Section 9.2. Domain Name System (DNS)
9.2. Domain Name System (DNS)One of the most important components of the application layer is the Domain Name System (DNS) server. DNS is a distributed hierarchical and global directory that translates machine or domain names to numerical IP addresses. DNS can be thought as a distributed database system used to map host names to IP addresses, and vice versa. DNS is a critical infrastructure, and all hosts contact DNS servers when they initiate connections. DNS can run over either UDP or TCP. However, running over UDP is usually preferred, since a fast response for a transaction provided by UDP is required. Some of the information-processing functions a DNS server handles are
DNS is an application-layer protocol, and every Internet service providerwhether for an organization, a university campus, or even a residencehas a DNS server. In the normal mode of operation, a host sends UDP queries to a DNS server. The DNS server either replies or directs the queries to other servers. The DNS server also stores information other than host addresses. The DNS routinely constructs a query message and passes it to the UDP transport layer without any handshaking with the UDP entity running on the destination end system. Then, a UDP header field is attached to the message, and the resulting segment is passed to the network layer. The network layer always encapsulates the UDP segment into a datagram . The datagram, or packet, is now sent to a DNS server. If the DNS server does not respond, the fault may be UDP's unreliability. 9.2.1. Domain Name SpaceAny entity in the TCP/IP environment is identified by an IP address, which thereby identifies the connection of the corresponding host to the Internet. An IP address can also be assigned a domain name . Unique domain names assigned to hosts must be selected from a name space and are generally organized in a hierarchical fashion. Domain names are defined in a tree-based structure with the root at the top, as shown in Figure 9.2. A tree is structured with a maximum of 128 levels, starting at level 0 (root). Each level consists of nodes. A node on a tree is identified by a label , with a string of up to 63 characters , except for the root label, which has empty string. Figure 9.2. Hierarchy of domain name space, labels, and domain names The last label of a domain name expresses the type of organization; other parts of the domain name indicate the hierarchy of the departments within the organization. Thus, an organization can add any suffix or prefix to its name to define its host or resources. A domain name is a sequence of labels separated by dots and is read from the node up to the root. For example, moving from right to left, we can parse as follows : domain name news.company1.com, a commercial organization (.com) and the "news" section of "company1" (news.company1). Domain names can also be partial. For example, company1.com is a partial domain name. Domain-Name ServersThe domain name space is divided into subdomains, and each domain or subdomain is assigned a domain name server . This way, we can form a hierarchy of servers, as shown in Figure 9.3, just as we did for the hierarchy of domain names. A domain name server has a database consisting of all the information for every node under that domain. Each server at any location in the hierarchy can partition part of its domain and delegate some responsibility to another server. The root server supervises the entire domain name space. A root server typically does not store any information about domains and keeps references only to servers over which it has authority. Root servers are distributed around the world. Figure 9.3. Hierarchy of DNS domain name servers 9.2.2. Name/Address MappingDNS operates based on the client/server application. Any client host can send an IP address to a domain name server to be mapped to a domain name. Each host that needs to map an address to a name or vice versa should access the closest DNS server with its request. The server finds and releases the requested information to the host. If the requested information is not found, the server either delegates the request to other servers or asks them to provide the information. After receiving the mapping information, the requesting host examines it for correctness and delivers it to the requesting process. Mapping can be of either recursive or iterative . In recursive mapping (Figure 9.4), the client host makes the request to its corresponding DNS server. The DNS server is responsible for finding the answer recursively. The requesting client host asks for the answer through its local DNS server, news.company1.com. Assume that this server contacts the root DNS server, and still the information has not been found. This time, the root DNS server sends the query to the .com server, but the transaction still remains unsuccessful . Finally, .com server sends the query to the local DNS server of the requested place, as dns.company2.com, and finds the answer. The answer to a query in this method is routed back to the origin, as shown in the figure. The local DNS server of the requested place is called the authoritative server and adds information to the mapping, called time to live (TTL). Figure 9.4. Recursive mapping In the iterative approach, the mapping function is as shown in Figure 9.5. In this case, if it does not have the name to provide, the server returns to the client host. Figure 9.5. Iterative mapping The host must then repeat the query to the next DNS server that may be able to provide the name. This continues until the host succeeds in obtaining the name. In Figure 9.5, the news.company1.com host sends the query to its own local DNS server, dns.company1.comthus trying the root DNS server firstand then tries .com server, finally ending up with the local DNS server of the requested place: dns.company2.com. 9.2.3. DNS Message FormatDNS communication is made possible through query and reply messages. Both message types have the 12-byte header format shown in Figure 9.6. The query message consists of a header and a question message only. The reply message consists of a header and four message fields: question , answer , authority , and additional information . Figure 9.6. DNS message format The header has six fields as follows. A client uses the identification field to match the reply with the query. This field may appear with a different number each time a client transmits a query. The server copies this number in its reply. The flags field contains subfields that represent the type of the message, such as the type of answer requested or requested DNS recursive or iterative mapping. The number of questions field indicates how many queries are in the question portion of the message. The number of answers shows how many answers are in the answer field. For the query message, this field contains all zeros. The number of authoritative records field consists of the number of authoritative records in the authority portion of a reply message. Similarly, this field is filled by zeros for a query message. Finally, the number of additional records field records are in the additional information portion of a reply message and is similarly filled by zeros in a query message. The questions field can contain one or more questions. The answers field belongs only to a reply message and consists of one or more replies from a DNS server to the corresponding client. The authority field is present only in reply messages and provides the domain name information about one or more authoritative servers. Finally, the additional information field is present only in reply messages and contains other information, such as the IP address of the authoritative server. This additional information helps a client further identify an answer to a question. The next section explains how domains are added to DNS database. New information and names are included into a DNS database through a registrar . On a request for inclusion of a new domain name, a DNS registrar must verify the uniqueness of the name and then enter it into its database. |
EAN: 2147483647
Pages: 211