Assignment

Answer the following problems on paper, take pictures and submit before deadline.

3.5.1 The Domain Name System

The Domain Name System (DNS) plays a key role in the Internet today as it allows
applications to use fully qualified domain names (FQDN) instead of IPv4 or IPv6 addresses.
Many tools allow to perform queries through DNS servers. For this exercise, we will
use dig which is installed on most Unix systems.

A typical usage of dig is as follows

dig @server -t type fqdn

where

 server is the IP address or the name of a DNS server or resolver

 type is the type of DNS record that is requested by the query such as NS for a name
server, A for an IPv4 address, AAAA for an IPv6 address, MX for a mail relay, ...
 fqdn is the fully qualified domain name being queried

1. What are the IP addresses of the resolvers that the dig implementation you are
using relies on?

ANSWER:

 A DNS resolver, also known as a resolver, is a server on the Internet that

converts domain names into IP addresses. When you use the Internet, every
time you connect to a website using its domain name (such as
"computerhope.com"), your computer needs to know that website's IP address (a
unique series of numbers).

2. What is the IP address that corresponds to inl.info.ucl.ac.be? Which type of DNS

query does dig send to obtain this information?

ANSWER:

 the gov top-level domain. info.ucl.ac.be corresponds to the info domain inside the
ucl domain that is included in the ac sub-domain of the be top-level.
The top-level domain name must be one of the registered TLDs. For example, in
the above figure, www.whitehouse.gov corresponds to a host named www inside
the Whitehouse domain that belongs to the gov top-level domain. info.ucl.ac.be
corresponds to the info domain inside the ucl domain that is included in the ac
sub-domain of the be top-level domain.
Each of these hosts were identified by a unique IPv4 address.to the gov top-level
domain. info.ucl.ac.be corresponds to the info domain inside the ucl.
 “dig” is a robust command-line tool developed by BIND for querying DNS
nameservers. It can identify IP address records, record the query route as it
obtains answers from an authoritative nameserver, diagnose other DNS
problems.
The DNS is a distributed database that contains mappings between fully qualified
domain names and IP addresses. The DNS uses the client-server model. The
clients are hosts that need to retrieve the mapping for a given name. Each
nameserver stores part of the distributed database and answers the queries sent
by clients. There is at least one nameserver that is responsible for each domain.

3. Which type of DNS request do you need to send to obtain the name servers that are
responsible for a given domain?

ANSWER:

 This hierarchical naming scheme is a key component of the Domain Name System
(DNS). The DNS is a dis- tributed database that contains mappings between fully
qualified domain names and IP addresses. The DNS uses the client-server model.
The clients are hosts that need to retrieve the mapping for a given name. Each
nameserver stores part of the distributed database and answers the queries sent by
clients. There is at least one nameserver that is responsible for each domain. In the
figure below, domains are represented by circles and there are three hosts inside
domain dom (h1, h2 and h3) and three hosts inside domain a.sdom1.dom. As shown
in the figure below, a sub-domain may contain both host names and sub-domains.

4. What are the name servers that are responsible for the be top-level domain? Where are
they located? Is it possible to use IPv6 to query them?

ANSWER:

. A name server that is responsible for domain dom can directly answer the following
queries:

 the IP address of any host residing directly inside domain dom (e.g. h2.dom in the
figure above)
 the nameserver(s) that are responsible for any direct sub-domain of domain dom
(i.e. sdom1.dom and sdom2.dom in the figure above, but not z.sdom1.dom)

To retrieve the mapping for host h2.dom, a client sends its query to the name server that is
responsible for domain. Dom. The name server directly answers the query. To retrieve a
mapping for h3.a.sdom1.dom a DNS client first sends a query to the name server that is
responsible for the. dom domain. This nameserver returns the nameserver that is
responsible for the sdom1.dom domain. This nameserver can now be contacted to obtain
the nameserver that is responsible for the a.sdom1.dom domain. This nameserver can be
contacted to retrieve the mapping for the h3.a.sdom1.dom name. Thanks to this
organisation of the nameservers, it is possible for a DNS client to obtain the mapping of any
host inside the. dom domain or any of its subdomains. To ensure that any DNS client will be
able to resolve any fully qualified domain name, there are special nameservers that are
responsible for the root of the domain name hierarchy. These nameservers are called root
nameserver. There are currently about a dozen root nameservers.

Each root nameserver maintains the list of all the nameservers that are responsible for each
of the top-level domain names and their IP addresses. All root nameservers are
synchronized and provide the same answers. By querying any of the root nameservers, a
DNS client can obtain the nameserver that is responsible for any top-level-domain name.
From this nameserver, it is possible to resolve any domain name.

To be able to contact the root nameservers, each DNS client must know their IP addresses.
This implies, that DNS clients must maintain an up-to-date list of the IP addresses of the
root nameservers 9. Without this list, it is impossible to contact the root nameservers.

5. When run without any parameter, dig queries one of the root DNS servers and retrieves
the list of the names of all root DNS servers. For technical reasons, there are only 13
different root DNS servers. This information is also available as a text file
from http://www.internic.net/zones/named.root What are the IP addresses of all these
servers. Can they be queried by using IPv6 23?

ANSWER:

 An authoritative name server is a name server that only gives answers to DNS
queries from data that has been configured by an original source, for example, the
domain administrator or by dynamic DNS methods, in contrast to answers obtained
via a query to another name server that only maintains a cache of data.
 IPv6 is the successor to the first addressing infrastructure of the Internet, Internet
Protocol version 4 (IPv4). In contrast to IPv4, which defined an IP address as a 32-
bit value, IPv6 addresses have a size of 128 bits. Therefore, in comparison, IPv6 has
a vastly enlarged address space.
 With so much to handle, DNS servers rely on network efficiency and internet
protocols. Part of the IP's effectiveness is that each machine on a network has a
unique IP address in both the IPV4 and IPV6 standards managed by the Internet
Assigned Numbers Authority (IANA).
 These queries are called recursive queries as the resolver must recurse through the
hierarchy of nameservers to obtain the answer.
 6. Assume now that you are residing in a network where there is no DNS resolver and
that you need to start your query from the DNS root.

o Use dig to send a query to one of these root servers to find the IP address of
the DNS server(s) (NS record) responsible for the org top-level domain
o Use dig to send a query to one of these DNS servers to find the IP address of
the DNS server(s) (NS record) responsible for root-servers.org ‘
o Continue until you find the server responsible for www.root-servers.org
o What is the lifetime associated to this IP address?

ANSWER:

 What is the lifetime associated to this IP address?

 2ms – 96ms with 228 bytes from 8.8.4.4#

2ms – 96ms with 105 bytes from 192.5.5.241

(7,8,9,10,11,12 – Deither)