Prashant Report
Prashant Report
Prashant Report
SEMINAR REPORT
Prashant
(Roll No. 2021021053)
Submitted in
Department of Computer Science and Engineering
1. Introduction
History of DNS
2. Domain Name System
Definition of DNS
3. Domain Name Space
Definition of domain name space
Name Resolution
DNS Server and the Internet
(i) Domain
(ii) Zones
(iii) Name Server
4. Resolver
Setup
HostName
DNS Sever
5. Importance of DNS
6. Future of DNS
7. Conclusion
8. References
Introduction
History of DNS
The development of the DNS can be traced back to the early days of the
internet, when it was a relatively small and tightly connected network called
ARPANET. In the early 1980s, ARPANET introduced a centrally managed
file called the “hosts.txt” file that mapped hostnames to IP addresses. As
the internet grew rapidly, this approach became unmanageable.
In 1983, Paul Mockapetris and Jon Postel introduced the DNS as we know
it today through RFC 882 and RFC 883, providing a distributed and
hierarchical system for domain name resolution. This innovation paved the
way for the scalable and efficient DNS architecture that underpins the
modern internet.
The essence of DNS is the invention of a hierarchical, domain-based naming scheme and
a distributed database system for implementing this naming scheme. It is primarily used
for mapping host names and e-mail destinations to IP addresses but can also be used for
other purposes. DNS is defined in RFCs 1034 and 1035.
DNS maps to level 7 in the OSI model and can use either UDP or TCP as
the underlying protocol. Resolvers send UDP queries to servers first for
increased performance and only resort to TCP if truncation of the returned
data occurs.
The most popular implementation of the DNS protocol "BIND" was originally developed
at Berkeley for the 4.3 BSD UNIX operating system. The name "BIND" stands for
Berkeley Internet Name Domain. The primary specifications for DNS are defined in
Requests for Comments (RFCs) 974, 1034, and 1035.
The root of the DNS database on the Internet is managed by the Internet
Network Information Center, located at www.internic.net/. The top-level
domains were assigned organizationally and by country. These domain
names follow the International Standard 3166. Two-letter and three-letter
abbreviations are used for countries, and various abbreviations are
reserved for use by organizations, as shown in the following examples.
Domains
Each node in the tree of a DNS database, along with all the nodes below it,
is called a domain. Domains can contain both hosts (computers) and other
domains (sub domains). For example, the Microsoft domain microsoft.com
could contain both computers such as FTP.microsoft.com and sub domains
such as dev.microsoft.com, which could contain hosts such as
ntserver.dev.microsoft.com.
Note In general, Domain names and Host names have restrictions in their
naming that only allow the use of characters "a-z," "A-Z," "0-9," and "-"
(dash or minus sign). The use of characters such as the "/," ".," and "_"
(slash, period, and underscore) are not allowed.
Zones
A zone is some portion of the DNS namespace whose database records exist
and are managed in a particular zone file. A single DNS server might be
configured to manage one or multiple zone files. Each zone is anchored at a
specific domain node—referred to as the zone's "root domain." Zone files
do not necessarily contain the complete tree (that is, all sub domains) under
the zone's root domain. For a comparison of domains and zones, look at the
figure that follows. In this example, microsoft.com is a domain but the
entire domain is not controlled by one zone file. Part of the domain is
actually broken off into a separate zone file for dev.microsoft.com. Breaking
up domains across multiple zone files might be needed for distributing
management of the domain to different groups or possibly for efficiencies in
data replication (that is, zone transfers, which will be discussed later).
Name Servers
DNS servers store information about the domain name space and are
referred to as name servers. Name servers generally have one or more
zones for which they are responsible. The name server is then said to have
authority for those zones.
When you configure a DNS name server (as we will soon see with the "NS"
record), you tell it which DNS name servers are in the same domain.
A primary name server is a name server that gets the data for its zones from
local files. Changes to a zone, such as adding domains or hosts, are done at
the Primary Name Server. A secondary name server gets the data for its
zones from another name server across the network which is authoritative
for that zone. The processes of obtaining this zone information (that is the
database file) across the network are referred to as zone transfer.
You need at least two DNS name servers serving each zone, a
primary name server and at least one secondary name server for
redundancy. Like any fault-tolerant system, the machines should be
as independent as possible (that is, different networks and so forth).
Remote locations
You should also have secondary servers (or other primary servers for
sub domains) in remote locations that have a large number of clients.
You would not want these clients to have to communicate across slow
links for name resolution.
You also need secondary servers to reduce the load on the primary
server.
Since information for each zone is stored in separate files, this primary or
secondary designation is defined at a zone level. In other words, a
particular name server may be a primary name server for certain zones and
a secondary name server for other zones.
To address this issue, DNS allows for the concept of forwarders. Specific
DNS name servers are selected to be forwarders, and only forwarders are
allowed to carry out the wide-area communications across the Internet. All
other DNS name servers within the company are configured to use
forwarders and are configured with the IP addresses of the DNS name
servers designated as forwarders. This configuration is done on a per-
server basis, not a per-zone basis!
Slaves are DNS servers that have been configured to use forwarders and to
return a failure message if the forwarder is unable to resolve the request.
Slaves make no attempt to contact other name servers if the forwarder is
unable to satisfy the request.
Name Resolution
There are three types of queries that a client can make to a DNS server,
recursive, iterative, and inverse. While discussing name resolution, keep in
mind that a DNS server can be a client to another DNS server.
Recursive queries
Iterative queries
In an iterative query, the queried name server gives the best answer it
currently has back to the querier. This type of query is typically done by a
DNS server to other DNS servers after it has received a recursive query
from a resolver.
The following figure shows an example of both types of queries. Query 1/8
is a recursive query from a client resolver to its DNS server while 2/3, 4/5,
and 6/7 are iterative queries from the DNS server to other DNS servers.
Figure 4. Recursive and iterative queries
What if a resolver has the IP address and would like to know the Host name
for a particular machine? Instead of supplying a name and asking for an IP
address, the client needs to provide the IP address and ask for the name.
Since there is no direct correlation in the DNS name space between the
domain names and the associated IP addresses they contain, only a
thorough search of all domains could guarantee a correct answer.
Once the domain tree is built into the DNS database, a special pointer
record is added to associate the IP addresses to the corresponding host
names. In other words, to find a host name for the IP address 157.55.200.2,
the resolver would query the DNS server for a pointer record for
2.200.55.157.in-addr.arpa. If this IP address was outside the local domain,
the DNS server would start at the root and sequentially resolve the domain
nodes until it reached 200.55.157.in-addr.arpa, which should contain the
resource PTR record for 2 (that is, 157.55.200.2).
The Resolver
Setup
The exact procedure needed to setup individual client machines will vary
depending on the operating system and TCP/IP software being used. The
specific procedures for the clients will not be covered in this paper.
However, the general setup parameters required and their use will be
discussed.
The host name for the client can be any combination of the letters A through
Z, the numerals 0 through 9, and the hyphen (-). By default, in Microsoft
networking environments, this value is the NetBIOS computer name, but
you can assign a different host name without affecting the NetBIOS
computer operation, if desired. If WINS Lookup is used with Microsoft
DNS, this value should match your NetBIOS computer name for
consistency.
Note Some characters that can be used in NetBIOS names, especially the
underscore and period, cannot be used in DNS host names.
The domain name is used with the host name to create a fully qualified
domain name (FQDN) for the computer. The FQDN is the host name
followed by a period (.), followed by the domain name. For example, this
could be wkstn1.microsoft.com, where wkstn1 is the host name and
microsoft.com is the domain name. During DNS queries, the fully qualified
domain name is used.
Many operating systems allow you to specify several DNS servers in their
configurations. When this capability is provided, a priority order is also
provided so that a preferred server can be identified. For a given DNS
query, the system attempts to get DNS information from the first IP address
in the list. If no response is received, it goes to the next server in the list,
and so on.
Note In most systems, if you have two DNS servers listed, the system only
checks the second server if no response is received from the first server. If
the system attempts to check a host name with the first server and receives a
message that the host name is not recognized, the system does not try the
second DNS server.
Name Resolution
Windows NT TCP/IP 3.5x systems may use several methods for locating
NetBIOS resources:
IP subnet broadcasts
Static LMHOSTS files
Static HOSTS files
DNS servers
If the DNS Host name (larger than 16 characters) is passed to a utility and
there are 2 transports loaded on a workstation (TCP and NetBEUI), only
the TCP transport will try to set up the session. If the Host name is not used
and the NetBIOS name is used, then all transports will be tried.
For more information on NetBIOS name resolution, you can refer to the
white paper "Windows NT Server: Dynamic Host Configuration Protocol
and Windows Internet Naming Service."
Figure 24.
Importance of DNS
Human-Readable Addresses: DNS allows users to access websites
and services using easy-to-remember domain names instead of
having to remember numerical IP addresses. This enhances user-
friendliness and accessibility.
DNS over HTTPS (DoH) and DNS over TLS (DoT): These protocols
encrypt DNS traffic, enhancing user privacy and security.
Conclusion
The Domain Name System (DNS) is the unsung hero of the internet, silently
working behind the scenes to make the web accessible and user-friendly. It
has a rich history, a complex yet elegant structure, and immense
importance in today’s digital age. Despite its challenges and
vulnerabilities, DNS continues to evolve to meet the changing needs and
demands of the internet, ensuring that users can access the vast array of
online resources with ease and confidence. As the internet continues to
grow and evolve, so too will the Domain Name System, adapting to new
technologies and security threats while remaining a cornerstone of online
communication and connectivity.Rules to Architect a Good DNS Solution
for the Future.
References
DNS & BIND 3rd edition. Paul Albitz, Cricket Liu.
www.geeksforgeeks.com,www.wikipedia.com