2.4 DNS Flashcards
On what layer does DNS operate?
DNS is an application-layer protocol service built on top of TCP/UDP
What does DNS do and how?
provides translation between IP addresses and domain names
hosts & DNS servers communicate to resolve names (address/name translation)
what are the two identifiers of domains? who uses them?
IP address (32-bit) - used for addressing datagrams
domain name (e.g. psu.edu) - used by humans
What is DNS? Who implements it?
Domain Name System - core internet function that is implemented as an application-layer protocol
implemented by servers that sit at the network edge (rather than by routers and switches INSIDE the network)
internet design philosophy
keep the core simple; put all the complexity at the network edge
DNS’s 4 functions
- translates hostname to IP address
- host aliasing
- mail server aliasing
- load distribution (balancing) - if a hostname has many IP address, DNS rotates through them so one doesn’t have too much of a load
Why not centralize DNS? (4 reasons)
single point of failure
too much traffic
centralized database at 1 location could lead to long delays
it doesn’t scale - doesn’t have the computational abilities or resiliency
DNS performance as a database
DNS is a huge, distributed database - holds approx. 1 billion records (but each record is very simple)
huge performance/scale - handles multiple trillions of queries/day
reads more queries than it writes
“bulletproof” - reliable, secure
why does performance matter to DNS?
almost every internet transaction interacts with DNS, so every millisecond counts
What is the relationship between DNS and organizations?
Hundreds of thousands of organizations are responsible for their own records within this distributed database
DNS hierarchy levels
- Root
- Top Level Domain (TLD)
- Authoritative
The process of getting the IP address of amazon.com (resolving an address)
- client asks the root DNS server to get the name of the TLD server
- the client asks the TLD server to get amazon.com’s authoritative DNS server
- the client asks amazon.com’s authoritative DNS server for the IP address
what are root name servers and why are they important?
root name servers = the starting point for DNS resolution (translating hostnames to IP addresses)
internet couldn’t function without them; though they don’t store the actual IP addresses, they direct queries to TLD servers
how many root name servers are there? who manages them?
13 root name servers in the world, which are replicated many times (200 root name servers in the US, 1,000 in the world)
managed by ICANN (Internet Corporation for Assigned Names & Numbers)
what are TLD servers and what do they do?
Top-Level Domain DNS servers are responsible for resolving addresses with top-level domains such as:
.com
.org
.edu
.aero
.jobs
.museums
and top-level country domains like .uk, .fr
who is responsible for managing TLDs?
internet registries
what are authoritative DNS servers and what do they do
they’re responsible for managing DNS servers within an organization
“authoritative” means that the server has authority over the organization’s names
what do local DNS name servers do?
when the host makes a DNS query wanting to resolve a name, it sends it to the local DNS server
DNS server responds either:
1. immediately, from its local cache of recent name-to-address translation pairs
2. by forwarding request into DNS hierarchy for resolution
every ISP has a local DNS server
what is the ‘iterated query’ method in DNS name resolution?
the contacted server replies with the name of the server to contact next
“I don’t know this name, but ask this server”
what are the steps of the ‘iterated query’ method in DNS name resolution if engineering.nyu.edu wanted to resolve cs.umass.edu? (8 steps)
example: engineering.nyu.edu requests to resolve (wants the IP address of) gaia.cs.umass.edu
1. host queries local nyu DNS server
2. local nyu DNS server forwards message to root DNS server
3. root DNS server responds to local DNS server
4. local DNS server resends message to TLD DNS server
5. TLD DNS server responds to local DNS server
6. local DNS server resends message to auth DNS server
7. auth DNS server responds to local DNS server
8. local DNS server sends IP address to host
what is the disadvantage of the iterated query method? how can this be mitigated?
disadvantage: it’s a lot of steps, meaning it produces a lot of query traffic
DNS caching can reduce this traffic
what is the ‘recursive query’ method in DNS name resolution?
rather than responding with a request with “I don’t know, but here’s who to ask”, the name server takes it upon itself to resolve the query
what are the steps of the ‘recursive query’ method in DNS name resolution if engineering.nyu.edu wanted to resolve cs.umass.edu? (8 steps)
- the host queries the local server
- the local server queries the root server
- the root server queries the TLD server
- the TLD server queries the umass authoritative server
- the authoritative server replies to the TLD server
- the TLD server replies to the root server
- the root server replies to the local server
- the local server replies to the querying host
what is the disadvantage of the recursive query method? how can this be mitigated?
disadvantage: heavy load on upper levels
there’s no mitigation, which is why is method isn’t often used
what is caching in DNS?
because a lot of work is involved in getting the DNS record for a name-to-IP translation pair, we can leverage the work by caching the record locally
once a DNS server learns a mapping, it caches it so, when another request comes in for that mapping, it immediately returns a response to the query
what kind of servers are typically cached in local name servers?
TLD servers
do DNS cache entries timeout?
Yes, they disappear after some time (TTL)
what are the advantages of DNS caching?
improved response time and less load on DNS structure
what are the disadvantages of DNS caching?
cached entries may be out-of-date if the DNS record changes
e.g. if the named host changes their IP address, it might not be known across the internet until all TTLs expire
however, caching is still the best-effort name-to-address translation
DNS official definition
distributed database storing resource records (RR)
What is the format of resource records (RR)?
name, value, type, TTL
what are the 4 most common records?
- type=A (address record)
- type=NS (name-server record)
- type=CNAME (aliasing)
- type=MX (mail server name)
what is the type=A record?
an address record, used for name-to-address translation
‘name’ is the hostname
‘value’ is the IP address
what is the type=NS record?
a name-server record (identifies the authoritative DNS server for a domain)
‘name’ is the domain (e.g. psu.edu)
‘value’ is the hostname of the domain’s authoritative name server
what is the type=CNAME record?
record used for aliasing
‘name’ is an alias name for a real (“canonical”) name
(e.g. www.ibm.com is really servereast.backup2.ibm.com)
‘value’ is the canonical name (www.ibm.com)
what is the type=MX record?
record used to give the name of the mail server associated with the domain
‘value’ is the name of the SMTP mail server associated with the name
What is the difference between DNS query and rely messages?
Nothing; they have the same format
What makes up the header of DNS protocol messages?
identification and flags
identification = 16-bit number for query, response to query uses the same number
flags = query or reply, recursion desired, recursion available, reply is authoritative
What does TYPE=NS mean
Identifies the authoritative DNS server for a domain
