Lets talk dns

Let ’s talk DNS

1

History

• Once upon a time …

• computers were very expensive

• computers were very large

• computers were isolated, didn’t talk to each other

2

Early Internet Era - ARPANET• Later, they started getting connected with others* like ARPANET which

• contains few ~100 nodes

• contains name to address mapping on hosts.txt file

• each host obtains copies of the master hosts.txt file

• files use to be replaced over FTP • *thanks to packet-switching network era

3

4






5

Sample hosts.txt

6






7

Issues with ARPANET• ARPANET worked for a while, but not for long as

• hosts.txt files became extremely large (in size)

• exponential bandwidth requirements

• unscalable to the needs of emerging network requirements for hosts mapping

• and remember, this is decades before rsync

• Problem with hosts.txt

• consistency

• name collision (there was no Git for conflict management)

8

Requirements• Essentially we need a system which

• can store numbers(IP) with names mapping (database service at core)

• can be able to handle changes of associations

• can be distributed in nature - so no single point of failure

• can be hierarchical in nature, if someone doesn't know the binding, it goes up the hierarchy

• can delegate responsibility - should support a tree structure delegation

9

DNS• Is in use since 1980

• Defined in RFC 882 and RFC 883 in 1983

• Superseded in RFC 1034 and RFC 1035 in 1987

10

DNS• Async protocol

• Stateless (UDP)

• A very simple packet format

• Compatible with IP suite protocols

• Aggressive caching

• response message specifies TTL

• servers respond to queries with additional information

• First Unix name server implementation is popularly known as BIND, written in 1984 and was first ported to Windows NT

11

DNS - In reality• Data is indexed by domain names

• Domain name is a sequence of labels

• Labels are separated by dots (“.”) and form a tree

• Domain names are case insensitive ASCII

• DNS administration is share

• Authority is delegated

• No single entity in charge

• Top to bottom approach

• 13 root servers

• “Empty label” covers the “.” zone

12

Root and TLDs

• Top level domains

• GTLD: Generic top-level domain (.com, .org ..)

• ccTLD (.in, .eu, .uk …)

• New TLDs (.tourism, .india, .book …)

• IDN (ایران. .МОСКВА)

13

Root and TLDs

14

13 Root TLDs Hostname IP Addresses Manager

• a.root-servers.net 198.41.0.4, 2001:503:ba3e::2:30 VeriSign, Inc.

• b.root-servers.net 192.228.79.201, 2001:500:84::b University of Southern California (ISI)

• c.root-servers.net 192.33.4.12, 2001:500:2::c Cogent Communications

• d.root-servers.net 199.7.91.13, 2001:500:2d::d University of Maryland

• e.root-servers.net 192.203.230.10 NASA (Ames Research Center)

• f.root-servers.net 192.5.5.241, 2001:500:2f::f Internet Systems Consortium, Inc.

• g.root-servers.net 192.112.36.4 US Department of Defense (NIC)

• h.root-servers.net 198.97.190.53, 2001:500:1::53 US Army (Research Lab)

• i.root-servers.net 192.36.148.17, 2001:7fe::53 Netnod

• j.root-servers.net 192.58.128.30, 2001:503:c27::2:30 VeriSign, Inc.

• k.root-servers.net 193.0.14.129, 2001:7fd::1 RIPE NCC

• l.root-servers.net 199.7.83.42, 2001:500:9f::42 ICANN

• m.root-servers.net 202.12.27.33, 2001:dc3::35 WIDE Project

NOTE

Generally these 13 well known root servers are compiled in or configured

Also many resolvers choose to cache “.” locally

15

http://a.root-servers.net

Delegation: domains and zone• Domain: entire subtree

• Zone: part of domain administered by an entity (smaller, more manageable units by delegation)

16

DNS: Operation of the protocol• Server respond to queries

• Clients recursively query servers

• Responses are cached everywhere

Fundamental Concept -

Keep asking the same question until you get a reply or until you get bored waiting.

17

DNS Actors

query?

response recursiveresolver

name server

authoritative server /root server

stubresolver

18

DNS Actors1. Clients configure recursive

resolver, read from /etc/resolv.conf

19



2. Recursive resolver find answers on behalf of clients. They query the DNS from the root until they find the answer.

RESOLVER -

1. stub-resolver queries to resolve names

2. queries the authoritative servers for the answer and serve it back

3. results are cached based on TTL

20



2. Recursive resolver find answers on behalf of clients. They query the DNS from the root until they find the answer.

3. Authoritative server replies authoritatively to queries.

21

DNS Actors• Records are in its zone file

• Type A, AAAA, MX, CNAME etc

• Only Answer queries for data under their authority

• (only if they have internal copy of the data)

• If can’t answer, it points to authority

• but doesn't query recursively

22

DNS Flow - Example

23

Different type of servers

• Authoritative-only DNS Servers

• Authoritative severs can also be caching servers

• Recursive Caching DNS Servers

• Forwarding DNS Servers

• Primary & Slave Servers

24

Queries, Responses & Flags

25

x• Every DNS query consists of following:

• qname: a domain name(popularly know as URLs)

• qtype: A, AAAA, MX etc denotes type of record

• qclass: IN or CH (mostly IN is used)

• Flags: QR, RD, DO, AD, EDNS Opt etc

dig +short A IN google.com

Flags TypeClass Name

26

Types of DNS queries• Forward DNS query

• Look up host’s IP-address by name

• for example - yahoo.com has 98.138.253.109 address

• Reverse DNS query

• Look up host’s name by IP-address

• for example - 98.138.253.109 belongs to yahoo.com

27

http://yahoo.com

DNS Flags• qr — query response (A)

• rd — recursion desired (A) (Q)

• ra — recursion available (A)

• aa — authoritative answer (A)

28

Sample DNS Query In Action

query?

response recursiveresolver

root server “.”

stubresolver

TLD server “.com”

Host server

1. Do I know me.com? — No! 2. Do I know .com? — No! 3. Send query to resolver .. wait

4.Same(1,2) questions will be asked by recursive resolver 5. Do I know me.com? — No! 6. Send query to root server .. wait

29

http://me.com

http://me.com

Sample DNS dig response

30

DNS Record Types• A, AAAA IPv4, IPv6 address

• NS NameServer

• CNAME Canonical name

• MX Mail Exchanger

• PTR Reverse info (IP to host)

• SRV Service (host + port number)

• SOA Start of authority

31

Record Types - A, AAAA• A denotes IPv4 records

• divided into 4 octets/classes

• each octet is of 8 bits

• maximum 2*32 combinations

• AAAA denotes IPv6 records

• 128 bit string

• maximum 2*128 combinations

216.58.220.46

32

2404:6800:4007:800::200e

Record Types - NS

• Name Server Record

• Used to delegate a subdomain to a set of name servers

• Generally we publish NS records in our authoritative name-servers for domains we are authoritative for

• Appears in master and child zones

33

Record Types - CNAME• Canonical Name Record

• rdata contains mapped domain name

• Must always point to another domain-name and not to an IP address

Sample example -

Name Type Value

bar.example.com CNAME foo.example.com

34

http://bar.example.com

http://foo.example.com

Record Types - MX• Mail Exchanger Record

• Defines host which will be receiving emails

• rdata contains the preference field and the hostname of the mail receiver

• Lower preference == Higher priority

35

Record Types - SRV• Used for specifying hostname and port-number of servers for specified

services

• Service record: “generic” description of service

• SIP and XMPP often require SRV support

Sample Example -

36

Record Types - SOA• Stored in a every DNS zone, specifies information about DNS zone, defined at the start of a new

zone

• Always appears at the beginning of the zone

• Each zone contains a single SOA record

• Generally it contains

• name of the server, that supplied the data

• administrator of the zone

• current version of data-zone file

• number of seconds a secondary name server should wait before retrying a failed zone transfer

• default TTL, etc.

37

? Thanks

Abhinav Mehta

@mehta_

38

Technology

Lets talk dns