DNS (DOMAIN NAME

SYSTEM)
• Human beings can be identified by aadhar, driving license number… but easier to identify by their
name
• All hosts connected to network identified by IP address, difficult to remember hence hostname.
Example: hkbk wifi
• DNS converts hostname to IP address
The services provided by DNS:

The DNS is
-A distributed database implemented in a
hierarchy of DNS servers, and
-An application-layer protocol that
allows hosts to query the distributed
database.
Few other important services:

Host aliasing: A host with a complicated hostname can have one or more alias names. Example: relay1.west-
coast.enterprise.com may have two aliases such as enterprise.com and www.enterprise.com. In this case, the hostname
relay1.westcoast. enterprise.com is said to be a canonical hostname.

Mail server aliasing: For example, if Arun has an account with Hotmail, Arun's e-mail address might be as simple as
[email protected]. However, the hostname of the Hotmail mail server is more complicated and much less mnemonic
than simply hotmail.com For example, the canonical hostname might be something like relay1.west-coast.hotmail.com

Load distribution: DNS is also used to perform load distribution among replicated servers, such as replicated Web
servers. Busy sites, such as facebook.com, are replicated over multiple servers, with each server running on a different
end system and each having a different IP address. For replicated Web servers, a set of IP addresses is thus associated with
one canonical hostname. The DNS database contains this set of IP addresses. When clients make a DNS query for a name
mapped to a set of addresses, the server responds with the entire set of IP addresses, but rotates the ordering of the
addresses within each reply.
 OVERVIEW OF HOW DNS WORKS

 To translate a hostname to an IP address, the application will invoke the client side of DNS, specifying the
hostname that needs to be translated.
 DNS in the user’s host then takes over, sending a query message into the network.
 All DNS query and reply messages are sent within UDP datagrams to port 53. After a delay, ranging from
milliseconds to seconds, DNS in the user’s host receives a DNS reply message that provides the desired
mapping. This mapping is then passed to the invoking application.
If this is a centralized design i.e. if there is only one huge DNS server it would be simpler than having a
number of servers in different locations, but there are major flaws in this design:
• A single point of failure
• Traffic volume
• Distant centralized database.
• Maintenance
 A DISTRIBUTED, HIERARCHICAL DATABASE

Root DNS servers: 13 root DNS servers (labeled

A through M), 10 located in North America, 2 in
Europe and 1 in japan . These 13 are a network of
replicated servers, for both security and reliability
purposes. All together, there are 247 root servers.
Top-level domain (TLD) servers: also
includes .in, .uk etc.
Authoritative DNS servers: every organization
has publicly accessible DNS records.
Local DNS servers: university, company,
residential.
Two Types of Interaction:

1) Recursive Queries 2) iterative

Queries
DNS Caching
In a query chain, when a DNS server receives a DNS reply it can cache the mapping in its local memory. If a
hostname/IP address pair is cached in a DNS server and another query arrives to the DNS server for the same
hostname, the DNS server can provide the desired IP address, even if it is not authoritative for the hostname.
Hosts and mappings between hostnames and IP addresses are not permanent as one hostname can have
multiple IP addresses, DNS servers discard cached information after a period of time (often set to two days).

DNS Records and Messages

DNS is distributed database which stores Resource records (RRs), These resource records RRs that provide
hostname-to-IP address mappings. DNS reply message carries one or more resource records. A resource record
is a four-tuple that contains the following fields:
(Name, Value, Type, TTL)
TTL – Time To Live of the resource record, time it resides in cache.
Name and Value depends on Type.
TYPE NAME VALUE
A Hostname IP Address
(relay.foo.com) (145.37.93.126)
NS Domain name Hostname of
(foo.com) authoritative DNS
server (dns.foo.com)
CNAME (foo.com) Canonical name for
alias hostname
(relay.foo.com)
MX (foo.com) Canonical name of
Mail server that has
alias hostname
(mail.foo.com)
 DNS MESSAGES
 The first 12 bytes is the header section.
 The first field is a 16-bit number that identifies the
query to match received replies with sent queries.
 There are a number of flags in the flag field.
A 1-bit query/reply flag indicates whether
the message is a query (0) or a reply (1)
Other flags such as 1-bit recursion-desired
flag are also used to check if the DNS server
supports recursion.
 Rest of the number-of fields indicate the number of
occurrences of the four types of data sections.
 The question section contains information about the
query that is being made. This section includes (1) a
name field that contains the name that is being
queried, and (2) a type field that indicates the type of
question being asked about the name
 In a reply from a DNS server, the answer section
contains the resource records for the name that was
originally queried.
 The authority section contains records of other
authoritative servers.
 The additional section contains other helpful records.
Inserting Records into the DNS Database

Suppose you want to do is register the domain name abcd.com at a registrar.

A registrar is a commercial entity that verifies the uniqueness of the domain name, enters the domain name
into the DNS database and collects a small fee from you for its services. For the primary authoritative server
for abcd.com, the registrar would insert the following two resource records into the DNS system:
(abcd.com, dns1. abcd.com, NS) (domain name, Hostname of

authoritative DNS server )

(dns1. abcd.com, 212.212.212.1, A) (hostname, IP
address)