Domain Name System (DNS) - I

Present by,

K.Aravind (10mx03)
M.Boobalan (10mx05) V.Boobathiraj (10mx06) S.Kadhiresan (10mx18)

L.Roshan Ali (10mx41)

A.Selvaraj (10mx46)

DNS
DNS is a client/server application used to help

other application programs DNS is used to map a host name in the application layer to an IP address in the network layer

Need for DNS

Uniquely identies the connection of a host to the

Internet People prefer to use names instead of numeric addresses. Then we need a system that can map a name to an address or an address to a name

Cont
If Internet was small, we can use host file and

master host file concept. Large amount of information need to be stored in a every single system To overcome, Domain Name System is raised

Purpose of DNS

Steps to map Host name to IP address

1. 2. 3.

4.

5.
6.

The user passes the host name to the file transfer client. The file transfer client passes the host name to the DNS client. The DNS client sends a message to a DNS server with a query that gives the file transfer server name using the known IP address of the DNS server. The DNS server responds with the IP address of the desired file transfer server. The DNS client passes the IP address to the file transfer server. The file transfer client now uses the received IP address to access the file transfer server

Name Space
It must be Unambiguous

In Other words ,Name must be unique because

addresses are unique. Its organized in two ways

Flat Name Space Hierarchical Name Space

Flat Name Space

A name in this space is a sequence of characters

without structure. The names may or may not have a common section if they do, it has no meaning. The main disadvantage of a flat name space is that it cannot be used in a large system such as the Internet because it must be centrally controlled to avoid ambiguity and duplication.

Hierarchical Name Space

Each name is made of several parts.

The rst part can dene the nature of the

organization The second part can dene the name of an organization The third part can dene departments in the organization, and so on. In this case, the authority to assign and control the name spaces can be decentralized.

 A central authority can assign the part of the name

that denes the nature of the organization and the name of the organization. The responsibility of the rest of the name can be given to the organization itself. The organization can add suffixes (or prexes) to the name to dene its host or resources. The management of the organization need not worry that the prex chosen for a host is taken by another organization because, even if part of an address is the same, the whole address is different. E.g.
result.psgtech.edu result.psgcas.edu

Cont
Domain Name Space

In this design,the names are dened in an

inverted-tree structure with the root at the top. The tree can have only 128 levels: level 0 (root) to level 127
Label Domain Name Fully Qualified Domain Name

Partially Qualified Domain Name

Domain name space

Domain names and labels

FQDN and PQDN

Domain
A domain is a subtree of the domain name space.

The name of the domain is the name of the node

at the top of the subtree. Domain may itself be divided into domains (or subdomains as they are sometimes called).

Domains

Distribution of Name Space

The information contained in the domain name

space must be stored. It is inefficient because responding to requests from all over the world places a heavy load on the system. It is not reliable because any failure makes the data inaccessible. It includes:
Hierarchy of Name Servers
Zone Root Server Primary and Secondary Servers

Hierarchy of name servers:

It is to distribute the information among

many computers called DNS servers.

DNS allows domains to be divided further

into smaller domains(subdomains).

Each server can be responsible

(authoritative) for either a large or small domain.

Hierarchy of name servers

zone:

Since the complete domain name hierarchy cannot be stored on a single server, it is divided among many servers. What a server is responsible for or has authority over is called a zone. The server makes a data-base called a zone le and keeps all the information for every node under that domain. However, if a server divides its domain into subdomains and delegates part of its authority to other servers, domain and zone refer to different things. The information about the nodes in the

Zones and domains

Root Server:
A root server is a server whose zone consists of the whole tree. A root server usually does not store any information about domains but delegates its authority to other servers, keeping references to those servers. There are several root servers, each covering the whole domain name space. The root servers are distributed all around the world.

Primary server:
A primary server is a server that stores a le about the zone for which it is an authority. It is responsible for creating, maintaining, and updating the zone le. It stores the zone le on a local disk.

Secondary server:
A secondary server is a server that transfers the complete information about a zone from another server (primary or secondary) and stores the le on its local disk. The secondary server neither creates nor updates the zone les. If updating is required, it must be done by the primary server, which sends the updated version to the secondary. A primary server loads all information from the disk le; the secondary server loads all information from the primary server. When the secondary downloads information from the primary, it is called zone transfer.

DNS in the Internet

Generic Domains
Define registered host according to general

behaviour
Country Domains
uses two-character country abbreviations

Second label more specific national designation E.g. psgtech.cbt.tn.in

Inverse Domains
used to map an address to a name

Registrar
How are the new domains added to DNS?

DNS in the Internet

Generic domains

Label aero biz com coop

Description Airlines and aerospace companies Business or firms (similar to com) Commercial organizations Cooperative business organizations

edu
gov info int mil museum name

Educational institutions
Government institutions Information service providers International organizations Military groups Museums and other non-profit organizations Personal names (individuals)

net
org pro

Network support centers

Nonprofit organizations Professional individual organizations

Country domains

Inverse domain

Resolution
Mapping a name to an address or an address to

a name is called name-address

Resolver Mapping Names to Addresses Mapping Addresses to Names

Recursive Resolution
Iterative Resolution Caching

Resolver
DNS is designed as a client-server application.

A host that needs to map an address to a name

or a name to an address calls a DNS client called a resolver. The resolver accesses the closest DNS server with a mapping request. If the server has the information, it satises the resolver

Cont
otherwise, it either refers the resolver to other

servers or asks other servers to provide the information. After the resolver receives the mapping, it interprets the response to see if it is a real resolution or an error, and nally delivers the result to the process that requested it.

Mapping Names to Addresses

Most of the time, the resolver gives a domain

name to the server and asks for the corresponding address. In this case, the server checks the generic domains or the country domains to nd the mapping. If the domain name is from the generic domains section, the resolver receives a domain name such as chal.atc.fhda.edu..

 The query is sent by the resolver to the local DNS

server for resolution. If the local server cannot resolve the query, it either refersthe resolver to other servers or asks other servers directly. If the domain name is from the country domains section, the resolver receives a domain name such as ch.fhda.cu.ca.us.. The procedure is the same.

Mapping Addresses to Names

A client can send an IP address to a server to be

mapped to a domain name. This is called a PTR query. DNS uses the inverse domain. However, in the request, the IP address is reversed andtwo labels,
in-addr arpa

 It appended to create a domain acceptable by the

inverse domain section. For example, if the resolver receives the IP address 132.34.45.121, the resolver rst inverts the address and then adds the two labels before sending. The domain name sent is 121.45.34.132.in-addr.arpa., which is received by the local DNS and resolved.

Recursive Resolution
The client (resolver) can ask for a recursive

answer from a name server. This means that the resolver expects the server to supply the nal answer. If the server is the authority for the domain name, it checks its database and responds.

Cont
If the server is not the authority, it sends the

request to another server (the parent usually) and waits for the response. If the parent is the authority, it responds; otherwise, it sends the query to yet another server. When the query is nally resolved, the response travels back until it nally reaches the requesting client.

Recursive resolution

Iterative Resolution
If the client does not ask for a recursive answer,

the mapping can be done iteratively. If the server is an authority for the name, it sends the answer. If it is not, it returns (to the client) the IP address of the server that it thinks can resolve the query.

Cont
The client is responsible for repeating the query

to this second server. If the newly addressed server can resolve the problem, it answers the query with the IP address otherwise, it returns the IP address of a new server to the client. Now the client must repeat the query to the third server.

Iterative resolution

Caching
Each time a server receives a query for a name

that is not in its domain, it needs to search its database for a server IP address. Reduction of this search time would increase efciency. DNS handles this with a mechanism called Caching

Cont
When a server asks for a mapping from another

server and receives the response, it stores this information in its cache memory before sending it to the client. If the same or another client asks for the same mapping, it can check its cache memory and resolve the problem. However, to inform the client that the response is coming from the cache memory and not from an authoritative source, the server marks the response as unauthoritative.

Cont
Caching speeds up resolution, but it can also be

problematic. If a server caches a mapping for a long time, it may send an outdated mapping to the client. To counter this, two techniques are used. First, the authoritative server always adds information to the mapping called time-tolive(TTL). It denes the time in seconds that the receiving server can cache the information.

Cont
After that time, the mapping is invalid and any

query must be sent again to the authoritative server. Second, DNS requires that each server keep a TTL counter for each mapping it caches. The cache memory must be searched periodically and those mappings with an expired TTL must be purged.

Thank you