Lab 8 - Heyook Lab

advertisement
Lab Eight : The Domain Name System
Members:
Edmund Chang
70813570
Lin He
__________
Negar Mohades
__________
Prelab 8
1.) host - DNS lookup utility. host is a simple utility for performing DNS lookups. It is
normally used to convert names to IP addresses and vice versa. When no arguments or
options are given, host prints a short summary of its command line arguments and
options.
2.) Terms used in the Domain Name System:
a. Top-level domain = The top portion of the hierarchical name space. Divides up
the Internet Name Space into categories such as COM, EDU, GOV, MIL, NET,
ORG, INT, US, ARPA. The DNS has a root domain at the top of the hierarchy
and directly under are the top-level domains.
b. CNAME (canonical name) = A host's official name as opposed to an alias. The
official name is the first hostname listed for its Internet address in the hostname
database.
c. Resolver = The resolver is the DNS client used on most Linux and BSD systems.
It comes with glibc. Its configuration file /etc/resolv.conf (note the spelling)
determines the DNS servers to use, and various other options.
d. Name server = A name server's purpose is to receive queries from resolvers and
return answers to those queries. Usually, a resolver, or some other program, will
make a query and the name server will either return an answer, or the address of
the place that the resolver can look to find an answer. Name servers hold
information about a domain's structure. If a name server holds complete
information for a specific zone, it is considered authoritative for that zone. Being
authoritative, that server is responsible for maintaining accurate information about
that zone.
e. Label = Naming in DNS begins with giving each domain, or node, in the DNS
name space a text label. The label identifies the domain within the structure, and
must follow certain syntax rules.
f. FQDN (fully qualified domain name) = A fully qualified domain name consists of
a host and domain name, including top-level domain. For example,
www.webopedia.com is a fully qualified domain name. www is the host,
webopedia is the second-level domain, and.com is the top level domain. A FQDN
always starts with a host name and continues all the way up to the top-level
domain name, so www.parc.xerox.com is also a FQDN.
g. BIND = BIND (Berkeley Internet Name Domain) is an implementation of the
Domain Name System (DNS) protocols and provides an openly redistributable
reference implementation of the major components of the Domain Name System.
The BIND DNS Server is used on the vast majority of name serving machines on
the Internet, providing a robust and stable architecture on top of which an
organization's naming architecture can be built. The resolver library included in
the BIND distribution provides the standard APIs for translation between domain
names and Internet addresses and is intended to be linked with applications
requiring name service.
h. Inverse lookup = Inverse queries where you perform a lookup for the hostname
belonging to an IP address.
i. RR (resource record) = A DNS uses resource records to resolve host names and IP
addresses. These records are stored in the DNS zone files. The record types NS,
SOA, CNAME, and PTR form the basic infrastructure of DNS.
j. SOA (start of authority) = Start of authority record. Specifies the server that
contains the zone files for the domain.
3.) Types of DNS queries:
a. Inverse queries work differently. When a DNS server receives an inverse query, it
returns the friendly name for an IP address, rather than an IP address for a friendly
name. However, searching the entire Internet for a friendly name match would
prove time consuming. Rather than waste resources, use of the in-addr.arpa
domain notifies name servers of an inverse query. Special pointer (PTR) records
are added to the in-addr.arpa domain, and these PTR records match IP addresses
(whose octets are actually reversed to delegate administration of A, B, and C class
addresses) to friendly domain names. For example, clients seeking to determine
the friendly name for the IP address 192.168.1.2 would send the local name server
a request for the PTR record for 2.1.168.192.in-addr.arpa.
b. Iterative queries: When the name server of a host cannot resolve a query, it sends
a referral to another server to the resolver.
c. Recursive query: When the name server of a host cannot resolve a query, the
server issues a query to resolve the query.
4.) Domain name servers store information about part of the domain name space called a
zone. The name server is authoritative for a particular zone. A single name server can be
authoritative for many zones. Understanding the difference between a zone and a domain
is sometimes confusing. A zone is simply a portion of a domain. For example, the
Domain Microsoft.com may contain all of the data for Microsoft.com,
Marketing.microsoft.com and Development.microsoft.com. However, the zone
Microsoft.com contains only information for Microsoft.com and references to the
authoritative name servers for the subdomains. The zone Microsoft.com can contain the
data for subdomains of Microsoft.com if they have not been delegated to another server.
For example, Marketing.microsoft.com may manage its own delegated zone.
Development.microsoft.com may be managed by the parent, Microsoft.com. If there are
no subdomains, then the zone and domain are essentially the same. In this case the zone
contains all data for the domain.
5.) Some of the top-level domains in the DNS namespace:
com
Commercial organizations
edu
Educational institutions
gov
Government institutions
int
International organizations
mil
U.S. military institutions
net
Networking organizations
org
Non-profit organizations
6.) No, domain names are not case sensitive. The constraints on the length of domain names
is that each label can be at most 63 characters and the total length of the FQDN can be at
most 255 characters.
7.) Root Servers of the Internet:
A.ROOT-SERVERS.NET.
(VeriSign, Dulles, VA)
198.41.0.4
B.ROOT-SERVERS.NET. (ISI, Marina Del Rey CA)
192.228.79.201
C.ROOT-SERVERS.NET. (Cogent Communications) 192.33.4.12
D.ROOT-SERVERS.NET. (University of Maryland)
128.8.10.90
E.ROOT-SERVERS.NET. (Nasa Ames Research Center)
192.203.230.10
F.ROOT-SERVERS.NET. (Internet Systems Consortium)
192.5.5.241
G.ROOT-SERVERS.NET. (US Department of Defense) 192.112.36.4
H.ROOT-SERVERS.NET. (US Army Research Lab)
128.63.2.53
I.ROOT-SERVERS.NET.
(Stockholm, Sweden) 192.36.148.17
J.ROOT-SERVERS.NET. (Herndon, VA)
192.58.128.30
K.ROOT-SERVERS.NET. (London, United Kingdom) 193.0.14.129
L.ROOT-SERVERS.NET. (IANA, Los Angeles) 198.32.64.12
M.ROOT-SERVERS.NET. (WIDE, Tokyo)
202.12.27.33
8.) The .arpa domain is the Address and Routing Parameter Area domain and is designated
to be used exclusively for Internet-infrastructure purposes.
9.) Result of nslookup:
C:\Documents and Settings\Edmund Chang>nslookup www.cnn.com
*** Can't find server name for address 192.168.0.1: Non-existent domain
*** Default servers are not available
Server: UnKnown
Address: 192.168.0.1
Non-authoritative answer:
Name:
cnn.com
Addresses: 64.236.16.84, 64.236.16.116, 64.236.24.4, 64.236.24.12
64.236.24.20, 64.236.24.28, 64.236.16.20, 64.236.16.52
Aliases: www.cnn.com
The computer chose 64.236.24.28.
Report
Questions from EXERCISE 2:
1.) The 1st IP address assigned to that name from top-down order will be chosen.
Questions from EXERCISE 3(A):
1.) The roles of each resource record in file db.mylab.com:
a. Asdf
b. Asdf
c. Asdf
d. Asdf
The line “$TTL 86400” specified the Time-To-Live asdfasdf
Questions from EXERCISE 3(C):
Trying "PC3.mylab.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21982
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;PC3.mylab.com.
;; ANSWER SECTION:
PC3.mylab.com.
IN
A
86400
IN
A
10.0.1.31
;; AUTHORITY SECTION:
mylab.com.
86400
IN
NS
PC4.mylab.com.
;; ADDITIONAL SECTION:
PC4.mylab.com.
86400
IN
A
10.0.1.41
Received 81 bytes from 127.0.0.1#53 in 1 ms
--------------------------------------------------------------------------Trying "21.1.0.10.in-addr.arpa"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60777
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;21.1.0.10.in-addr.arpa.
IN
PTR
;; ANSWER SECTION:
21.1.0.10.in-addr.arpa.
86400
IN
PTR
;; AUTHORITY SECTION:
1.0.10.in-addr.arpa. 86400
IN
NS
PC4.mylab.com.
;; ADDITIONAL SECTION:
PC4.mylab.com.
86400
IN
A
10.0.1.41
PC2.mylab.com.
Received 101 bytes from 127.0.0.1#53 in 1 ms
Explanation:
Since PC4 is running as a DNS server, when PC1 ping “PC3.mylab.com,” PC1 asks PC4 for the
corresponding address.
Questions from EXERCISE 3(D):
Trying "PC3.lab8.net"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 559
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;PC3.lab8.net.
IN
A
86400
IN
A
10.0.2.32
;; AUTHORITY SECTION:
lab8.net.
86400
IN
NS
PC4.lab8.net.
;; ADDITIONAL SECTION:
PC4.lab8.net.
86400
IN
A
10.0.2.42
;; ANSWER SECTION:
PC3.lab8.net.
Received 80 bytes from 10.0.1.41#53 in 1 ms
Questions from EXERCISE 3(E):
10.0.2
$TTL 86400
2.0.10.in0addr.arpa. IN SOA PC4.lab8.net.
hostmaster.lab8.net. (
1 ; serial
28800 ; refresh
7200 ; retry
604800 ; expire
86400 ; ttl
)
2.0.10.in-addr.arpa. IN NS PC4.lab8.net.
12
22
32
42
12
22
32
42
IN
IN
IN
IN
IN
IN
IN
IN
PTR
PTR
PTR
PTR
PTR
PTR
PTR
PTR
PC1.lab8.net.
PC2.lab8.net.
PC3.lab8.net.
PC4.lab8.net.
PC1.mylab.com.
PC2.mylab.com.
PC3.mylab.com.
PC4.mylab.com.
mylab.com
$TTL 86400
mylab.com.
;
mylab.com.
;
localhost
PC4.mylab.com.
PC3.mylab.com.
PC2.mylab.com.
PC1.mylab.com.
PC4.mylab.com.
PC3.mylab.com.
PC2.mylab.com.
PC1.mylab.com.
IN
SOA
PC4.mylab.com. hostmaster.mylab.com. (
1 ; serial
28800 ; refresh
7200 ; retry
604800 ; expire
86400 ; ttl
)
IN
NS
A
A
A
A
A
A
A
A
A
127.0.0.1
10.0.1.41
10.0.1.31
10.0.1.21
10.0.1.11
10.0.2.42
10.0.2.32
10.0.2.22
10.0.2.12
PC4.mylab.com.
PC1% host –v PC3.lab8.net
Trying "PC3.lab8.net"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15992
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;PC3.lab8.net.
IN
A
;; ANSWER SECTION:
PC3.lab8.net.
86400
IN
A
10.0.2.32
;; AUTHORITY SECTION:
lab8.net.
86400
IN
NS
PC4.lab8.net.
;; ADDITIONAL SECTION:
PC4.lab8.net.
86400
IN
A
10.0.2.42
Received 80 bytes from 10.0.1.41#53 in 1 ms
PC1% host –v PC3.mylab.com
Trying "PC3.mylab.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48472
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2
;; QUESTION SECTION:
;PC3.mylab.com.
;; ANSWER SECTION:
PC3.mylab.com.
PC3.mylab.com.
IN
A
86400
86400
IN
IN
A
A
10.0.1.31
10.0.2.32
;; AUTHORITY SECTION:
mylab.com.
86400
IN
NS
PC4.mylab.com.
;; ADDITIONAL SECTION:
PC4.mylab.com.
86400
PC4.mylab.com.
86400
IN
IN
A
A
10.0.2.42
10.0.1.41
Received 113 bytes from 10.0.1.41#53 in 1 ms
Questions from EXERCISE 4:
1. NOT all commands generate a DNS message.
2.
Domain Name System (query)
Transaction ID: 0xe675
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... ...0 .... = Non-authenticated data OK: Non-authenticated data is unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
PC1: type A, class inet
Name: PC1
Type: Host address
Class: inet
A DNS uses resource records to resolve host names and IP addresses. These records are stored in the
DNS zone files. The record types NS, SOA, CNAME, and PTR form the basic infrastructure of DNS.
3. For iterative queries, when the name server of a host cannot resolve a query, it sends a referral to
another server to the resolver.
For recursive queries, when the name server of a host cannot resolve a query, the server issues a query
to resolve the query.
4. PC1 caches the previous response
5. No
No. Time
2 0.001036
4 2.292099
6 4.473754
7 4.474485
Server failure
8 4.476915
9 4.477485
Server failure
10 5.933165
12 6.672161
14 9.466753
10.0.1.41
15 9.466781
00:50:bf:73:47:6a
17 10.024658
19 12.313375
Source
00:0d:29:2c:e0:00
00:0d:29:35:56:60
10.0.1.11
10.0.1.41
Destination
00:0d:29:2c:e0:00
00:0d:29:35:56:60
10.0.1.41
10.0.1.11
Protocol Info
LOOP
Loopback
LOOP
Loopback
DNS
Standard query A PC1
DNS
Standard query response,
10.0.1.11
10.0.1.41
10.0.1.41
10.0.1.11
DNS
DNS
Standard query A PC1
Standard query response,
00:0a:b7:c2:3b:80
00:0a:b7:c2:39:80
00:04:75:ad:04:73
00:0a:b7:c2:3b:80
00:0a:b7:c2:39:80
00:50:bf:73:47:6a
LOOP
LOOP
ARP
Loopback
Loopback
Who has 10.0.1.11?
00:50:bf:73:47:6a
00:04:75:ad:04:73
ARP
10.0.1.11 is at
00:0d:29:2c:e0:00
00:0d:29:35:56:60
00:0d:29:2c:e0:00
00:0d:29:35:56:60
LOOP
LOOP
Loopback
Loopback
Tell
Explain the fields in flags fields:
QR 1/8 (1 bit)
Query/Response Flag: Differentiates between queries and responses. Set to 0 when the query is
generated; changed to 1 when that query is changed to a response by a replying server.
AA 1/8 (1 bit) Authoritative Answer Flag: This bit is set to 1 in a response to indicate that the server that
created the response is authoritative for the zone in which the Additional section, it may choose not to
bother.
RD 1/8 (1 bit): Recursion Desired: When set in a query, requests that the server receiving the query
attempt to answer the query recursively, if the server supports recursive resolution. The value of this bit is
not changed in the response.
Determine how domain names and IP addresses are encoded in the DNS message.
DNS uses a special notation for DNS names. Each label is encoded one after the next in the name field.
Before each label, a single byte is used that holds a binary number indicating the number of characters in
the label. Then, the label's characters are encoded, one per byte. The end of the name is indicated by a
null label, representing the root; this of course has a length of zero, so each name ends with just a “0”
character, indicating this zero-length root label. Note that the “dots” between the labels aren't necessary,
since the length numbers delineate the labels. The computer reading the name also knows how many
bytes are in each label as it reads the name, so it can easily allocate space for the label as it reads it from
the name. For example, “www.xyzindustries.com” would be encoded as:
“[3] w w w [13] x y z i n d u s t r i e s [3] c o m [0]”
Questions from EXERCISE 5:
 The command ping –c 3 PC3.mylab.com generates a DNS message.


No.
-

-
Advantage- Running a caching-only server gives you better performance than querying a name server on
a remote system, especially if the remote system is on the other side of a gateway or router.
Disadvantage- we are making more external queries, as none of the nameservers share their cached data.
Questions from EXERCISE 5:

For each command, explain how observed DNS queries are resolved.

Source IP address, destination IP address, flags in the DNS message, and all resource records.

Which queries have the recursion-desired flag set?

List the authoritative servers for the .net domain and .com domain.

Do you observe recursive or iterative queries, or both? What is the advantage/disadvantage of
recursive DNS queries? What is the main advantage/disadvantage of iterative DNS queries?
In general, host computers issue recursive queries against DNS servers. The host assumes that the
DNS server either knows the answer to the query, or can find the answer. On the other hand, a DNS
server will generally issue iterative queries against other DNS servers if it is unable to answer a
recursive query from cached information.
CHECKLIST FORM FOR LAB 8
Prelab 8 question sheet
Checkoff for Part 1
Checkoff for Part 2
Checkoff for Part 3
Checkoff for Part 4
Checkoff for Part 5
Checkoff for Part 6
Feedback sheet
Lab report
FEEDBACK FORM FOR LAB 8
Part 1
Network Setup
Part 2
Name Resolution
without DNS
Part 3
Configuring a DNS
Server
Part 4
DNS Traffic
Part 5
Caching-Only
Servers
Part 6
Hierarchy of DNS
Servers
Difficulty
1
Interest Level
2
Time to Complete
73 minutes
1
2
60 minutes
1
2
73 minutes
1
2
60 minutes
1
0
50 minutes
1
2
60 minutes
What I liked about this lab:
-I liked the fact that it showed us how to use The Domain Name System.
What I disliked about this lab:
-The report questions were a little long and required extra research.
My suggestion to improve this lab:
-Make clearer questions and maybe a standard of what data to show since some of the
captures are huge but I am not sure what parts they want to see even though I know which ones
are relevant to my answers.
Download