ALTTC/ DX Faculty

Introduction
The Domain Name System, Or DNS , is a distributed
database that is used by TCP/IP applications to map
between the host- names and IP addresses
Provides electronic mail routing information.
We use the term distributed because no single site on the
Internet knows all the information.
Each site (University department, Campus, Company ,
or department within a company, for example ) \
maintains its own database of information and runs
a server program that other systems across the
Internet (clients) can query.
The DNS Provides the protocol that allows client and
servers to communicate with each other.
ALTTC/ DX Faculty

Introduction
Initially Host name to address mappings were
maintained by the Network Information Centre(NIC) in
a single file (HOST.TXT) which was FTPed by all
hosts(RFC-952,953)
The total network bandwidth consumed in
distributing a new version by this scheme is
proportional to the square of the number of hosts in
the network.
When multiple levels of FTP are used, the outgoing
FTP load on the NIC host is considerable.
Explosive growth in the number of hosts didnt bode
well for the future.

ALTTC/ DX Faculty

Introduction
The Network population was also Changing in
Characte
The timeshared hosts that made up the
original ARPANET were being replaced with
local networks of workstations.
Local organizations were administering their
own names and addresses, but had to wait
for the NIC to change HOSTS>TXT to make
changes visible to the Internet at large.
Organizations also wanted some local
structure on the name space.

ALTTC/ DX Faculty

Introduction
The result was several ideas about name
spaces and their management
The proposal varied, but a common
thread was the idea of a Hierarchical
name space
With the hierarchy roughly corresponding
to the organizational structure and
names using . as the character to mark
the boundary between hierarchy level
ALTTC/ DX Faculty

DNS Components

DNS does much more than the name -toaddress resolution. It basically comprises of
the following components :
Domain Name Space and Resource Records
Name Servers
Resolvers

ALTTC/ DX Faculty

Domain Name Space and Resource Records

This is the database of grouped names
and addresses that are strictly formatted
using a tree-structured name space and
data associated with the names .
The Domain system consists of separate
sets of local information called Zones.
The data base is divided into sections
called zones, which are distributed
among name servers.
ALTTC/ DX Faculty

Zones and Domains

There is a subtle difference between a
Zone and a Domain.
The Domain is the entire set of machines
encompassed by an organizational
domain.
For example the domain uwa.edu.au
contains all machines at the University of
Western Australia.

ALTTC/ DX Faculty

Zones and Domains (contd)

A zone is an area the DNS about which a name
server has complete information and therefore the
name server has authority for the zone.
A name server can have authority for multiple zones.
A zone may delegate domain names and data
elsewhere.
When you delegate, you assign authority for your
subdomains to different name servers.
Instead of information about the delegated
subdomain, your data now includes pointers to the
authoritative name servers for that subdomain.

ALTTC/ DX Faculty

Zones and Domains (contd)

in
Perdue .edu node

org

edu
com
perdue

Illustration of Domain and Node Concept

ALTTC/ DX Faculty

Perdue.edu Domain

10

Zones and Domains (contd)

edu

org

in

Ca.in node
ca

hs

com
In domain
Ca .in domain

Illustration of Domain and Node concept.

ALTTC/ DX Faculty

11

Zones and Domains (contd)

org

In Zone
us
in
ab

on

qb

In domain

Illustration of Zone and Domain Concept

ALTTC/ DX Faculty

12

Zones and Domains (contd)

in
bc

qb
ab

sk

on

In zone

In domain Illustration of Zone and Domain concept

ALTTC/ DX Faculty

13

Name servers
The programs that keep information about the domain
name space are called name servers.
These are workstations that contain a database of
information about hosts in zones.
This information can be about well-known services ,
mail exchanger, or host information.
Name servers know the parts of the domain tree for for
which they have complete information
A name server is said to be an authority for these
parts of name space.
An authoritative Name Server has complete
information about the part of the domain name space it
is responsible for.

ALTTC/ DX Faculty

14

Name Servers (contd)

Name servers can be authoritative for multiple
zones too.
Similarly a name server can be primary
master for one zone and a secondary master
for another.
However most name servers are either
primary for most of the zones they load or
secondary for most of the zones they load.

ALTTC/ DX Faculty

15

Name servers (contd)

For example, there are two domains, x.z and y.z. The
authoritative name servers for both of these are called
nic.x.z and nic.y.z, rexpectivel
If nic.x.z is asked if there is a node called a.x.z, then
nic.x.z can definitively say yes or no, because it is
authoritative name server for x.z domain.
If nic.x.z is asked about a node called a.y.z, nic.x.z
must query nic.y.z, because nic.y.z is the authoritative
name server for the domain y.z. nic.x.z then caches the
response
It can then quickly answer future queries, but its
answers will not be authoritative, because nic.x.z in not
responsible for the y.z domain.

ALTTC/ DX Faculty

16

Resolvers
These are programs that send request
over the network to servers on behalf of
the users (I.e they are the programs that
extract information from name servers in
response to client requests).
Resolvers must be able to access at
least one name server and use that
name servers information to answer a
query directly, or pursue the query using
referrals to other name servers.
ALTTC/ DX Faculty

17

Resolvers (contd)
A resolver will typically be a system routine
that is directly accessible to user programs
Hence no protocol is necessary between the
resolver and the user program.
When a DNS server responds to a resolver,
the requester attempts a connection to host
using IP address not the name.
The resolver is the client portion of the DNS.
The resolver is the library of routines called by
applications when they want to translate
(resolve) a DNS name.
ALTTC/ DX Faculty

18

Resolvers (contd)

Resolver handles :
Querying a Name server
Interpreting responses (which may
be RRs or error)
Returning information to the
program that requested it

ALTTC/ DX Faculty

19

Resolvers (contd)
User Machine
Application
program

Name server
Domain Name
server

R
e
s
o
l
v
e
r

Resolver
Functioning of Resolver
ALTTC/ DX Faculty

To other name servers

20

DNS Structure
Root

First level
domains com

Second level
domains

edu

gov

noao

Every node has a label of up to 63

characters. Two labels are separated
by a dot with each other. The root
of the tree is a special node with a
null label.

tuc

int

mil

net

org

au

in

us

nic

alttc

sun

Hierarchical organization of DNS

Generic domains
Country domains
ALTTC/ DX Faculty

21

DNS Structure (contd)

A domain name is a sequence of label
separated by dots.
A domain is a subdomain of another domain if
it is contained within that domain.
Research.naugle.com is a subdomain of
naugle.com. naugle .com is a subdomain of
.com, and (root).
There are special servers on on the internet
that provide guidance to all name servers .
These are known as root name servers.

ALTTC/ DX Faculty

22

DNS Structure (contd)

Root name srvers do not contain all information
about every host on the Internet but they do
provide direction as to where domains are
located ( the IP address of the name server
for the uppermost domain a server is
requesting). The root name server is the
starting point to find any domain on the
Internet. If access to the root servers ceased,
transmissions over the Internet would
eventually come to a halt.

ALTTC/ DX Faculty

23

DNS Structure ( contd)

The top level domains are divided into three areas:
1. Arpa is a special domain used for address to
mappings.
2. The seven 3 character domains are called the
generic domains. These are also called
organisational domains.
3. All the 2-character domains are based on the
country codefound in ISO 3166. These are
called country domains or geographical
domains.

ALTTC/ DX Faculty

24

Delegation
An organization administering a domain can
divide it into subdomains.
Each of those subdomains
can
be
delegated to other organizations.
And the organizations delegated to become
responsible for all the data, and can even
subdivide
their subdomains into more
subdomains and delegate those.
The parent
domain contains only pointers
to sources of the subdomains data so that
it can refer queries there.

ALTTC/ DX Faculty

25

Delegation (contd)
If a subdomain of the domain is not
delegated away, the zone contains the
domain names and data in the
subdomain.
So bc.in and sk.in subdomains may exist
but not delegated.
Here the zone in contains bc.in snd sk.in
but not the other in domains, i.e. the
subdomains on.in &qb.in will have their
own name servers.
ALTTC/ DX Faculty

26

Types of Name servers

There are two types of name servers:
1. Primary Masters
2. Secondary Masters.

ALTTC/ DX Faculty

27

Primary Name Server

The primary name server builds its

database from files that were preconfigured on is hosts, called zone or
database file.
The name server reads these files and
builds a database for the zone it is
authoritative for.
All primary servers must know is the IP
address of each root server not their
DNS name.
ALTTC/ DX Faculty

28

Secondary name server

Secondary name servers can provide
information to resolvers just like the
primary masters, but they get their
information from the primary.
Any update to the database are provided
by the primary.
When a secondary obtains the
information from its primary we call this a
zone transfer.
ALTTC/ DX Faculty

29

Secondary name server

When a new host is added to a zone, the
administrator adds the appropriate
information to a disk file on the system
running the primary.
The primary name server is then notified
to reread its configuration files.
The secondaries query on a regular
basis (normally every three hours) and if
the primary contains newer data, the
secondary obtains the new data using
zone transfer.
ALTTC/ DX Faculty

30

Query functions
There are two types of queries issued :
1. Recursive
2. Iterative

ALTTC/ DX Faculty

31

Query functions (contd)

Recursive Queries received by a server
forces that server to find the information
required or post a message back to querier
that the information cannot be found.
Iterative queries allow the server to search
for the information and pass back the best
information it knows about.
This is the type that is used between
servers.
Clients use the recursive query.

ALTTC/ DX Faculty

32

Query Types
Query host.jj.com
Response Cant find it

Iterative Query

Query host.jj.com

jj.com

Res. Ip Address

Recursive query
ALTTC/ DX Faculty

Host.jj.com

33

Name Server Query

Query labhost.bnr.ca.us
Referral to .us server

Root server

Query labhost.bnr.ca.us

Query labhost.bnr.ca.us

Referral to ca.us server

.us server

Ip address of labhost.bnr.ca.us
Query labhost.bnr.ca.us

Recursive Query
Iterative query

Referral to bnr.ca.us server

.ca.us server

Query labhost.bnr.ca.us
Ip address of labhost.bnr.ca.us Bnr.ca.us server

ALTTC/ DX Faculty

34

Caching
The cost for lookup for non-local names can
be extremely high if resolvers send each
query to the root server.
Even if queries go directly to the server that
has authority for the name, name look up can
present heavy load on the Internet.
Internet domain name servers use name
caching to optimize search costs.
Severs report cached information to clients ,
but mark it as non authoritative binding.
The local server also sends the IP address of
authoritative server for that name.
ALTTC/ DX Faculty

35

Caching (contd)
If efficiency is important the client will
choose to accept the non authoritative
answer and proceed.
If accuracy is important, the client will
choose to contact the authority and verify
that binding between name and address
is still valid.

ALTTC/ DX Faculty

36

Caching (contd)
The TTL is the amount of time that any name
server is allowed to cache the data. After the
expiry of TTL the name server must discard
the cached data and get new data from the
authoritative name server.
Value of TTL is a Trade off between
consistency and performance.
Small TTL means more consistent data but
lengthening of resolution time.
Large TTL will shorten the resolution time but
data may be inconsistent.

ALTTC/ DX Faculty

37

DNS Message Format (Header)

12 bytes fixed

31

15 16

Identification

Flags

Number of Questions

Number of answer RRs

Number of authority RRs

Number of additional RRs

Variable Length

Questions
Answers
(Variable number of resource records)
Authority
(Variable number of resource records)
Additional Information
(Variable number of resource records)
General Format of DNS Queries and Responses

ALTTC/ DX Faculty

38

DNS Message Format (Header)

The message has a fixed 12-byte header
followed by four variable length fields.
The Identification is set by the client and
returned by the server. It lets client match
responses to requests.
The 16 bit flag field is divided in various
pieces as shown.
QR OPcode
1

ALTTC/ DX Faculty

AA

TC

RD

RA

(zero)
3

rcode
4
39

DNS Message Format (Header)

QR : Query type
0 -> message is query, 1-> message is
response
Opcode: Operation code
O-> Standard query (Name to IP
address)
1-> Inverse Query
2-> Server status request
ALTTC/ DX Faculty

40

DNS Message Format (header)

AA : Authoritative answer
1-> Server is Authoritative name server
0-> Server is non authoritative , information
is coming from cache of the server
TC: Truncated
1-> The DNS answer packet is truncated as
UDP can not handle packet size of
more than 512 bytes ,hence now user
has to regenerate DNS query under
TCP protocol.
ALTTC/ DX Faculty

41

DNS Message Format (Header)

RD : RD is 1-bit field means recursion desired
0-> Recursion not desired
1-> Recursion desired (From user)
RA : It is 1-bit field means recursion available
0- Recursion not available
1- Recursion available ( From Server)
Rcode : It is a 4-bit field with return code
0- no error
3- name error

ALTTC/ DX Faculty

42

DNS Message Format (Question)

Query Name
Query Type
Query Name
6 g e m i n

i 3

Query Class

t u c 4 n o a o 3 e d

u u0
ALTTC/ DX Faculty

43

DNS Message Format (Question)

Query Type
Name

A
NS
CNAME
PTR
MX
AFXR

Numeric
1
2
5
12
15
255

Description

IP Address
Name Server
Canonical Name
Pointer Record
Mail Exchange Record
Request for Zone Transfer

Query Class
For IP Networks it is always 1
ALTTC/ DX Faculty

44

Resource record of DNS Response Message

Domain Name
Type

Class
Time to Live

Resource Data Length

Resource Data

ALTTC/ DX Faculty

45

ALTTC/ DX Faculty

46