Embed Size (px)
DESCRIPTION
DNS Domain Name Service. References: Wikipedia http://www.sans.org/rr/whitepapers/dns/1069.php. Domain Name System Overview. Maps domain names to IP addresses Databases that hold Internet host information Protocol for exchanging host information - PowerPoint PPT Presentation
Citation preview
DNSDNSDomain Name ServiceDomain Name Service
References:Wikipediahttp://www.sans.org/rr/whitepapers/dns/
1069.php
1
Domain Name SystemDomain Name SystemOverviewOverview
Maps domain names to IP addressesDatabases that hold Internet host
informationProtocol for exchanging host
informationLibrary routines that implement the
defined protocolBIND - Berkeley Internet Name
Domainnamed - DNS server daemon
2
DNS Domain StructureDNS Domain Structure
3
http://en.wikipedia.org/wiki/File:Domain_name_space.svg
DNS Domain StructureDNS Domain Structure
Hierarchical◦ root domain (.)◦ top-level domains◦ subdomains◦ host◦ FQDN
Distributed◦ DNS servers
Replicated
4
. (root)
.com .net .edu
.redhat .hawaii
.fedora .rhn .hcc
sshFQDN: ssh.hcc.hawaii.edu.
TerminologyTerminologyFQDN
◦ ssh.hcc.hawaii.edu.◦ hierarchy is read from right to left◦ last "." is frequently (usually) omitted
domain - each node in the DNS database is called a domain◦ "." is the root node or root domain - top of hierarchy
The separator character between domains is"."Subdomain
◦ Any domain that has a parent (i.e., any domain other than ".")
◦ Subdomains can resolve to hosts, even if they have children
5
More TerminologyMore TerminologyResolver
◦ Routines that convert an unqualified domain name into an FQDN
◦ FQDN is passed to DNS to be mapped to an IP address◦ Always appends the root domain "." to an unqualified
domain name first◦ List additional domain names to try into
/etc/resolv.conf fileCase Insensitive
◦ DNS considers upper and lower case letters the same (i.e., DNS is case insensitive)
6
ZonesZonesAdministrative groups of domains
◦ A single DNS server is responsible for all domains within a zone.
◦ A zone server also holds pointers to DNS servers that are responsible for the subordinate DNS zones.
Root domain◦ highest zone, contains information for the root domain◦ does not contain any hosts◦ contains pointers (delegates) to the DNS servers for
the top-level domains ◦ 13 authoritative name servers - responsible for the
root and top-level domains.
7
Delegation of Authority Delegation of Authority
ICANN - Internet Corporation for Assigned Names and Numbers◦ Delegates (designates) the (13) authoritative DNS
servers for the root and top-level domainsEach top-level authoritative DNS server, then
delegates (designates) for its own next higher level subdomains.
Allows local control over segments of DNS database, while making all segments available to the public.
8
Queries Queries Iterative and RecursiveIterative and Recursive
Iterative (non-recursive) queries◦ Sends domain name to DNS server and requests
server to provide: the IP address of the requested domain, OR The name of the authoritative DNS server for the
requested domain (or a parent). The server does not query other servers to obtain an
answer.Recursive queries
◦ Sends a domain name to the DNS server and requests the IP address of the domain
◦ The server may need to query other servers to obtain the answer (recursively)
Both types of query can fail to locate the domain
9
Clients and ResolversClients and Resolvers
Client example - web browser◦ Queries resolver for domain name resolution ◦ Resolver recursively initiates iterative queries to the
DNS serverDNS servers must answer iterative queries
◦ If not configured to answer recursive queries, DNS servers respond as though they were iterative queries.
10
Recursive Recursive QueriesQueries
11
DNS ServersDNS Servers Primary (or master) server
◦ Authoritative server that holds the master copy of zone data
◦ Copies information from the zone or master file - a local file maintained by system administrator
◦ For security and efficiency provide iterative answers only. Slave (or secondary) servers
◦ Authoritative◦ Copies information from the master server or another
slave server DNS caches or caching servers
◦ Not authoritative◦ Store answers to previous queries in cache.◦ Responds from cache, if available or forwards to an
authoritative server.12
DNS Database DNS Database
Resource records store node (domain) information
Over 30 types of resource recordsResource record fields:
◦ Name Domain name or IP address◦ TTL Time to Live (not used in all resource records)◦ Class Only class supported is 1 for IN Internet◦ Type Record type◦ Data Varies based on record type
13
Resource Record Resource Record TypesTypes
A Address. IPv4 address mapping.Ex: ns IN A 192.168.0.1
AAAA Address. IPv6 address mapping.Ex: ns IN AAAA (ipv6 address)
CNAME Canonical Name. Maps alias or nickname.Ex: ftp IN CNAME www.sam.net.
MX Mail Exchange. Domain mail destination.Ex: speedy MX 10 mail
MX 20 mail.sam.net. NS NameServer. Name of DNS server.
Ex: peach NS ns.max.net.
14
Resource Record Resource Record TypesTypes
PTR Pointer. Used for reverse name resolution.(See reverse name resolution later.)
Ex: 3 IN PTR grape TXT Text. Quoted character string associated with
thedomain name.
Ex: peach "Refers to the peach subdomain"
15
DNS Query FormatDNS Query Format1. Name Domain name, FQDN, or IP
address2. Class Class 1 for IN or Internet class3. Type Type of Record requested
Example request for an address record:
fedora.redhat.com IN A
16
DNS CacheDNS Cache
Many DNS servers cache query responses from other DNS servers.
A DNS server will first try to respond to a query from cache.
If there is no cached response available, the DNS server may query other DNS servers, if configured to do so.
Because of DNS caching, it may take several days for DNS changes to propagate throughout the DNS.
17
DNS Response FormatDNS Response Format
Header Record Information about the query Query Record Restates the original query Answer Records Records to answer the query Authority Records Records for authoritative servers Additional Records Additional records, such as NS
18
DNS Query/Response DNS Query/Response ExampleExample
$ dig fedora.redhat.com
...
;; QUESTION SECTION:
;fedora.redhat.com. IN A
;; ANSWER SECTION
fedora.redhat.com. 600 IN CNAME www.redhat.com
www.redhat.com. 330 IN A 209.132.177.50
;; AUTHORITY SECTION
redhat.com. 409 IN NS ns1.redhat.com
redhat.com. 409 IN NS ns2.redhat.com
redhat.com. 409 IN NS ns3.redhat.com
;; ADDITIONAL SECTION
ns1.redhat.com. 300 IN A 66.187.233.210
ns2.redhat.com. 600 IN A 66.187.224.210
ns3.redhat.com. 600 IN A 66.187.229.1019
Reverse Name ResolutionReverse Name Resolution
Also referred to as "inverse mapping" or "reverse mapping."
Looks up domain names, given an IP address. Uses special domain named in-addr.arpa. Resource record formats for this domain
◦ Name field holds IP addresses.◦ Records are indexed hierarchically by IP address.◦ Data fields holds the corresponding FQDN.
Used for reverse name resolution◦ Allows server to retrieve and record domain names of
clients.◦ Verification of the domain of email senders and IP
address of sending machine.20
Examples ofExamples ofReverse Name ResolutionReverse Name Resolution$ dig 110.232.187.66.in-add.arpa PTR...;; QUESTION SECTION; 110.232.187.66.in-addr.arpa. IN PTR;; ANSWER SECTION110.232.187.66.in-addr.arpa. 540 IN PTR rhn.redhat.com
$ dig -x 66.187.232.110...;; QUESTION SECTION; 110.232.187.66.in-addr.arpa. IN PTR;; ANSWER SECTION110.232.187.66.in-addr.arpa. 552 IN PTR rhn.redhat.com
$ host 66.187.232.110110.232.187.66.in-addr.arpa domain name pointer rhn.redhat.com
21
DNS Related UtilitiesDNS Related Utilitieswhois
◦ Look up domains◦ Different sites have different capabilities
nslookup◦ Name service lookup◦ Deprecated, may be removed from future
distributions of Linux.dig
◦ Domain Internet Groper◦ more current than nslookup.
22
