Left portion is most specific, right portion is DNS root
Top Level Domains:
The rightmost portion of the name (e.g., com, edu, net)
DNS Name Servers
Problems with a Centralized Approach:
Single point of failure
Hard to maintain
Doesn't scale
Problems with a Distributed Approach:
No server has every mapping
Queries may need to be handled by multiple servers
Hard to update
The Distributed Approach that is Used
Hierarchical Organization:
Different portions of the hierarchy (called zones)
are administered
by different organizations
Overview of the Process used to Resolve:
Local DNS server is queried
If the local query fails, either a recursive or
non-recursive (referral) process is used
Types of DNS Servers
Authoritative Name Servers:
Guaranteed to be able to perform a name-address
translation for a particular zone (i.e., portion of the
domain name tree)
Root Name Servers:
"Publish" the root zone file which contains the names
and IP addresses of the authoritative servers for all
top level domains
There are 13 identified by the letters A-M (though there are
far more machines in about 150 locations in about
50 countires;
see http://www.root-servers.org/)
Caching Name Servers:
Are not authoritative for any zone
Ask queries and then "remember" them for later use
The amount of time a response is "remembered" (i.e.,
cached) is called the time to live (TTL) and is set by the
administrator
Recursive Queries
Properties:
The DNS server will provide a complete answer (or error)
to the query
DNS servers are not required to support recursive queries
Process:
If the DNS server does not know the answer it will
ask another DNS server
Recursive Queries (cont.)
Non-Recursive Queries (a.k.a. Referrals)
Properties:
The DNS server may provide a partial answer (or error)
to the query
Process:
If the DNS server does not know the answer it will
tell you about another DNS server that is "more likely to know"
(i.e., is closer to a DNS server that knows)
Non-Recursive Queries (cont.)
Transport Layer Protocols
DNS primarily uses UDP on port 53
TCP is used when responses exceed 512 bytes (and in all cases
by some implementations)
EDNS (RFC2671)
supports UDP responses larger than 512 bytes
Message Format
Header (12 octets):
ID
Flags
Number of Questions
Number of Answer Resource Records (RRs)
Number of Authority RRs
Number of Additional RRs
Questions
Answer Resource Records
Authority Resource Records
Additional Resource Records
Format of Resource Records (RRs)
Name (variable):
Name of the node
Type (2 octets):
Type of the record (e.g., " A" for IPv4 lookup)
Class (2 octets)
Usually "IN" (for internet)
TTL (4 octets):
Valid time (in seconds)
RDLENGTH (2 octets):
Length of the RDATA field
RDATA (variable)
Additional data (e.g., the IP address for "A" records)