A Primer on the Domain Name System Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 David C Lawrence.

Slides:



Advertisements
Similar presentations
International Telecommunication Union ENUM Issues and Solutions Houlin Zhao Director Telecommunication Standardization Bureau International Telecommunication.
Advertisements

ITU ENUM Workshop Jan 17, 2000 Copyright © 2001, Nominum, Inc. A Quick Introduction to the Domain Name System David Conrad Chief Technology Officer.
ITU ENUM Workshop Jan 8, 2002 Copyright © 2002 Nominum, Inc. A Quick Introduction to the Domain Name System Jim Reid Director, European Operations Nominum.
INTERNET PROTOCOLS Class 9 CSCI 6433 David C. Roberts Entire contents copyright 2011, David C. Roberts, all rights reserved.
Structured Naming Internet Naming Service: DNS* Chapter 5 *referred to slides by David Conrad at nominum.com.
State of DNS Security Extensions Edward Lewis February 26, 2001 APRICOT 2001 Panel.
2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.
Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.
February 2003slideset 1 Introduction to the DNS system Olaf M. Kolkman
DNS Domain Name System. Domain names and IP addresses People prefer to use easy-to-remember names instead of IP addresses Domain names are alphanumeric.
The Domain Name System Overview Introduction DNS overview How DNS helps us? Summary.
The Domain Name System. CeylonLinux DNS concepts using BIND 2 Hostnames IP Addresses are great for computers –IP address includes information used for.
COS 420 DAY 23. Agenda Assignment 4 Corrected 2 B’s Assignment 5 posted Chap Due May 4 Final exam will be take home and handed out May 4 and Due.
Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)
1 DNS,NFS & RPC Rizwan Rehman, CCS, DU. Netprog: DNS and name lookups 2 Hostnames IP Addresses are great for computers –IP address includes information.
DNS Domain Name Systems Introduction 1. DNS DNS is not needed for the internet to work IP addresses are all that is needed The internet would be extremely.
DNS: Domain Name System Mark Ciocco Chris Janik Networks Class Presentation Tuesday April 18, 2000 To insert your company logo on this slide From the Insert.
11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
CS 4396 Computer Networks Lab
1 Domain Name System (DNS). 2 DNS: Domain Name System Internet hosts: – IP address (32 bit) - used for addressing datagrams – “name”, e.g.,
Chapter 16 – DNS. DNS Domain Name Service This service allows client machines to resolve computer names (domain names) to IP addresses DNS works at the.
Domain Names System The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the.
Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.
Domain names and IP addresses Resolver and name server DNS Name hierarchy Domain name system Domain names Top-level domains Hierarchy of name servers.
25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Network Protocols Chapter 25 (Data Communication & Networking Book): Domain Name System (DNS) 1.
Chapter 17 Domain Name System
25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
Chapter 29 Domain Name System (DNS) Allows users to reference computer names via symbolic names translates symbolic host names into associated IP addresses.
Domain Name System CH 25 Aseel Alturki
October 8, 2015 University of Tulsa - Center for Information Security Microsoft Windows 2000 DNS October 8, 2015.
Domain Name System. CONTENTS Definitions. DNS Naming Structure. DNS Components. How DNS Servers work. DNS Organizations. Summary.
Netprog: DNS and name lookups1 Address Conversion Functions and The Domain Name System Refs: Chapter 9 RFC 1034 RFC 1035.
Communication, Networks, The internet and the Worldwide Web.
1 Kyung Hee University Chapter 18 Domain Name System.
Domain Name System Refs: Chapter 9 RFC 1034 RFC 1035.
Configuring Name Resolution and Additional Services Lesson 12.
Internet Address and Domain Name Service (DNS)
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)
Copyright © 2001, Nominum, Inc. Introduction to the DNS DNS Components DNS Structure and Hierarchy The DNS in Context Copyright © 2001, Nominum, Inc.
Linux Operations and Administration
BZUPAGES.COM. Presented to: Sir. Muizuddin sb Presented by: M.Sheraz Anjum Roll NO Atif Aneaq Roll NO Khurram Shehzad Roll NO Wasif.
Domain Name System (DNS)
Introduction to Active Directory
Web Server Administration Chapter 4 Name Resolution.
Internet Naming Service: DNS* Chapter 5. The Name Space The name space is the structure of the DNS database –An inverted tree with the root node at the.
Domain Name System INTRODUCTION to Eng. Yasser Al-eimad
Basics of the Domain Name System (DNS) By : AMMY- DRISS Mohamed Amine KADDARI Zakaria MAHMOUDI Soufiane Oujda Med I University National College of Applied.
THE LARGEST NAME SERVICE ACTING AS A PHONE BOOK FOR THE INTERNET The Domain Name System click here to next page 1.
THE DOMAIN NAME SYSTEM AS AN ADDRESS DIRECTORY FOR THE WORLDWIDE WEB. 1.
System Administration(SAD622S) Name of Presenter: Shadreck Chitauro Lecturer 18 July 2016 Faculty of Computing and Informatics.
Understand Names Resolution
Networking Applications
Chapter 25 Domain Name System.
Domain Name System (DNS)
Principles of Computer Security
IMPLEMENTING NAME RESOLUTION USING DNS
DNS.
Net 323 D: Networks Protocols
Chapter 19 Domain Name System (DNS)
EE 122: Domain Name Server (DNS)
Introduction to the DNS system
Domain Name System Refs: Chapter 9 RFC 1034 RFC 1035.
A Quick Introduction to the Domain Name System
Introduction to the DNS system
Computer Networks Presentation
Presentation transcript:

A Primer on the Domain Name System Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 David C Lawrence

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Overview Introduction to the DNS Components of the DNS DNS Governance

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. The DNS Is… The Domain Name System What people use to refer to computers by name on the Internet The mechanism by which Internet software translates names to addresses and vice versa A globally distributed, loosely coherent, scalable, reliable, dynamic database The only database system that has been successfully deployed Internet-wide

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. DNS History Created in 1983 by Paul Mockapetris to address maintenance problems with the Internet hosts database, fondly remembered as HOSTS.TXT. Originally defined in IETF RFCs 1034 and 1035, then extended by numerous subsequent RFCs. –RFC stands for Request for Comments –Standards for Internet protocols are documented by RFCs Not all Internet protocols have RFCs Not all RFCs define standards

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Names versus Addresses An address is how you get to an endpoint –Often hierarchical, which helps with scaling 950 Charter Street, Redwood City CA, A name is how an endpoint is referenced –Often with no structurally significant hierarchy David, Tokyo, itu.int Names are more people-friendly.

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. An Analogy Devices on the telephone network all have a number –People have a hard time remembering numbers, but… –The network needs the numbers to connect endpoints –So a directory provides association of names people know with the numbers where they can be reached Computers on the Internet all have a number –The DNS takes names people can relate to and converts them into the numbers computers need to interact. This analogy has a crucial flaw: the DNS is not a directory service. –There is no way to search the data.

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. DNS is a Database Keys to the database are domain names – 18.in-addr.arpa, 6.4.e164.arpa Over 100,000,000 domain names are now stored Each domain name contains one or more attributes, known as resource records Each attribute is individually retrievable

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Global Distribution Data is maintained locally, but retrievable globally –No single computer has all DNS data DNS lookups can be performed by any Internet-connected device Remote DNS data is locally cacheable to improve performance

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Loose Coherency The database is always internally consistent –Each version of a subset of the database (a zone) has a serial number –The serial number is incremented on each database change Changes to the master copy of the database are replicated according to timing set by the zone administrator Cached data expires according to timeout set by zone administrator

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Scalability No intrinsic limit to the size of the database –Some servers have over 20,000,000 names Not a particularly good idea No limit to the number of queries –80,000 queries per second handled regularly Queries distributed among many different servers

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Reliability Data is replicated –Data from master source is copied to multiple slave servers –Clients can query master server or slave servers DNS protocols can use either UDP or TCP –UDP is inherently unreliable, but the DNS protocol handles retransmission (perhaps with TCP), sequencing, et cetera.

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Dynamic Updates Database can be updated dynamically –Master server accepts update from over the network –Add/delete/modify any record Modification of the master database triggers replication –Only master can be dynamically updated –Dynamic updates create a single point of failure

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Overview Introduction to the DNS Components of the DNS –The namespace –The servers –The resolvers DNS Governance

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. The Namespace The namespace is the structure of the DNS database –An inverted tree with the root node at the top Each node has a label –The root node has a null (empty) label, written as or. –The root node is usually considered to be implicitly present

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Another Analogy – E.164 Root node maintained by the ITU (call it +) Top level nodes = country codes (1, 81, etc) Second level nodes = regional codes (1.808, 81.3, etc)

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Labels Each node in the tree must have a label –A string of up to 63 8 bit bytes The DNS protocol explicitly makes no limitation on what binary values are used in labels –RFCs 852 and 1123 define legal characters for hostnames A-Z, 0-9, and - only with a-z and A-Z treated as the same Sibling nodes must have unique labels A zero length label is the null label, representing the root node

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Domain Names A domain name is the sequence of labels from a node to the root, separated by dots (.s), read left to right –The name space has a maximum depth of 127 levels –Domain names are limited to 255 characters in length A nodes domain name identifies its position in the name space

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Domain Name Usage Domain names are ubiquitous on the Internet Used for much more than and web addresses –Security policy, remote filesystems, remote login, time synchronization, chat systems, gaming, proxies Used by much more than modern Windows PCs –Mainframe computers, Macs, Unix servers, handheld organizers, cell phones, embedded systems, now even kitchen appliances Any attempt to change the way domain names work needs to take into account the myriad existing systems on the heterogenous Internet –Especially with regard to security policy

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Subdomains and Delegation One domain is a subdomain of another if its name ends with the labels of the other domain name. –engr.nominum.com is a subdomain of nominum.com –example.com is not a subdomain of ample.com Administrators can create subdomains to group hosts –According to geography, organizational affiliation or any other criterion An administrator of a domain can delegate responsibility for managing a subdomain to someone else –But this isnt required The parent domain retains control over delegation of subdomains, no matter who has responsibility for them

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Delegation Creates Zones Each time an administrator delegates a subdomain, a new unit of administration is created –The subdomain and its parent domain can now be administered independently –These units are called zones –The boundary between zones is a point of delegation in the name space Delegation is good: it is the key to scalability

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Dividing a Domain into Zones nominum.com domain nominum.com zone ams.nominum.com zone rwc.nominum.com zone

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Overview Introduction to the DNS Components of the DNS –The name space –The servers –The resolvers DNS Governance

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Name Servers Name servers are the computers that answer DNS queries Name servers store zones –The name servers that load a complete zone are said to have authority for or be authoritative for the zone Usually, more than one name server are authoritative for the same zone –This ensures redundancy and spreads the load Also, a single name server may be authoritative for many zones

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Name Servers and Zones nominum.com Name Servers isc.org Zones serves data for both nominum.com and isc.org zones serves data for nominum.com zone only serves data for isc.org zone only

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Types of Name Servers Two main types of servers –Authoritative – maintains the data Master – where the data is edited (manually or automatically) Slave – where data is replicated to (automatically) –Caching – stores subsets of zone data obtained from authoritative servers –The most common name server implementation, BIND, combines these two into a single process No special hardware necessary for most zones

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Name Server Architecture Name servers perform three essential tasks: –database server, answering queries about the parts of the name space it is responsible for –cache, temporarily storing data it learns from other name servers to reuse if the same question is asked again, and –agent, helping resolvers and other name servers find data that other name servers know about

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Overview Introduction to the DNS Components of the DNS –The name space –The servers –The resolvers DNS Governance

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Name Resolution Name resolution is the process by which resolvers and name servers cooperate to find data in the name space –Remember, not a search To find information anywhere in the name space, a name server only needs the names and IP addresses of the name servers for the root zone (the root name servers) –The root name servers know about the top-level zones and can tell name servers whom to contact for all TLDs

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Name Resolution A DNS query has three parameters: –A domain name (e.g., –A class (e.g., IN), and –A type (e.g., A) A name server receiving a query from a resolver looks for the answer in its authoritative data first and then in its cache –If it doesnt have the requested data and is not authoritative for the domain in the query, other servers must be consulted

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. ping Name Resolution Example Lets look at the resolution process step-by- step: annie.west.sprockets.com

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Whats the IP address of Name Resolution Example The workstation annie asks its configured name server, dakota, for address ping annie.west.sprockets.com dakota.west.sprockets.com

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Name Resolution Example The name server dakota asks a root name server, m, for address ping annie.west.sprockets.com m.root-servers.net dakota.west.sprockets.com Whats the IP address of

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Name Resolution Example The root server m refers dakota to the com name servers This type of response is called a referral ping annie.west.sprockets.com m.root-servers.net dakota.west.sprockets.com Heres a list of the com name servers. Ask one of them.

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Name Resolution Example The name server dakota asks a com name server, f, for address ping annie.west.sprockets.com m.root-servers.net dakota.west.sprockets.com Whats the IP address of f.gtld-servers.net

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Name Resolution Example The com name server f refers dakota to the nominum.com name servers ping annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com Heres a list of the nominum.com name servers. Ask one of them.

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Name Resolution Example The name server dakota asks a nominum.com name server, ns1.sanjose, for address ping annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net Whats the IP address of

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Name Resolution Example The nominum.com name server ns1.sanjose responds with address ping annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net Heres the IP address for

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Heres the IP address for Name Resolution Example The name server dakota responds to annie with address ping annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. ping ftp.nominum.com. Resolution Process (Caching) After the previous query, the name server dakota now knows: –The names and IP addresses of the com name servers –The names and IP addresses of the nominum.com name servers –The IP address of Lets look at the resolution process again annie.west.sprockets.com

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. ping ftp.nominum.com. Whats the IP address of ftp.nominum.com? Resolution Process (Caching) The workstation annie asks its configured name server, dakota, for ftp.nominum.coms address annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. ping ftp.nominum.com. Whats the IP address of ftp.nominum.com? Resolution Process (Caching) dakota has cached an NS record indicating ns1.sanjose is an nominum.com name server, so it asks it for ftp.nominum.coms address annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. ping ftp.nominum.com. Heres the IP address for ftp.nominum.com Resolution Process (Caching) The nominum.com name server ns1.sanjose responds with ftp.nominum.coms address annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. ping ftp.nominum.com. Heres the IP address for ftp.nominum.com Resolution Process (Caching) The name server dakota responds to annie with ftp.nominum.coms address annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. What Data can be Resolved? Any name in the name space Class –Internet (IN), Chaos (CH), Hesiod (HS) Type –Address (A, AAAA, A6) –Pointer (PTR, NAPTR) –Aliases (CNAME, DNAME) –Security related (TSIG, SIG, NXT, KEY) –Mail handler (MX) –Et cetera

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Security Base DNS protocol (RFC 1034, 1035) is insecure –Spoof attacks are possible DNS Security Enhancements (DNSSEC, RFC 2565) remedies this flaw –But creates new ones DoS attacks Amplification attacks Operational considerations DNSSEC strongly discourages large flat zones –Hierarchical delegation is good

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Performance DNS is a very lightweight protocol –Simple query – response Any performance limitations are the result of network limitations –Speed of light –Network congestion –Switching/forwarding latencies

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Query Load DNS can handle a high rate of queries –Individual root servers get approximately 5000 queries per second (down from 8000 qps) Empirical proofs (DDoS attacks) show root name servers can handle 50,000 queries per second –Limitation is network bandwidth, not the DNS protocol –in-addr.arpa zone, which translates numbers to names, gets about 2000 queries per second

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Overview Introduction to the DNS Components of the DNS DNS Governance

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. DNS Structure and Hierarchy The DNS imposes no constraints on how the DNS hierarchy is implemented except: –A single root: when the resolver starts at the root, there is only one possible response for its query –The size restrictions of 63 bytes per label, 127 labels per name and 255 bytes per name If a site is not connected to the Internet, it can use any domain hierarchy it chooses –Can make up whatever TLDs it wants Connecting to the Internet implies use of the existing DNS hierarchy

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Top-level Domain (TLD) Structure In 1983, RFC 881 defined TLDs that corresponded to network service providers –For example, ARPA, DDN, and CSNET Bad idea: if your provider changes, your address changes RFC 920 established functional domains in 1984 –For example, GOV for government, COM for commercial, and EDU for education RFC 920 also made provisions for –Domains for each nation –Domains for multiorganizations, very large groups of other (particularly international) organizations This TLD structure was stable until roughly 1996

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. The RFC 920 TLD structure

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. The Domain Name Wars In 1996,the US National Science Foundation permitted Network Solutions to charge a usage fee for the allocation and registration of domain names –This was to compensate for the work burden caused by the explosive growth the Internet was undergoing The resultant controversy caused the US Governments Dept. of Commerce to take a much more active role –Official governmental policy (the White Paper) on Internet resource administration was created That policy ultimately resulted in the creation of ICANN

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Internet Corporation for Assigned Names and Numbers ICANN is a California non-profit organization based in Marina Del Rey, California, USA Consists of: –A set of three Supporting Organizations Address Supporting Organization, Domain Name Supporting Organization, Protocol Supporting Organization –A board of 19 members 9 elected by public membership 3 each by each of the Supporting Organizations 1 President/CEO –A set of committees, task forces and other subgroups Governmental Advisory Committee, Addressing Ad Hoc Committee, and so on, that advise the board

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc.

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. ICANNs Role To oversee administer Internet resources including –Addresses Delegating blocks of addresses to the regional registries –Protocol identifiers and parameters Allocating port numbers, object identifiers, and similar shared resources –Names Administration of the root zone file Oversight of the operation of the root name servers

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. The Internet Root The DNS protocol assumes a consistent name space This consistency is enforced by the constraint of a single root for the Internet domain name space –In the technical standard, there is no definition for how that single root is created and governed ICANN oversees modification of the zone file that makes up the Internet DNS root

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Multiple Roots? The single root can be seen as a single point of control for the entire Internet –Edit control of the root zone file implies the ability to control the entire tree Multiple root solutions have often been proposed –Unless coordinated, inconsistencies result, such as the answer you get depending on where you ask This is bad. Bad bad bad bad bad. –If coordinated, still have single point of control

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. The Root Nameservers The root zone file is published on 13 servers, A through M, located around the Internet –Location of root nameserver is a function of network topology, most are currently in USA Root name server operations currently provided by volunteer efforts by a very diverse set of organizations

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Root Name Server Operators NameserverOperated by: AVerisign (US East Coast) BUniversity of S. California –Information Sciences Institute (US West Coast) CPSI (US East Coast) DUniversity of Maryland (US East Coast) ENASA (Ames) (US West Coast) FInternet Software Consortium (US West Coast) GU. S. Dept. of Defense (ARL) (US East Coast) HU. S. Dept. of Defense (DISA) (US East Coast) IKTH (Sweden) JVerisign (US East Coast) KRIPE-NCC (UK) LICANN (US West Coast) MWIDE (Japan)

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Registries, Registrars, and Registrants The Domain Wars resulted in a codification of the various roles required in the operation of a domain name space –Primarily with regard to the handling of TLDs Registry –Refers to the name spaces database –Also refers to the organization which has edit control of that database, including dispute resolution and policy control –This organization runs the authoritative servers for the name space Registrar –the agent which submits change requests to the registry on behalf of the registrant Registrant –The entity which makes use of the domain name

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Registries, Registrars, and Registrants Registry Zone DB Registrants End user requests add/modify/delete Registrar submits add/modify/delete to registry Registrar Master updated Registry updates zone Slaves updated

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. The Generic Top-Level Domains (gTLDs) com, net and org –By far the largest top level domains on the Internet today com has more than 20,000,000 names –Essentially no restriction on what can be registered Network Solutions (now Verisign) received the contract for the registry for com, net and org –also a registrar for these TLDs, but required to keep these business units separate

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. New Top Level Domains In late 2000, ICANN approved seven new top level domains: –aero, biz, coop, info, museum, name, pro Some are chartered (aero, coop, museum, name, pro) Some are generic (biz, info) –Most are now active Many people unhappy with the process by which these new TLDs were created –Expect continued debate – and lawsuits

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Country Code Top-level Domains With RFC 920, the concept of domains delegated on the basis of nations was recognized ISO has a list of official country code abbreviations in ISO-3166 IANA has also used Universal Postal Codes –For example, gg for Guernsey) Key consideration is to use lists other organizations define to avoid getting into political battles over what is or is not a valid ccTLD

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. ccTLD Internal Organization How each country top-level domain is organized is up to the country –Some, like Australias au, follow the traditional functional layout com.au, edu.au, … –Others, like Great Britains uk and Japans jp, divide the domain functionally but use their own abbreviations ac.uk, co.uk, ne.jp, ad.jp, … –A few, like the United States us, are largely geographical co.us, md.us, … –Canada uses organization and sometimes geographic scope bnr.ca has national scope, risq.qc.ca has Quebec scope –Some are flat, that is, no hierarchy nlnet.nl, univ-st-etienne.fr, … –Considered a question of national sovereignty

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. arpa Only arpa is hardwired into the DNS sysem –DNS resolver software knows about it explicitly Now, Address and Routing Parameter Area –Was Advanced Research Projects Administration US Dept. of Defense network, precursor to the Internet Used for infrastructure domains –IPv4 reverse (address to name) lookups –IPv6 reverse lookups –E.164 (ENUM)

Joint ITU/WIPO Multilingual Name Symposium 6 December 2001 Copyright © 2001, Nominum, Inc. Other TLDs gov – used by US governmental organizations –state.gov, doj.gov, whitehouse.gov, … mil – used by the US military –af.mil, army.mil, … edu – used for educational institutions –Higher learning, not only US-based ones –harvard.edu, uvm.edu, utoronto.edu, … int – international treaty organizations –E.g., itu.int, nato.int, wipo.int

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.