Ch25 Ameera Almasoud Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 1 Introduction There are several applications in the application layer of the Internet model that follow the client/server paradigm. The client/server programs can be divided into two categories: Application that directly used by the user, such as email, Application that support other application programs. The Domain Name System (DNS) is a supporting program that is used by other programs such as e-mail. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 2 Example of using the DNS service Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 3 Host File When the Internet was small, mapping was done by using a host file. The host file had only two columns: name and address. Every host could store the host file on its disk and update it periodically from a master host file. When a program or a user wanted to map a name to an address, the host consulted the host file and found the mapping. it is impossible to have one single host file to relate every address with a name. The host file would be too large to store in every host. it would be impossible to update all the host files every time there was a change. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 4 Host File One solution would be to store the entire host file in a single computer and allow access to this centralized information to every computer that needs mapping. But this would create a huge amount of traffic on the Internet. The solution is to divide this huge amount of information into smaller parts and store each part on a different computer. the host that needs mapping can contact the closest computer holding the needed information. This method is used by the Domain Name System (DNS). Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 5 NAME SPACE To be unambiguous, the names assigned to machines must be carefully selected from a name space with complete control over the binding between the names and IP addresses. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 6 NAME SPACE Flat Narne Space The name is an unstructured sequence of characters. Disadvantage: it must be centrally controlled to avoid duplication. Therefore, it can not be used in large systems such as the Internet. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 7 NAME SPACE Hierarchical Narne Space The name is structured and consists of many parts. The first part can define the nature of the organization, the second part can define the name of an organization, the third part can define departments in the organization, and so on. The authority to assign and control the name spaces can be decentralized. A central authority can assign the part of the name that defines the nature of the organization and the name of the organization. The responsibility of the rest of the name can be given to the organization itself. Ex: suffixes /prefixes it is efficiently used in large systems such as the Internet. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 8 DOMAIN NAME SPACE To have a hierarchical name space, a domain name space was designed. In this design the names are defined in an inverted-tree structure with the root at the top. The tree can have only 128 levels: level 0 (root) to level 127. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 9 Domain name space Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 10 DOMAIN NAME SPACE Label Each node in the tree has a label The label is a string of maximum length of 63 characters Children of a node should have different labels The label of the root is a null string Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 11 DOMAIN NAME SPACE Domain Name Each node in the tree has a domain name. A full domain name is a sequence of labels separated by dots (.). The domain names are always read from the node up to the root. The last label is the label of the root (null). Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 12 Domain names and labels Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 13 DOMAIN NAME SPACE Domain Name Fully Qualified Domain Name(FQDN). : If a label is terminated by a null string. It contains all labels, from the most specific to the most general, that uniquely define the name of the host. Ex: challenger.ate.tbda.edu. Partially Qualified Domain Name(PQDN) : If a label is not terminated by a null string. name A PQDN starts from a node, but it does not reach the root. It is used when the name to be resolved belongs to the same site as the client. Ex: challenger Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 14 FQDN and PQDN Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 15 DOMAIN NAME SPACE Domain A domain is a subtree of the domain name space. The name of the domain is the domain name of the node at the top of the subtree. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 16 DOMAIN NAME SPACE Domain Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 17 DISTRIBUTION OF NAME SPACE The information contained in the domain name space must be stored. However, it is very inefficient and also unreliable to have just one computer store such a huge amount of information. In this section, we discuss the distribution of the domain name space. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 18 DISTRIBUTION OF NAME SPACE Hierarchy of Name Servers The solution to these problems is to distribute the information among many computers called DNS servers. we let the root stand alone and create as many domains (subtrees) as there are first-level nodes. # DNS allows domains to be divided further into smaller domains(subdomains). It is inefficient and unreliable to store the information of the domain name space on a single computer: It is inefficient because responding to all requests from one computer imposes a heavy load on the system It is unreliable because a failure in the computer makes all data inaccessible Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 19 Hierarchy of name servers Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 20 DISTRIBUTION OF NAME SPACE Zone Since the complete domain name hierarchy cannot be stored on a single server, it is divided among many servers. What a server is responsible for or has authority over is called a zone. We can define a zone as a contiguous part of the entire tree. If a server accepts responsibility for a domain and does not divide the domain into smaller domains, the domain and the zone refer to the same thing. The server makes a database called a zone file and keeps all the information for every node under that domain. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 21 Zones and domains Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 22 DISTRIBUTION OF NAME SPACE Root Server A root server is a server whose zone consists of the whole tree. A root server usually does not store any information about domains but delegates its authority to other servers. There are several root servers, each covering the whole domain name space. The servers are distributed all around the world. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 23 DISTRIBUTION OF NAME SPACE Primary and Secondary Servers A primary server stores a file about the zone for which it is an authority on its local disk A primary server is responsible for creating, maintaining, and updating the zone file A secondary server downloads information from another server (primary or secondary) on its local disk: this is called zone transfer A secondary server is NOT responsible for creating, maintaining or updating the zone file Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 24 DISTRIBUTION OF NAME SPACE Primary and Secondary Servers If updating is required, it is performed by the primary server, then sent to the secondary server The aim of assigning a secondary server is to create data redundancy so that it can serve clients in case of failure of the primary server A server can be primary for a zone and secondary for another server; therefore, it is important to state the zone to which a primary/secondary server refers Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 25 DNS IN THE INTERNET DNS is a protocol that can be used in different platforms. In the Internet, the domain name space (tree) is divided into three different sections: generic domains country domains the inverse domain Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 26 DNS IN THE INTERNET Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 27 DNS IN THE INTERNET Generic domains Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 28 Generic domain labels Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 29 DNS IN THE INTERNET Country Domains These use two-character country abbreviations Examples are: Ameera Almasoud sa (Saudi Arabia) eg (Egypt) uk (UnitedKingdom) fr (France) us (United States), etc… Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 30 DNS IN THE INTERNET Country Domains Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 31 DNS IN THE INTERNET Inverse Domains These are used to map an IP address to a name When a server receives a request, the first thing it performs is to check if the sending client is an authorized one: The resolver sends a query to the DNS server with the client name The DNS server finds the corresponding IP address The extracted IP address is resent back to the resolver, then to the server The server checks if the received IP is on the list of its authorized clients Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 32 DNS IN THE INTERNET Inverse Domains This type of query is called inverse query or pointer query The first and second node in a pointer query are always arpa and in-addr The DNS servers that handle the pointer query are hierarchical: The highest level is the network id (netid) part The lower level is the subnet id part The lowest level is the host id part Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 33 DNS IN THE INTERNET Inverse Domains IP= netid.hostid 132.34.45.121 Class B Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 34 RESOLUTION Mapping a name to an address or an address to a name is called name-address resolution. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 35 RESOLUTION Resolver Client/server application that resides on DNS clients Any host that requires to map an IP address to a URL name or vice versa calls a resolver The resolver accesses the closest DNS server with the mapping request If the server has the required information, it provides them to the resolver If the server does not have the required information, it acts in one of the following ways: The server refers the resolver to another DNS server. The server asks another server for the required information, and provides it to the resolver. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 36 RESOLUTION Mapping Names to Addresses Most of the time, the resolver gives a domain name to the server and asks for the corresponding address. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 37 RESOLUTION Mapping Addresses to Names A client can send an IP address to a server to be mapped to a domain name. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 38 RESOLUTION Recursive Resolution Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 39 RESOLUTION Recursive Resolution When a resolver sends a mapping request to a name server, it expects the answer from the same server If the server is the authority for the domain name, it responds immediately to the resolver Otherwise, the server sends the mapping request to the parent server This procedure is repeated recursively until an answer is found The answer follows the same way back through the servers until it reaches the resolver Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 40 RESOLUTION Iterative Resolution Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 41 RESOLUTION Iterative Resolution If the client does not ask for a recursive answer, the mapping can be done iteratively. If the server is an authority for the name, it sends the answer. If it is not, it returns (to the client) the IP address of the server that it thinks can resolve the query. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 42 RESOLUTION Caching This is a mechanism that aims to reduce the search time a DNS server needs to look for a name (or address) in its database. Therefore, when a new request arrives to the server, it checks its cache first. If the required information are stored in the cache, the server responds to the request immediately If not, it sends the request to another server as explained before When a server asks another server for the information, it stores it in its cache memory before sending it to the client In case the required information is found in the cache, the server marks the response as “unauthoritative”. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 43 RESOLUTION Caching Time-to-Live (TTL) counter, in seconds, is used to overcome this problem The server keeps a TTL with each entry in its cache When TTL reaches zero, the corresponding entry is marked Invalid When a request is made to an invalid entry, the server considers it “missing”, and a request is sent to the authoritative server. If a server caches a mapping for a long time, it may send an outdated mapping to the client Another technique is to search the cache periodically and purge (kill) all entries with expired TTL. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 44 DNS MESSAGES DNS has two types of messages: query and response. Both types have the same format. The query message consists of a header and question records; the response message consists of a header, question records, answer records, authoritative records, and additional records. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 45 Query and response messages Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 46 Header format Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 47 TYPES OF RECORDS There are two types of records are used in DNS. The question records are used in the question section of the query and response messages. The resource records are used in the answer, authoritative, and additional information sections of the response message. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 48 REGISTRARS How are new domains added to DNS? New domains are added to the Internet through registrars A registrar verifies that the requested domain name is unique, then enters it into the DNS database for a fee. Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 49 DYNAMIC DOMAIN NAME SYSTEM (DDNS) Changes made in the domain include adding a new host,removing a host, or changing the IP address of a host In DNS, any made change should be reflected in the DNS master file In a huge environment such as the Internet, such updates in the DNS master file should be automatically reflected When a change is made, the information is sent to the primary DNS server which, in turn, updates the zone Primary servers may update secondary servers actively. Another mechanism, the secondary servers check periodically for any updates in the primary server: this is called passive update Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 50 ENCAPSULATION DNS may use either UDP or TCP UDP is used when the size of the response message is less than 512 bytes because most UDP packages have a 512byte packet size limit. If the size of the response message is more than 512 bytes, a TCP connection is used. In both cases, the well-know port number of the server is 53 Ameera Almasoud Based on Data Communications and Networking, 4th Edition. by Behrouz A. Forouzan, McGraw-Hill Companies, Inc., 2007 51