Guide To TCPIP, Second Edition

1
Guide To TCP/IP, Second Edition

• Chapter 7
• Domain Name System

2
Topics

• DNS History
• Types of DNS services
• Network roles
• DNS database structure
• Server name resolution
• Recursive and iterative name resolution requests
• DNS caching
• DNS configuration files and resource record
  formats

3
More Topics

• Loopback address and root server data
• NSLOOKUP command for
• name server information
• testing DNS server configurations
• inspect the contents of key DNS records
• DNS queries and responses, DNS record lookups,
  zone data transfers, and reverse DNS queries
• Purposes of and drawbacks to implementing DNS in
  the real world

4
DNS History And Background

• HOSTS file used for host to IP mappings when only
  a few nodes existed (lt 1982)
• JEEVES DNS by Paul Mockapetris
• BIND (Berkeley Internet Name Domain) -most
  popular DNS implementation
• Virtues of DNS
• It allows local control over domain name database
  segments
• Data from all database segments is available
  everywhere
• Database information is robust and highly
  available

5
DNS Database Structure

• Tree structure
• Root is identified by a single period (.)
• Selected top-level domain names
• .com
• .edu
• .gov
• .mil
• .net
• .org

6
DNS Database Structure (cont.)

• Top-level domain names recently expanded
• Country codes
• Thirteen root name servers
• A, B, C.ROOT-SERVERS.NET,
• M.ROOT-SERVERS.NET
• Fully Qualified Domain Names
• FQDNs
• use dot notation
• specify complete hierarchical domain name

7
DNS Database Structure (cont.)
8
The DNS Name Space

• Delegation of authority achieved by partitioning
  domain tree allows local management of the
  branches
• Domains
• ibm.com, hp.com, etc, for example
• Subdomains
• clearlake.ibm.com, boise.hp.com

9
DNS Database Record Types

• Nine most common Resource Records
• Address
• A
• name-to-IP map
• Canonical name
• CNAME
• aliases
• Host information
• HINFO
• descriptive info for a host
• Mail exchange
• MX

10
DNS Database Records Types

• More Resource Records
• Name server
• NS
• identify DNS servers
• Pointer
• PTR
• for reverse lookup
• Start of Authority
• SOA
• identifies master DNS server
• Text
• TXT
• Well-known services
• WKS

11
Delegating DNS Authority

• Primary DNS server delegates authority for
  subdomains to DNS servers lower in the domain
  namespace
• Includes NS records that point to name servers
  that are authoritative for specific subdomains

12
Types Of DNS Servers

• Primary DNS server, a.k.a. master server
• Zone file or a zone data file
• There can be only one primary master name server
• Secondary DNS server, a.k.a. slave server
• Provide a back-up
• Distribute the load for DNS lookups
• Caching server
• Store recently accessed DNS records

13
The Client Side Of DNS

• Name resolver
• Name queries or address requests
• Inverse DNS query
• Client side DNS errors may stem from any of the
  following causes
• Invalid domain name or Invalid IP address
• Inability to locate an IP address that
  corresponds to the requested domain name
• Inability to reach an authoritative name server
  for the requested domain

14
How Domain Name Servers Work

• Sequence of lookups and reply for domain name
  resolution
• DNS servers retrieve name data from the general
  domain namespace
• Provides data about those zones for which it is
  authoritative
• Search its cached domain name data
• Search caching-only server or other name servers
  in the neighborhood
• Sends a request for name resolution to a root
  server

15
How Domain Name Servers Work (cont.)

• Recursive query
• Iterative or non-recursive queries
• If a DNS server receives a recursive query, it
  issues iterative queries until one of two events
  occurs
• A server answers the query
• An error message is returned
• unknown domain
• unknown domain name
• invalid domain name

16
The Importance Of DNS Caching

• Authoritative response
• Non-authoritative response
• DNS cache expiration value
• Negative caching

17
DNS Configuration Files And Resource Record
Formats

• domain.dns
• addr.in-addr.arpa.dns
• Start of Authority (SOA) Record
• Address (A) and Canonical Name (CNAME) Records

18
Start of Authority (SOA) Record

• tree.com IN SOA apple.tree.com. sue.pear.tree.com
  (
• 1 Serial
• 10800 Refresh after 3 hours
• 3600 Retry after 1 hour
• 604800 Expire after 1 week
• 86400 ) Minimum TTL of 1 day
• IN indicates the record is an Internet class of
  record types
• SOA indicates the record is a Start of
  Authority record

19
Address (A) and Canonical Name (CNAME) Records

• Host addresses
• localhost.tree.com. IN A 127.0.0.1
• pear.tree.com. IN A 172.16.1.2
• apple.tree.com. IN A 172.16.1.3
• peach.tree.com. IN A 172.16.1.4
• Multi-homed host
• hedge.tree.com. IN A 172.16.1.1
• hedge.tree.com. IN A 172.16.2.1
• Aliases
• pr.tree.com IN CNAME pear.tree.com
• h.tree.com IN CNAME hedge.tree.com
• a.tree.com IN CNAME apple.tree.com
• h1.tree.com IN CNAME 172.16.1.1
• h2.tree.com IN CNAME 172.16.2.1

20
Mapping Addresses to Names

• Records in the db.addr file are provided to
  support reverse DNS lookups
• Reverse address lookups are used to determine if
  the IP address that a user presents matches the
  domain name from which the user claims to
  originate
• Reverse DNS lookups are classful

21
Handling The Loopback Address

• 0.0.127.in-addr-arpa. IN SOA apple.tree.com.
• sue.pear.tree.com (
• 1 Serial
• 10800 Refresh after 3 hours
• 3600 Retry after 1 hour
• 604800 Expire after 1 week
• 86400 ) Minimum TTL of 1 day
• 0.0.127.in-addr-arpa. IN NS apple.tree.com
• 0.0.127.in-addr-arpa. IN NS hedge.tree.com
• 1.0.0.127.in-addr-arpa. IN PTR localhost

22
Obtaining and Storing Root Server Data

• DNS implementations make it possible to pre-load
  the name-and-address information
• InterNICs FTP server at ftp.rs.internic.net
• Named.root
• Rename file to cache.dns

23
Examining the named.root File

• last update Nov 5, 2002
• related version of root zone 2002110501
• formerly NS.INTERNIC.NET
• . 3600000 IN NS
  A.ROOT-SERVERS.NET.
• A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
• formerly NS1.ISI.EDU
• . 3600000 NS
  B.ROOT-SERVERS.NET.
• B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107
• formerly C.PSI.NET

24
The NSLOOKUP Command

• General name server lookup
• Queries the default name server specified in the
  current machines TCP/IP configuration
• It is an essential tool for
• Testing
• Configuration and troubleshooting

25
The NSLOOKUP Command (cont.)
26
NSLOOKUP Details
27
Using NSLOOKUP

• Identify your default domain name server
• NSLOOKUP command with no arguments
• NSLOOKUP command mode
• Symbolized by the gt prompt
• Use the set OPTION command to examine specific
  types of resource records
• ls -a command (list canonical names and aliases)
• ls -d command (list all records)

28
Using NSLOOKUP (cont.)
29
Using NSLOOKUP (cont.)
30
DNS Query/Response Packet Formats

• DNS response packets include the original
  question and the reply
• Four sections in the DNS response packets
• Question section
• Answer section
• Authority section
• Additional section

31
DNS Query/Response Packet Formats (cont.)
32
DNS Query Packet Fields

• ID Number Field
• QR (Query/Response) Field
• Opcode (Operation Code) Field
• AA (Authoritative Answer) Field
• TC (Truncation) Field

33
DNS Query Packet Fields (cont.)

• RD (Recursion Desired) Field
• RA (Recursion Available) Field
• Z (Reserved) Field
• Rcode (Response Code) Field
• Question Count Field

34
DNS Query Packet Fields (cont.)

• Answer Count Field
• Name Server Count Field
• Additional Records Count Field
• Question Name Field
• Question Type Field
• Question Class Field

35
DNS Query Packet Fields (cont.)

• Name Field
• Type Field
• Class Field
• Time to Live Field
• Resource Data Length Field
• Resource Data Field

36
DNS Query Packet Fields (cont.)
37
DNS Implementation

• DNS implementations have two major purposes
• Provide name resolution to your users
• Providing the authoritative hostname-to-IP
  mapping for services you choose to provide
• Load Balancing

38
The Trouble With DNS

• DNS database updates normally require that a
  qualified administrator
• Use special-purpose tools
• NSUPDATE in the UNIX environment
• Propagation delay
• TTLs associated with a database entries

39
Chapter Summary

• Because it provides the essential way to get from
  a symbolic, human-readable domain name for an
  Internet location to a corresponding numeric,
  machine-readable IP address, the Domain Name
  System provides the key address resolution
  service that makes todays Internet possible
• Its almost impossible to overstate the
  importance of this service to the proper
  functioning of any large-scale TCP/IP-based
  internetwork

40
Chapter Summary (cont.)

• The impetus for DNS arose from the difficulty of
  maintaining static HOSTS files for computers on
  the ARPANET after the number of hosts climbed
  into the thousands
• DNS was designed to create a flexible, reliable,
  and robust name and address resolution service
  that could scale to handle very large address
  spaces
• Its designers succeeded more than they ever could
  have imagined

41
Chapter Summary (cont.)

• DNS name servers come in multiple varieties
• For each zone, a primary name server is
  mandatory it contains the master copy of the
  database for its zone
• For each zone, one or more secondary name servers
  may be created. (At least one secondary is
  recommended for every zone to ensure improved
  reliability.)
• For large or heavily trafficked networks,
  caching-only name servers offload the task of
  resolving names and addresses outside the local
  zones for users, thereby freeing up the primary
  and secondary name servers for the zone to handle
  external incoming name resolution requests

42
Chapter Summary (cont.)

• DNS maintains its data on a large collection of
  name servers around the Internet by carving the
  domain namespace into a disjointed collection of
  domain or subdomain databases, also known as
  database segments, or database zones, each of
  which belongs to a single authoritative name
  server for that zone
• This permits database segments to be controlled
  locally, yet available globally

43
Chapter Summary (cont.)

• The DNS design also includes provisions for a
  primary master name server and one or more
  secondary master name servers for each database
  zone to help improve reliability (if one DNS
  server fails, the others continue to function)
  and availability (proper configuration will
  balance query loads against all name servers for
  a zone, not just the primary)

44
Chapter Summary (cont.)

• DNS databases consist of a collection of resource
  records (RRs), in which such databases consist of
  a collection of zone files that represents a
  static snapshot of those databases
• Every zone file must include a Start of Authority
  (SOA) record to identify the name server thats
  primarily responsible for the database segments
  it manages
• Other records in each zone file correspond to its
  function and may contain address-to-name mappings
  for normal domain name resolution, or
  name-to-address mappings for inverse or reverse
  DNS lookups

45
Chapter Summary (cont.)

• DNS clients rely on a software component called a
  resolver to interact with an available DNS server
  for name resolution services
• Resolvers issue recursive queries that go to a
  designated DNS server, which either answers that
  query itself, or queries other name servers until
  an answer is forthcoming
• Ordinary DNS servers will accept either
  authoritative or non-authoritative replies to
  their queries, but root DNS servers accept only
  authoritative replies to ensure the validity of
  the data they supply to DNS servers lower in the
  domain name hierarchy

46
Chapter Summary (cont.)

• DNS packet structures incorporate type
  information that identifies the kind of RR being
  carried, and that otherwise describes the
  records contents and validity
• Understanding DNS Application layer packet
  structures makes it much easier to appreciate
  DNS simplicity and elegance