Jong Yul Kim
04.08.2009

 Visit to TelioSonera’s NY POP (mandatory)
 April 29th (Wednesday) 1~3
 May 1st(Friday) 10~12
 Around 20 students per trip
 Please send me an email on which date you’d prefer. If one of the dates is impossible for you, let me know in the email.
 Quiz next class on topics in lab 6, 7, and 8
 LAN switching (including STP), NAT, DHCP, DNS




 “Consistent name space for referring to resources”
 Distributed database, with local caching
 Data source is responsible for maintaining fresh, accurate information
 Must be generally useful
 Associate names to sets of data, such as host addresses, mailbox data, host OS
 Independent of communications system that carries the queries and responses

 Domain name space and resource records
 Specifications for a tree structured name space and data associated with the names.
 Name servers
 Server programs which hold information about the domain tree’s structure and associated data
 Resolvers
 Client programs that extract information by querying name servers

 A tree structure
 Each node corresponds to a resource set
 Each node has a label up to 63 octets in length
(case-insensitive)
 Domain name of the node is the list of labels on the path from the node to the root of the tree.
ee
.
(root) edu columbia cs www cc

 Resource information for a particular domain name is written as resource records.
 Elements of an RR are:
 Owner : domain name where RR is found
 Type : shows which resource to query
 Class : IN = Internet
 TTL : time-to-live in seconds for caches
 RDATA : the actual data


 A host address
 CNAME canonical name
 HINFO
 MX
 NS
OS / CPU info mail server info authoritative name server
 PTR
 SOA
start of authority

Queries and responses are sent using UDP port 53

 Domain database is partitioned into zones.
. (root)
 Zones are formed by cutting the domain tree and then grouping the nodes that are still connected.
Zone
.uci.edu
.edu
.virginia.edu
math.virginia.edu
cs.virginia.edu
 A zone is :
 Authoritative for all nodes within the zone
 Usually managed by one organization
Zone and domain
Domain

 Root and top-level domains are administered by
Internet central name registration authority (ICANN) org
 Below top-level domain, administration of name space is delegated to organizations
 Each organization can delegate further uci.edu
. (root) edu gov toronto.edu
math.toronto.edu
com ece.toronto.edu
neon.ece.toronto.edu
Top-level
Domains

 Root zone is at the very top of the domain tree
 The root servers are statically entered into resolvers and name servers
 13 logical root servers in the world
 Named with letters A ~ M
 171 physical root servers
 http://www.root-servers.org/

 Country code TLD (ccTLD)
 TLDs with two letters
 .cn, .in, .kr
 Each country manages their own TLD
 Generic TLD (gTLD)
 TLDs with three or more letters
 .com, .net, .org, .edu, .gov, .aero
 Management is delegated to organizations
 Sponsored gTLD is one where the domain is limited to ‘approved’ organizations. (.aero)
 .arpa TLD
 Used to convert IP addresses to domain names

TLD
.com
.net
.edu
Introduced
1985
1985
1985
Sponsored/
Unsponsored
Purpose
Unsponsored Unrestricted (but intended for commercial registrants)
Sponsor/
Operator
VeriSign, Inc.
Unsponsored Unrestricted (but intended for network providers, etc.)
VeriSign, Inc.
Sponsored United States educational institutions
EDUCAUSE
Contact
Registry Customer
Service
VeriSign Naming
Services
21345 Ridgetop Circle
Dulles, Virginia 20166
United States
Tel : +1 703 925-6999
Fax: +1 703 421-5828 http://www.verisigngrs.com
Registry Customer
Service
VeriSign Naming Services
21345 Ridgetop Circle
Dulles, Virginia 20166
United States
Tel: +1 703 925-6999
Fax: +1 703 421-5828 http://www.verisigngrs.com
Becky Granger
EDUCAUSE
4772 Walnut Street, Suite
206
Boulder, Colorado 80301
United States
Tel: +1-303-939-0334
Fax: +1-303-440-0461 http://www.educause.edu/ edudomain

 There are two types of queries:
 Recursive queries
 Iterative (non-recursive) queries
 The type of query is determined by a bit in the DNS query
 Recursive query: When the name server of a host cannot resolve a query, the server issues a query to resolve the query
 Iterative queries: When the name server of a host cannot resolve a query, it sends a referral to another server to the resolver.

 In a recursive query, the resolver expects the response from the name server
1 st query: neon.cs.virginia.edu
Referral to edu name server
 If the server cannot supply the answer, it will send the query to the “closest known” authoritative name server
(here: In the worst case, the closest known server is the root server)
 The root sever sends a referral to the “edu” server.
Querying this server yields a referral to the server of
“virginia.edu”
 … and so on root server
Name server
2 nd query: neon.cs.virginia.edu
Referral to virginia.edu name server
3 rd query: neon.cs.virginia.edu
edu server
Referral to cs.virginia.edu
name server virginia.edu
server
Resolver
4 th query: neon.cs.virginia.edu
IP address of neon.cs.virginia.edu
cs.virginia.edu
server

 In an iterative query, the name server sends a closest known authoritative name server a referral to the root server.
Name server
 This involves more work for the resolver
Resolver root server
2 nd
1 st
Re fe
: n eo n.c
s.v
qu ery fer ral
to
vi
Re
3 rd
q ue ry
: n eo n.
cs
.v
irg in ia
.e
du se rv rra l t o ed u na m e irg ini a.e
du am e er edu server rgi nia se rve
qu ery
: ne on.
r
.ed
u n cs.
virg inia
.ed
u nam e s erv er virginia.edu
server
Ref erra l to
cs.
virg inia
.ed
u
4 th
query: neon.cs.virginia.edu
IP address of neon.cs.virginia.edu
cs.virginia.edu
server

 To reduce DNS traffic, name servers caches information on domain name/IP address mappings
 When an entry for a query is in the cache, the server does not contact other servers
 Note: If an entry is sent from a cache, the reply from the server is marked as “unauthoritative”
 Authoritative servers can dictate how long the record is cached using the TTL value

db.mylab.com
;
$TTL 86400 mylab.com. IN SOA PC4.mylab.com. hostmaster.mylab.com. (
1 ; serial
28800 ; refresh
7200 ; retry
Slave refresh time
Slave retry time
604800 ; expire
86400 ; ttl
)
Slave expiration time
Cache time for RR mylab.com. IN NS PC4.mylab.com.
; localhost A 127.0.0.1
PC4.mylab.com. A 10.0.1.41
PC3.mylab.com. A 10.0.1.31
PC2.mylab.com. A 10.0.1.21
PC1.mylab.com. A 10.0.1.11
Max. age of cached data in seconds
* Start of authority (SOA) record.
Means: “This name server is authoritative for the zone
Mylab.com”
* PC4.mylab.com is the name server
* hostmaster@mylab.com is the email address of the person in charge
Name server (NS) record.
One entry for each authoritative name server
Address (A) records.
One entry for each hostaddress


 Please write your own answers!



 Configuring a server
 Queries and responses
 Caching
 Hierarchy of the domain name system

http://www.tcpip-lab.net/links/conf/lab8