DNS Domain Name Systems Records 1. TYPES OF DNS RECORDS 2

DNS

Domain Name SystemsRecords

1

TYPES OF DNS RECORDS

2

3

Types of DNS records Important categories of data stored in DNS

include the following: “A” record or address record maps a

hostname to a 32-bit IPv4 address. An AAAA record or IPv6 address record maps a hostname to a 128-bit IPv6

address. CNAME record or canonical name record is an

alias of one name to another A record to which the alias points can be either local or

remote (a foreign name server) Useful when running multiple services from a single IP

address e.g. FTP and a Web server

Each service can then have its own entry in DNS e.g. ftp.example.com. and www.example.com.

4

Types of DNS records continued:

MX record or mail exchange record maps a domain name to a list of mail exchange servers for that domain

PTR record or pointer record maps an IPv4 address to the canonical name for that host

Setting up a PTR record for a hostname in the in-addr.arpa. domain that corresponds to an IP address implements reverse DNS lookup for that address

For example (at the time of writing), www.icann.net has the IP address 192.0.34.164, but a PTR record maps 164.34.0.192.in-addr.arpa to its canonical name, referrals.icann.org.

NS record or name server record maps a domain name to a list of DNS servers authoritative for that domain

Delegations depend on NS records

5

Types of DNS records Important categories of data stored in DNS

include the following: (cont.) SOA record (start of authority record)

specifies the DNS server Provides authoritative information about an Internet domain, the email of the

domain administrator, the domain serial number, and several timers relating to refreshing the zone

TXT Record allows an administrator to insert arbitrary text into a DNS record.

For example, this record is used to implement the Sender Policy Framework and DomainKeys specifications

When sent over the internet, all records use the common format specified in RFC 1035

6

Other interesting DNS records

NAPTR records ("Naming Authority Pointer") a newer type of DNS record that supports regular expression based rewriting

Other types of records simply provide information LOC record gives the physical location of a host Experimental data

for example, a WKS record gives a list of servers offering some well known service such as HTTP or POP3 for a domain

7

DNS Records – Complete List http://www.iana.org/assignments/dns-paramet

ers

http://www.iana.org/assignments/dns-parameters

http://www.iana.org/assignments/dns-parameters

8

A snippet of a Simplified Example DNS Record for logicbbs.org

First three lines describe valid name servers for logicbbs.org.

Next entry indicates that the mail exchanger for logicbbs.org has a priority of 10 and messages should be directed to mail.logicbbs.org

Priority values indicate where to send e-mail if a server is unavailable; the lower the priority value, the higher the priority of that server

Mail servers send e-mail to the server with the lowest priority value, and then work their way up the values listed as necessary.

The next line indicates that logicbbs.org (the second-level domain) is at 69.17.158.109

The www and mail sub domains (www.logicbbs.org, mail.logicbbs.org) also point to 69.17.158.109

The last two lines assign addresses to www.logicbbs.org and mail.logicbbs.org

If a fully qualified name is not shown the domain name is assumed to fill in

www www.logicbbs.org mail mail.logicbbs.org

The DNS record is the reason why some internet addresses do not need the “www” prefix, while others do

If that particular domain has a www A record that differs from the basic A record, then anydomain.com may be different from www.anydomain.com, and the former may not work

Other sites, like logicbbs.org, have both the top-level domain and the www subdomain pointing to the same IP address, which reduces confusion and ambiguity

IN NS ns.planix.com IN NS ns1.mydyndns.orgIN NS ns2.mydyndns.org

IN MX 10 mailIN A 69.17.158.109

www IN A 69.17.158.109mail IN A 69.17.158.109

9

Internationalized Domain Names

Domain names technically have no restrictions on the characters

Can include non-ASCII characters Same is not true for host names

Host names are the names used for things like e-mail and web browsing Host names are restricted to a small subset of the ASCII

character set that includes Roman alphabet in upper and lower case Digits 0 through 9 The dot “.” The hyphen “-”

Prevents the native representation of names and words of many languages

ICANN has approved the Puny code-based IDNA system Maps Unicode strings into the valid DNS character set

Workaround to this issue Some registries have adopted IDNA

DNS

Forward -vs- ReverseLookups

10

11

Lookups

Forward DNS lookup Using an Internet domain name to

find an IP address The most common use

Reverse DNS lookup Using an Internet IP address to find a

domain name

http://searchsmb.techtarget.com/sDefinition/0,,sid44_gci213968,00.html

http://searchsmb.techtarget.com/sDefinition/0,,sid44_gci213968,00.html

12

Lookups When you enter an address for a Web site at your browser

The address is typically transmitted to a nearby router The router sends the request to a DNS server

It does a forward DNS lookup in a routing table to locate the IP address Forward DNS lookup is the more common lookup

Most users think in terms of domain names rather than IP addresses

Occasionally you may see a Web page with a URL in which the domain name part is expressed as an IP address (sometimes called a dot address) and want to be able to see its domain name

nslookup: An Internet facility that lets you do either forward or reverse DNS lookup

yourself is called Comes with some operating systems Can download the program and install it in your computer

13

DNS

Delegation/Parenting

14

DNS Example

http://www.comptechdoc.org/independent/networking/guide/netdns.html



15

Host Names Domain Name Service (DNS) is the service used to convert

human readable names of hosts to IP addresses Host names are not case sensitive and can contain alphabetic or

numeric characters or the hyphen A fully qualified domain name (FQDN) consists of the host name

plus domain name as in the following example: computername.domain.com

Resolver: The part of the system sending the queries On the client side of the configuration

Name server: Answers the queries

Main function of DNS is mapping IP addresses to human readable names

Three main components of DNS resolver name server database of resource records (RRs)

16

Domain Name System (DNS)

Basically a huge distributed database Resides on various computers Overall contains the names and IP addresses of

hosts on the internet and various domains

17


Provides information to the Domain Name Service to use when queries are made The service is the act of querying the database

The system is the data structure and data itself Domain Name System is similar to a file system

starting with a root Branches attach to the root to create a huge set of

paths Each branch in the DNS is called a label Each label can be 63 characters long, but most are

less Each text word between the dots can be 63 characters in

length The total domain name (all the labels) limited to 254 bytes in

overall length

18


Provides information to the Domain Name Service to use when queries are made Domain name system database is divided into

sections called zones Name servers in their respective zones are

responsible for answering queries for their zones A zone is a subtree of DNS and is administered

separately There must be multiple name servers for a zone

Must be at least two One primary name server One or more secondary name servers

A name server may be authoritative for more than one zone

19


DNS names are assigned through the Internet Registries by the Internet Assigned Number Authority (IANA) Domain name is a name assigned to an

internet domain For example, mycollege.edu represents the domain

name of an educational institution Names like microsoft.com and 3Com.com represent

the domain names at those commercial companies Naming hosts within the domain is up to

individuals administering that domain

20


Access to the Domain name database through a resolver: May be a program or part of an operating

system that resides on users workstations In Unix the resolver is accessed by using the library functions

"gethostbyname" and "gethostbyaddr“ Resolver sends requests to the name

servers to return information requested by the user

Requesting computer tries to connect to the name server using its IP address rather than the name

21

Structure and message format

Drawing shows a partial DNS hierarchy

At the top is the root Start of all other branches in the

DNS tree Designated by a period (.)

Each branch moves down from level to level

When referring to DNS addresses

Referred to from the bottom up

With the root designator (period) at the far right

Example: "myhost.mycompany.com."

22

DNS DNS is hierarchical in structure

A domain is a subtree of the domain name space From the root, the typical assigned top-level domains in the

U.S. are: GOV - Government body EDU - Educational body INT - International organization NET - Networks COM - Commercial entity MIL - U. S. Military ORG - Any other organization not previously listed.

Outside this list are top level domains for various countries Each node on the domain name system is separated by a '.'

Example: "mymachine.mycompany.com." Note that any name ending in a "." is an absolute domain name since it

goes back to root

23

DNS Usage and file formats

If a domain name is not found when a query is made Server may search for the name elsewhere

Return the information to the requesting workstation- or - Return the address of a name server that the workstation can query to get

more information Special servers on the Internet provide guidance to all

name servers Known as root name servers

Do not contain all information about every host on the Internet Do provide direction as to where domains are located (the IP address of the

name server for the uppermost domain a server is requesting) http://www.root-servers.org/

Root name server is the starting point to find any domain on the Internet

http://www.root-servers.org/

24

Name Server Types Three types of name servers:

Primary master Builds its database from files that were preconfigured on its hosts

Called zone or database files The name server reads these files and builds a database for the zone it is

authoritative for Secondary masters

Provide information to resolvers just like the primary masters Get their information from the primary

Any updates to the database are provided by the primary Caching name server –

Gets all its answers to queries from other name servers Saves (caches) the answers

It is a non-authoritative server Caching only name server generates no zone

transfer traffic A DNS Server that can communicate outside of the private

network to resolve a DNS name query is referred to as forwarder

25

DNS Query Types There are several types of queries issued:

Recursive queries received by a server forces that server to find the information requested or post a message back to the querier that the information cannot be found

Iterative queries allow the server to search for the information and pass back the best information it knows about.

This is the type that is used between servers. Clients used the recursive query

Reverse - The client provides the IP address and asks for the name. In other queries the name is provided, and the IP address is returned to the client. Reverse lookup entries for a network 192.168.100.0 is "100.168.192.in-addr arpa"

Generally (but not always) Server-to-server query is iterative Client-resolver-to-server query is recursive.

Note: a server can be queried or it can be the entity placing a query Therefore, a server contains both the server and client functions A server can transmit either type of query If it is handed a recursive query from a remote source

it must transmit other queries to find the specified name- Or - send a message back to the originator of the query that the name could not be found

26

DNS DNS Transport protocol

DNS resolvers first attempt to use UDP for transport, then use TCP if UDP fails

The "DNS Database" A database is made up of records and the DNS is a database Common resource record types in the DNS database are:

A - Host's IP address Address record allowing a computer name to be translated into an IP address Each computer must have this record for its IP address to be located These names are not assigned for clients that have dynamically assigned IP addresses, but are

a must for locating servers with static IP addresses PTR - Host’s domain name, host identified by its IP address CNAME - Host’s canonical name allows additional names or aliases to be used to locate a

computer MX - Host’s or domain’s mail exchanger NS - Host’s or domain’s name server(s) SOA - Indicates authority for the domain TXT - Generic text record

When a resolver requests information from the server, the DNS query message indicates one of the preceding types

27

DNS Files

CACHE.DNS DNS Cache file

This file is used to resolve internet DNS queries

On Windows systems: Located in the WINNTROOT\system32\DNS

directory Used to configure a DNS server to use a DNS

server on the internet to resolve names not in the local domain

28

Example Files Following is a partial explanation of some records in

the database on a Linux based system This information explains some important DNS settings that are

common to all DNS servers An example /var/named/db.mycompany.com.hosts file follows:

mycompany.com. IN SOA mymachine.mycompany.com. root.mymachine.mycompany.com. ( 1999112701 ;Serial number as date & two digit number YYYYMMDDXX 10800 ; Refresh in seconds 28800=8H 3600 ; Retry in seconds 7200=2H 604800 ; Expire 3600000=1 week 86400 ) ; Minimum TTL 86400=24Hours mycompany.com. IN NS mymachine.mycompany.com. mycompany.com. IN MX 10 mailmachine.mycompany.com. mymachine.mycompany.com. IN A 10.1.0.100 mailmachine.mycompany.com. IN A 10.1.0.4 george.mycompany.com. IN A 10.1.3.16

MYCOMPANY.COM domain DNS example

29

mycompany.com. IN SOA mymachine.mycompany.com. root.mymachine.mycompany.com. ( 1999112701 ;Serial number as date & two digit number YYYYMMDDXX 10800 ; Refresh in seconds 28800=8H 3600 ; Retry in seconds 7200=2H 604800 ; Expire 3600000=1 week 86400 ) ; Minimum TTL 86400=24Hours mycompany.com. IN NS mymachine.mycompany.com. mycompany.com. IN MX 10 mailmachine.mycompany.com. mymachine.mycompany.com. IN A 10.1.0.100 mailmachine.mycompany.com. IN A 10.1.0.4 george.mycompany.com. IN A 10.1.3.16

30

First line entries: mycompany.com.

Indicates this record is for the domain mycompany.com. IN

Indicates Internet Name record SOA

Indicates this server is the authority for its domain, mycompany.com. mymachine.mycompany.com.

The primary nameserver for this domain root.mymachine.mycompany.com.

Who to contact for more information Data within the parentheses is info for the secondary nameserver(s) which run

as slave(s) to the master. Elements after a ; on a line are comments 1999112701 - Serial number

If less than master's SN, the slave will get a new copy of this file from the master Must be a strictly increasing number when updated Note the de facto date standard: yyyymmddnn

10800 – Refresh Time in seconds between when the slave compares this file's SN with the master

3600 – Retry Time the server should wait before asking again if the master fails to respond to a file update (SOA request)

604800 – Expire Time in seconds the slave server can respond even though it cannot get an updated zone file

86400 – TTL Time to live in seconds that a resolver will use data received from a nameserver before it will ask for the same data

again

mycompany.com. IN SOA mymachine.mycompany.com. root.mymachine.mycompany.com. ( 1999112701 ;Serial number as date & two digit number YYMMDDXX 10800 ; Refresh in seconds 28800=8H 3600 ; Retry in seconds 7200=2H 604800 ; Expire 3600000=1 week 86400 ) ; Minimum TTL 86400=24Hours mycompany.com. IN NS mymachine.mycompany.com. mycompany.com. IN MX 10 mailmachine.mycompany.com. mymachine.mycompany.com. IN A 10.1.0.100 mailmachine.mycompany.com. IN A 10.1.0.4 george.mycompany.com. IN A 10.1.3.16

31

Following is the nameserver resource record(s) May be several of these if there are slave name servers

mycompany.com. IN NS mymachine.mycompany.com. Should match the entry in the SOA record

May add slave server entries below this like: mycompany.com. IN NS ournamesv1.mycompany.com. mycompany.com. IN NS ournamesv2.mycompany.com. mycompany.com. IN NS ournamesv3.mycompany.com.

E.g. mycompany.com. IN SOA mymachine.mycompany.com. root.mymachine.mycompany.com. (

1999112701 ;Serial number as date & two digit number YYMMDDXX 10800 ; Refresh in seconds 28800=8H 3600 ; Retry in seconds 7200=2H 604800 ; Expire 3600000=1 week 86400 ) ; Minimum TTL 86400=24Hours mycompany.com. IN NS mymachine.mycompany.com. mycompany.com. IN NS ournamesv1.mycompany.com. mycompany.com. IN NS ournamesv2.mycompany.com. mycompany.com. IN NS ournamesv3.mycompany.com. mycompany.com. IN MX 10 mailmachine.mycompany.com. mymachine.mycompany.com. IN A 10.1.0.100 mailmachine.mycompany.com. IN A 10.1.0.4 george.mycompany.com. IN A 10.1.3.16

The above domain mycompany.com. has: 1 name server 3 slave servers


32

Next line indicates the mail server record mycompany.com. IN MX 10 mailmachine.mycompany.com.

There can be several mail servers Numeric value on the line indicates the preference or

precedence for the use of that mail server Lower number indicates a higher preference

Range of values is from 0 to 65535 To enter more mail servers

Enter a new line for each one similar to the nameserver entries above Be sure to set the preferences value correctly

Different values for each mail server: Lowest number is used if available Goes to next lowest if lowest not available

Same values for some name servers Services them "round-robin"


33

Rest of the lines are the name to IP mappings for the machines in the organization

mymachine.mycompany.com. IN A 10.1.0.100

mailmachine.mycompany.com. IN A 10.1.0.4 george.mycompany.com. IN A 10.1.3.16

Note: nameserver and mailserver listed are listed here

with IP addresses along with any other server machines required for

your network


34

Aliases can be added with lines like the following: mymachine.mycompany.com IN CNAME nameserver.mycompany.com.

george.mycompany.com IN CNAME dataserver.mycompany.com. Linux1.mycompany.com IN CNAME engserver.mycompany.com. Linux2.mycompany.com IN CNAME mailserver2.mycompany.com.

When a client (resolver) sends a request if the nameserver finds a CNAME record:

replaces the requested name with the CNAME finds the address of the CNAME value return this value to the client

A host that has more than one network card which is set to address two different subnets can have more than one address for a name

mymachine.mycompany.com IN A 10.1.0.100 IN A 10.1.1.100 When a client queries the nameserver for the address of a multi

homed host, the nameserver will return the address that is closest to the client address

If the client is on a different network than both the subnet addresses of the multi homed host, the server will return both addresses


35

Record with Aliases: mycompany.com. IN SOA mymachine.mycompany.com. root.mymachine.mycompany.com. (

1999112701 ; Serial number as date & two digit number YYMMDDXX 10800 ; Refresh in seconds 28800=8H 3600 ; Retry in seconds 7200=2H 604800 ; Expire 3600000=1 week 86400 ; Minimum TTL 86400=24Hours

) mycompany.com. IN NS mymachine.mycompany.com. mycompany.com. IN MX 10 mailmachine.mycompany.com. mymachine.mycompany.com. IN A 10.1.0.100 mailmachine.mycompany.com. IN A 10.1.0.4 george.mycompany.com. IN A 10.1.3.16Linux1.mycompany.com. IN A 10.1.4.32Linux2.mycompany.com. IN A 10.1.4.33 mymachine.mycompany.com IN CNAME nameserver.mycompany.com. george.mycompany.com IN CNAME dataserver.mycompany.com. Linux1.mycompany.com IN CNAME engserver.mycompany.com. Linux2.mycompany.com IN CNAME mailserver2.mycompany.com.


36

Notes:

Domain names ending with a dot are absolute names Specify a domain name exactly as it exists

in the DNS hierarchy from the root Names not ending with a dot may be a

subdomain to some other domain

37

DNS Zones

Forwarding

38

DNS Forwarding Large, well organized, academic or ISP networks

have set up a forwarder hierarchy of DNS servers Helps lighten the internal network load and the load on the

outside servers Not easy to know if inside such a network or not By using the DNS server of your network provider as

a ”forwarder”' you can make the responses to queries faster and less of a load on your network

Your nameserver forwards queries to your ISP nameserver

Each time this happens access a big cache of your ISPs nameserver

Speeding queries up, your nameserver does not have to do all the work itself

When using a modem this can be quite a winhttp://tldp.org/HOWTO/DNS-HOWTO-4.html

http://tldp.org/HOWTO/DNS-HOWTO-4.html

39

DNS Zones

Reversehttp://en.wikipedia.org/wiki/Reverse_DNS_lookup

http://en.wikipedia.org/wiki/Reverse_DNS_lookup

http://en.wikipedia.org/wiki/Reverse_DNS_lookup

40

DNS Reverse Lookup Overview

Typically, the Domain Name System is used to determine what IP address is associated with a given domain name

To reverse-resolve a known IP address Look up what the associated domain name is belonging

to that IP address Reverse lookup is often referred to as reverse

resolving More specifically reverse DNS lookup Accomplished using a "reverse IN-ADDR entry" in the

form of a PTR record

41

DNS Reverse Lookup IPv4 Reverse DNS

Reverse DNS lookups for IPv4 addresses use a reverse IN-ADDR entry in the special domain in-addr.arpa.

An IPv4 address is represented in the in-addr.arpa domain by a sequence of bytes in reverse order, represented as decimal numbers, separated by dots with the suffix .in-addr.arpa.

For example the reverse lookup domain name corresponding to the IPv4

address 10.12.13.140 140.13.12.10.in-addr.arpa.

A host name for 1.2.3.4 can be obtained by issuing a DNS query for the PTR record for that special address 4.3.2.1.in-addr.arpa.

42

DNS Reverse Lookup Classless Reverse DNS

Historically, IP addresses were allocated in blocks of 256 Each block fell upon an octet boundary Configuration of the PTR records easy

Dot separators delimited each block

IP addresses are now allocated in very much smaller blocks Traditional way of configuring a nameserver to perform reverse DNS

cannot work A means of overcoming this problem was devised and

published as RFC 2317 Uses a CNAME entry which corresponds to each block

43

Multiple PTR records While most rDNS entries only have one PTR record, it is

legal to have many different PTR records Although it is perfectly legal having multiple PTR records

for the same IP address it is generally not recommended, unless you have a specific need

For example, if a web server supports many virtual hosts Can be one PTR record for each host Some versions of name server software will automatically add a PTR record for each

host Multiple PTR records can cause a couple of problems

Including triggering bugs in programs that only expect there to ever be a single PTR record

In the case of a large web server, having hundreds of PTR records can cause the DNS packets to be much larger than normal

44

Records other than PTR records While uncommon compared with PTR records, it

is also legal to put other types of records in the reverse DNS tree.

In particular, encryption keys can be placed there

for, example, IPsec (RFC 4025) SSH (RFC 4255) IKE (RFC 4322)

Less standardized usages include comments placed in TXT records and LOC records to

identify the location of the IP address

TLD is the leftmost name

A. TrueB. False

45

True

False

95%

5%

The root is:

1. The leftmost name2. The rightmost

name3. Not used by most

clients4. A period at the end

of the name

46

The leftmost

name

The rightm

ost name

Not use

d by most

clients

A period at t

he end of ...

13%

78%

4%5%

Documents

DNS Domain Name Systems Records 1. TYPES OF DNS RECORDS 2