DOMAIN NAME SYSTEM (DNS)

1) problem with centralized directory system?(

1. Internet is huge
2.can’t hold all the mapping
3.if the centralized computer fails ,
whole communication networks
will collapse

2) best solution?( to distribute the information among many computers)

3) method used for distribution?(by contacting with closest computer)

host which needs mapping can contact closest computer
holding the needed information,DNS uses this method)

4)Diagram

5)What this diagram shows?(mapping of name to Address

how TCP uses DNS client –DNS server to map a
name to and address)
A user wants to use a file transfer client to access the corresponding
file transfer server running on a remote host.
6) What the TCP/IP suite needs ?(IP address of the FTP server to make
connection)

1
7)Steps used in getting IP (6 steps used )(
1.passing(hostname) to FTP client
2.passing(host name) to DNS client
3.sending(query) to DNS server
4.getting response(IP address)
5.passing response(IP address) to FTP client
6.FTP client uses IP address to access the
file
The overall objective is a client machine wants to access a file which is
stored in a FTP server.
There will be a 1)client computer or user 2)FTP client 3)DNS Client
4)DNS 5)FTP Server
1. The user passes the host name to the file transfer client.
2. The file transfer client passes the host name to the DNS client.
3. Each computer, after being booted, knows the address of one DNS
server. The DNS client sends a message to a DNS server with a query
that gives the file transfer server name using the known IP address of the
DNS server.
4. The DNS server responds with the IP address of the desired file
transfer server.
5. The DNS client passes the IP address to the file transfer client.
6. The file transfer client now uses the received IP address to access the
file transfer server.
1. Name Space
1)use of name space? (to map each address to a unique name)

2)types of name space? ( flat or hierarchical)

2
3) What is a flat name space?( a name is assigned to an address
A name is a sequence of characters
Names may not have a common
section)

4)What is hierarchical name space( name is made up of several parts)

Nature ,name, departments etc
1. Each name is made of several parts
2.nature , name ,departments of
organization etc
Domain Name Space
1)design of DNS?( names are defined in an inverted tree structure
with the root at the top)

2)levels of the tree?( 128 levels , root(0 level) upto (127 level)

3)Diagram

Label
1)what each node has ? ( a label, string upto 63 characters)

2)string of a root label?(null string or empty string)

3)what are children nodes?(nodes that branch from the same node)
4)what a DNS requires?(to have uniqueness of the domain names)
3
 This can be achieved by giving different label
names for children of a node

Domain Name
1)what each node in a tree has? (a domain name)

2)formation of a full domain name? (sequence of labels separated by

dots “.”)

3)reading of domain names?( always from the node up to the root)

Last label is the label of the root
Last character is a dot or null string

4)what is FQDN?( which is terminated by a null string)

If a label is terminated by a null string, it is called a fully qualified
domain name (FQDN).

5)what is PQDN?(not terminated by a null string)

If a label is not terminated by a null string, it is called a partially
qualified domain name (PQDN).

4
Domain
1)what is domain? (subtree of domain name space)

2)Name of the domain?( name of the node at the top of the sub tree)

3)Diagram

4)what the above diagram shows?(some domains like com,edu etc)

A domain may itself can be divided
into sub domains
Distribution of Name Space

1) What a DNS contains? (information)

2)Why distribution of Name space is required?( efficient and reliable)

Hierarchy of Name Servers

1)solution to storing information?( by distributing it among many
computers called the DNS
servers)

2)How this can be achieved? (1.hierarchy of names

2.dividing whole space into many
domains 3.dividing domains into sub
domains)
Zone
1) storing complete domain name hierarchy?(
1.can’t be stored in single server
2.stored in multiple servers

5
2)what is a zone?(contiguous part of the entire tree)

3)Diagram

4)responsibility of a server?(it has authority over a zone)

5)What a server maintains?(a database called as zone file and keeps

information for every node under that
domain)
6)when domain and zone refers to the same thing?(when the server
won’t divide domains into smaller
domains)

Root server
1)What is a Root Server (whose zone consists of the entire tree)
2)What a root server does?( won’t store, delegates,keeps references)
1. It won’t store any information about domains
2. delegates its authority to other servers
3.keeps references of those servers

Primary and Secondary Servers

1)what is a primary server? (storing zone file,creating, maintaining
and updating zone file)

6
 which stores a file about the zone for which
it is an authority)
2)where the zone file is stored?( at the hard disk)

3)What is a secondary server?( 1.which transfer complete information

about a zone from another server
2.stores file in its local disk
3.neither create or nor update zone
files)

4)updating the zone file?(only by primary server,which sends updated

version to the secondary)

2. DNS in the Internet

1)DNS as a protocol?( that can be used in different platforms)

2) Dividing DNS in internet? ( three sections 1)generic domains 2)country

domains 3)inverse domains)
Generic Domains
1)what they define? (they define hosts according to their generic
behavior)
2)Diagram

3)what each node in the tree defines?(domain , an index to dns

database)

7
Each node in the tree defines a domain, which is an index to the domain
name space database
4)What the generic domain allows?(14 possible labels)

5)table (a,b,c,c,e,g,i,i,m,m,n,n,o,p)

Country Domains
1)what they use? (two character country abbreviations , state
abbreviations))(us)(ca.us)
2)Diagram

Inverse Domains
1) Why they are used?(to find the name of the host when given the IP)
2)are they used now and if not why?(no , extremely difficult to keep
track of the inverse domains , they are now
deprecated)

3. Resolution
1) What is name-address resolution?(mapping a name to an address)

8
2)How DNS is designed? (like a client-server application)

3)what a host does when it wants to map name-address or address-

name? (it calls a DNS client called as resolver)

4)What the resolver does?(accesses the closest DNS server with a

mapping request)
5)What the closest DNS server does? (it hand over the information or
it refers to other servers
Ask other servers to provide
info)
Recursive Resolution
1)Diagram

2)What the above diagram shows? (example of recursive resolution)

3)What we assume here?(

1)application program running on a host some.anet.com wants to find
IP address of another host named engineering.mcgraw-hill.com

2)connection of source host?(Anet ISP)

The source host is connected to the Anet ISP;
3)connection of destination host?(Mc graw-Hill network)
the destination host is connected to the McGraw-Hill network.

Step 1: application program calls DNS resolver to find IP address

9
Step 2: resolver does not know this address so sends query to the local
DNS server

Step 3: local DNS server does not know this address so send query to
root DNS server

We assume that this server does not know the IP address of the
destination host either. It sends the query to a root DNS server, whose IP
address is supposed to be known to this local DNS server (event 2). Root
servers do not normally keep the mapping between names and IP
addresses, but a root server should at least know about one server at each
top level domain (in this case, a server responsible for com domain). The
query is sent to this top-level-domain server (event 3). We assume that
this server does not know the name-address mapping of this specific
destination, but it knows the IP address of the local DNS server in the
McGraw-Hill company (for example, dns.mcgraw-hill.com). The query
is sent to this server (event 4), which knows the IP address of the
destination host. The IP address is now sent back to the top-level DNS
server (event 5), then back to the root server (event 6), then back to the
ISP DNS server, which may cache it for the future queries (event 7), and
finally back to the source host (event 8).
Iterative Resolution

In iterative resolution, each server that does not know the mapping
sends the IP address of the next server back to the one that requested it.
Figure shows the flow of information in an iterative resolution in the
same scenario as the one depicted in Figure 26.36. Normally the iterative
10
resolution takes place between two local servers; the original resolver
gets the final answer from the local server. Note that the messages
shown by

11
4. Caching
1) what a server does when it receives a query?( it searches its
database for a server IP
address, it will take some
search time)

2) How to increase efficiency?( by reducing the search time we can

increase efficiency and DNS
does it by using a mechanism called as
caching)

3) How caching can be done? ( when a server asks for mapping from
another server and receives
response , it stores this information in its
cache memory before sending this
to client)

12
4) Advantages of caching?( 1.reduces search time
2.Increases efficiency
3.speeds up resolution)

5) disadvantage of caching?(if server caches mapping for a long time)

if the server caches a mapping for a
long time , it may send an outdated
mapping to the client)

6) solution to this problem?( adding information called TTL

By keeping a TTL counter for each
mapping

7) which one adds TTL?(authoritative server always adds TTL to

mapping, it defines time in seconds that
the receiving server can cache the
information)

8)What happens after TTL expires?(the mapping will become invalid

Any query must be sent again to
the authoritative server)

5. Resource Records
1) implementing zone information? ( set of resource records)
1.in general zone information is associated with a server
2.this is zone information is implemented as a set of resource
records)

2)What a name server stores?(a database of resource records)

3)What is a resource record ? ( it’s a 5 tuple structure)

1.Domain Name
2.Domain Type
3.Domain Class

13
 3.Domain Value
4.TTL

4)domain name? (it identifies resource record)

5)domain value?(defines information kept about domain name)

6)TTL?(defines the number of figure iterative resolution)

7)Table( A- IPV4 ,AAAA-IPV6,NS ,CNAME,SOA,MX)

6. DNS Messages
1) Use of DNS messages? (to retrieve information about hosts)

2)two types of messages?(query and response messages)

3)format of query and response

14
Identification field? (used by client to match response with query)

Flag field? ( it defines whether a message is a query or response)

Next four fields( number of each record type in the message)

Question section( consists of one or more question records

Present in both query and response messages)

Answer section( contains one or more resource records, present in

only response messages)

Authoritative section? (gives information about one or more

authoritative servers for the query)

Additional information section (provides additional information that

may help the resolver)

7. Registrars

1.adding new domains to DNS? (through a registrar)

2)what is registrar? (commercial entity accredited by ICANN)

3)What a registrar does?(verifies that requested domain is unique

Then it enters it into the DNS database)

4)finding registrars? (there are many registrars and their names and
addresses can be found
athttp://www.intenic.net)

5)inputs to the registrar? (name of its server and IP address of server)

6)example
15
 For example, a new commercial organization named wonderful with a
server named ws and IP address 200.200.200.5 needs to give the
following information to one of the registrars:
Domain name: ws.wonderful.com IP address: 200.200.200.5

8. Security of DNS Name Servers

1)DNS as a most important system in Internet infrastructure

2)What it provides?(crucial services to its internet users)

3)examples?( applications like web access or email are heavily

dependent on the proper operation of DNS)

4)attacks on DNS ?(reading ,intercepting,flooding)

by reading the response of a DNS
server(confidentiality)

By intercepting the response of DNS server and

tampering the response (authentication and
integrity)

By flooding the DNS server and crash it (DOS)

DNS can be attacked in several ways including:

1. The attacker may read the response of a DNS server to find the nature
or names of sites the user mostly accesses. This type of information can
be used to find the user’s profile.
To prevent this attack, DNS messages need to be confidential.
2. The attacker may intercept the response of a DNS server and change it
or create a totally new bogus response to direct the user to the site or
domain the attacker wishes the user to access. This type of attack can be
prevented using message origin authentication and message integrity.

16
3. The attacker may flood the DNS server to overwhelm it or eventually
crash it. This type of attack can be prevented using the provision against
denial-of-service attack.

17