chapter 7: domain name system
TRANSCRIPT
CISNTWK-11PerformanceObjectives
• Understand the history of Domain Name System (DNS) types of services that DNS provides types (DNS), types of services that DNS provides, types of roles that DNS servers can play on a network, and DNS database structure
• Understand how DNS servers handle name • Understand how DNS servers handle name resolution requests, including the role of nearby and root servers in the resolution process, and the difference between recursive and iterative the difference between recursive and iterative name resolution requests
• Explain the significance of DNS caching and the l f d t i S hvalue of data in DNS caches
2IP Addressing and Related Topics 2
CISNTWK-11PerformanceObjectives (continued)
• Understand DNS configuration files and resource record formats and describe the most common record formats, and describe the most common DNS RR types
• Understand how to handle the loopback paddress and root server data
• Use the NSLOOKUP command to gather name server information test DNS server configurations server information, test DNS server configurations, and inspect the contents of key DNS records on such servers
3IP Addressing and Related Topics 3
CISNTWK-11PerformanceObjectives (continued)
• Explain how DNS queries and responses work, and how they handle name resolution DNS and how they handle name resolution, DNS record lookups, zone data transfers, and reverse DNS queries
• Understand the purposes of, and drawbacks to, implementing DNS in the real world
4IP Addressing and Related Topics 4
CISNTWK-11PerformanceDNS History and Background
• RFCs 882 and 883Original RFCs for DNS– Original RFCs for DNS
– Created by Paul Mockapetris (also created JEEVES)• BIND (Berkeley Internet Name Domain)( y )
– Written by Kevin Dunlap in 1988• Database segments
I l d l ti f th ll th t – Include only a portion of the overall namespace that DNS can access for its clients
5IP Addressing and Related Topics 5
CISNTWK-11Performance
DNS History and Background (continued)Background (continued)
• DNS combines the following virtuesAllows local control over domain name database – Allows local control over domain name database segments
– Data from all database segments is available everywhereeverywhere
– Database information is robust and highly available• DNS
– One of the most effective uses of distributed database technology in the world today
6IP Addressing and Related Topics 6
CISNTWK-11PerformanceDNS Database Structure
• Mirrors structure of the domain namespace itselfT l l d i i th U S• Top-level domains in the U.S.– .com– .edu– .gov– .mil– net– .net– .org
7IP Addressing and Related Topics 7
CISNTWK-11PerformanceThe DNS Namespace
• DNS Arbitrarily partitions tree and creates subtrees for – Arbitrarily partitions tree and creates subtrees for database information
• Domains (such as ibm.com) – Can be broken into subdomains (such as
clearlake.ibm.com)• Any valid domain nameAny valid domain name
– Ultimately resides within some specific DNS database
9IP Addressing and Related Topics 9
CISNTWK-11PerformanceDNS Database Records
• Resource recordsStores data associated with domain names address – Stores data associated with domain names, address records, and other specific data
– Most commonly used typesAdd (A) d• Address (A) record
• Canonical name (CNAME) record• Host information (HINFO) record
i ( )• Mail exchange (MX) record• Name server (NS) record
10IP Addressing and Related Topics 10
CISNTWK-11PerformanceDelegating DNS Authority
• DNSPermits database record for primary DNS server to – Permits database record for primary DNS server to delegate authority to DNS servers lower in domain namespace
O th it i d l t d• Once authority is delegated– Database for name server includes NS records that
point to name servers• Organization of global DNS database
– Designed to make it quick and easy for name servers to point to other name serverspoint to other name servers
11IP Addressing and Related Topics 11
CISNTWK-11PerformanceTypes of DNS Servers
• Primary master name DNS server Where the primary DNS database files for the – Where the primary DNS database files for the domain(s) or subdomain(s) reside
• Primary master– Distinguished from other name servers for a domain
• For any DNS zoneThere can be only one primary master name server– There can be only one primary master name server
12IP Addressing and Related Topics 12
CISNTWK-11PerformanceSecondary DNS Server
• Gets its data for the zone from the master server for that zonefor that zone
• Zone data on a secondary server – Always originates from a primary servery g p y
• Zone transfer– Secondary DNS server gets data for the zone from the
master server for that zonemaster server for that zone• Secondary, or slave, DNS servers
– Provide a back-up copy of the domain database for a specific zone
13IP Addressing and Related Topics 13
CISNTWK-11PerformanceCaching Servers
• Store recently accessed DNS records from other domains domains
• Caching-only server– Speeds access to specific domain names by storing a p p y g
copy of the lookup data locally• Size and Internet access volume
Factors that determine if an organization implements – Factors that determine if an organization implements separate caching-only servers
14IP Addressing and Related Topics 14
CISNTWK-11PerformanceThe Client Side of DNS
• Resolvers Issue requests for service called name queries or – Issue requests for service, called name queries or address requests, to domain name servers
• An address request – Seeks to resolve a domain name to a corresponding
numeric IP address• Name query (inverse DNS query)Name query (inverse DNS query)
– Seeks to resolve an address to a domain name
15IP Addressing and Related Topics 15
CISNTWK-11Performance
How Domain Name Servers WorkWork
• A TCP/IP clientUsually some application or service that encounters a – Usually some application or service that encounters a domain name for which it needs an IP address
• Servers – Queried in the order in which they appear in TCP/IP
configuration files (from top down)• DNS servers DNS servers
– Handle real name resolution
16IP Addressing and Related Topics 16
CISNTWK-11PerformanceRecursive Query
• Used by DNS resolvers toDelegate the first DNS server that they contact to go – Delegate the first DNS server that they contact to go out and find the necessary address translation
• In the grand DNS server hierarchy– Any DNS server can issue iterative queries– Only a DNS client or a root server can issue recursive
queriesq
17IP Addressing and Related Topics 17
CISNTWK-11Performance
Iterative or Non-Recursive QueriesQueries
• Issued when one DNS server receives a recursive requestrequest
• Do not cause other queries to be issued• Reason some recursive name queries involve a Reason some recursive name queries involve a
root server– Root server always knows how to find whatever DNS
server is authoritative for the domainserver is authoritative for the domain
18IP Addressing and Related Topics 18
CISNTWK-11Performance
The Importance of DNS CachingCaching
• All data in a DNS cache Has an expiration value– Has an expiration value
• DNS servers – Cache name and address pairs for addresses they p y
resolved – Keep information about name requests that result in
error messagesg
19IP Addressing and Related Topics 19
CISNTWK-11Performance
DNS Configuration Files and Resource Record FormatsResource Record Formats
• domain.dnsThe files that map host names to addresses– The files that map host names to addresses
• addr.in-addr.arpa.dns– Files that map addresses to domain names for reverse p
lookups• Every DNS zone file must contain
SOA and NS records– SOA and NS records– Records about host names or addresses in that zone
20IP Addressing and Related Topics 20
CISNTWK-11PerformanceStart of Authority Record
• Identifies the current name server as the best source of information for data in its zonesource of information for data in its zone
• Both secondary and primary name servers can – Designate themselves as authoritative in their own SOA g
records
21IP Addressing and Related Topics 21
CISNTWK-11Performance
Address and Canonical Name RecordsRecords
• DNS, by defaultAccesses only the first IP address for a host when – Accesses only the first IP address for a host when multiple entries for a single domain name are defined
• DNS round robin load balancing– Permits a DNS server to keep track of which IP
addresses it has provided for a specific translation– Rotates the IP addresses within the list of addresses
available
22IP Addressing and Related Topics 22
CISNTWK-11PerformanceMapping Addresses to Names
• Records in the db.addr file Provided to support reverse DNS lookups– Provided to support reverse DNS lookups
• Reverse address lookups– Used primarily to determine if IP address that user p y
presents matches originating domain name • Classful
File structure of reverse DNS lookups – File structure of reverse DNS lookups
23IP Addressing and Related Topics 23
CISNTWK-11Performance
Handling the Loopback AddressAddress
• To ensure proper handling of the reserved loopback addressloopback address– The db.127.0.0 file must be created on each individual
machine• db.127.0.0 file
– Begins with the required SOA record– Then provides NS recordsThen provides NS records– Concludes with a PTR record
24IP Addressing and Related Topics 24
CISNTWK-11Performance
Obtaining and Storing Root Server DataServer Data
• On a Windows server running DNSCopy file to directory named – Copy file to directory named %SystemRoot%\System32\DNS directory
– Rename the file to cache.dns
25IP Addressing and Related Topics 25
CISNTWK-11PerformanceThe NSLOOKUP Command
• Supported by Windows and UNIXP id t ll ki d f DNS i f ti• Provides access to all kinds of DNS information
• Essential tool for testing, when configuring or troubleshooting a DNS servertroubleshooting a DNS server
• Syntax– nslookup domain-name [name-server]
26IP Addressing and Related Topics 26
CISNTWK-11PerformanceUsing NSLOOKUP
• set OPTION command Used to examine specific types of resource records– Used to examine specific types of resource records
• ls –a or ls –d– Used to extract information from certain well-known
name servers
29IP Addressing and Related Topics 29
CISNTWK-11Performance
DNS Query/Response Packet FormatsFormats
• Four sections in the DNS response packets– Question sectionQuestion section– Answer section– Authority section
Additi l ti– Additional section
32IP Addressing and Related Topics 32
CISNTWK-11Performance
DNS Query/Response Packet Formats (continued)Formats (continued)
• DNS query packet fieldsID Number Field– ID Number Field
– QR (Query/Response) Field– Opcode (Operation Code) Field– AA (Authoritative Answer) Field– TC (Truncation) Field– RD (Recursion Desired) FieldRD (Recursion Desired) Field– RA (Recursion Available) Field– Z (Reserved) Field
34IP Addressing and Related Topics 34
CISNTWK-11Performance
DNS Query/Response Packet Formats (continued)Formats (continued)
• DNS query packet fieldsRcode (Response Code) Field– Rcode (Response Code) Field
– Question Count Field– Answer Count Field– Name Server Count Field– Additional Records Count Field– Question Name FieldQuestion Name Field– Question Type Field– Question Class Field
38IP Addressing and Related Topics 38
CISNTWK-11Performance
DNS Query/Response Packet Formats (continued)Formats (continued)
• DNS query packet fieldsName Field– Name Field
– Type Field– Class Field– Time to Live Field– Resource Data Length Field– Resource Data FieldResource Data Field
39IP Addressing and Related Topics 39
CISNTWK-11PerformanceDNS Implementation
• Handles two major address related-activitiesResolving symbolic domain names into numeric IP – Resolving symbolic domain names into numeric IP addresses
– Providing authoritative hostname-to-IP mapping • DNS servers for internal use
– Usually focus on alleviating administration hassles by leveraging DHCP, WINS, Active Directoryg g y
40IP Addressing and Related Topics 40
CISNTWK-11PerformanceThe Trouble with DNS
• DNS database updatesRequire that a qualified administrator operates directly – Require that a qualified administrator operates directly on the DNS database files, or
– Uses special-purpose tools to make changes• “Propagation delay”
– Time it takes for cached values to catch up with changes to authoritative databases g
41IP Addressing and Related Topics 41
CISNTWK-11PerformanceAdditional Readings on DNS
• Cricket Liu, et al.: DNS on Windows Server 2003, O’Reilly & AssociatesO Reilly & Associates
• William Wong: Windows 2000 DNS Server, Osborne/McGraw-Hill
• Paul Albitz and Cricket Liu: DNS and BIND, 4th Edition, O’Reilly & AssociatesC i H t Li DNS S Ad i i t ti • Craig Hunt: Linux DNS Server Administration, Sybex Books, Alameda, CA
42IP Addressing and Related Topics 42
CISNTWK-11PerformanceSummary
• The Domain Name SystemProvides key address resolution service that makes – Provides key address resolution service that makes today’s Internet possible
• Impetus for DNS – Arose from difficulty of maintaining static HOSTS files for
computers on the ARPANET • DNS name servers DNS name servers
– Come in multiple varieties
43IP Addressing and Related Topics 43
CISNTWK-11PerformanceSummary (continued)
• DNSMaintains its data on a large collection of name servers – Maintains its data on a large collection of name servers around the Internet
• DNS databases – Consist of a collection of resource records (RRs)
• DNS clients Rely on a software component called a resolver to – Rely on a software component called a resolver to interact with an available
44IP Addressing and Related Topics 44
CISNTWK-11PerformanceSummary (continued)
• DNS clients Rely on resolver to interact with available DNS server for – Rely on resolver to interact with available DNS server for name resolution services
• DNS packet structures– Incorporate type information that identifies the kind of
RR being carried
45IP Addressing and Related Topics 45