SUBJECT:- NETWORK TECNOLOGY TOPIC NAME:- DOMAIN NAME SYSTEM (DNS) PRESENTED BY:- KUMAR SHIVAM ROLL:-20124 DIV:-A DOMAIN NAME SYSTEM(DNS) DNS stands for Domain Name System or Domain Network Service. DNS is the way which computers can contact each other and do things such as exchange electron mail, or display Web pages. A domain name is the unique name that is ansigned to website. The Domain Name System (DNS) provides: 1. A method for identifying hosts with friendly names instead of IP addresses 2. A distributed mechanism for storing and maintaining lists of names and 1 addresses of hosts. 3. A method for locating hosts by resolving their names into their associated addresses so that network communication can be initiated with the host. CLASSIFICATION DNS domains can be classified as one of the following: A Parent domain, which contains other domains. An example of a parent domai is microsoft.com A Child domain, or subdomain, which is contained within a parent domain Examples of child domains in the microsoft.com parent domain an northwind.microsoft.com and marketing.microsoft.com. A domain name that ends with a period is called as absolute domain name or fully qualified domain name. The topmost domain called the root domain. Top level domains are divided into two areas; i.e. generic and countries Three character domains are called as generic domains. The generic domains .gov and 'mil' are restricted to the United States only. Two character domains are called as country domains (e.g. in for India, us for United States, nz for New Zealand). The generic domains define registered hosts according to their generic behaviour. Each node in the tree define a domain, which to the domain name database. The country domain section follows the same format as the generic domain but use two-character country abbreviations in place of three character organizational abbreviations at the first level. The domain are case insensitive(i.e. com and COM are same). Each domain is named by the path upward from it to the root. The components separated by period. This is called as Hierarchical Routing. DNS PROTOCOL The DNS protocol consists of difference types of DNS that are processed according to the information in their message fields. DNS protocols consist of message type which consists of queries, updates, and responses. DNS (Domain Name System) query message format has fixed length which is 12 bytes. DNS header has fixed length and all other such as Question Entries, Answer Resource Records, Authority Resource Records, Additional Resource Records have variable length There are many other type of DNS messages or protocol such as DNS query message header, DNS query question entries, DNS resource records, Name query message, Name query response, Reverse name message, DNS update message from DNS update message flags, Dynamic update response message. Various fields of DNS protocol messages are: ID: Identification field used to correlate queries and responses. Q: Identifies the message as a query or response. Query: Describes the type of message: 0-Standard query (name to address); 1 Inverse query: 2-Server status request. A (Authoritative Answer): When set to 1. Identifies the response is one made b an authoritative name server. T (Truncation): When set to 1 indicates the message has been truncated. R: Set to 1 by the resolve to request recursive service by the name server. V: Signals the availability of recursive service by the name server. B: Reserved for future use. Must be set to 0. Rcode: Response Code that is set by the name server to identify the status of this query Question count: Defines the number of entries in the question section. Answer count: Defines the number of resource records in the answer section. Authority count. Defines the number of name server resource records in the authority section. Additional counts Defines the number of resource records in the additional records section. DNS Message The DNS protocol uses a common message format for all exchanges between client and server or between servers. Fig. shows the overall format of the DNS message: The message has a fixed 12-byte header followed by four variablelength field. DNS has two type of messages: QUERY and RESPONSE, Both types have same format. The query message consists of a header and question records; the response message consists of a header, question records, answer records, authoritative records and additional records. DNS Message Header: The format of header is shown in fig:- The header fields are as follows: Identification: This is 16 bit field used by the client to match the response with the query. Flags: This is 16 bit field, which is a collection of subfields that defines the type of the message, type of the answers requested, type of the desired resolution and so on. The 16 bi flags fields divided into numerous pieces, as shown in fig. We will start at the leftmost bit and describe each field, QR is a 1-bit field, O means the message is a Query, 1 means it's a Response, opcode is a 4-bit field. The normal value is 0 (a standard query). Other values are 1(an inverse query) and 2 (server status request) AA is a 1-bit flag that means "Authoritative Answer." The name server is authoritative for the domain in the question section. TC is a 1-bit field that means "Truncated." With UDP this means the total size of the reply exceeded 512 bytes, and only the first 512 bytes of the reply was returned RD is a 1-bit field that means "Recursion Desired." This bit can be set in a query and is then returned in the response. This flag tells the name server to handie the query itself, called a Recursive Query. If the bit is not set, and the requested name server doesn't have an authoritative answer, the requested name server returns a list of other name servers to contact for the answer. This is called an Iterative Query 1. 2. 3. 4. 5. 6. 7. RA is a 1-bit field that means "Recursion Available." This bit is set to 1 in the response if the server supports recursion. We'll see in our examples that most name servers provide recursion, except for some root servers. rcode is a 4-bit field with the Return Code. The common values are 0 (no error) and 3 (name error). A name error is returned only from an authoritative name server means the domain name specified in the query does not exist. Number of question records: It contains the number of queries in the question section of the message. Number of answer records: It contains the number of answer records in the answer section of the response message. Its value is zero in the query message. Number of authoritative records: It contains the number of authoritative records in the authoritative section of the response message. Its value is zero in the query message. Number of additional records: It contains the number of additional records in the additional section of the response message. Its value is zero in the query message. Question Section: This section consists of one or more question records. It is present on both query and response messages. The query name is the name being looked up. It is a sequence of one or more labels. Each label begins with a 1-byte count that specifies the number of bytes