Domain Naming System
Deepak
Definition:
The Domain Name System (abbreviated DNS) is an Internet directory service. DNS is how domain names are translated into IP addresses, and DNS also controls email delivery. If your computer cannot access DNS, your web browser will not be able to find web sites, and you will not be able to receive or send email.
Topics Covered:
Introduction to Domain Naming System
Protocol suite
Configuration files
Introduction:
Name-to-Address Resolution:
The Domain Name System (DNS) is an application-layer protocol that is part of the standard TCP/IP protocol suite. This protocol implements the DNS naming service, which is the naming service that is used on the Internet.Though DNS supports the complex, worldwide hierarchy of computers on the Internet, the basic function of DNS is very simple. DNS provides name-to-address resolution for TCP/IP-based networks. Name-to-address resolution, also referred to as mapping, is the process of finding the IP address of a computer in a database by using its host name as an index.
Name-to-address mapping occurs when a program running on your local machine needs to contact a remote computer. The program might know the host name of the remote computer. However, the program might not know how to locate the machine, particularly if the machine is in another company domain, for example. To get the remote machine's address, the program requests assistance from the DNS software running on your local machine, which is considered a DNS client.
Your machine sends a request to a DNS name server, which maintains the distributed DNS database. DNS files bear little resemblance to files that contain similar information. For example the/etc/inet/ipnodes files contain the host names, the ipnode names, IPv4 and IPv6 addresses, and other information about a particular group of computers. The name server uses your machine's host name as part of your request to find or "resolve" the IP address of the remote machine. The name server returns this IP address to your local machine if the host name is in its DNS database.
Sends Host name yahoo.com
If the host name is not in that name server's DNS database, the machine is outside of its authority, or, to use DNS terminology, outside the local administrative domain. Thus, each name server is spoken of as being "authoritative" for its local administrative domain.
Fortunately, the local name server maintains a list of host names and IP addresses of root domain name servers, to which the server forwards requests. These root name servers are authoritative for huge organizational domains, as explained fully in DNS Hierarchy and the Internet. These hierarchies resemble UNIX file systems, in that the servers are organized into an upside down tree structure.
Each root name server maintains the host names and IP addresses of top level domain name servers for a given organization. The root name server sends your request to the known top-level name servers. If one server has the IP address for the host you requested, the server returns the information to your machine. If the top-level servers do not recognize the requested host, the request is passed to second-level name servers. Your request is then passed on down through the vast organizational tree. Eventually, a name server that has information about your requested host in its database returns the IP address back to your machine.
Protocol suite:
The Internet is primarily made up of machines using the TCP/IP protocol suite to communicate. This protocol suite identifies each machine on its network by using two unique pieces of information: a Media Access Control (MAC) address and an IP address. A MAC address is a unique number given to every piece of networking equipment on a network, typically by the manufacturers of said equipment. It is used at the hardware level of the TCP/IP interaction to determine which devices should open or read which packets. The IP address is an operator-defined unique number used at a higher level of the TCP/IP protocols to identify which machine or node on the network should open or read which packets. This separation between device and node identification allows for multiple devices to a node, or multiple nodes to a device, while utilizing the same system.
The IP address is used at a human interface level of the operating system to identify what machine is to be contacted for the task at hand. The OS then handles discovering the MAC address and using the two identifiers to transmit packets. To make the network easier to use for people, an IP address-to-name relationship was developed. This allowed a name to be used in place of an IP when defining the networking partner of a transaction. Initially, this information was contained in a separate hosts.txt file on every machine. As networks grew to more than a handful of machines, the host file method of tracking the IP-address-to-name relationship became too unwieldy to manage. A new system was developed to handle the distribution of this data, at the same time making it possible for multiple people to maintain the data by creating a decentralized management model.
DNS Basics:
DNS is a network of servers designed to route a requesting party to the information they seek. Two types of queries exist in this system: a forward lookup (hostname -> IP Address) and a reverse lookup (IP Address -> hostname). Both lookups utilize the structure of DNS to find the authoritative server that handles the data being requested.
The top of the tree (root server) knows how to get each of the nodes below it (the .com, .edu, and .net servers), which in turn know the next step down the tree. Each node of the tree is polled in turn until the data requested is found or is known to not exist. This tree traversal is done every time a hostname -> IP Address or IP Address -> hostname translation is required.
For example, when trying to browse the web browser asks the OS to send packets to the IP address of Sun's web server. The OS needs to translate the hostname to an IP address, and so it asks its defined DNS server for this information. If the DNS server is authoritative for the information or has a cached copy of said information, it returns it. Otherwise, it contacts the closest root server to track down the owner of the data. The root server, not being authoritative for .com, passes the searching DNS server onto the .com server. The .com server points to the .sun.com DNS server to find the answer. The .sun.com server then returns the IP address of to the requesting DNS server. The same process occurs for reverse lookups trying to get hostnames from IP addresses.
DNS structure was specifically designed for decentralized management. Each node on the tree can be controlled by separate parties, allowing almost unlimited possibilities for expansion. This aspect leads many companies to purchase a domain name and supply a public DNS server to control their section of the Internet.
In addition to the in.named daemon, DNS on a name server consists of a configuration file called named.conf, a resolver file named resolv.conf, and four types of zone data files.
DNS Configuration and Data Files
Names of DNS Data Files:
File Names / Content and Purpose of File/etc/named.conf / The configuration file specifies the type of server it is running on and the zones that it serves as a 'Master', 'Slave', or 'Stub'. It also defines security, logging, and a finer granularity of options applied to zones.
/etc/resolv.conf / This file resides on every DNS client (including DNS servers) and designates the servers that the client queries for DNS information.
root. Cache or named.ca / This file establishes the names of root servers and lists their addresses.
Generic: hosts
Example: SIUhosts / This file contains all the data about the machines in the local zone that the server serves.
hosts.rev / This file specifies a zone in the in-addr.arpa.Domain, a special domain that allows reverse (address-to-name) mapping.
named.local / This file specifies the address for the local loop back interface, or local host
The named.conf File:
The BIND configuration file, /etc/named.conf establishes the server as a master, slave, or cache-only name server. It also specifies the zones over which the server has authority and which data files it should read to get its initial data.
The /etc/named.conf file contains statements that implement the following.
- Security through an Access Control List (ACL) that defines a collection of IP addresses that an host has read/write access
- Logging specifications
- Selectively applied options for a set of zones, rather than to all zones
The configuration file is read by in.named when the daemon is started by the server's start up script, /etc/init.d/inetsvc. The configuration file directs in.named either to other servers or to local data files for a specified domain.
The resolv.conf:
Defines Domain Name Protocol (DOMAIN) name-server information for local resolver routines.
Description
If the /etc/resolv.conf file exists, the local resolver routines either use a local name resolution database maintained by a local named daemon (a process) to resolve Internet names and addresses, or they use the DOMAIN protocol to request name resolution services from a remote DOMAIN name server host. If no resolv.conf file exist than the resolver routines continue searching their direct path, which may include searching through /etc/hosts file or the hosts map.
Note: If the resolv.conf file does not exist, the resolver routines attempt name resolution using the default paths, the /etc/netsvc.conf file.
The named.ca File:
The named.ca file establishes the names of root servers and lists their addresses. If your network is connected to the Internet, named.ca lists the Internet name servers; otherwise, it lists the root domain name servers for your local network. The in.named daemon cycles through the list of servers until it contacts one of them. It then obtains from that server the current list of root servers, which it uses to update named.ca.
The hosts File:
The hosts file contains all the data about the machines in the local zone. The name of this file is specified in the configuration file. To avoid confusion with /etc/hosts, name the file something other than hosts, for example, you could name these files using the pattern db.domain. Using that nomenclature, the host files for the doc.com and sales.doc.com domains might be db.doc and db.sales.
Setting up the hosts File:
The hosts file contains all the data about every machine in your zone. If a zone covers more than one domain, all machines in all the domains covered by the zone are listed in the zone's host file.
Note - The name hosts is a generic name indicating the file's purpose and content. But to avoid confusion with /etc/hosts, you should name this file something other than hosts. If you have more than one zone, each zone must have its own hosts file and each of these zone hosts files must have a unique name. For example, if your DNS domain is divided into doc.com and sales.doc.com zones, you could name one hosts file db.doc and the other sales.db.doc.
The hosts.rev File:
The hosts.rev file specifies a zone in the in-addr.arpa. Domain, the special domain that allows reverse (address-to-name) mapping. The name of this file is specified in the configuration file.
Setting up the hosts.rev File:
The hosts.rev file sets up inverse mapping.
Note - The name hosts.rev is a generic name indicating the file's purpose and content. If you have more than one zone, each zone must have its own hosts.rev file and each of these zone hosts.rev files must have a unique name. For example, if your DNS domain is divided into doc.com and sales.doc.com zones, you could name one hosts.rev file doc.rev and the other sales.rev.
The named.local File:
The named.local file specifies the address for the local loop back interface, or local host, with the network address 127.0.0.1. The name of this file is specified in the configuration file. Like other files, you can give it a name other than the name used in this manual.
A named.local file contains these elements:
- A default TTL (time-to-live) for all records in the file that do not have an explicit TTL set
- A Start of Authority (SOA) record
The SOA record indicates the start of a zone and includes the name of the host on which the named.local data file resides.
- One or more Name Server (NS) records identifying master and slave DNS name servers
Server and domain names should be fully qualified.
- A PTR record for local host
Reference: