Embed Size (px)
Citation preview
Domain Name System (DNS)
Network Service -2
What Is a Domain Namespace?
Root DomainRoot Domain
SubdomainsSubdomains
Second-Level DomainSecond-Level Domain
Top-Level DomainTop-Level Domain
FQDN:server1.sales.south.nwtraders.com
FQDN:server1.sales.south.nwtraders.com
southsouth
nwtradersnwtraders
comcom
salessales
westwest easteast
orgorgnetnet
Host: server1Host: server1
Network Service -3
Standards for DNS Naming
The following characters are valid for DNS names:
A-Z
a-z
0-9
Hyphen (-)
The underscore (_) is a reserved character
Network Service -4
What Are the Components of a DNS Solution?
DNS Servers on the InternetDNS ServersDNS Clients
Root “.”Root “.”
.com.com
.edu.eduResourceRecord
ResourceRecord
ResourceRecord
ResourceRecord
Network Service -5
What Is a DNS Query?
DNS clients and DNS servers both initiate queries for name resolution
An authoritative DNS server for the namespace of the query will either: Check the cache, check the zone, and return the
requested IP address Return an authoritative, “No”
A non-authoritative DNS server for the namespace of the query will either: Forward the unresolvable query to a specific query
server called a Forwarder Use root hints to locate an answer for the query
DNS server 에 name resolution 요청하는 방법인 DNS Query가 Recursive( 재귀 ) 와 iterative( 반복 ) Query 2 가지가 있다 . DNS server 에 name resolution 요청하는 방법인 DNS Query가 Recursive( 재귀 ) 와 iterative( 반복 ) Query 2 가지가 있다 .
Network Service -6
How Recursive Queries Work
Computer1Computer1
Recursive query for mail1.nwtraders.com
172.16.64.11
Recursive( 재귀 ) Query 는 DNS client 가 Local DNS Server 에 Query 를 보내는 종류의 Query 로 Query 에 대한 응답이 올 때 까지 Query 를 계속적으로 Query 보내는 방법을 말한다 .
Recursive( 재귀 ) Query 는 DNS client 가 Local DNS Server 에 Query 를 보내는 종류의 Query 로 Query 에 대한 응답이 올 때 까지 Query 를 계속적으로 Query 보내는 방법을 말한다 .
DNS server checks the forward lookup zone and cache for an answer to the query
DNS server checks the forward lookup zone and cache for an answer to the query
Database
Local DNS ServerLocal DNS Server
Network Service -7
How Root Hint Works
Root hints 란 Local DNS Server 에 Query 에 대한 IP addresses 정 보가 없을 때 Local DNS Server 가 DNS root servers 에게 Query 를 보내는 것을 말한다 .
Root hints 란 Local DNS Server 에 Query 에 대한 IP addresses 정 보가 없을 때 Local DNS Server 가 DNS root servers 에게 Query 를 보내는 것을 말한다 .
microsoftmicrosoft
Cluster ofDNS Servers
Cluster ofDNS Servers
Root HintsRoot Hints
DNS ServerDNS Server
Cluster of Root (.) Servers
Cluster of Root (.) Servers
comcom
Computer1Computer1
Network Service -8
How Iterative Queries Work
Iterative( 반복 ) Query 란 Root server 가 하는 것이다 . 이름 풀이를 할 때 영역 파일에 정보를 가지고 있을 때만 이름 풀이를 할 것이다 . 만일 그렇지 않다면 다른 DNS server 들에 Query 를 보내는 것을 말한다 .
Iterative( 반복 ) Query 란 Root server 가 하는 것이다 . 이름 풀이를 할 때 영역 파일에 정보를 가지고 있을 때만 이름 풀이를 할 것이다 . 만일 그렇지 않다면 다른 DNS server 들에 Query 를 보내는 것을 말한다 .
Computer1Computer1
Local DNS Server
Local DNS Server
nwtraders.comnwtraders.com
Root Hint (.)Root Hint (.)
.com.com
Recu
rsive
que
ry fo
r
1.nw
trade
rs.co
m17
2.16
.64.
11Iterative Query
Iterative Query
Iterative Query
Ask .com
Ask nwtraders.com
Authoritative Response33
22
11
Network Service -9
How Forwarders Work
Forwarder( 전달자 ) 는 외부 DNS(Domain Name System) 이름에 대한 DNS 쿼리를 네트워크 외부의 DNS 서버에 Forward( 전달 ) 하는 데 사용되는
네트워크의 DNS 서버입니다 .
Forwarder( 전달자 ) 는 외부 DNS(Domain Name System) 이름에 대한 DNS 쿼리를 네트워크 외부의 DNS 서버에 Forward( 전달 ) 하는 데 사용되는
네트워크의 DNS 서버입니다 .
Computer1Computer1nwtraders.comnwtraders.com
Root Hint (.)Root Hint (.)
.com.com
Iterative Query
Iterative Query
Iterative Query
Ask .com
Ask nwtraders.com
Authoritative Response
Local DNS Server
Local DNS Server
ForwarderForwarder
Recursive query for mail1.nwtraders.com
172.16.64.11
172.1
6.64.1
1
Recu
rsive
Que
ry
Network Service -10
How DNS Server Caching Works
Caching 이란 최근에 접근한 정보를 액세스를 빠르게 하기 위해서 메모리에 저장하는 과정을 말한다 .Caching 이란 최근에 접근한 정보를 액세스를 빠르게 하기 위해서 메모리에 저장하는 과정을 말한다 .
Where’s Client A?
Where’s Client A?
Client1Client1
Client2Client2
ClientAClientA
ClientA is at 192.168.8.44ClientA is at 192.168.8.44
Where’s Client A?
Where’s Client A?
ClientA is at 192.168.8.44ClientA is at 192.168.8.44
Caching Table
Host NameIP
AddressTTL
clientA.contoso.msft.
192.168.8.44
28 second
s
Network Service -11
How DNS Data Is Stored and Maintained
DNS ServerDNS Server
Zone File: Zone File: Training.nwtraders.msft.dnsTraining.nwtraders.msft.dns
DNS ClientADNS ClientA
Resource records for the zone
training.nwtraders.msft
Host name IP address
DNS ClientA192.168.2.4
5
DNS ClientB192.168.2.4
6
DNS ClientC192.168.2.4
7
DNS ClientBDNS ClientBDNS ClientCDNS ClientC
Namespace: training.nwtraders.msft
Resource record (RR) 는 DNS 쿼리를 처리하는데 사용되는 정보를 포함하고 있는 표준 DNS 데이터베이스 구조 Resource record (RR) 는 DNS 쿼리를 처리하는데 사용되는 정보를 포함하고 있는 표준 DNS 데이터베이스 구조
zone 은 DNS 데이터베이스에서 DNS 서버에 의해 하나의 별개 항목으로 관리되는 DNS 트리의 연속되어 있는 부분 . zone 은 DNS 데이터베이스에서 DNS 서버에 의해 하나의 별개 항목으로 관리되는 DNS 트리의 연속되어 있는 부분 .
Network Service -12
What Are Resource Records and Record Types?
Record type Description
A Resolves a host name to an IP address
PTR Resolves an IP address to a host name
SOA The first record in any zone file
SRV Resolves names of servers providing services
NS Identifies the DNS server for each zone
MX The mail server
CNAME Resolves from a host name to a host name
Network Service -13
What Is a DNS Zone?
NwtradersNwtraders
WestWestSouthSouth
SupportSupportSalesSales TrainingTraining
NorthNorth
Network Service -14
What Are DNS Zone Types?
Zones Description
Primary
Read/write copy of a DNS database
Secondary
Read-only copy of a DNS database
Stub
Copy of a zone containing limited records
Read/Write
Read-Only
Copy oflimitedrecords
Network Service -15
How to Change a DNS Zone Type
Your instructor will demonstrate how to change a DNS zone typeYour instructor will demonstrate how to change a DNS zone type
Network Service -16
What Are Forward and Reverse Lookup Zones?
Namespace: training.nwtraders.msft.
DNS Client1DNS Client1DNS Client2DNS Client2
DNS Client3DNS Client3
DNS Server Authorizedfor training
DNS Server Authorizedfor training Forwa
rd zone
Training
DNS Client1
192.168.2.45
DNS Client2
192.168.2.46
DNS Client3
192.168.2.47
Reverse
zone
1.168.192.in-
addr.arpa
192.168.2.45
DNS Client1
192.168.2.46
DNS Client2
192.168.2.47
DNS Client3
DNS Client2 = ?DNS Client2 = ?
192.168.2.46 = ?192.168.2.46 = ?
Network Service -17
How DNS Zone Transfers Work
Secondary Server Primary andMaster Server
SOA query for a zone
SOA query answered
IXFR or AXFR query for a zone
IXFR or AXFR query answered
(zone transfer)
DNS zone transfer 는 DNS servers 에서 zone data 를 synchronization( 동기화 ) 및 authoritative( 인증 ) 작업을 한다 .
DNS zone transfer 는 DNS servers 에서 zone data 를 synchronization( 동기화 ) 및 authoritative( 인증 ) 작업을 한다 .
11
22
33
44
Network Service -18
How DNS Notify Works
Secondary Server Primary andMaster Server
DNS notify
Zone transfer
DNS notify 는 Primary 의 Zone 데이터베이스가 수정되었음을 해당 Zone 의 Authority 를 갖는 Secondary 서버로 알려주어 Primary 와 Secondary 네임서버의 동적 동기화를 가능케 한다 .
DNS notify 는 Primary 의 Zone 데이터베이스가 수정되었음을 해당 Zone 의 Authority 를 갖는 Secondary 서버로 알려주어 Primary 와 Secondary 네임서버의 동적 동기화를 가능케 한다 .
Source ServerSource ServerDestination ServerDestination Server 11
22
33
44
Resource record is updated
SOA serial number is updated
Network Service -19
Lesson: Configuring a DNS Client
How Preferred and Alternate DNS Servers Work How Suffixes Are Applied How to Configure a DNS Client
Network Service -20
How Preferred and Alternate DNS Servers Work
1. The preferred DNS server is the one that the client tries first
1. The preferred DNS server is the one that the client tries first
2. If the preferred server fails, the client tries the alternate DNS server
2. If the preferred server fails, the client tries the alternate DNS server
3. Optionally, you can enter a whole list of alternate DNS servers
3. Optionally, you can enter a whole list of alternate DNS servers
4. The preferred and alternate DNS servers specified on the Properties page automatically appear at the top of this list, and preferred and alternate servers are queried in the order they are listed
4. The preferred and alternate DNS servers specified on the Properties page automatically appear at the top of this list, and preferred and alternate servers are queried in the order they are listed
Network Service -21
How Suffixes Are Applied
Suffix Selection option
Suffix Selection option Domain suffix
search listDomain suffix
search list
Connection Specific Suffix
Connection Specific Suffix
Name query = server1Name query = server1
server1.sales.south.nwtraders.com
server1.south.nwtraders.com
server1.nwtraders.com
Network Service -22
What Is Delegation of a DNS Zone?
The administrator, at the nwtraders.com level of the
namespace, delegates authority for training.nwtraders.com and offloads administration of DNS for that part of the namespace
The administrator, at the nwtraders.com level of the
namespace, delegates authority for training.nwtraders.com and offloads administration of DNS for that part of the namespace
DNS serverDNS server
DNS serverDNS server
Namespace: training.nwtraders.msft
training.nwtraders.msfttraining.nwtraders.msft
Delegation( 위임 ) 은 도메인 이름에 대한 책임을 네트워크상의 각기 다른 DNS 서버에 분산시키는 프로세스 .. Delegation( 위임 ) 은 도메인 이름에 대한 책임을 네트워크상의 각기 다른 DNS 서버에 분산시키는 프로세스 ..
training.nwtraders.msfttraining.nwtraders.msft
Training.nwtraders.com now has its own administrator and
DNS server to resolve queries in that part of the
namespace/organization
Training.nwtraders.com now has its own administrator and
DNS server to resolve queries in that part of the
namespace/organization
Network Service -23
Lab : Domain Name System(DNS) LAB
1. Windows 2003 Server 를 이용하여 DNS 서버를 구성하고 XP 에서 Name Query 를 실행한다 .
2. DNS Server 에 다음 Record 를 구성한다 .1. A2. PTR3. MX4. CNAME
