Domain Name System

• DNS
• Project 1

What is missing from the simple SLIP network (reminder)

• more than two computers
• network addresses
• reliable transmission
• wide-area transmission

Naming and Addressing

• the first step in expanding this network is to allow for more than two computers
• this means each data packet needs a destination address, since the SLIP "header" does not include such information
• an address identifies a destination
• only one destination should have a given address
• one destination can have one or more addresses
• addresses are usually fixed-size binary numbers and are used by computers -- people prefer meaningful strings, that is, names
• if we use names, we will need a mechanism for converting names to addresses: name resolution

Addresses in an Internet

• since computers can only communicate in a point-to-point fashion (so far), many computers will have multiple interfaces, so they can forward data from one to the other
• The Internet Protocol (IP) adds a header to each packet, listing the destination IP address (the Internet Protocol also specifies how packets are forwarded by computers with multiple interfaces)
• in the Internet Protocol, addresses are assigned to network interfaces, not to computers: a computer may have multiple interfaces, each with one (or possibly more) addresses
• a large internet is made up of smaller networks, and so benefits from hierarchical addresses
• with a hierarchical address, a packet is first routed to a computer somewhere on the destination network, then to a computer on the destination sub-network, and finally to the destination
• it follows that hierarchical addresses must be assigned depending on the network to which the hardware is connected -- the hardware cannot be preconfigured with the address
• although hierarchies might have multiple levels, the original IPv4 only had two levels: network and host
• fixed-size addresses are processed more efficiently: 32 bits (IPv4), 128 bits (IPv6)

Names in an Internet

• names are useful if they can be translated into addresses
• if arbitrary translations are desired, we use a database (a table)
• a hierarchy is useful for:
  • delegating assignment of names, e.g. to national registration authorities, registrars, registrants, and whoever they delegate to
  • allowing the expression of natural hierarchies, e.g. governments, companies, and all their subsidiary organizations
• the Domain Name System provides such names, with a distributed database
• the process of converting Domain Names to IP addresses is Domain Name Resolution, implemented by gethostbyname in Unix systems

Domain Names

• name hierarchy: rightmost "label" is the one nearest the root (the root is simply "."). Example, ".edu." (full name)
• each label is 1-63 characters:
  • starting with a letter
  • containing letters, digits, or hyphens
  • ending with a letter or a digit
• uppercase and lowercase are treated as if they were the same that is, WWW.HAWAII.EDU is the same name as www.hawaii.edu
• each IP address may have any number (0, 1, or more) of names associated with it

Domain Name Zone

• a collection of names that are
  • contiguous in the tree, and
  • administered as one unit,
  is one zone
• a zone can be split into two by assigning a subtree to another administration
• a zone should have at least two name servers responsible for providing name-to-address resolution

Domain Name Database

• Domain Name resolution is implemented as a lookup in a distributed database
• lookup is the only distributed operation, so the database is read-only
• each zone has at least one authoritative and one secondary server
• the servers for each zone must be configured with the IP addresses of
  • the servers for the zones above them in the tree, and
  • the servers for the zones below them in the tree (if any)
• a query directed to any server can be referred to a different server, "closer" in the tree to the destination
• a host need only be configured with the IP of a single DNS server, though multiple such addresses are common

Domain Name Protocol

• TCP or UDP (in case of TCP, a two-byte length field is added -- why?)
• a Query requests one resource record
• a Response returns one resource record, if available
• some resource record types:
  • [A] name to Address translation
  • [CNAME] Canonical NAME for a given DNS name
  • [MX] host willing to do eMail eXchange for the given domain name
  • [NS] name server authoritative for the domain
• resource records carry a TTL (time-to-live) field, in seconds, e.g. 3600

Domain Name Example

-> dig mx hawaii.edu

; <<>> DiG 9.5.1-P2 <<>> mx hawaii.edu
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35571
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 4

;; QUESTION SECTION:
;hawaii.edu.                    IN      MX

;; ANSWER SECTION:
hawaii.edu.             1800    IN      MX      10 mx1.hawaii.edu.

;; AUTHORITY SECTION:
hawaii.edu.             1800    IN      NS      dns2.hawaii.edu.
hawaii.edu.             1800    IN      NS      dns4.hawaii.edu.
hawaii.edu.             1800    IN      NS      dns1.hawaii.edu.

;; ADDITIONAL SECTION:
mx1.hawaii.edu.         1800    IN      A       128.171.224.25
dns1.hawaii.edu.        1800    IN      A       128.171.3.13
dns2.hawaii.edu.        1800    IN      A       128.171.1.1
dns4.hawaii.edu.        1800    IN      A       130.253.102.4

;; Query time: 2 msec
;; SERVER: 128.171.3.13#53(128.171.3.13)
;; WHEN: Mon Aug 31 10:10:00 2009
;; MSG SIZE  rcvd: 169

Typical Domain Name Transaction

• a host sends a request for an A resource record to its name server
• the name server may have the resource record. If not, it may query another server, or return the address of another server (in an NS record)
• if no response, query may be resent (stateless)
• the search continues until an A record is found, or a negative response is received (or until a timeout)
• servers and hosts can cache the resource records up to TTL seconds
• all this for gethostbyname (system call), or nslookup (command), or dig (command), or host (command)

What does DNS need from its lower layers?

• a network with multiple hosts
• any-to-any communication of packets
• reliability is not required: DNS retransmits the query if it does not get a response (since the database is read-only, queries are idempotent)
• routing based only on IP addresses
• initial configuration:
  • a machine needs to be configured with the address of a DNS server
  • a DNS server needs the IP addresses of DNS servers of neighboring zones

Project 1

• a simple IP router
• routes are learned from other routers
• layers:
  • simulator, running over UDP (similar to the tty driver discussed in class)
  • SLIP, running over the simulator
  • IP, running over SLIP
  • routing protocol, running over IP
• the main task of the router is to forward data packets received on one interface, to the appropriate outgoing interface
• the router must also send and receive routing packets, which are used to figure out routes
• a route specifies where to send data
• threads, mutual exclusion: forwarding a packet is slow (9600 baud), so must continue receiving while forwarding any one packet
• queues are explicit
• the project consists of implementing IP and the routing protocol