Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

3. DNS - PolyU

advertisement 
COMP2322 Lab 3
DNS
Steven Lee
Feb. 19, 2016
Content
• Understand the Domain Name System (DNS).
• Analyze the DNS protocol with Wireshark.
2
IP address
• A unique address that computing devices use to
identify itself and communicate with other
devices in the Internet Protocol network
• Any device connected to the IP network must
have an unique IP address.
• IPv4 uses a 32-bit number to represent an IP
address, while IPv6 uses 128-bit number.
• IPv4 address is always written in “dotted decimal”
notation, which is 4 sets of numbers separated by
period each set representing 8-bit number
ranging from (0-255), e.g., 192.168.0.1.
3
Domain Name System (DNS)
• People prefer to use easy-to-remember names
instead of IP addresses.
• Domain names are alphanumeric names for IP
addresses e.g., www.polyu.edu.hk.
• Domain Name System (DNS) maintains an
Internet-wide distributed database and
provides translation services between domain
name and the IP address.
4
DNS: structure
• DNS is a hierarchical distributed database.
root
com
facebook.com
org
google.com
= DNS servers
wikipedia.org
edu
caltech.edu
mit.edu
5
DNS: root name servers
• DNS is a hierarchical distributed database
root
com
facebook.com
org
google.com
wikipedia.org
edu
caltech.edu
mit.edu
• 13 logical root name servers worldwide
6
DNS: root name servers
• DNS is a hierarchical distributed database.
• 500+ physical root name servers worldwide
7
DNS: top-level domain (TLD) servers
• Responsible for…
1. com, org, edu, …
2. All top-level country domains: hk, uk, jp, …
root
com
facebook.com
org
google.com
wikipedia.org
edu
caltech.edu
mit.edu
8
DNS: authoritative DNS servers
• Organization’s DNS servers, provides authoritative
hostname to IP mappings for organization’s servers
(e.g. web, mail)
• Can be maintained by organization or service provider
root
com
facebook.com
org
google.com
wikipedia.org
edu
caltech.edu
mit.edu
9
DNS: local name server
• Does not strictly belong to hierarchy
• Each ISP (e.g. residential ISP, company,
university) has one.
– It is usually the default DNS server.
• When a host makes DNS query, a query is sent
to its local DNS server.
– Acts as proxy, forwards query into hierarchy
10
DNS resolution
• Two approaches
1. Iterative query
2. Recursive query
11
DNS resolution (iterative query)
root DNS server
2
3
4
local DNS server
hkpu03.polyu.edu.hk
5
1
requesting host
PolyU computer
TLD DNS server
com DNS server
6
8
7
authoritative DNS server
ns4.google.com
mail.google.com
12
DNS resolution (recursive query)
root DNS server
2
7
6
3
local DNS server
TLD DNS server
hkpu03.polyu.edu.hk
com DNS server
1
requesting host
PolyU computer
8
5
4
authoritative DNS server
ns4.google.com
mail.google.com
13
DNS cache
• A name server caches a mapping it learns
about
– Cache entries expire and are flushed after some
time specified by time to live (TTL).
– TLD DNS servers are typically cached in local DNS
server, reducing workloads of root DNS servers.
14
ipconfig
• Open Command Prompt:
Win+R → Type “cmd’ → Press OK
• To check your default DNS server(s)
1. Input command “ipconfig /all”
2. Check the DNS Servers field
• To display cached DNS records
– Input command “ipconfig /displaydns”
• To clear DNS cache
– Input command “ipconfig /flushdns”
15
nslookup
• A tool for querying any specified DNS server
for a DNS record
• To run nslookup:
1. Open Command Prompt
2. Input command “nslookup”
16
nslookup
• Input command “nslookup polyu.edu.hk”
• Server: (Name of the default DNS server)
Address: (IP address of the default DNS server)
Name: polyu.edu.hk
Address: (IP address of polyu.edu.hk)
• “Non-authoritative answer” means that the
answer came from the cache of some server
rather than an authoritative DNS server
17
Practice 1
• Y:\Win32\WiresharkPortable_1.4
• Input command “nslookup polyu.edu.hk”
• Examine the DNS query and response messages for
type A record
• Question 1 (2 marks for each part)
a) What is the destination port for the DNS query message?
What is the source port for the DNS response message?
b) What IP address is the DNS query message sent to? Is it
the same as that of your default DNS server?
c) How many answers are provided in the DNS response?
What does each answer contain?
18
nslookup
• Input command
“nslookup –type=NS polyu.edu.hk”
• Server: (Name of the default DNS server)
Address: (IP address of the default DNS server)
(Authoritative nameservers)
19
Practice 2
• Input command
“nslookup –type=NS polyu.edu.hk”
• Examine the DNS query and response messages
for type NS record.
• Question 2
a) What IP address is the DNS query message sent to?
Is it the same as that of your default DNS server?
b) What nameservers does the response message
provide? Does this response message also provide
the IP addresses of the nameservers?
20
nslookup
• Input command
“nslookup polyu.edu.hk 8.8.8.8”
• Server: (Name of Google’s DNS server)
Address: 8.8.8.8
Name: polyu.edu.hk
Address: (IP address of polyu.edu.hk)
21
Practice 3
• Input command
“nslookup polyu.edu.hk 8.8.8.8”
• Examine the DNS query and response messages
for type NS record.
• Question 3
a) What IP address is the DNS query message sent to?
Is it the same as that of your default DNS server? If
not, what does the IP address correspond to?
b) How many answers are provided in the DNS
response? What does each answer contain?
22
Practice 4
• Clear DNS and web cache
• Visit http://www.ietf.org
• Question 4
a)
b)
c)
d)
e)
f)
Are the DNS query and response messages sent over TCP or
UDP?
What is the destination port for the DNS query message?
What is the source port for the DNS response message?
What IP address is the DNS query message sent to? Is it the
same as that of your default DNS server?
What is the type of the DNS query?
How many answers are provided in the DNS response?
This web page contains images. Before retrieving each image,
does your host issue any new DNS query?
23
Practice 5
• Visit http://viewdns.info/chinesefirewall/
• Click on “facebook.com”
• Question 5
a) What is the expected IP address of Facebook?
b) Does any of the IP addresses received within China
match the expected value?
c) Select one of the received IP addresses, does the
domain exist? How can you tell? (Failed to access
the IP address via browser cannot prove a domain’s
nonexistence)
24
Reference
• J.F Kurose and K.W. Ross, Computer
Networking: A Top Down Approach,
5th edition. Addison-Wesley, 2009.
25
Related documents
Questions for Unit-7
Questions for Unit-7
HOMEWORK 1 • DNS stands for do not submit (1) DNS Make up a
HOMEWORK 1 • DNS stands for do not submit (1) DNS Make up a
What Is DNS, And Why Do I Care
What Is DNS, And Why Do I Care
Assignment-2_old Paper
Assignment-2_old Paper
Super G on Raven PTarmigan January15th, 2009 RACE JURY
Super G on Raven PTarmigan January15th, 2009 RACE JURY
Matching game to review for Exam II
Matching game to review for Exam II
Lab 11 - Personal Web Pages
Lab 11 - Personal Web Pages
HOMEWORK 2 • DNS stands for do not submit 1. Problems In the
HOMEWORK 2 • DNS stands for do not submit 1. Problems In the
Name Services
Name Services
Download
advertisement