Lecture 9: DNS Caching

Question 1

What is TTL?

Answer 1

Time-To-Live

TTL sets the expiration for cached DNS records

Question 2

What happens to cached DNS records after the TTL expires?

Answer 2

The cached DNS records must be thrown out and new DNS records fetched via a new DNS call

Question 3

How are TTLs typically measure?

Answer 3

hours or days

Question 4

What is propagation delay?

Answer 4

The amount of time required for a signal to be received after it has been sent

Question 5

Why does DNS system suffer from slow convergence?

Answer 5

• Caching over the lifespan of the TTL
• Slowness of changes made by TLD DNS servers

Question 5

Why does DNS system suffer from slow convergence?

Answer 5

• Caching over the lifespan of the TTL
• Slowness of changes made by TLD DNS servers

Question 6

How long does it usually take for DNS system changes to fully propagate?

Answer 6

24-48 hours

Question 7

What are the benefits of caching in DNS?

Answer 7

• Decreases response time
• Decreases load on the DNS service, the root and TLD DNS servers
• Improves the robustness and reliability of the system

Question 8

What are the drawbacks of caching?

Answer 8

• It makes DNS opaquer and more difficult to predict
• Results in slow convergence and uneven propagation
• Offers a vector for attack

Question 9

What is the tradeoff with TTL?

Answer 9

The longer the TTL, the more efficient, but also the slower the convergence and updates are

Question 10

What protocol and port has DNS traditionally been done on?

Answer 10

A User Datagram Protocol (UDP) requests on port 53

Question 11

What are the new ways DNS is done though

Answer 11

DNS via TLS

DNS vis HTTPs

Question 12

What are the drawbacks of DNS via UDP?

Answer 12

• Little to no security
• Anyone sniffing around can see the DNS packets and know what domains you might be trying to retrieve

Question 13

What is the DNS Date Format?

Answer 13

Header: transaction ID, flags, count of questions and answers

Answers: responsive data returned by the authoritative name server

Question 14

What is the purpose of the transaction ID?

Answer 14

Match a request to a response

Question 15

What is the purpose of the transaction ID?

Answer 15

Match a request to a response

Question 16

What makes up the control field?

Answer 16

• QR flag
• opcode
• AA, TR, RD, and RA bits
• Z-field
• R Code

Question 17

What is a QR flag?

Answer 17

Can turn a request header into a response header

0: Queries
1: Responses

Question 18

What is the OPCode?

Answer 18

Used for internal testing
Typically just four zero bits

Question 19

What is AA?

Answer 19

Represents whether the response came from an
authoritative DNS server

0: Caches and resolvers
1: Authoritative DNS server

Question 20

What is TR?

Answer 20

1: DNS response > 512 bytes. User must use an alternative protocol (other than UDP)

Question 21

What is RD (Recursion Desired) and RA (Recursion Available)?

Answer 21

Bits notify the server (RD) or the client (RA) whether recursive DNS resolution is wanted

Question 22

What is Z-Field?

Answer 22

Reserved for future use – these three bits are always set to zero in present use

Question 23

What is R Code?

Answer 23

provides a response code that informs the client if there were any errors

0000: Everythings ok

Question 24

What are the four counts in order?

Answer 24

• Question Count
• Answer Count
• Authority Count
• Additional Count

Question 25

What is the question count?

Answer 25

Number of questions we’re asking, as a requester

Question 26

What does each question represent in the question count?

Answer 26

One domain that we are querying for

Question 27

What is the answer count?

Answer 27

Number of answers the server has responded with

Question 28

What does each answer represent in the answercount?

Answer 28

Each DNS record returned is an answer

Question 29

What is the Authority Counts?

Answer 29

How many name server records are returned

Question 30

What is the Additional Count?

Answer 30

How many additional resource records are included