0% found this document useful (0 votes)

18 views56 pages

System Admin Tutorial Chapte 4

The document discusses the Domain Name System (DNS), which translates human-readable host names into numerical IP addresses, facilitating easier navigation on the Internet. It highlights the hierarchical structure of DNS, the need for a scalable and decentralized system, and the roles of various components such as name servers and resolvers. Additionally, it explains the processes of name resolution and the importance of caching to improve efficiency in DNS queries.

Uploaded by

jara Muda

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

18 views56 pages

System Admin Tutorial Chapte 4

Uploaded by

jara Muda

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 56

System and Network

Administration
Chapter Four
Bule Hora University

1
Domain Name System
(DNS)

2
Host Names vs. IP addresses
 Host names
◦ Mnemonic name appreciated by humans
◦ Variable length, full alphabet of characters
◦ Provide little (if any) information about location
◦ Examples: www.google.com and www.bhu.edu.et
 IP addresses
◦ Numerical address appreciated by routers
◦ Fixed length, binary number
◦ Hierarchical, related to host location
◦ Examples: 64.236.16.20 and 212.58.224.131

3
Human Involvement
 If you want to…
◦ Call someone, you need to ask for their phone
number
 You can’t just dial “X”
◦ Mail someone, you need to get their address first
 What about the Internet?
◦ If you need to reach Google, you need their IP
◦ Does anyone know Google’s IP?
 Problem:
◦ People can’t remember IP addresses
◦ Need human readable names that map to IPs
4
Internet Names and Addresses
 Addresses, e.g. 129.10.117.100
◦ Computer usable labels for machines
◦ Conform to structure of the network
 Names, e.g. www.bhu.edu.et
◦ Human usable labels for machines
◦ Conform to organizational structure
 How do you map from one to the other?
◦ Domain Name System (DNS)

5
NEED FOR DNS

To identify an entity, TCP/IP protocols use the IP

address, which uniquely identifies the connection of
a host to the Internet.

However, people prefer to use names instead of

numeric addresses. Therefore, we need a system that
can map a name to an address or an address to a
name.
 Eventually, the hosts.txt system fell apart
◦ Not scalable, couldn’t handle the load
◦ Hard to enforce uniqueness of names
 e.g ASTU
 Adama Science and Technology University?
 Addis Ababa Science and Technology University?
◦ Many machines had inaccurate copies of
hosts.txt
 Thus, DNS was born

7
Towards DNS
Host Names vs. IP addresses

 Names are easier to remember

www.cnn.com vs. 64.236.16.20 (but not tiny urls)

8
What is DNS?
 DNS is a host name to IP address
translation service
 DNS is
◦ a distributed database implemented in a
hierarchy of name servers
◦ an application level protocol for message
exchange between clients and servers

9
Why DNS?
 It is easier to remember a host name than it is
to remember an IP address.
 An name has more meaning to a user than a 4
byte number.
 Applications such as FTP, HTTP, email, etc., all
require the user to input a destination.
 The user generally enters a host name.
 The application takes the host name supplied by
the user and forwards it to DNS for translation
to an IP address.

10
How does it work?
 DNS works by exchanging messages
between client and server machines.
 A client application will pass the
destination host name to the DNS
process (in Unix referred to as the
gethostbyname() routine) to get the IP
address.
 The application then sits and waits for the
response to return.

11
Domain Name System
 A lookup mechanism for translating objects into
other objects
 Users generally prefer names to numbers
 Computers prefer numbers to names
 DNS provides the mapping between the two
◦ I have “x”, give me “y”
 DNS is NOT a directory service
◦ No way to search the database
 No easy way to add this functionality

 A globally distributed, loosely coherent, scalable,

reliable, dynamic database

Lecture 13: 02-22-2005 12

Domain Name System Goals
 Basically a wide-area distributed database
 Scalability
 Decentralized maintenance
 Robustness
 Global scope
◦ Names mean the same thing everywhere

Lecture 13: 02-22-2005 13

DNS at a High-Level
 Domain Name System
 Distributed database
◦ No centralization
 Simple client/server architecture
◦ UDP port 53, some implementations also use
TCP
 Hierarchical namespace
◦ As opposed to original, flat namespace
◦ e.g. .com  google.com  mail.google.com
14
Naming Hierarchy
Root

net edu com gov mil org uk fr etc.

 Top Level Domains (TLDs) are at

neu bhu the top
 Maximum tree depth: 128
 Each Domain Name is a subtree
ccs ece husky
◦ .edu  neu.edu  ccs.neu.edu 
www.ccs.neu.edu
 Name collisions are avoided
www login mail ◦ neu.com vs. neu.edu
15
Distributed, Hierarchical Database
Root DNS Servers

com DNS servers org DNS servers edu DNS servers

pbs.org poly.edu umass.edu

yahoo.com amazon.com
DNS servers DNS serversDNS servers
DNS servers DNS servers

Client wants IP for www.amazon.com; 1st approx:

 client queries a root server to find com DNS server
 client queries com DNS server to get amazon.com DNS
server
 client queries amazon.com DNS server to get IP address for
www.amazon.com

16
TLD and Authoritative Servers
 Top-level domain (TLD) servers:
◦ responsible for com, org, net, edu, etc, and all top-level
country domains uk, fr, ca, jp.
◦ Network Solutions maintains servers for com TLD
◦ Educause for edu TLD
 Authoritative DNS servers:
◦ organization’s DNS servers, providing authoritative
hostname to IP mappings for organization’s servers (e.g.,
Web, mail).
◦ can be maintained by organization or service provider

17
Basic Domain Name Resolution
Mapping a name to an address or an address to a
name is called name-address resolution.

25.18
Recursive DNS Query
www.google.com
Where is www.google.com?

 Puts the burden of resolution

on the contacted name server
 How does know who to
forward responses too?
ns1.google.com
◦ Random IDs embedded in DNS asgard.ccs.neu.edu
queries
 What have we said about
keeping state in the network?
com

Root 19
Recursive vs. Iterative Queries
 Recursive query root DNS server

◦ Ask server to get

answer for you 2
3
◦ E.g., request 1 TLD DNS server
4
and response 8 local DNS server
dns.poly.edu 5
 Iterative query
◦ Ask server who
to ask next 1 8
7 6

◦ E.g., all other

authoritative DNS server
request-response dns.cs.umass.edu
pairs requesting host
cis.poly.edu

20
DNS Caching
 Performing all these queries takes time
◦ And all this before actual communication takes place
◦ E.g., 1-second latency before starting Web download
 Caching can greatly reduce overhead
◦ The top-level servers very rarely change
◦ Popular sites (e.g., www.cnn.com) visited often
◦ Local DNS server often has the information cached
 How DNS caching works
◦ DNS servers cache responses to queries
◦ Responses include a “time to live” (TTL) field
◦ Server deletes cached entry after TTL expires

21
DNS components
There are 3 components:
 Name Space:
Specifications for a structured name space
and data associated with the names
 Resolvers:
Client programs that extract information
from Name Servers.
 Name Servers:
Server programs which hold information
about the structure and the names.

22
DNS Name Space
 The name space is the structure of the DNS database
◦ An inverted tree with the root node at the top
 Each node has a label
◦ The root node has a null label, written as “”

The root node

top-level node top-level node top-level node

second-level node second-level node second-level node second-level node second-level node

third-level node third-level node third-level node

23
Domain name space
To have a hierarchical name space, a domain name
space was designed. In this design the names are
defined in an inverted-tree structure with the root at the
top. The tree can have only 128 levels: level 0 (root) to
level 127.

25.24
DNS Name Space
 Domain Names
 A domain name is the sequence of labels from a node to the root,
separated by dots (“.”s), read left to right
◦ The name space has a maximum depth of 127 levels
◦ Domain names are limited to 255 characters in length
 A node’s domain name identifies its position in the name space
""

com edu gov int mil net org

nominum metainfo berkeley nwu nato army uu

west east www

dakota tornado

25
DNS Name Space
 SubDomain Names
 One domain is a subdomain of another if its
apex node is a descendant of the other’s apex
node
 More simply, one domain is a subdomain of
another if its domain name ends in the other’s
domain name
◦ So sales.nominum.com is a subdomain of
 nominum.com
 com
◦ nominum.com is a subdomain of com
26
DNS Name Space
 Delegation
 Administrators can create subdomains to group hosts
◦ According to geography, organizational affiliation or any other
criterion
 An administrator of a domain can delegate
responsibility for managing a subdomain to someone
else
◦ But this isn’t required
 The parent domain retains links to the delegated
subdomain
◦ The parent domain “remembers” who it delegated the
subdomain to

27
DNS Name Space
 Delegation Creates Zones
 Each time an administrator delegates a
subdomain, a new unit of administration is
created
◦ The subdomain and its parent domain can now be
administered independently
◦ These units are called zones
◦ The boundary between zones is a point of delegation
in the name space
 Delegation is good: it is the key to scalability

28
Dividing a Domain into Zones
Tree is divided into zones nominum.com
Each zone has an domain
administrator
Responsible for the
part of the heirarchy ""
nominum.com
zone

.arpa .com .edu

ams.nominum.com
rwc.nominum.com zone
zone acmebw nominum netsol

rwc www ftp ams

molokai skye gouda cheddar

DNS Name Servers
 Name servers store information about the
name space in units called “zones”
◦ The name servers that load a complete zone are said
to “have authority for” or “be authoritative for” the
zone
 Usually, more than one name server are
authoritative for the same zone
◦ This ensures redundancy and spreads the load
 Also, a single name server may be authoritative
for many zones

30
Hierarchy of name servers
Types of Name Servers
 Two main types of servers
◦ Authoritative – maintains the data
 Master – where the data is edited
 Slave – where data is replicated to
◦ Caching – stores data obtained from an authoritative
server
◦ The most common name server implementation
(BIND) combines these two into a single process
 Other types exist…
 No special hardware necessary
Name Server Architecture
 You can think of a name server as part:
◦ database server, answering queries about the
parts of the name space it knows about (i.e., is
authoritative for),
◦ cache, temporarily storing data it learns from
other name servers, and
◦ agent, helping resolvers and other name
servers find data that other name servers
know about
DNS Name Resolution
 Name resolution is the process by which
resolvers and name servers cooperate to find
data in the name space
 To find information anywhere in the name
space, a name server only needs the names and
IP addresses of the name servers for the root
zone (the “root name servers”)
◦ The root name servers know about the top-level
zones and can tell name servers whom to contact for
all TLDs

Copyright © 2001, Nominum,

Inc.
Name Resolution
 A DNS query has three parameters:
◦ A domain name (e.g., www.google.com),
 Remember, every node has a domain name!
◦ A class (e.g., IN), and
◦ A type (e.g., A)
 A name server receiving a query from a
resolver looks for the answer in its
authoritative data and its cache
◦ If the answer isn’t in the cache and the server isn’t
authoritative for the answer, the answer must be
looked up

Copyright © 2001, Nominum,

Inc.
The Resolution Process
 Let’s look at the resolution process step-
by-step:

annie.west.sprockets.com
ping www.google.com.
Copyright © 2001, Nominum,
Inc.
The Resolution Process
 The workstation annie asks its configured name
server, dakota, for www.nominum.com’s address

dakota.west.sprockets.com

What’s the IP address

of
www.nominum.com?

annie.west.sprockets.com
ping www.google.com.
Copyright © 2001, Nominum,
Inc.
The Resolution Process
 The name server dakota asks a root name server, m, for
www.nominum.com’s address