DNS : Domain Name System Surasak Sanguanpong nguan@ku.ac.th - - PDF document

▶

Sep 26, 2022 234 likes •398 views

1/30 DNS : Domain Name System Surasak Sanguanpong nguan@ku.ac.th http://www.cpe.ku.ac.th/~nguan Last updated: May 24, 1999 Applied Network Research Group Department of Computer Engineering, Kasetsart University

SLIDE 1

Applied Network Research Group Department of Computer Engineering, Kasetsart University 1/30

DNS : Domain Name System

Surasak Sanguanpong nguan@ku.ac.th http://www.cpe.ku.ac.th/~nguan

Last updated: May 24, 1999 Applied Network Research Group Department of Computer Engineering, Kasetsart University 2/30

Outline

DNS basic name space name resolution process protocol configurations

SLIDE 2

Applied Network Research Group Department of Computer Engineering, Kasetsart University 3/30

Why need DNS?

host table /etc/hosts compiled from HOST.TXT

(maintain by SRI NIC)

simple text file with has IP address to name mapping

problems

traffic and load name collision consistency

A hierarchical name with distributed control is

needed

Applied Network Research Group Department of Computer Engineering, Kasetsart University 4/30

DNS basic

DNS is a distributed database TCP/IP applications use DNS to

map hostname to IP address map IP address to hostname provide e-mail routing information mail nguan@cpe.ku.ac.th => mail.cpe.ku.ac.th handle aliases www.eng.ku.ac.th is actually is1.eng.ku.ac.th

SLIDE 3

Applied Network Research Group Department of Computer Engineering, Kasetsart University 5/30

Naming Scheme

cc.cpe.ku.ac.th cc.cpe.ku.ac.th

more specific

th ac ku cpe cc

building tree from top to bottom name space is a tree of domain names are case-insensitive cc.cpe.ku.ac.th

Applied Network Research Group Department of Computer Engineering, Kasetsart University 6/30

Domain Name Space

edu gov int mil net

au th

ac ku cpe eng cc tu cc.cpe.ku.ac.th usu cc

cc.usu.edu

com

root generic domains country domains arpa domains

arpa

in-addr

SLIDE 4

Applied Network Research Group Department of Computer Engineering, Kasetsart University 7/30

DNS Management

ac ku cpe tu

com managed by NIC managed by Internic Thailand managed by ku manage by tu th eng

NIC manages root

and top level domain name

local admins manage

3rd level or more

root

Applied Network Research Group Department of Computer Engineering, Kasetsart University 8/30

Domain Name Concept

label label every node has a label (except root) domain name domain name absolute domain name absolute domain name the list of labels, starting at that node, working up to the root, using a “.” to separate domain name that ends with a period relative domain name relative domain name name to be completed

e.g. cc.cpe.ku.ac.th. e.g. cc e.g. ku.ac.th, cpe.ku.ac.th

th ac ku cpe cc

SLIDE 5

Applied Network Research Group Department of Computer Engineering, Kasetsart University 9/30

Domains

domain domain subtree of the domain name space

th ac ku cpe eng cc tu

cc.cpe.ku.ac.th node ac.th domain ku.ac.th domain

Applied Network Research Group Department of Computer Engineering, Kasetsart University 10/30

Domains and Zones

Zone is a subtree for which naming authority

has been delegated

ku.ac.th domain ku.ac.th zone

case 1 : single DNS administration

ku.ac.th domain

case 2 : cpe and eng have authority for their zones

ku sci eng rdi lib kps cpe ee ku sci eng rdi lib

kps

cpe ee ku.ac.th zone

SLIDE 6

Applied Network Research Group Department of Computer Engineering, Kasetsart University 11/30

Name Servers

Name server : Server that store information

about the zone

ns.ku.ac.th responsibility for ku.ac.th zone ns.eng.ku.ac.th responsibility for eng.ku.ac.th zone responsibility for cpe.ku.ac.th zone ns.cpe.ku.ac.th

ku sci

eng

rdi lib kps cpe ee

Applied Network Research Group Department of Computer Engineering, Kasetsart University 12/30

Type of Name Servers

Primary Name server gets the data for zones from files
n the host it runs on
Secondary Name server gets its zone data from the

primary for redundancy and workload distribution

ns.ku.ac.th : primary ns.eng.ku.ac.th : primary ns.cpe.ku.ac.th: primary ku sci eng rdi lib kps cpe ee nontri.ku.ac.th: secondary ns2.eng.ku.ac.th : secondary cc.cpe.ku.ac.th: secondary

SLIDE 7

Applied Network Research Group Department of Computer Engineering, Kasetsart University 13/30

Zone Transfer

Secondary Name Server pulls zone data over from the

primary called zone transfer.

primary for ku.ac.th secondary for cpe.ku.ac.th primary for eng.ku.ac.th secondary for ku.ac.th secondary for cpe.ku.ac.th primary for cpe.ku.ac.th secondary for ku.ac.th secondary for eng.ku.ac.th secondary for ku.ac.th secondary for cpe.ku.ac.th secondary for eng.ku.ac.th secondary for cpe.ku.ac.th ns.eng.ku.ac.th ns.ku.ac.th nontri.ku.ac.th ns2.eng.ku.ac.th ns.cpe.ku.ac.th cc.cpe.ku.ac.th

Applied Network Research Group Department of Computer Engineering, Kasetsart University 14/30

Root Name Server

name server must contact other name servers for non

local IP

it has to know IP address of the top most server

called root name server

root name server - provide the names and address of

the name server authoritative for top level domain name

I have to connect root, when I don’t have more info ns.ku.ac.th root

SLIDE 8

Applied Network Research Group Department of Computer Engineering, Kasetsart University 15/30

Root Name Server (cont.)

13 root servers are currently available in

Internet (Last updated Aug 97)

A.ROOT-SERVERS.NET 198.41.0.4 B.ROOT-SERVERS.NET 128.9.0.107 C.ROOT-SERVERS.NET 192.33.4.12 D.ROOT-SERVERS.NET 128.8.10.90 E.ROOT-SERVERS.NET 192.203.230.10 F.ROOT-SERVERS.NET 192.5.5.241 G.ROOT-SERVERS.NET 192.112.36.4 H.ROOT-SERVERS.NET 128.63.2.53 I.ROOT-SERVERS.NET 192.36.148.17 J.ROOT-SERVERS.NET 198.41.0.10 K.ROOT-SERVERS.NET 193.0.14.129 L.ROOT-SERVERS.NET 198.32.64.12 M.ROOT-SERVERS.NET 202.12.27.33

ftp://ftp.rs.internic.net/domain/named.root

Applied Network Research Group Department of Computer Engineering, Kasetsart University 16/30 address of www.ku.ac.th? address of www.ku.ac.th? address of www.ku.ac.th? address of www.ku.ac.th?

Name Resolution Process

resolver

th ac ku www

tu

root name server th name server ac.th name server ku.ac.th name server

ask th name servers ask ac.th name servers ask ku.ac.th name server address of www.ku.ac.th? address is 158.108.2.69

name server

ns.ku.ac.th name server

ask ns.ku.ac.th name server address of www.ku.ac.th? address is 158.108.2.69

SLIDE 9

Applied Network Research Group Department of Computer Engineering, Kasetsart University 17/30

Reverse Resolution

au th ac ku cpe eng cc tu cc.cpe.ku.ac.th

arpa in-addr

root

255 255 255 255

3 34 108 158

in-addr.arpa domain

in reverse direction

f IP address

3.34.108.158.in-addr.arpa

Applied Network Research Group Department of Computer Engineering, Kasetsart University 18/30

Caching

all name servers employ a cache to reduce the

DNS traffic

standard UNIX keep cache in name server with

time-out

cache data is non-authoritative

SLIDE 10

Applied Network Research Group Department of Computer Engineering, Kasetsart University 19/30

DNS message format (I)

0 15 16 31

identification:16 flags:16

number of questions :16 number of answer RRs:16 number of authority RRs :16 number of additional RRs:16 1 or more questions 1 or more answers 1 or more authority 1 or more additional information

= = = = = = = =

fixed header query reply

fixed 12 byte header with 4 variable length fields DNS message format is defined for both queries and answers

Applied Network Research Group Department of Computer Engineering, Kasetsart University 20/30

DNS message format (II)

identification:16 flags:16 identification:16 flags:16

0 15 16 31 set by the client and return by the

server

lets the client match responses to

requests

SLIDE 11

Applied Network Research Group Department of Computer Engineering, Kasetsart University 21/30

DNS message format (III)

identification:16 flags:16 identification:16 flags:16 QR opcode AA TC RD RA (zero) rcode QR opcode AA TC RD RA (zero) rcode

1 4 1 1 1 1 3 4 QR 0= query, 1= response

pcode 0= standard query, 1=inverse query, 2=server status request

AA 0= authoritatived answer,1 = non authoritatived answer TC 1= truncated. using UDP, reply was>512 bytes, return only 512 bytes RD 1= recursive desired, 0= iterative RA 1= recursion available (server support recursion) rcode return code : 0=no error, 3=name error

Applied Network Research Group Department of Computer Engineering, Kasetsart University 22/30

questions :32 questions :32

DNS message format (IV)

query name query name query type query class query type query class

3www3cpe2ku2ac2th0

query name is the name

being lookup, sequence of label begins with 1-byte count

query class normally =1 means Internet Address

NS 2 name server PTR 12 pointer record MX 15 mail exchange record A 1 IP address CNAME 5 canonical name HINFO 13 host info

query type indicates

desired response

SLIDE 12

Applied Network Research Group Department of Computer Engineering, Kasetsart University 23/30

DNS message format (V)

domain name : corresp. response name, (query name format)
type : response RR type code (see query type)
time-to-live : cache life time of RR (often 86400=1 day)
resource length : specify the size of resource data
resource data : the answer, e.g. IP address or other type

1 or more answers 1 or more authority 1 or more additional information

= = = = = =

these three fields share a common resource record (RR)

domain name type class time-to-live resource data domain name type class time-to-live resource data resource length

= = = =

Applied Network Research Group Department of Computer Engineering, Kasetsart University 24/30

Operations

use port 53 typically UDP request and reply if answer is too big, use TCP

ip hdr UDP hdr DNS hdr query answer#1 answer#2 ip hdr UDP hdr DNS hdr query answer#1 answer#2

SLIDE 13

Applied Network Research Group Department of Computer Engineering, Kasetsart University 25/30

Resolver file

resolver must have address for local name

server

/etc/resolv.conf on UNIX

# domain domain cpe.ku.ac.th # list of name server nameserver 158.108.32.5 nameserver 158.108.33.3 nameserver 158.108.2.67 # domain domain cpe.ku.ac.th # list of name server nameserver 158.108.32.5 nameserver 158.108.33.3 nameserver 158.108.2.67

/etc/resolv.conf

Applied Network Research Group Department of Computer Engineering, Kasetsart University 26/30

Setting up DNS

BIND (Berkeley Internet Name Domain)

package

/usr/somewhere/in.named - BSD named DNS

server

/etc/named.boot - named configuration (tell

named where to find database files)

SLIDE 14

Applied Network Research Group Department of Computer Engineering, Kasetsart University 27/30

Sample named.boot

; Boot file for server ns.cpe.ku.ac.th. directory /usr/local/named cache . root.cache primary localhost. primary/local primary 0.0.127.in-addr.arpa primary/local.rev primary cpe.ku.ac.th primary/cpe secondary ku.ac.th 158.108.2.67 secondary/ku secondary cpc.ku.ac.th 158.108.2.67 secondary/cpc secondary eng.ku.ac.th 158.108.40.196 secondary/eng secondary 108.158.in-addr.arpa 158.108.2.67 secondary/ku.rev primary 32.108.158.in-addr.arpa primary/zone/zone32 primary 33.108.158.in-addr.arpa primary/zone/zone33 : : :

Applied Network Research Group Department of Computer Engineering, Kasetsart University 28/30

New named.conf format

ptions {

directory "/usr/local/named"; }; zone "." { type hint; file "root.cache"; }; zone "localhost." { type master; file "primary/local"; };

ptions {

directory "/usr/local/named"; }; zone "." { type hint; file "root.cache"; }; zone "localhost." { type master; file "primary/local"; }; zone "0.0.127.in-addr.arpa" { type master; file "primary/local.rev"; }; zone "cpe.ku.ac.th" { type master; file "primary/cpe"; }; zone "ku.ac.th" { type slave; masters { 158.108.2.67; };

: :

zone "0.0.127.in-addr.arpa" { type master; file "primary/local.rev"; }; zone "cpe.ku.ac.th" { type master; file "primary/cpe"; }; zone "ku.ac.th" { type slave; masters { 158.108.2.67; };

: :

BIND Version 8 defines a new format of boot file : named.conf

SLIDE 15

Applied Network Research Group Department of Computer Engineering, Kasetsart University 29/30

Sample database file

; address file for server ns.cpe.ku.ac.th. (primary/cpe) @ IN SOA ns.cpe.ku.ac.th. dnsadmin.ns.cpe.ku.ac.th. ( 1998051300 ; Last Updated May 13,1998 10800 ; Refresh every 3 hours 3600 ; Retry every 1 hour 2592000 ; Expire after 30 days 86400 ; Minimum TTL of 1 day ) ; Name Servers IN NS ns.cpe.ku.ac.th. IN NS ns.eng.ku.ac.th. IN NS ns.ku.ac.th. (continue on next page)

Applied Network Research Group Department of Computer Engineering, Kasetsart University 30/30

Sample database file (cont.)

; Mail Hubs for the Domain IN MX 10 mailhost.cpe.ku.ac.th. IN MX 15 cc.cpe.ku.ac.th. ; AI Lab mars IN HINFO "MP 1101D/DECstation 5000-420" IN MX 10 mailhost.cpe.ku.ac.th. IN A 158.108.32.97 maspar IN CNAME mars.cpe.ku.ac.th. saturn IN HINFO "SPARCstation 2" "SunOS 4.1.3" IN MX 10 mailhost.cpe.ku.ac.th. IN A 158.108.32.98 ailab2 IN CNAME saturn.cpe.ku.ac.th.