SVAD-321 - Server

Administration
Introduction to The Domain Name System (DNS)
Course Lecturer: Walu G. Gondwe, Computer Science and Information Technology
Department (CSIT), MUST
Email: wgondwe@must.ac.mw
People and Numbers
• Recall: Network devices are identified by (IP) addresses;
• IP is a heirachical numbering system adopted by the Internet
• E.g. ff you need to reach Amazon, you need their IP address
– Does anyone know Amazon's IP?
• Problem:
– People can’t remember IP addresses
– Need human readable names that map to IPs
• Possible solution:
– Build a (shared) database of name-to-IP mappings and let the people use
simple names e.g.
– This shared, distributed database is the Domain Name System

2
People and Numbers cont...
• Why Should We Learn About DNS? It is central to operation of
all web-based services
– Web and FTP servers use A records stored in DNS for name
resolution of URLs
– Email servers rely on MX records stored in DNS to resolve
email servers
– Some services use DNS records for security and identity
verification (e.g. TXT records)

3
Internet Names and Addresses
• Addresses, e.g. 41.70.81.100
– Computer usable labels for machines
– Conform to structure of the network
• Names, e.g. www.hec.ac.mw
– Human usable labels for machines
– Conform to organizational structure
• How do you map from one to the other?
– Domain Name System (DNS)

4
Towards DNS
• Eventually, the hosts.txt system fell apart
– Not scalable, global admin couldn’t handle the
load
– Hard to enforce uniqueness of names
• e.g MIT
– Massachusetts Institute of Technology or
Malawi Institute of Technology?
– Many machines had inaccurate and outdate copies
of hosts.txt
• Thus, DNS was born
5
Brief History of Naming
• Before DNS, all mappings were in hosts.txt
– /etc/hosts on Linux
– C:\Windows\System32\drivers\etc\hosts on
Windows
• This was a centralized, manual system (small Internet):
– Changes were submitted by individuals and organizations
to a central (global) administrator via email
– Machines periodically downloaded new copies of
hosts.txt
– Administrators could pick names at their discretion
– Any name was allowed e.g.
this_is_my_home_desk_computer_1
6
DNS at a High-Level
• It is a distributed database i.e. parts are maintained
by separate devices (no centralization)
• Simple client/server architecture
– Uses UDP port 53, some implementations also
use TCP (Why?)
• Hierarchical namespace
– As opposed to original, flat namespace
– e.g. .com -> amazon.com -> aws.amazon.com

7
 Naming Hierarchy
Root

net mw com gov mil org uk edu etc.

ac co • The Root domain is represented by . (dot)

• Top Level Domains (TLDs) are immediately below
root (then 1st level domain, 2nd etc)
• Maximum tree depth: 128
hec must unima • Each Domain Name is a subtree
– .ac -> ac.mw -> hec.ac.mw =>
www.hec.ac.mw
• Name collisions are avoided
www academy mail – mit.mw vs. mit.edu
8
 Hierarchical Administration
Verisign Root ICANN

net edu com gov mil org uk fr etc.

neu mit • Administratively, the tree is divided into

zones
– Each zone is under one administrator
– Each zone has a set of servers storing
ccs zone files (domain name mappings)
• Example:
– Malawi SDNP controls *.mw
– Verisign controls *.net, *.com, *.gov
and .edu
www login mail 9
Server Hierarchy
• Functions of each DNS server:
– Authority over a portion of the hierarchy
• No need to store all DNS names i.e. scalable and ligher
– Store all the records for hosts/domains in its zone
• May be replicated for robustness (Master/Slave or
Primary/Secondary)
– Each authoritative server knows the addresses of the root
servers; to resolve queries for unknown names
• Root servers know about all TLDs below it
– The search stops at the root servers

10
Root Name Servers
• Responsible for the Root Zone File
– Lists the TLDs and who controls them
– ~272KB in size

com. 172800 IN NS a.gtld-servers.net.

com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.

• Administered by ICANN
– 13 root servers, labeled A to M
– 6 are anycasted, i.e. they are globally replicated
• Contacted when names cannot be resolved
– In practice, most systems cache this information
11
Map of the Roots

12
Basic Domain Name Resolution
• Every host knows at least 1 local DNS server (configured)
– Clients send all queries to the local DNS server
• If the local DNS can answer the query, then you’re done. This
happens if:
1. Local server is also the authoritative server for that name OR
2. Local server has cached the record for that name
• Otherwise, go to root and down the hierarchy and search for the
authoritative name server:
– Every local DNS server knows the root servers
– Use cache to skip steps if possible
• e.g. skip the root and go directly to .edu if the root file is
cached

13
Recursive DNS Query
DNS Resource Records
• DNS queries have two fields: name and
type
• Resource record is the response to a query
– Four fields: (name, value, type, TTL)
– There may be multiple records returned for
one query
• What do the name and value mean?
– Depends on the type of query and response

15
 DNS Entry Types
• Type = A / AAAA Name: www.ccs.neu.edu

Query
– Name = domain name Type: A
– Value = IP address
Name: www.ccs.neu.edu

Resp.
– A is IPv4, AAAA is IPv6
Value: 129.10.116.81

• Type = NS
– Name = partial domain
Query Name: ccs.neu.edu
– Value = name of DNS
Type: NS
server for this domain
– “Go send your query to this Name: ccs.neu.edu
Resp.

other server” Value: 129.10.116.51 16

 DNS Entry Types, Continued
• Type = CNAME Name: foo.mysite.com

Query
– Name = hostname Type: CNAME
– Value = canonical hostname
Name: foo.mysite.com

Resp.
– Useful for aliasing
– CDNs use this Value: bar.mysite.com

• Type = MX
– Name = domain in email Name: ccs.neu.edu
address Query
Type: MX
– Value = canonical name of
mail server Name: ccs.neu.edu
Resp.

Value: amber.ccs.neu.edu
17
 Reverse Lookups

• What about the IPname mapping?

• Separate server hierarchy stores reverse mappings
– Rooted at in-addr.arpa and ip6.arpa
• Additional DNS record type: PTR
– Name = IP address
– Value = domain name
• Not guaranteed to exist
for all IPs Name: 129.10.116.51
Query
Type: PTR

Name: 129.10.116.51 Value:

Resp.

ccs.neu.edu
18