DNSDomain Name SystemDNS OverviewOverviewUsesSlide 6Slide 7Slide 8HistorySlide 10Slide 11Slide 12Slide 13How DNS worksHow DNS Works - TheorySlide 16Slide 17Slide 18How DNS Works - Theory Parts of a domain nameSlide 20How DNS works in theory Parts of a domain nameSlide 22How DNS works in theory Address resolution mechanismSlide 24Slide 25Slide 26How DNS works in theory Circular dependencies and glue recordsSlide 28How DNS WorksHow DNS Works In PracticeHow DNS works In practiceHow DNS Works In Practice - Caching timeSlide 33Slide 34Slide 35How DNS Works In Practice - In the Real WorldSlide 37How DNS Works In Practice - Broken ResolversHow DNS Works In Practice - Other ApplicationsSlide 40DNS ExtensionsTypes of DNS recordsSlide 43DNS Records – Complete ListExample DNS Record for logicbbs.orgInternationalized Domain NamesSecurity issuesLegal users of domainsSlide 49PoliticsOther Internet ResourcesDNS ZonesSlide 53DNS Reverse LookupSlide 55Slide 56Slide 57Slide 58DNSSlide 60LookupsSlide 62DNS ForwardingSlide 64Mail Exchangers1DNSDomain Name Systems2Domain Name SystemDNS OverviewDNS ZonesForwardReverseFowardingDNS Delegation/ParentingMail Exchangers3DNS Overviewhttp://en.wikipedia.org/wiki/Dns4OverviewOn the Internet, the Domain Name System (DNS) associates various sorts of information with domain namesServes as the "phone book" for the InternetTranslates human-readable computer hostnames into IP addressesRequired bynetworking equipment to delivering informationAlso stores other informationSuch as the list of mail exchange servers that accept email for a given domain. By providing a worldwide keyword-based redirection service, the Domain Name System is an essential component of the modern Internet5Uses6UsesThe most basic use of DNS is to translate hostnames to IP addresses. Very much like a phone bookFor example, what is the internet address of en.wikipedia.org?The Domain Name System can be used to tell you it is 66.230.200.1007UsesDNS also has other important usesDNS makes it possibleAssign Internet destinations to the human organization or concern they representIndependent of the physical routing hierarchy represented by the numerical IP address. Hyperlinks and Internet contact information can remain the same Whatever the current IP routing arrangements may beCan take a human-readable form (such as "wikipedia.org") Easier to remember than an IP address (such as 66.230.200.100). People take advantage of this when they recite meaningful URLs and e-mail addresses Do not need to care how the machine will actually locate them8UsesThe Domain Name System distributes the responsibility for assigning domain names and mapping them to IP networksallows an authoritative server for each domain to keep track of its own changesavoids the need for a central registrar to be continually consulted and updated9History10HistoryUsing a name as a more human-legible abstraction of a machine's numerical address on the network predates even TCP/IPAll the way to the ARPAnet eraBack then however, a different system was used, as DNS was only invented in 1983, shortly after TCP/IP was deployed. With the older system, each computer on the network retrieved a file called HOSTS.TXT from a computer at SRI (now SRI International). The HOSTS.TXT file mapped numerical addresses to names. A hosts file still exists on most modern operating systems, either by default or through configurationAllows users to specify an IP address (eg. 192.0.34.166) to use for a hostname (eg. www.example.net) without checking DNS. Nowadays, the hosts file serves primarily for troubleshooting DNS errors or for mapping local addresses to more organic namesSystems based on a hosts file have inherent limitationsThe obvious requirement that every time a given computer's address changed, every computer that seeks to communicate with it would need an update to its hosts fileOn Windows: C:\WINDOWS\system32\drivers\etc>11HistoryThe growth of networking called for a more scalable systemRecords a change in a host's address in one place onlyOther hosts would learn about the change dynamically through a notification systemCompletes a globally accessible network of all hosts' names and their associated IP Addresses12HistoryAt the request of Jon Postel, Paul Mockapetris invented the Domain Name System in 1983 and wrote the first implementation. The original specifications appear in RFC 882 and 883In 1987, the publication of RFC 1034 and RFC 1035 updated the DNS specificationMade RFC 882 and RFC 883 obsolete. Several more-recent RFCs have proposed various extensions to the core DNS protocols.13HistoryIn 1984, four Berkeley students1 wrote the first UNIX implementationIn 1985 Kevin Dunlap of DEC significantly re-wrote the DNS implementationRenamed it BIND (Berkeley Internet Name Domain)BIND was ported to the Windows NT platform in the early 1990s.Due to BIND's long history of security issues and exploits, several alternative nameserver/resolver programs have been written and distributed in recent years.1Douglas Terry, Mark Painter, David Riggle and Songnian Zhou14How DNS worksTheory15How DNS Works - TheoryDomain namesArranged in a treeCut into zonesEach served by a nameserver16How DNS Works - TheoryThe domain name space consists of a tree of domain names. Each node or leaf in the tree has one or more resource records, which hold information associated with the domain name. The tree sub-divides into zones. A zone consists of a collection of connected nodes authoritatively served by an authoritative DNS nameserver. Note that a single nameserver can host several zones17How DNS Works - TheoryWhen a system administrator wants to let another administrator control a part of the domain name space within his or her zone of authorityCan delegate control to the other administrator. Splits a part of the old zone off into a new zoneComes under the authority of the second administrator's nameserversThe old zone becomes no longer authoritative for what goes under the authority of the new zone.18How DNS Works - TheoryA resolver looks up the information associated with nodes. A resolver knows how to communicate with name servers by sending DNS requests, and heeding DNS responses. Resolving usually entails iterating through several name servers to find the
View Full Document