ro. CNAME info.ici.ro.

46 46 BIND 8 Highlights zDNS Dynamic Updates (RFC 2136) zDNS Change Notification (RFC 1996) zCompletely new configuration syntax zFlexible, categorized logging system zIP-address-based access control for queries, zone transfers, and updates that may be specified on a zone-by- zone basis zMore efficient zone transfers zImproved performance for servers with thousands of zones zThe server no longer forks for outbound zone transfers zMany bug fixes

47 47 Statements zA BIND 8 configuration consists of statements and comments. xStatements end with a semicolon. zStatements supported: yacl xdefines a named IP address matching list, for access control and other uses yinclude xincludes a file ykey xspecifies key information for use in authentication and authorization ylogging xspecifies what the server logs, and where the log messages are sent yoptions xcontrols global server configuration options and sets defaults for other statements yserver yzone

48 48 Example Config File /* A simple BIND 8 configuration */ options { directory "/var/named"; }; zone ”rnc.ro" in { type master; file "master/isc.org"; };

49 49 Example Config File (cont.) zone ”ici.ro" in { type slave; file "slave/vix.com"; masters { 192.162.16.31; }; }; zone "." in { type hint; file "named.cache"; }; zone "0.0.127.in-addr.arpa" in { type master; file "master/127.0.0"; };

50 50 Domain Management zStarting named zNamed signaling processing zDebugging DNS yTools xnslookup xdig xhost

51 51 Questions

52 52 REFERENCES zChristian Huitema, Routing in the Internet, Prentice Hall, ISBN 013- 132192-7, 1996 zKevin Dowd, “Getting Connected, Internet at 56K and Up”, O’Reilly & Associates, Inc., Bonn, 1996 zNetwork Technology Workshop, Tracks, 1996-1998 zCraig Hunt, “TCP/IP Network Administration, O’Reilly & Associates, Inc., Sebastopol, 1993 zInternetworking Technology Overview, Cisco Systems, Inc., 1993 zBook text of the 4th Network Seminar and Intensive Course for Scientists and Network Managers from Central Europe, Feb. 1993, Vienna University Computer Center zE. Comer, “Internetworking with TCP/IP”, Vol I, Principles, Protocols and Architecture, Prentice Hall, Englewood Cliffs, New Jersey, 1991. zWilliam Stallings, Data and Computer Communications, Macmillan Publishing Company, New York, 1985.

Download ppt "1 The name and address space Network Training Workshop San Jose, 13-20 June 1999 Track1: Host Based Internetworking."

Similar presentations

ISOC NTW 2000 - T2The Domain Name System1. ISOC NTW 2000 - T2The Domain Name System2 Some DNS topics zWhat the Internet’s DNS isWhat the Internet’s DNS.

ISOC NTW T2The Domain Name System1. ISOC NTW T2The Domain Name System2 Some DNS topics zWhat the Internet’s DNS isWhat the Internet’s DNS.
Web Server Administration

Web Server Administration
2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.

2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.
Web Server Administration Chapter 4 Name Resolution.

Web Server Administration Chapter 4 Name Resolution.
Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.

Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
DNS Session 4: Delegation and reverse DNS Joe Abley AfNOG 2006 workshop.

DNS Session 4: Delegation and reverse DNS Joe Abley AfNOG 2006 workshop.
1 DNS. 2 BIND DNS –Resolve names to IP address –Resolve IP address to names (reverse DNS) BIND –Berkeley Internet Name Domain system Version 4 is still.

1 DNS. 2 BIND DNS –Resolve names to IP address –Resolve IP address to names (reverse DNS) BIND –Berkeley Internet Name Domain system Version 4 is still.
The Domain Name System. CeylonLinux DNS concepts using BIND 2 Hostnames IP Addresses are great for computers –IP address includes information used for.

The Domain Name System. CeylonLinux DNS concepts using BIND 2 Hostnames IP Addresses are great for computers –IP address includes information used for.
Domain Name System (DNS) Network Information Center (NIC) : HOSTS.TXT.

Domain Name System (DNS) Network Information Center (NIC) : HOSTS.TXT.
Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.

Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.
The Domain Name System Unix System Administration Download PowerPoint Presentation.

The Domain Name System Unix System Administration Download PowerPoint Presentation.
Domain Name System: DNS

Domain Name System: DNS
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)
TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.

TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.
Domain Name Services Oakton Community College CIS 238.

Domain Name Services Oakton Community College CIS 238.
Name Resolution and DNS. Domain names and IP addresses r People prefer to use easy-to-remember names instead of IP addresses r Domain names are alphanumeric.

Name Resolution and DNS. Domain names and IP addresses r People prefer to use easy-to-remember names instead of IP addresses r Domain names are alphanumeric.
11.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,

11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
DNS. Introduction What is DNS? –Hierarchy or Tree –Dot used as a separator.

DNS. Introduction What is DNS? –Hierarchy or Tree –Dot used as a separator.

Similar presentations

Ads by Google