Skip to content

2.4 DNS - The Internet's Directory Service

This note describes DNS: what services it provides, how it works, and how messages are structured.

Internet hosts can be identified by its hostname. However, since hostnames are variable-length characters, a router would have a hard time identifying them. For this reason, hosts are also identified by IP addresses.

An IP address consists of four bytes and has a rigid hierarchical structure. I might look like 121.7.106.83, where each period separates one of the bytes expressed in decimal notation from \(0\) to \(255\). We scan the address from left to right and as we go along, we get more specific information about where the host is located in the Internet.

Services Provided by DNS

The main task of the Internet's Domain name System (DNS) is to translate hostnames to IP addresses. The DNS is 1. A distributed database implemented in a hierarchy of DNS servers 2. An application-layer protocol that allows hosts to query the distributed database.

DNS is commonly employed by other AL protocols, like HTTP and SMTP, to translate user-supplied hostnames to IP addresses. WHen a browser (HTTP client) requests a URL like www.someschool.edu/index.html, it will do the following: 1. The user machine runs the client side of the DNS application 2. The browser extracts the hostname, www.someschool.edu, from the URL and passes the hostname to the client side of the DNS application 3. The DNS client sends a query containing the hostname to a DNS server 4. The DNS client eventually receives a reply, which includes the IP address for the hostname 5. Once the browser receives the IP address from DNS, it can initiate a TCP connection to the HTTP server process located at port 80 at that IP address

DNS provides a few other important services in addition to translating hostnames to IP addresses: 1. Host aliasing. For example, a hostname such as relay1.west-coast.enterprise.com could have two aliases such as enterprise.com and www.enterprise.com. The relay1.west-coast.enterprise.com is said to be a canonical hostname. 2. Mail server aliasing, just like host aliasing for mail 3. Load distribution: busy sites, like cnn.com are replicated over multiple servers, with each server running on a different end system and each having a different IP address. For replicated Web servers, a set of IP addresses is thus associated with one alias hostname. The DNS database contains this set of IP addresses.

Overview of How DNS Works

A simple design for DNS would have one DNS server that contains all the mappings. In the centralized design, clients simply direct all queries to the single DNS server, and the DNS server responds directly to the querying clients. Challenges of this approach include

  • A single point of failure: if DNS server crashes, the entire Internet does too

  • Traffic volume: There are millions and billions of requests from HTTP and email

  • Distant centralized database: it cannot be "close to" all the querying clients

  • Maintenance: would have to keep records for all Internet hosts

To fix this, we want to organize it in a hierarchical fashion. There are three classes of DNS servers 1. Root DNS servers: copies of 13 different root servers, managed by 12 different organizations, and coordinated through the Internet Assigned Numbers Authority. Provides the IP addresses of the TLD servers 2. Top-level domain (TLD) DNS servers: top-level domains such as com, org, net, edu, gov, and country top-level domains like uk, fr, ca, jp. There is a TLD server for each of them. 3. Authoriatative DNS servers: Every organization with publicly accessible hosts on the Internet must provide publicly accessible DNS records that map the names of those hosts to IP addresses.

2.4.1 DNShierarchy.png

Another important type of DNS server is the local DNS server. It does not strictly belong to the hierarchy, but are central to DNS architecture. Each ISP has a local DNS server. When a host connects to an ISP, the ISP provides the host with IP addresses of one or more of its local DNS servers.

Basically, it acts as a proxy, forwarding the query into the hierarchy.

2.4.2 proxydns.png

This image makes the use of both recursive queries and iterative queries. The query sent from cse.nyu.edu to dns.nyu.edu is recursive since the query asks dns.nyu.edu to obtain the mapping on its behalf. However, the subsequent three queries are iterative since all the replies are directly returned to dns.nyu.edu.

DNS Caching

DNS caching can be exploited to improve the delay performance and to reduce the number of DNS messages ricocheting around the Internet.

The idea is like any cache. In a query chain, when a DNS server receives a DNS reply, it can cache the mapping in its local memory.

DNS Records and Messages

DNS servers that together implement the DNS distributed database store resource records (RRs), including RRs that provide hostname-to-IP address mappings. Each DNS reply message carries one or more RRs.

An RR is a four-tuple that contains the following fields:

(Name, Value, Type, TTL)

TTL is the time to live of the resource record; it determines when a resource should be removed from a cache.

Name and Value depend on Type:

  • If Type=A, then Name is a hostname, and Value is the IP address for the hostname

  • If Type=NS, then Name is a domain, and Value is the hostname of an authoritative DNS server taht knows how to obtain the IP address for hosts in the domain.

  • If Type=CNAME, then Value is a canonical hostname for the alias hostname Name.

  • If Type=MX, then Value is the canonical name of a mail server that has an alias hostname Name.

DNS Messages

The semantics of the various fields in a DNS message are as follows:

  • First 12 bytes is the header section, which has a number of fields.
  • 16-bit number that identifies the query, copied into the reply message to a query, allowing the client to match received replies with sent queries
  • 1-bit query/reply flag indicating whether the message is a query (0) or reply (1).
  • 1-bit authoritative flag is set in a reply message when a DNS server is an authoritative server for a queries name
  • A 1-bit recursion-desired flag is set when a client desires that the DNS server perform recursion when it doesn't have the record.
  • A 1-bit recursion-available field is set in a reply if the DNS server supports recursion

  • 4 number-of fields, which indicate the number of occurrences of the four types of data sections that follow the header

  • Then there is a question section that contains info about the query that is being made

  • A name field that contains the name that is being queried

  • A type field indicates type of question being asked about the name Type.

  • The answer section contains the resource records for the name that was originally queried.

  • Type, Value, TTL

  • Authority section: contains the records of other authoritative servers

  • Additional section contains other helpful records.

We can send a DNS query message directly from the host you're working on to some DNS server with the nslookup program (root, TLD, authoritative)

Inserting Records into the DNS Database

Registrar: a commercial entry that verifies the uniqueness of the domain name.

Let's try to get a .com website. You first register the domain name to a registrar, and collects a small fee from you for its services. You also need to provide the registrar with the names and IP addresses of your primary and secondary authoritative DNS servers. For these two servers, the registrar would then make sure that Type=NS and Type=A record are entered into the TLD com servers.

You also have to make sure that the Type A RR for your Web server and the Type MX RR for your mail server are entered into your authoritative DNS servers.

Once all of these steps are completed, people will be able to visit your Web site and send emails to the employees at your company.

Next section 2.5 Peer-to-Peer File Distribution