DNS

(RFC 1034/1035, app layer protocol runs over UDP, uses port 53)
Machines use IP addresses as names, humans use ASCII names, Mechanism to convert
ASCII strings into network addresses.
DNS is a hierarchical, domain-based naming schema and a distributed db system for
implementing this naming scheme.
Distributed throughout the world on millions of machines administered by millions of
people yet behaves like a single integrated database.

How DNS works

1.
2.
3.
4.

App program calls lib procedure resolver with name as parameter

Resolver sends UDP packet to local DNS server
DNS server looks up the name
If it doesnt know, asks another server (being distributed) and so on until correct
IP address is returned and gives this IP address to resolver
5. Resolver returns IP address to caller program
6. Caller program establishes TCP connection with destination.
If connection to DNS is lost or goes off-line, client computer cannot determine IP of
any host and cannot establish any connection. Therefore DNS is crucial in a TCP/IP
network and you should always use secondary server in case of failure.

Importance of DNS
-

Billions of IP addresses currently in use.

Many millions of DNS requests made daily
Domain names and IP addresses change daily
New domain names get created daily
Millions of people work to change/add domain names and IPs everyday.

DNS cannot be centralized

1. A Single Point of Failure brings whole internet down
2. Traffic Volume too much to handle for one server
3. Distant Centralized Db - single DNS server cannot be close to all querying
clients leading to significant delays
4. Maintenance single dns server means huge database and needs frequent
updates.

DNS caching
In a query chain, when a DNS server receives a DNS reply containing a mapping
from hostname to IP address, it can cache the info in its local memory.
Advantage : 1. Improves delay performance
2. Reduces number of DNS messages ricocheting around the net.

DNS Name Space

Top Level Domains
> 200
Generic , countries

Top level Domain

com

edu

uk

Second Level Dmn

msn, yahoo

Cmrit, mit, yale

co

Third Level Domains

cs

bbc

Up to 127 levels are possible but normally we use only 4

Domain Names
-

Case-insensitive,
Component names up to 63 chars
Full path name up to 255 chars
Unique in a given domain but can be duplicated across domains
e.g. msn.com and msn.org

Domain Names can be Absolute (ends with a period, vetch.edu.) or

Relative : do not end with a period, have to be interpreted in some context to
uniquely determine their true meaning
To make sure all names in a given domain are unique, a single entity registrar
controls the lists and makes sure of zero duplicate entries
Network Solutions is the registrar company for .com domain
They keep a centralized db (whois db) with info about the owner and name
servers for each domain. You can find info about any domain currently in
existence. E.g. Yahoo registered in 1995, expiry 2012.

Resource Records
DNS system defines a number of RRs.
Two formats :
Binary/Wire Format : used in queries and responses
Text Format : Used in zone file (example on pg 585 Tanenbaum)
RR is a five-tuple (Domain name Time-to-Live

Class Type Value)

Domain Name : tells the domain/node to which this record applies

primary search key field
TTL : Gives indication of how stable the record is in seconds. 32 bit value
86400 highly stable 0 means data should not be cached
Class : Defines the protocol family or instance of protocol 16 bit value
Usually IN internet protocol (others HS or CH historic MIT protocol)
Type : Tells what kind of record this is
- A : address record , used in forward lookup, associates host name to IP address
- CNAME : canonical name, associates alias with existing host/domain name
www.cs.vu.nl IN CNAME star.cs.vu.nl
www address can be used without designating a specific machine and university
can change its www server without invalidating the web address of www.cs.vu.nl

HINFO : Host Description, CPU and OS in ascii

SOA : Start of Authority, specifies sever that contains zone files for the domain
MX : Mail Exchange Record, specifies mail-server for the domain
NS : Name Server Record, specifies server that can resolve names
PTR: Pointer Record, Associates IP addr with host name, used in reverse lookups
SRV: Service Record, Specifies servers that provide special services

Value(data) : defined by type and class values of each record

When you create a DNS, some Resource Records are automatically created through
dynamic update. Some have to be created manually.
Zone files consist of
1. Comments start with semicolon ; can occupy whole/part of the line
assumed to continue to the end of the line
2. Directives start with $
$ORIGIN defines the base name to be used for unqualified name substitution
$INCLUDE includes the defined file in-line
$TTL defines default TTL value if no TTL is defined in RR
Should be present and appear before the first RR
3. Resource Records

Name Servers
Name server is a computer server that implements the name service protocol.
It maps a computer-usable identifier of a host to a human-usable identifier.
It provides naming or directory service.
One cant have entire DNS db on single name server. Hence, DNS name space is divided
into non-overlapping zones. (fig 7-4 pg 586 T) Each zone contains some part of tree and
name servers holding info about the zone. Some servers are placed outside the zone to
improve reliability. Where zone boundaries are placed is up to the zones admin. E.g.
cs.yale.edu is a separate zone from yale.edu but eng.yale.edu is not.

Root DNS Servers

Total 13 # : A to M

Each server actually

a cluster of replicated
servers for security &
reliability

Top Level Domain

TLD DNS servers
Com DNS servers
Maintained by Network
solutions

Authoritative DNS
Servers needed for
every org with
publicly accessible
host, its own or pay
ISP
Yahoo.com

TLD DNS servers

Uk DNS servers

Authoritative DNS
Servers
Microsoft.com

TLD DNS servers

Edu DNS servers
Maintained by
company Educause

Authoritative DNS
Servers
mit.edu

Authoritative DNS
Servers
cmrit.edu

Interaction of DNS Servers

Root DNS
Server

Local DNS Server

Provided by ISP
through DHCP
dns.cmrit.edu

TLD DNS
Server Edu

Authoritative DNS
Server dns.cs.mit.edu

Requesting host
cs.cmrit.edu

Recipient
abc.cs.mit.edu

In practice, query from requesting host to local DNS server is recursive and remaing
queries are iterative.
Recursive query : From cs.cmrit.edu to dns.cmrit.edu as query asks dns.cmrit.edu to
obtain mapping on its behalf
Iterative query : replies are directly returned to local dns servers e.g queries 2, 4, 6
When resolver has a query about domain, it passes query to one of the local name
servers. If domain falls under its jurisdiction, the server will return the authoritative
RR. If domain is remote, and no info available locally, the name server will send
query to top-level name server. This is Recursive query as each server that does not
have requested info goes and finds it elsewhere and reports back.

DNS messages query or reply (same format) (fisrt 12 bytes header)

16 bit identification #
# of questions

Flags : 1 bit query (0)or reply (1) flag

1 bit authoritative flag in reply when dns server authoritative
# of answer RRs

# of authority RRs

# of additional RRs

Questions Name , type fields for query

Answers RRs in response to query
Authority (variable # of RR)
Additional Info (variable # of RR)

Inserting Records into DNS database

e.g. a new company newnetwork.com starts
1. Register the domain name with Network Solutions verify uniqueness, pay fee
2. Provide Registrar with names and IPs of your primary and secondary DNS Servers
e.g. dns1.newnw.com 212.212.212.1 and dns2.newnw.com 212.212.212.2
3. Registrar will insert type NS and type A record in TLD com servers
(newnw.com, dns1.newnw.com, NS)
(dns1.newnw.com, 212.212.212.1, A) same for dns2
5. Insert in your authoritative server
Type A resource record for your webserver www.newnw.com
And type MX record for your mail server mail.newnw.com
6. Now people can visit your website and send e-mail to your company.

Services Provided by DNS

1. Translating host names to IP addresses
2.

Host Aliasing a host with complicated name can have simple, more mnemonic
alias. Application will invoke DNS to obtain canonical hostnames as well as IP
address for the supplied alias.
e.g. relay1.westcoast.enterprise.com can have alias www.enterprise.com

3. Mail Server Aliasing e-mail addresses have to be mnemonic. Complicated mail

server name like relay1.east-coast.hotmail.com can have a simple alias of
hotmail.com MX record allows companys mail server and web server to have
identical hostnames through alias.
4. Load Distribution used for web content distribution
DNS is used to perform load distribution among replicated servers for busy sites
(cnn.com). Each server runs on a different end system with diff IP address. All IP
addresses are associated with one canonical name in DNS db. When client makes
DNS query, server responds with entire set of IPs but rotates ordering of address
in each reply and usually http client picks the first one.