DOMAIN NAME SYSTEM

(DNS)
 INTRODUCTION
• To identify an entity, TCP/IP protocols use the IP address, which uniquely identifies
the connection of a host to the Internet.
• Since people prefer to use names instead of numeric addresses, the Internet needs to
have a directory system that can map a name to an address.
• As Internet is very huge, a central directory system cannot hold all the mapping
• A better solution is to distribute the information among many computers in the world
• The host that needs mapping can contact the closest computer holding the needed
information. This method is used by the Domain Name System (DNS)
 DNS (DOMAIN NAME SYSTEM)
• This is a distributed hierarchical and global directory that
translates domain names into numerical IP address and vice versa.

• This is an application-layer protocol.

• This is a critical infrastructure, and all hosts contact DNS to access

• This can run over either UDP or TCP. However, running over UDP is
preferred, since a fast response is required
 INTRODUCTION
• The following six steps map the hostname to an IP address:
1. The user passes the host name to the file transfer client.

2. The file transfer client passes the host name to the DNS client.

3. Each computer, after being booted, knows the address of one DNS server. The
DNS client sends a message to a DNS server with a query that gives the file
transfer server name using the known IP address of the DNS server.

4. The DNS server responds with the IP address of the desired file transfer server.

5. The DNS server passes the IP address to the file transfer client.

6. The file transfer client now uses the received IP address to access the file
transfer server.
 DOMAIN NAME SPACE
• the names must be unique because the addresses are unique.
• A name space that maps each address to a unique name can be organized in two
ways:
• flat or
• hierarchical.
• In a flat name space, a name is assigned to an address.
• A name in this space is a sequence of characters without structure and The names
may or may not have a common section;
• The main disadvantage of a flat name space is that it must be centrally controlled to
avoid ambiguity and duplication.
• In a hierarchical name space, each name is made of several parts.
 DOMAIN NAME SPACE
• The first part can define the nature of the organization,
• the second part can define the name of an organization,
• the third part can define departments in the organization, and so on.
• The authority to assign and control the name spaces can be decentralized.
• A central authority can assign the part of the name that defines the nature of the
organization and the name of the organization.
• The responsibility for the rest of the name can be given to the organization itself.
The organization can add suffixes (or prefixes) to the name to define its host or
resources.
• Even if part of an address is the same in two different organization, the whole
address is different.
 DOMAIN NAME SPACE
• Domain Name Space is designed as a hierarchical name space.
• The names are defined in an inverted-tree structure with the root at the top.
• The tree can have only 128 levels: level 0 (root) to level 127.
• Each node in the tree has a label (Domain Name), which is a string with a maximum of 63
characters. With the root label is a null string.
• A full domain name is a sequence of labels separated by dots (.). The domain names are
always read from the node up to the root.
• If a label is terminated by a null string, it is called a fully qualified domain name (FQDN).
• If a label is not terminated by a null string, it is called a partially qualified domain name
(PQDN).
• It is used when the name to be resolved belongs to the same site as the client.
• Domain
• A domain is a subtree of the domain name space. The name of the domain is
the name of the node at the top of the subtree. Figure 26.31 shows some
domains. Note that a domain may itself be divided into domains.
• Distribution of Name Space
• The information contained in the domain name space must be stored but cant
be stored on one server.
 Hierarchy of Name Servers
• The solution to the problem of overloading one server is to distribute the information
among many computers called DNS servers
• One way to do this is to divide the whole space into many domains based on the first
level.
• the root should stand alone and create as many domains (subtrees) as there are first-
level nodes.
• As a domain created this way could be very large, DNS allows domains to be divided
further into smaller domains (subdomains).
• Each server can be responsible (authoritative) for either a large or small domain.
• What a server is responsible for or has authority over is called a zone.
 ZONE
• A zone can be defined as a contiguous part of the entire tree.
• If a server accepts responsibility for a domain and does not divide the domain
into smaller domains or zone.
• The server makes a database called a zone file and keeps all the information for
every node under that domain
 DNS SERVERS
• Root Server
• A root server is a server whose zone consists of the whole tree.
• A root server usually does not store any information about domains but
delegates its authority to other servers,
• Primary and Secondary Servers
• A primary server is a server that stores a file about the zone for which it is an
authority. It is responsible for creating, maintaining, and updating the zone file. It
stores the zone file on a local disk.
• A secondary server is a server that transfers the complete information about a
zone from another server (primary or secondary) and stores the file on its local
disk.
• The secondary server neither creates nor updates the zone files. If updating is required, it
must be done by the primary server, which sends the updated version to the secondary.
 DNS IN THE INTERNET
• In the Internet, the domain name space (tree) was originally divided into three different
sections:
1. generic domains
2. country domains, and
3. the inverse domains
• Generic Domains
• The generic domains define registered hosts according to their generic behavior. Each
node in the tree defines a domain, which is an index to the domain name space database
(see Figure 26.34).
• Country Domains
• The country domains section uses two-character country abbreviations (e.g., us for United
States). Second labels can be organizational, or they can be more specific national designations.
• The address uci.ca.us. can be translated to University of California, Irvine, in the state of
California in the United States.
 RESOLUTION
• Mapping a name to an address is called name-address resolution.
• A host that needs to map an address to a name or a name to an address calls a
DNS client called a resolver.
• The resolver accesses the closest DNS server with a mapping request.
• If the server has the information, it satisfies the resolver; otherwise, it either
refers the resolver to other servers or asks other servers to provide the
information.
• After the resolver receives the mapping, it interprets the response to see if it is a
real resolution or an error, and finally delivers the result to the process that
requested it.
• A resolution can be either
• recursive or iterative
RECURSIVE RESOLUTION
 ITERATIVE RESOLUTION
• In iterative resolution, each server that does not know the mapping sends the IP address
of the next server back to the one that requested it
 CACHING
• When a server asks for a mapping from another server and receives the response, it
stores this information in its cache memory before sending it to the client.
• If the same or another client asks for the same mapping, it can check its cache
memory and resolve the problem.
• If a server caches a mapping for a long time, it may send an outdated mapping to the
client. To counter this, two techniques are used:
• the authoritative server always adds information to the mapping called time to live
(TTL).
• DNS requires that each server keep a TTL counter for each mapping it caches. The
cache memory must be searched periodically and those mappings with an expired TTL
must be purged.
 RESOURCE RECORDS
• The zone information associated with a server is implemented as a set of
resource records stored by the name server. It is a 5-tuple structure, as
shown below:
(Domain Name, Type, Class, TTL, Value)
• The domain name field is what identifies the resource record.
• The value defines the information kept about the domain name.
• The TTL defines the number of seconds for which the information is valid.
• The class defines the type of network; we are only interested in the class IN
(Internet).
• The type defines how the value should be interpreted.
 DNS MESSAGES
• To retrieve information about hosts, DNS uses two types of messages: query and
response
 DNS MESSAGES
• The identification field is used by the client to match the response with the query. The
flag field defines whether the message is a query or response. It also includes status of
error.
• The next four fields in the header define the number of each record type in the
message.
• The question section consists of one or more question records. It is present in both
query and response messages.
• The answer section consists of one or more resource records. It is present only in
response messages.
• The authoritative section gives information (domain name) about one or more
authoritative servers for the query.
• The additional information section provides additional information that may help the
resolver.
 REGISTRARS
• Adding new domains DNS is done through a registrar, a commercial entity
accredited by ICANN.
• A registrar first verifies that the requested domain name is unique and then enters it
into the DNS database. A fee is charged.
• There are many registrars; their names and addresses can be found at
http://www.intenic.net
• To register, the organization needs to give the name of its server and the IP address
of the server to one of the registrars.