2.4 – DNS – The Internet’s Directory Service
- One identifier for a host is its hostname. F.ex. www.facebook.com
- Hosts are also identified by IP addresses.
- An IP address consists of 4 bytes.
2.4.1 – Services Provided by DNS
- Domain name system (DNS)
- A distributed database implemented in a hierarchy of DNS servers
- An application-layer protocol that allows hosts to query the distributed database. The DNS servers are often UNIX machines running the Berkeley Internet Name Domain (BIND) software.
- The DNS protocol runs over UDP and uses port 53
- DNS is commonly employed in other application-layer protocols like HTTP and SMTP
- Example:
- The same user machine runs the client side of the DNS application
- The browser extract the hostname, www.someschool.edu, from the URL and passes the hostname to the client side of the DNS application
- The DNS client sends a query containing the hostname to a DNS server.
- The DNS client eventually receives a reply, which includes the IP address for hostname.
- Once the browser receives the IP address from DNS, it can initiate a TCP connection to the HTTP server process located at port 80 at the IP address
- DNS can add an additional delay.
- DNS provide a few different services:
- Host aliasing:
- A host with a complicated hostname can have one or more alias names. F.ex. relay1.west-coast.example.com has an alias of example.com. In this example relay1.west-coast.example.com is what we call the canonical hostname. DNS can be invoked by an application to obtain the canonical hostname for a supplied alias hostname as well as the IP address of the host.
- Mail server aliasing:
- If someone wants an email address f.ex. [email protected] then DNS can be invoked by a mail application to obtain the canonical hostname for a supplied alias hostname as well as the IP address.
- MX record permits a company’s mail server and web server to have identical hostnames; f.ex. a company’s web server and mail server can both be called example.com
- Load distribution:
- DNS is also used to perform load distribution among replicated servers, with each server running on a different end-system and each having a different IP address.
- When clients make a DNS query for a name mapped to a set of addresses, the server responds with the entire set of IP addresses, but rotates the ordering of the addresses within each reply.
- DNS rotation is also used for e-mail so that multiple mail servers can have the same alias name.
2.4.2 – Overview of How DNS Works
- An application will invoke the client side of DNS, specifying the hostname that needs to be translated (on UNIX-based machines you can use the gethostbyname() function). DNS in the user’s host then takes over, sending a query message into the network.
- DNS in the user’s host receives a DNS reply message that provides the desired mapping. This mapping is then passed to the invoking application in the user’s host.
- The problems with a centralized design includes:
- A single point of failure:
- If the DNS server crashes, so does the entire Internet.
- Traffic volume:
- A single DNS server would have to handle all DNS queries (for all the HTTP requests and e-mail messages generated from hundreds of millions of hosts)
- Distant centralized database:
- A single DNS server cannot be “close to” all the querying clients. If we put the single DNS server in New York City, then all queries from Australia must travel to the other side of the globe, perhaps over slow and congested links. This can lead to significant delays.
- Maintenance:
- The single DNS server would have to keep records for all internet hosts. Not only would this centralized database be huge, but it would have to be updated frequently to account for every new host.
- DNS uses a large number of server organized in a hierarchical fashion and distributed around the world.
- Root DNS server
- Com DNS servers
- Facebook.com DNS servers
- Amazon.com DNS servers
- Org DNS servers
- Edu DNS servers
- Nyu.edu DNS servers
- Umass.edu DNS servers
- Root DNS server
- 400 root name servers all over the world
- Managed by 13 different organizations
- Provide IP addresses of the TLD servers
- Top-level domain (TLD) servers
- For each of the top level domains there is a TLD server(s).
- Verisign Global Registry Services maintains .com servers
- Educause maintains .Edu servers
- TLD servers provide the IP addresses for authoritative DNS servers
- Authoritative DNS servers
- Every organization with a publicly accessible hosts on the internet must provide publicly accessible DNS records that map the names of those hosts to IP addresses.
- An organization can choose to implement its own authoritative DNS server to hold these records (can also pay to keep the records at a service provider)
- Most universities and large corporations implement their own primary and secondary DNS server
- A local DNS server does not strictly belong to the hierarchy of servers but is nevertheless central to the DNS architecture. Each ISP has a local DNS server.
- When a host connects to an ISP, the ISP provides the host with the IP addresses of one or more of its local DNS servers
- Example:
- Cse. Nyu.edu desires the IP address of gaia.cs.umass.edu. Also suppose the NYU’s local DNS server for cse.nyu.edu is called dns.nyu.edu and that an authoritative DNS server for gaua.cs.umass.edu is called dns.umass.edu
- The host cse.nyu.edu first sends a DNS query message to its local DNS server, dns.nyu.edu. The query message contains the hostname to be translated. The local DNS server forwards the query message to a root DNS server.
- The root DNS server takes note of the umass.edu suffix and responds with the IP address of the authoritative DNS server for the university of Massachusetts, namely dns.umass.edu, which respons with the IP address of gaia.cs.umass.edu.
- TLD servers doesn’t always know the authoritative servers and may send a user to an intermediate DNS server who knows it.
- DNS Caching is used to improve the delay performance and reduce the number of DNS messages.
- In a query chain, when a DNS server receives a DNS reply, It can cache the mapping in its local memory.
- DNS servers discard cached information after a period of time (often 2 days)
2.4.3 – DNS records and Messages
- The DNS servers that together implement the DNS distributed database store resource records (RRs), including RRs that provide hostname-to-IP-address mappings.
- Each DNS reply message carries on or more resource records.
- A resource record is a four-tuple that contains the following fields:
- Name
- Value
- Type
- TTL
- The time to live of the resources record; it determines when a source should be removed from a cache.
- The meaning of Name and value depend on Type:
- Type=A
- Name is hostname and value is the IP address
- Type=NS
- Name is domain and value is the host-name of an authoritative DNS server that knows how to obtain the IP addresses for hosts in the domain
- Type=CNAME
- Value is a canonical hostname of the alias hostname Name.
- Type=MX
- Value is canonical name of a mail server that has an alias hostname Name.
- NB: To obtain the canonical name for the mail server, a DNS client would query for an MX record, to obtain the canonical name for the other server, the DNS client would query for the CNAME record.
- If a DNS server is authoritative for a particular hostname, then the DNS server will contain a Type A record for the hostname.
- If a server is not authoritative for a hostname, then the server will contain a type NS record for the domain that includes the hostname; it will also contain a Type A record that provides the IP address of the DNS server in the Value field of the NS record.
- DNS query and reply messages are the only two kinds of DNS messages.
- The first 12 bytes is the header section (the first field is the 16-bit number that identifies the query)
- A 1-bit query/reply flag indicates whether it is a query (0) or reply (1)
- A 1-bit authoritative flag is set in a reply message when A DNS server is an authoritative server for a queried name.
- A 1-bit recursion-desired flag is set when a client desires that the DNS server perform recursion when it doesn’t have the record.
- A 1-bit recursion-available field is set in a reply if the DNS server supports recursion.
- In the header, there are also four number-of fields. These fields indicate the number of occurrences of the four types of data section that follow the header.
- The question section contains information about the query that is being made. It includes:
- A name field that contains the name that is being queried
- A type field that indicates the type of question being asked about the name
- In a reply from a DNS server, the answer section contains the resource records for the name that was originally queried (can be multiple RRs since a hostname can have multiple IP addresses)
- The authority section contains records of other authoritative servers
- The additional section contains other helpful records.
- F.ex. the answer field in a reply to an MX query contains a resource record providing the canonical hostname of a mail server. The additional section contains a Type A record providing the IP address for the canonical hostname
- Example of how records get into the DNS database in the first place:
- You need to register the domain at a registrar, who is a commercial entity that verifies the uniqueness of the domain name, enter the domain name into the DNS database and collects a small fee from you for its services.
- Prior to 1999 Network solutions had a monopoly on com, net and org domains
- Today there are many registrars and the Internet Corporation for Assigned Names and Numbers (ICANN) accredits the various registrars.
- When you register a domain name you also give the registrar the names and IP addresses of your primary and secondary authoritative DNS servers (type NS and type A)
- You will also have to make sure your Type A and Type MX resource Record are entered into your authoritative DNS server.