Domain Name System: DNS - AOI...
Transcript of Domain Name System: DNS - AOI...
TCP/IP Protocol Suite 1
Upon completion you will be able to:
Domain NameDomain NameSystem: DNSSystem: DNS
• Understand how the DNS is organized• Know the domains in the DNS• Know how a name or address is resolved• Be familiar with the query and response formats• Understand the need for DDNS
Objectives
TCP/IP Protocol Suite 2
17.1 NAME SPACE
TheThe namesnames assignedassigned toto machinesmachines mustmust bebe uniqueunique becausebecause thethe addressesaddressesareare uniqueunique.. AA namename spacespace thatthat mapsmaps eacheach addressaddress toto aa uniqueunique namename cancanbebe organizedorganized inin twotwo waysways:: flatflat oror hierarchicalhierarchical..
The topics discussed in this section include:The topics discussed in this section include:
Flat Name SpaceFlat Name SpaceHierarchical Name SpaceHierarchical Name Space
TCP/IP Protocol Suite 3
17.2 DOMAIN NAME SPACE
TheThe domaindomain namename spacespace isis hierarchicalhierarchical inin designdesign.. TheThe namesnames areare defineddefinedinin anan invertedinverted--treetree structurestructure withwith thethe rootroot atat thethe toptop.. TheThe treetree cancan havehave128128 levelslevels:: levellevel 00 (root)(root) toto levellevel 127127..
The topics discussed in this section include:The topics discussed in this section include:
LabelLabelDomain NameDomain NameDomainDomain
TCP/IP Protocol Suite 4
Figure 17.1 Domain name space
TCP/IP Protocol Suite 5
Figure 17.2 Domain names and labels
TCP/IP Protocol Suite 6
Figure 17.3 FQDN and PQDN
TCP/IP Protocol Suite 7
Figure 17.4 Domains
TCP/IP Protocol Suite 8
17.3 DISTRIBUTION OFNAME SPACE
TheThe informationinformation containedcontained inin thethe domaindomain namename spacespace isis distributeddistributedamongamong manymany computerscomputers calledcalled DNSDNS serversservers..
The topics discussed in this section include:The topics discussed in this section include:
Hierarchy of Name ServersHierarchy of Name ServersZoneZoneRoot ServerRoot ServerPrimary and Secondary ServersPrimary and Secondary Servers
TCP/IP Protocol Suite 9
Figure 17.5 Hierarchy of name servers
TCP/IP Protocol Suite 10
Figure 17.6 Zones and domains
TCP/IP Protocol Suite 11
A primary server loads all informationfrom the disk file; the secondary serverloads all information from the primaryserver. When the secondary downloads
information from the primary, it is calledzone transfer.
Note:Note:
TCP/IP Protocol Suite 12
17.4 DNS IN THE INTERNET
TheThe domaindomain namename spacespace (tree)(tree) isis divideddivided intointo threethree differentdifferent sectionssections::genericgeneric domains,domains, countrycountry domains,domains, andand thethe inverseinverse domaindomain..
The topics discussed in this section include:The topics discussed in this section include:
Generic DomainsGeneric DomainsCountry DomainsCountry DomainsInverse DomainInverse DomainRegistrarRegistrar
TCP/IP Protocol Suite 13
Figure 17.7 DNS used in the Internet
TCP/IP Protocol Suite 14
Figure 17.8 Generic domains
TCP/IP Protocol Suite 15
Table 17.1Table 17.1 Generic domain labelsGeneric domain labels
TCP/IP Protocol Suite 16
Table 17.1Table 17.1 Generic domain labels (Continued)Generic domain labels (Continued)
TCP/IP Protocol Suite 17
Figure 17.9 Country domains
TCP/IP Protocol Suite 18
Figure 17.10 Inverse domain
TCP/IP Protocol Suite 19
17.5 RESOLUTION
MappingMapping aa namename toto anan addressaddress oror anan addressaddress toto aa namename isis calledcalled namename--addressaddress resolutionresolution..
The topics discussed in this section include:The topics discussed in this section include:
ResolverResolverMapping Names to AddressesMapping Names to AddressesMapping Addresses to NamesMapping Addresses to NamesRecursive ResolutionRecursive ResolutionIterative ResolutionIterative ResolutionCachingCaching
TCP/IP Protocol Suite 20
Figure 17.11 Recursive resolution
TCP/IP Protocol Suite 21
Figure 17.12 Iterative resolution
TCP/IP Protocol Suite 22
17.6 DNS MESSAGES
TheThe DNSDNS queryquery messagemessage consistsconsists ofof aa headerheader andand questionquestion recordsrecords;; thetheDNSDNS responseresponse messagemessage consistsconsists ofof aa header,header, questionquestion records,records, answeranswerrecords,records, authoritativeauthoritative records,records, andand additionaladditional recordsrecords..
The topics discussed in this section include:The topics discussed in this section include:
HeaderHeader
TCP/IP Protocol Suite 23
Figure 17.13 DNS messages
TCP/IP Protocol Suite 24
Figure 17.14 Query and response messages
TCP/IP Protocol Suite 25
Figure 17.15 Header format
TCP/IP Protocol Suite 26
Figure 17.16 Flags field
TCP/IP Protocol Suite 27
Table 17.2Table 17.2 Values of rCodeValues of rCode
TCP/IP Protocol Suite 28
17.7 TYPES OF RECORDS
TwoTwo typestypes ofof recordsrecords areare usedused inin DNSDNS.. TheThe questionquestion recordsrecords areare usedused ininthethe questionquestion sectionsection ofof thethe queryquery andand responseresponse messagesmessages.. TheThe resourceresourcerecordsrecords areare usedused inin thethe answer,answer, authoritative,authoritative, andand additionaladditional informationinformationsectionssections ofof thethe responseresponse messagemessage..
The topics discussed in this section include:The topics discussed in this section include:
Question RecordQuestion RecordResource RecordResource Record
TCP/IP Protocol Suite 29
Figure 17.17 Question record format
TCP/IP Protocol Suite 30
Figure 17.18 Query name format
TCP/IP Protocol Suite 31
Table 17.3Table 17.3 TypesTypes
TCP/IP Protocol Suite 32
Table 17.4Table 17.4 ClassesClasses
TCP/IP Protocol Suite 33
Figure 17.19 Resource record format
TCP/IP Protocol Suite 34
17.8 COMPRESSION
DNSDNS requiresrequires thatthat aa domaindomain namename bebe replacedreplaced byby anan offsetoffset pointerpointer ifif itit isisrepeatedrepeated.. DNSDNS definesdefines aa 22--bytebyte offsetoffset pointerpointer thatthat pointspoints toto aa previouspreviousoccurrenceoccurrence ofof thethe domaindomain namename oror partpart ofof itit..
TCP/IP Protocol Suite 35
Figure 17.20 Format of an offset pointer
TCP/IP Protocol Suite 36
A resolver sends a query message to a local server to find theIP address for the host “chal.fhda.edu.”. We discuss the queryand response messages separately.
Example 1
QR OpCode AA TC RD RA Reserved rCode
0 0000 0 0 1 0 000 0000
Figure 17.21 shows the query message sent by the resolver. The first 2 bytesshow the identifier (1333). It is used as a sequence number and relates aresponse to a query. Because a resolver may even send many queries to thesame server, the identifier helps to sort responses that arrive out of order.The next bytes contain the flags with the value of 0x0100 in hexadecimal.In binary it is 0000000100000000, but it is more meaningful to divide it intothe fields as shown below:
TCP/IP Protocol Suite 37
Figure 17.21 Example 1: Query message
TCP/IP Protocol Suite 38
Example 1 (Continued)
QR OpCode AA TC RD RA Reserved rCode
1 0000 0 0 1 1 000 0000
The QR bit defines the message as a query. The OpCode is 0000, whichdefines a standard query. The recursion desired (RD) bit is set. (Refer backto Figure 17.16 for the flags field descriptions.) The message contains onlyone question record. The domain name is 4chal4fhda3edu0. The next 2bytes define the query type as an IP address; the last 2 bytes define the classas the Internet.
Figure 17.22 shows the response of the server. The response is similar to thequery except that the flags are different and the number of answer recordsis one. The flags value is 0x8180 in hexadecimal. In binary it is1000000110000000, but again we divide it into fields as shown below:
TCP/IP Protocol Suite 39
Example 1 (Continued)
The QR bit defines the message as a response. The OpCode is 0000, whichdefines a standard response. The recursion available (RA) and RD bits areset. The message contains one question record and one answer record. Thequestion record is repeated from the query message. The answer record hasa value of 0xC00C (split in two lines), which points to the question recordinstead of repeating the domain name. The next field defines the domaintype (address). The field after that defines the class (Internet). The field withthe value 12,000 is the TTL (12,000 s). The next field is the length of theresource data, which is an IP address (153.18.8.105).
TCP/IP Protocol Suite 40
Figure 17.22 Example 1: Response message
TCP/IP Protocol Suite 41
An FTP server has received a packet from an FTP client withIP address 153.2.7.9. The FTP server wants to verify that theFTP client is an authorized client. The FTP server can consulta file containing the list of authorized clients. However, the fileconsists only of domain names. The FTP server has only the IPaddress of the requesting client, which was the source IPaddress in the received IP datagram. The FTP server asks theresolver (DNS client) to send an inverse query to a DNS serverto ask for the name of the FTP client. We discuss the query andresponse messages separately.
Example 2
TCP/IP Protocol Suite 42
Example 2 (Continued)
QR OpCode AA TC RD RA Reserved rCode
0 0001 0 0 1 0 000 0000
Figure 17.23 shows the query message sent from the resolver to the server.The first 2 bytes show the identifier (0x1200). The flags value is 0x0900 inhexadecimal. In binary it is 0000100100000000, and we divide it into fieldsas shown below:
The OpCode is 0001, which defines an inverse query. The message containsonly one question record. The domain name is 19171231537in-addr4arpa.The next 2 bytes define the query type as PTR, and the last 2 bytes definethe class as the Internet.
TCP/IP Protocol Suite 43
Figure 17.23 Example 2: Inverse query message
TCP/IP Protocol Suite 44
Example 2 (Continued)
QR OpCode AA TC RD RA Reserved rCode
1 0001 1 0 1 1 000 0000
Figure 17.24 shows the response. The flags value is 0x8D80 inhexadecimal. In binary it is 1000110110000000, and we divide it into fieldsas shown below:
TCP/IP Protocol Suite 45
Figure 17.24 Example 2: Inverse response message
TCP/IP Protocol Suite 46
In UNIX and Windows, the nslookup utility can be used toretrieve address/name mapping. The following shows how wecan retrieve an address when the domain name is given.
Example 3
$ nslookup fhda.eduName: fhda.eduAddress: 153.18.8.1
The nslookup utility can also be used to retrieve the domainname when the address is given as shown below:$ nslookup 153.18.8.11.8.18.153.in-addr.arpa name = tiptoe.fhda.edu.
TCP/IP Protocol Suite 47
17.9 DDNS
TheThe DynamicDynamic DomainDomain NameName SystemSystem (DDNS)(DDNS) updatesupdates thethe DNSDNS mastermasterfilefile dynamicallydynamically..
TCP/IP Protocol Suite 48
17.10 ENCAPSULATION
DNSDNS usesuses UDPUDP asas thethe transporttransport protocolprotocol whenwhen thethe sizesize ofof thethe responseresponsemessagemessage isis lessless thanthan 512512 bytesbytes.. IfIf thethe sizesize ofof thethe responseresponse messagemessage isismoremore thanthan 512512 bytes,bytes, aa TCPTCP connectionconnection isis usedused..
TCP/IP Protocol Suite 49
DNS can use the services of UDP orTCP using the well-known port 53.
Note:Note: