Prepared By :- Lalit Singh Gaur

The DNS Is…

 The “Domain Name System”
 What people use to refer to computers by
name on the Internet
 The mechanism by which Internet software
translates names to addresses and vice versa
 A globally distributed, loosely coherent,
scalable, reliable, dynamic database
 The only database system that has been
successfully deployed Internet-wide

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 DNS History
 Created in 1983 by Paul Mockapetris to
address maintenance problems with the
Internet hosts database, fondly remembered
as HOSTS.TXT.
 Originally defined in IETF(Internet Engineering
Task Force) RFCs 1034 and 1035, then
extended by numerous subsequent RFCs.
 RFC stands for Request for Comments
 Standards for Internet protocols are documented by
RFCs
 Not all Internet protocols have RFCs
 Not all RFCs define standards

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 Names versus Addresses
 An address is how you get to an endpoint
 Often hierarchical, which helps with scaling
 950 Charter Street, Redwood City CA, 94063
 +1.650.381.6003
 204.152.187.11
 A name is how an endpoint is referenced
 Often with no structurally significant hierarchy
 “David”, “Tokyo”, “itu.int”
 Names are more people-friendly.

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 DNS is a Database
 Keys to the database are “domain names”
 www.foo.com, 18.in-addr.arpa, 6.4.e164.arpa
 Over 100,000,000 domain names are now stored
 Each domain name contains one or more
attributes, known as resource records
 Each attribute is individually retrievable

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 Features Of D.N.S :-
Global Distribution
 Data is maintained locally, but retrievable globally
 No single computer has all DNS data
 DNS lookups can be performed by any Internet-connected
device
 Remote DNS data is locally cacheable to improve
performance

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 Loose Coherency
 The database is always internally consistent
 Each version of a subset of the database (a zone)
has a serial number
 The serial number is incremented on each database
change
 Changes to the master copy of the database
are replicated according to timing set by the
zone administrator
 Cached data expires according to timeout set
by zone administrator

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 Scalability
 No intrinsic limit to the size of the database
 Some servers have over 20,000,000 names
 No limit to the number of queries
 80,000 queries per second handled regularly
 Queries distributed among many different servers

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 Reliability
 Data is replicated
 Data from master source is copied to multiple slave
servers
 Clients can query master server or slave servers
 DNS protocols can use either UDP or TCP
 UDP is inherently unreliable, but the DNS protocol handles
retransmission (perhaps with TCP), sequencing, et cetera.

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 Dynamic Updates
 Database can be updated dynamically
 Master server accepts update from over the network
 Add/delete/modify any record
 Modification of the master database triggers
replication
 Only master can be dynamically updated
 Dynamic updates create a single point of failure

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 Domain Names
 A domain name is the sequence of labels from a node to the
root, separated by dots (“.”s), read left to right
 The name space has a maximum depth of 127 levels
 Domain names are limited to 255 characters in length
 A node’s domain name identifies its position in the name space
""

com edu gov in t m il net o rg

n o m in u m m e ta in fo b e r k e le y nwu n a to a rm y uu

w est e ast w w w

d a k o ta to rn a d o

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 Domain Name Usage
 Domain names are ubiquitous on the Internet
 Used for much more than email and “web
addresses”
 Security policy, remote filesystems, remote login,
time synchronization, chat systems, gaming, proxies
 Used by much more than modern Windows
PCs
 Mainframe computers, Macs, Unix servers,
handheld organizers, cell phones, embedded
systems, now even kitchen appliances
 Any attempt to change the way domain names
work needs to take into account the myriad
existing systems on the heterogenous Internet
 Especially with regard to security policy
Joint ITU/WIPO Multilingual Name Symposium
6 December 2001
 Dividing a Domain into Zones
nominum.com
domain

"" nominum.com
zone

.a rp a .c o m .e d u
ams.nominum.com
rwc.nominum.com zone
zone acm ebw n o m in u m n e ts o l

rw c w w w ftp am s

m o lo k a i skye gouda cheddar

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 When your computer tries to access
domain like “www.livinginternet.com”
 Your computer asks your default DNS server if it knows the IP
address for www.livinginternet.com. If the DNS server has
been asked that question recently, then it will have the
answer stored in its local cache, and can answer immediately.
 Otherwise, your DNS server queries the central zone files for
the address of the primary domain name server for
livinginternet.com, and is answered with something like
"ns1.livinginternet.com".
 Your DNS server will ask the livinginternet.com DNS server
for the IP address of www.livinginternet.com, which will then
look up the answer and send it back.

 Your DNS server will store the IP address returned in its local
cache, and make the address available to your computer.
Joint ITU/WIPO Multilingual Name Symposium
6 December 2001
 Continue:
 Your computer then contacts www.livinginternet.com with the
standard Internet routing protocol by using the returned IP
address.

 NOTE:-
The IP address assigned to a computer may change
frequently because of physical moves or network
reconfigurations. The major advantage of the network of
DNS servers is that domain names stay the same even when
IP addresses change, and so the domain name servers can
transparently take care of the mapping.

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 Name Servers and Zones
128.8.10.5 serves Name Servers Zones
data for both
nominum.com
and isc.org zones 128.8.10.5
nominum.com
202.12.28.129
serves data for
nominum.com 202.12.28.129
zone only
isc.org

204.152.187.11
serves data for
204.152.187.11
isc.org zone only

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 Name Servers
 Name servers are the computers that answer
DNS queries
 Name servers store zones
 The name servers that load a complete zone are
said to “have authority for” or “be authoritative for”
the zone
 Usually, more than one name server are
authoritative for the same zone
 This ensures redundancy and spreads the load
 Also, a single name server may be
authoritative for many zones
Joint ITU/WIPO Multilingual Name Symposium
6 December 2001
 Types of Name Servers
 Two main types of servers
 Authoritative – maintains the data
 Master – where the data is edited (manually or
automatically)
 Slave – where data is replicated to (automatically)
 Caching – stores subsets of zone data obtained
from authoritative servers

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 Name Server Architecture
 Name servers perform three essential tasks:
 database server, answering queries about the parts of the
name space it is responsible for
 cache, temporarily storing data it learns from other name
servers to reuse if the same question is asked again, and
 agent, helping resolvers and other name servers find data
that other name servers know about

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 Name Resolution
 A DNS query has three parameters:
 A domain name (e.g., www.nominum.com),
 A class (e.g., IN), and
 A type (e.g., A)
 A name server receiving a query from a
resolver looks for the answer in its authoritative
data first and then in its cache
 If it doesn’t have the requested data and is not
authoritative for the domain in the query, other
servers must be consulted

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 Performance
 DNS is a very lightweight protocol
 Simple query – response
 Any performance limitations are the result of network
limitations
 Speed of light
 Network congestion
 Switching/forwarding latencies

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 Query Load
 DNS can handle a high rate of queries
 Individual root servers get approximately 5000 queries per
second (down from 8000 qps)
 Empirical proofs (DDoS attacks) show root name servers can
handle 50,000 queries per second
 Limitation is network bandwidth, not the DNS protocol
 in-addr.arpa zone, which translates numbers to names,
gets about 2000 queries per second

Joint ITU/WIPO Multilingual Name Symposium

6 December 2001
 Thank You
Joint ITU/WIPO Multilingual Name Symposium
6 December 2001