Scribd Logo
Upload

Welcome to Scribd!

  • Domain Name Server

    Uploaded by

    Frank John
    82 views35 pages
    The document discusses how domain name system (DNS) works by resolving domain names to IP addresses and allowing computers to communicate on the internet. It explains the components of DNS including databases of resource records, name servers that answer queries, and client software. Examples are given of the resolution process where a local DNS cache is used to quickly resolve names within the same domain to improve efficiency.

    Original Description:

    domain

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses how domain name system (DNS) works by resolving domain names to IP addresses and allowing computers to communicate on the internet. It explains the components of DNS including databases of resource records, name servers that answer queries, and client software. Examples are given of the resolution process where a local DNS cache is used to quickly resolve names within the same domain to improve efficiency.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as ppt, pdf, or txt
    82 views35 pages

    Domain Name Server

    Uploaded by

    Frank John
    The document discusses how domain name system (DNS) works by resolving domain names to IP addresses and allowing computers to communicate on the internet. It explains the components of DNS including databases of resource records, name servers that answer queries, and client software. Examples are given of the resolution process where a local DNS cache is used to quickly resolve names within the same domain to improve efficiency.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as ppt, pdf, or txt
    of 35

    How does your computer know which responds to get?

    How does your computer know that www.facebook.com is at IP 202.54.116.3? How can you track your networks health?

    How does your computer know which response to get?


    How does your computer know that www.facebook.com is at IP 202.54.116.3? How can you track your networks health? ANS: Domain Name Server

    The first IP networks distributed host files on a regular basis IP Addresses are a must for computers as they include the information used for routing IP addresses are tough for humans to remember. IP addresses are impossible to guess.

    The DNS is the hierarchical naming system for computers, services, or any resource participating in the internet Resolves internet host name into an ip address and vice versa

    Major Components:

    Database: DNS tree and Resource Records.

    Name Servers: Authoritative for one or more zones Answers queries.

    Clients: Software library, called resolver, sends queries to name servers.

    arpa net

    edu

    com

    org ac

    in

    uk nl

    rpi albany

    arpa

    arpa

    com

    in

    gov

    mil

    net

    org

    us

    ac

    In node In doamain ac.in domain

    iimcal www

    Iimcal.ac.in doamain

    Name resolution is the process by which resolvers and name servers cooperate to find data in the name space Remember, not a search To find information anywhere in the name space, a name server only needs the names and IP addresses of the name servers for the root zone (the root name servers) The root name servers know about the top-level zones and can tell name servers whom to contact for all TLDs

    Name Resolution Example


    The workstation XYZ asks its configured name server, for www.facebook.coms address

    Local DNS

    Whats the IP address of www.facebook.com?

    XYZ

    ping www.facebook.com.

    Name Resolution Example


    The name server Local DNS asks a root name server, for www.facebook.coms address

    Root DNS Local dns


    Whats the IP address of www.facebook.com?

    xyz

    ping www.facebook.com.

    Name Resolution Example


    The root server refers Local DNS to the com name servers This type of response is called a referral

    Root DNS
    Local DNS

    Heres a list of the com name servers. Ask one of them.

    xyz

    ping www.facebook.com.

    Name Resolution Example


    The local dns asks a com name server, f, for www.nominum.coms address
    Whats the IP address of www.facebook.com?

    Root DNS Local DNS

    Com domain
    xyz

    ping www.facebook.com.

    Name Resolution Example


    The com name server f refers dakota to the nominum.com name servers
    Heres a list of the facebook.com name servers. Ask one of them.

    Root DNS
    Local DNS

    Com doamin
    xyz

    ping www.facebook.com.

    Name Resolution Example


    The name server dakota asks a nominum.com name server, ns1.sanjose, for www.nominum.coms address
    Whats the IP address of www.facebook.com?
    Root dns

    Local dns

    ns1.facebook.com

    Com doamin xyz

    ping www.facebook.com.

    Name Resolution Example


    The facebook.com name server ns1.facebook responds with www.facebook.coms address

    Root dns
    Local dns

    Heres the IP address for www.facebook.com


    xwz

    ns1.facebook.com

    Com domain

    ping www.facebook.com.

    Name Resolution Example


    The local dns responds to xyz with www.facebook.coms address
    Heres the IP address for www.facebook.com
    Rot dns

    Local dns

    ns1.facebook.com

    Fcom domain xyz

    ping www.facebook.com.

    Resolution Process (Caching)


    After the previous query, the name local dns now knows: The names and IP addresses of the com name servers The names and IP addresses of the facebook.com name servers The IP address of www.facebook.com Lets look at the resolution process again

    xyz

    ping apps.facebook.com.

    Resolution Process (Caching)


    The workstation xyz asks its configured name server, for apps.facebook.coms address

    Root dns Llocal dns

    Whats the IP address of apps.facebook.com?


    xyz

    ns1.facebook.com

    com domain

    ping apps.facebook.com.

    Resolution Process (Caching)


    Local dns has cached an NS record indicating ns1.facebook is an facebook.com name server, so it asks it for apps.facebook.coms address
    Whats the IP address of apps.facebook.com?

    Root dns Local dns

    Ns1.facebook.com

    Com doamin

    xyz

    ping apps.facebook.com.

    Resolution Process (Caching)


    The facebook.com name server ns1.facebook responds with apps.facebook.coms address

    Root dns
    Local dns

    Heres the IP address for apps.facebook.com

    ns1.facebook.com

    Com domain
    xyz

    Ping apps.facebook.com.

    Resolution Process (Caching)


    The name server responds to xyz with apps.facebook.coms address
    Heres the IP address for apps.facebook.com
    Root dns Local dns

    ns1.facebook.com

    Com domain

    xyz

    ping apps.facebook.com.

    The entire communication is done by the exchange of the resource records. Format:(name,value,type,ttl) Type:A :Name server :Cname :Mail Exchange

    Format:(name, value, type, ttl)


    Type=A name is hostname value is IP address Type=CNAME name is an alias name for some cannonical (the real) name value is cannonical name Type=MX o value is hostname of mailserver associated with name

    Type=NS name is domain value is IP address

    TTL: It is the time period for which the record is to be available in the cache of the device

    Resolution Process (Caching)


    Local dns has cached an NS record indicating ns1.facebook is an facebook.com name server, so it asks it for apps.facebook.coms address
    Whats the IP address of apps.facebook.com?

    Root dns Local dns

    Ns1.facebook.com

    Com doamin

    xyz

    ping apps.facebook.com.

    DNS Cache Poisoning DNS ID Spoofing Client Flooding

    DNS Cache Poisoning:


    DNS A receives a query that it does not have an answer to, so it asks DNS B DNS B replies with wrong information or if it does not have the answer,it puts in the additional records section of the response records that do not relate to the answer.

    DNS A accepts the response of DNS B without performing any checks and puts corrupted records in its cache.

    DNS ID Spoofing:
    Machine X needs to know the IP of machine Y X assigns a random identification number (16 bits) to the request it sends to the DNS and expects this number to be present in the DNS reply

    An attacker using a sniffer, intercepts the DNS request and sends the reply to X containing the correct identification number but with an IP of his choice.

    Client Flooding:
    Client sends a DNS query. Attacker send thousands of responses made to appear as if originating from the DNS server. Client accepts responses because it lacks the capability to verify the response origin.

    Queries Chances

    100 0.0728

    200 0.2621

    400 0.7048

    650 0.9604

    750 0.9865

    You might also like