DNSDomain Name SystemDNS OverviewOverviewUsesSlide 6Slide 7Slide 8HistorySlide 10Slide 11Slide 12Slide 13How DNS worksHow DNS Works - TheorySlide 16Slide 17Slide 18How DNS Works - Theory Parts of a domain nameSlide 20How DNS works in theory Parts of a domain nameSlide 22How DNS works in theory Address resolution mechanismSlide 24Slide 25Slide 26How DNS works in theory Circular dependencies and glue recordsSlide 28How DNS WorksHow DNS Works In PracticeHow DNS works In practiceHow DNS Works In Practice - Caching timeSlide 33Slide 34Slide 35How DNS Works In Practice - In the Real WorldSlide 37How DNS Works In Practice - Broken ResolversHow DNS Works In Practice - Other ApplicationsSlide 40DNS ExtensionsTypes of DNS recordsSlide 43DNS Records – Complete ListExample DNS Record for logicbbs.orgInternationalized Domain NamesSecurity issuesLegal users of domainsSlide 49PoliticsOther Internet ResourcesDNS ZonesSlide 53DNS Reverse LookupSlide 55Slide 56Slide 57Slide 58DNSSlide 60LookupsSlide 62DNS ForwardingSlide 64Mail Exchangers1DNSDomain Name Systems2Domain Name SystemDNS OverviewDNS ZonesForwardReverseFowardingDNS Delegation/ParentingMail Exchangers3DNS Overviewhttp://en.wikipedia.org/wiki/Dns4OverviewOn the Internet, the Domain Name System (DNS) associates various sorts of information with domain namesServes as the "phone book" for the InternetTranslates human-readable computer hostnames into IP addressesRequired bynetworking equipment to delivering informationAlso stores other informationSuch as the list of mail exchange servers that accept email for a given domain. By providing a worldwide keyword-based redirection service, the Domain Name System is an essential component of the modern Internet5Uses6UsesThe most basic use of DNS is to translate hostnames to IP addresses. Very much like a phone bookFor example, what is the internet address of en.wikipedia.org?The Domain Name System can be used to tell you it is 66.230.200.1007UsesDNS also has other important usesDNS makes it possibleAssign Internet destinations to the human organization or concern they representIndependent of the physical routing hierarchy represented by the numerical IP address. Hyperlinks and Internet contact information can remain the same Whatever the current IP routing arrangements may beCan take a human-readable form (such as "wikipedia.org") Easier to remember than an IP address (such as 66.230.200.100). People take advantage of this when they recite meaningful URLs and e-mail addresses Do not need to care how the machine will actually locate them8UsesThe Domain Name System distributes the responsibility for assigning domain names and mapping them to IP networksallows an authoritative server for each domain to keep track of its own changesavoids the need for a central registrar to be continually consulted and updated9History10HistoryUsing a name as a more human-legible abstraction of a machine's numerical address on the network predates even TCP/IPAll the way to the ARPAnet eraBack then however, a different system was used, as DNS was only invented in 1983, shortly after TCP/IP was deployed. With the older system, each computer on the network retrieved a file called HOSTS.TXT from a computer at SRI (now SRI International). The HOSTS.TXT file mapped numerical addresses to names. A hosts file still exists on most modern operating systems, either by default or through configurationAllows users to specify an IP address (eg. 192.0.34.166) to use for a hostname (eg. www.example.net) without checking DNS. Nowadays, the hosts file serves primarily for troubleshooting DNS errors or for mapping local addresses to more organic namesSystems based on a hosts file have inherent limitationsThe obvious requirement that every time a given computer's address changed, every computer that seeks to communicate with it would need an update to its hosts fileOn Windows: C:\WINDOWS\system32\drivers\etc>11HistoryThe growth of networking called for a more scalable systemRecords a change in a host's address in one place onlyOther hosts would learn about the change dynamically through a notification systemCompletes a globally accessible network of all hosts' names and their associated IP Addresses12HistoryAt the request of Jon Postel, Paul Mockapetris invented the Domain Name System in 1983 and wrote the first implementation. The original specifications appear in RFC 882 and 883In 1987, the publication of RFC 1034 and RFC 1035 updated the DNS specificationMade RFC 882 and RFC 883 obsolete. Several more-recent RFCs have proposed various extensions to the core DNS protocols.13HistoryIn 1984, four Berkeley students1 wrote the first UNIX implementationIn 1985 Kevin Dunlap of DEC significantly re-wrote the DNS implementationRenamed it BIND (Berkeley Internet Name Domain)BIND was ported to the Windows NT platform in the early 1990s.Due to BIND's long history of security issues and exploits, several alternative nameserver/resolver programs have been written and distributed in recent years.1Douglas Terry, Mark Painter, David Riggle and Songnian Zhou14How DNS worksTheory15How DNS Works - TheoryDomain namesArranged in a treeCut into zonesEach served by a nameserver16How DNS Works - TheoryThe domain name space consists of a tree of domain names. Each node or leaf in the tree has one or more resource records, which hold information associated with the domain name. The tree sub-divides into zones. A zone consists of a collection of connected nodes authoritatively served by an authoritative DNS nameserver. Note that a single nameserver can host several zones17How DNS Works - TheoryWhen a system administrator wants to let another administrator control a part of the domain name space within his or her zone of authorityCan delegate control to the other administrator. Splits a part of the old zone off into a new zoneComes under the authority of the second administrator's nameserversThe old zone becomes no longer authoritative for what goes under the authority of the new zone.18How DNS Works - TheoryA resolver looks up the information associated with nodes. A resolver knows how to communicate with name servers by sending DNS requests, and heeding DNS responses. Resolving usually entails iterating through several name servers to find the