Recent Changes - Search:

Network Programming

This website demonstrates using wikis as teaching and learning tool.

The course instructor is happy to share the teaching materials here with those who find it readable.

Lecture /

Domain Name System

A Network Programming Lecture by Steven Choy

Overview: Introduction - Name Space - Domain Name Space - DNS in the Internet - Resolution - Implementation of DNS in the Internet - Common DNS Record Types - A DNS Lookup Example

Introduction to DNS (Domain Name System)

  • IP addresses are used to enable computers and routers to identify each other efficiently. However, the human mind is not designed to remember IP addresses. People prefer to work with names rather than numbers. The Domain Name System (DNS) is such a system that supports the best of both worlds of humans and machines.
  • Roughly and simply speaking, as you may also be told by some people, the DNS is nothing more than a system that stores pairs of IP addresses and names, so that when you request a website by name it can send you directly to the correct address. However, that statement cannot give you the whole picture of the DNS. You need to learn more in order to appreciate the concept and the implementation of the DNS.
  • DNS is a hierarchical system, a globally distributed system, that is highly scalable and reliable.
"DNS (Domain Name System) is a hierarchical, distributed, autonomous, reliable database. The first and only of its kind, it offers realtime performance levels to a global audience with global contributors. Every TCP/IP traffic flow including every World Wide Web page view begins with at least one DNS transaction. DNS is, in a word, glorious." (Source)
  • The DNS contains three important components. They are:
(1) a name space, which defines and standardizes the structure of names,
(2) name servers, which make the name space available to the public, and
(3) a resolver, which will query the name servers about the name space.
  • The DNS is a hierarchical system.
  • DNS organizes all registered names in a tree structure.
  • The hierarchical naming scheme used by the DNS is known as the domain name space.

Name Space

  • Flat Name Space
In a flat name space, a name is assigned to an address. A name in this space is a sequence of characters without structure.
  • Hierarchical Name Space
In a hierarchial name space, each name is made of several parts.

Domain Name Space

To have a hierarchical name space, a domain name space was designed.
  • Label - Each node in the tree has a label, which is a string with a maximum of 63 characters. The root label is a null string.
  • Domain - a domain is a subtree of the domain name space.
  • Domain Name - Each node in the tree has a domain name.
  • Fully Qualified Domain name (FQDN) - a sequence of labels separated by dots and ends in a null label.
  • Partially Qualified Domain Name (PQDN) - If a label is not termined by a null string, it is called a PQDN.

Distribution of Name Space

  • Zone - When a name server is responsible for, or has authority over, is called a zone.
  • Root Server - A root server is a server whose zone consists of the whole tree.
  • Primary Server - is a server that stores a file about the zone for which it is an authority
  • Secondary Server - it loads all information from the primary server

Class Discussions

  • What is the main disadvantage of a flat name space?
  • What is the main advantage of a hierarchical name space over a flat name space?
  • Why it is not a good idea to have a single powerful computer store all the information contained in the domain name space?
  • What are FQDN and PQDN? Give an example for each one.
  • Describe the current way that the Internet uses to store all the information contained in the domain name space.
  • What are a root name server, a primary name server and a secondary name server? Can you differentiate them clearly?

Summary : DNS Concepts and Design

  • In the design of DNS, the name space needs to be made hierarchical rather than a flat structure in order to make naming of machines scalable. The idea of hierarchical name space is to divide the naming into several parts. The naming can be based on the location of the machine, and then on the nature of the organizations, and then on the unit name within the selected area. That idea is quite similar to what we humans have done in addressing a real world location.
  • The domain names can be mapped to a tree structure like the figure shown below.
  • There is no restriction to the number of child nodes at each parent node. However, DNS requires that child nodes of a parent node have different labels. In this way, the uniqueness of the domain names is guaranteed. For example, we cannot have two child nodes named the same, say ouhk, under the parent node .edu.hk. We can, however, have one child node named ouhk under the parent node .edu.hk and another child node also named ouhk under the parent node .com.hk.
  • In the design of domain name space, a domain is a namespace. If you think the concept of namespaces is too abstract to you, think about the following examples. Everything below .hk is in the hk domain. Everything below .com.hk is in the com.hk domain and in the hk domain.
  • The information contained in the domain name space is stored in a hierarchy of servers based on the structure of the name space. Those servers are called DNS name servers. Each name server maintains just one piece of the overall hierarchy.
  • While domains are namespaces, zones, which are subdivisions of a domain, are administrative spaces in which zone administrators are responsible for just a portion of a domain. Therefore, it is possible that a name server does not store all the information about a domain. Instead, it stores the information about a zone and delegates part of its authority to other servers.

DNS in the Internet

  • Generic Domains - define registered hosts according to their generic behavior.
Generic domain labels: com edu gov int mil net org
New generic domain labels: aero biz coop info museum name pro
  • Country Domains - uses two-character country abbreviations at the first levels. second-level labels can be organizational, or they can be more specific, national designations.
  • Inverse Domains - is used to map an address to a name.

Resolution

  • Recursive Resolution
  • Iterative Resolution
Try dig +trace FQDN in a Linux machine
  • Caching
"A single DNS lookup may involve several recursive lookups to machines all over the world. Because of this hassle, information is cached for short periods of time at every level, including on your computer.
"Cache speeds up resolution, but it can also be problematic. If a server caches a mapping for a long time; it may send an outdated mapping to the client.
Technique to counter caching outdated mapping - The authoritative server always adds a piece of information to the mapping called time-to-live (TTL). The cache memory must be searched periodically, and those mappings with an expired TTL must be purged.

Summary: Implementation of DNS in the Internet

  • The DNS is implemented as a distributed system. The DNS requires a coordinated effort among many computers called DNS servers to store and maintain a huge list of registered domain names and their corresponding IP addresses. Each DNS server maintains just one piece of the overall DNS hierarchy (one level of the hierarchy and then only a zone with that level).
  • DNS is designed as a client-server application. DNS servers respond to requests from DNS clients. DNS clients are called resolvers as they access the closest DNS server with a request for name-address resolution. DNS servers eventually return the requested resolution (either address-to-name or name-to-address) to the resolver.
  • Please note that the process by which a DNS client maps a hostname to an IP address is called name-address resolution or resolution for short.
  • We need some kind of protocol for communication between DNS clients and servers. To be brief, there are only two types of DNS messages: query and response. The query message, which consists of a header and a question section, is sent from a client to a server. The response message is then sent from the server to the client, and consists of a header, a question section, an answer section, and two other sections containing additional information about the resolution.

Class Discussions

  • The domain name space in the Internet is divided into three different sections. What are they?
  • Give any five first-level labels in the generic domains.
  • What does a resolver do?
  • What is the difference between recursive resolution and iterative resolution?

Common DNS Record Types

  • Address Record (A) - It returns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host.
  • Canonical Name Record (CNAME) - Alias of one name to another: the DNS lookup will continue by retrying the lookup with the new name.
  • Mail Exchange Record (MX) - It maps a domain name to a list of message transfer agents for that domain.
  • Name Server Record (NS) - It delegates a DNS zone to use the given authoritative name servers.
  • Start of Authority Record (SOA) - It specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone.
  • More information about DNS record types: http://en.wikipedia.org/wiki/List_of_DNS_record_types

A DNS Lookup Example

  • The following details some important information that you can get by making use the DNS Lookup service.
  • The figure below shows you one set of results. Please note that the results returned may be different for each DNS query.
Note 1: The machine k.root-servers.net (IP: 193.0.14.129) is one of the root name server.
Note 2: The machine ns3.cuhk.edu.hk (IP: 202.45.188.19) is one of the name servers that stores the information about the domain .hk. (Source: http://www.iana.org/root-whois/hk.htm)
Note 3: The machine NS1.ouhk.edu.hk (IP: 202.40.157.167) is one of the name servers that stores the information about the domain .edu.hk.
Note 4: This indicates the hostname for which we want to know its IP address
Note 5: This says that the IP address of the hostname plbpc013.ouhk.edu.hk is 202.40.219.247.
Note 6: These are three authoritative name servers for the query of hostname plbpc013.ouhk.edu.hk.
Knowing all the ins and outs of the DNS implementation in the Internet, you may still puzzle about who initiates a DNS query--the browser or the PC you are using, since it is obvious that the browser is the first one who knows the hostname to be queried. Briefly speaking, it is not your browser or your PC that does the DNS query directly. Your PC will connect to the nearest DNS server and ask it to act as the DNS resolver. If you want to know the information about that DNS server, type the following command using the DOS Command Prompt of the Windows Operating System: Ipconfig /all.
The diagram in next page illustrates the interaction between a DNS client and a DNS server starting from a client machine. First, the client will contact its configured DNS server and ask for a domain name to be resolved. Since the client's DNS server is not authoritative for the domain, it then through recursive queries via the Internet root DNS servers contacts the primary DNS server for the domain. The client's DNS server then gets an answer for the query. That successful query is then passed back to the client.

References and Resources

In this website, you can learn more about the top-level domains in the Internet. As of 7 September 2005, there were a total of 261 registered top-level domains. The information about these top-level domains is maintained by a set of 13 servers called root name servers. These name servers, which are uniquely named A.ROOT-SERVERS.NET, B.ROOT-SERVERS.NET to M.ROOT-SERVERS.NET, are maintained by various independent agencies. Ten of these servers reside in the United States, one in Japan, one in London, and one in Sweden. (Reference: http://www.internic.net/zones/named.root)
This is an interesting site for you to visualize much of the knowledge you have learned in this course. Specific to this section, please go to DNS Lookup and try to input a hostname of a website (e.g. www.ouhk.edu.hk). It will then show you all the results and details about the DNS query, which include answer records, authority records, and additional records.

Thanks for Reading

If you would rather like to have this lecture note in printed format, please click the print action link in the top right corner.

If you find any problem in this lecture note, please feel free to tell Steven via steven@findaway.hk.

Edit - History - Print - Recent Changes - Search
Page last modified on March 18, 2010, at 10:20 AM