DNS 101

Domain Name System (or DNS according to abbreviationfinder). It is a hierarchical naming system for computers, services, or any resource connected to the Internet or a private network. This system associates various information with domain names assigned to each of the participants. Its most important function is to translate (resolve) human-intelligible names into binary identifiers associated with computers connected to the network, in order to locate and address these computers worldwide.

The DNS is a hierarchical, distributed database that stores information associated with domain names on networks such as the Internet. Although as a database the DNS is capable of associating different types of information to each name, the most common uses are the assignment of domain names to IP addresses and the location of the email servers of each domain.

The mapping of names to IP addresses is certainly the best known function of the DNS protocols. For example, if the IP address of the ftp.prox.mx site is 200.64.128.4, most people reach this computer by specifying ftp.prox.mx and not the IP address. In addition to being easier to remember, the name is more reliable. The numerical address could change for many reasons, without you having to change the name.

Initially, DNS was born from the need to easily remember the names of all the servers connected to the Internet. Initially, SRI (now SRI International) hosted a file called HOSTS that contained all known domain names (technically, this file still exists – most operating systems today can still be configured to check their hosts file). The explosive growth of the network made the centralized naming system in the hosts file impractical, and in 1983, Paul Mockapetris published RFCs 882 and 883 defining what has now evolved into modern DNS. (These RFCshave been made obsolete by the 1987 publication of RFCs 1034 and 1035).

Components

Three main components are used for the practical operation of the DNS system:

• DNS Clients: A DNS client program running on the user’s computer that generates DNS name resolution requests to a DNS server (For example: What IP address corresponds to name.domain?);
• The DNS Servers: That answer the requests of the clients. Recursive servers have the ability to forward the request to another server if they do not have the requested address.
• And the Authority Zones, portions of the domain name space that store the data. Each authority zone encompasses at least one domain and possibly its subdomains, if the latter are not delegated to other authority zones.

Understanding the parts of a domain name

A domain name usually consists of two or more parts (technically “tags”), separated by periods when written as text. For example, www.mohamedalid.org or en.Wikipedia.org

• The rightmost label is called the top level domain(English < Top Level Domain). As org in mahomedalid.org or is in www.Wikipedia.es
• Each tag on the left specifies a subdivision or subdomain. Note that “subdomain” expresses relative dependency, not absolute dependency. In theory, this subdivision can have up to 127 levels, with each tag containing up to 63 characters, but restricted to the total length of the domain name not exceeding 255 characters, although in practice domains are almost always much shorter.
• Finally, the leftmost part of the domain usually expresses the name of the machine(in English hostname). The rest of the domain name simply specifies how to create a logical path to the required information. For example, the domain Wikipedia.org would have the machine name “es”, although in this case it does not refer to a particular physical machine.

The DNS consists of a hierarchical set of DNS servers. Each domain or subdomain has one or more authority zones that publish information about the domain and the name services of any included domain. The hierarchy of authority zones coincides with the hierarchy of domains. At the top of that hierarchy are the root servers – the servers that respond when seeking to resolve a first and second level domain.

DNS in the real world

Users generally do not communicate directly with the DNS server: name resolution is done transparently by client applications (for example, browsers, mail clients, and other applications that use the Internet). When making a request that requires a DNS lookup, the request is sent to the operating system’s local DNS server. The operating system, before establishing any communication, checks if the response is in the cache. In the event that it is not found, the request will be sent to one or more dns servers.

Most home users use the DNS server provided by their Internet service provider. The address of these servers can be configured manually or automatically using DHCP. In other cases, network administrators have their own DNS servers configured.

In either case, the DNS servers receiving the request first look to see if they have the response cached. If so, serve the answer; otherwise, they would start the search recursively. Once the response is found, the DNS server will cache the result for future use and return the result.

DNS Hierarchy

The domain name space has a tree structure. The leaves and nodes of the tree are used as media labels. A fully qualified domain name of an object consists of the concatenation of all the labels of a path. Labels are alphanumeric strings (with ‘-‘ as the only allowed symbol), must be at least one character and a maximum of 63 characters long, and must start with a letter (and not with ‘-‘) (see RFC 1035, section “2.3.1. Name syntax preference”). Individual labels are separated by dots. A domain name ends with a period (although this last period is usually omitted as it is purely formal). A correct FQDN (also called Fully Qualified Domain Name), is for example this: www.example.com.

A domain name must include all periods and has a maximum length of 255 characters.

A domain name is always written from right to left. The dot to the far right of a domain name separates the label from the root of the hierarchy. This first level is also known as a top level domain (TLD).

The objects of a DNS domain (for example, the computer name) are registered in a zone file, located on one or more nameservers.

DNS server types

Preferred: Save the data of a namespace in their files

Alternatives: They obtain the data from the primary servers through a zone transfer.

Local or Cache: They work with the same software, but they do not contain the database for name resolution. When a query is made to them, these in turn consult the secondary servers, storing the response in their database to speed up the repetition of these requests in the continuous or free future.

Software used in DNS servers

• Bind
• PowerDNS
• MaraDNS
• djbdns
• pdnsd
• MyDNS
• DNS (Windows 2000/2003/2008)
• dnsmasq

Types of domain name resolution

There are two types of queries that a client can make to a DNS server:

• Recursive
• iterative

In recursive queries, they consist of the best answer that the nameserver can give. The nameserver queries its local data (including its cache) looking for the requested data.

In iterative queries, or iterative resolution, the server does not have the information in its local data, so it looks for a root server and repeats the same basic process (querying a remote server and going to the next reference) until it gets the answer to the question.

When there is more than one authoritative server for a zone, Bind uses the smallest value in the RTT (round-trip time) metric to select the server. RTT is a measure of how long it takes for a server to respond to a query.

The normal resolution process occurs as follows:

1. Server A receives a recursive query from the DNS client.
2. Server A sends an iterative query to B.
3. Server B refers A to another name server, including C.
4. Server A sends an iterative query to C.
5. Server C refers A to another name server, including D.
6. Server A sends an iterative query to D.
7. Server D replies.
8. Server A returns the response when resolving.
9. The resolver delivers the resolution to the program that requested the information.

DNS record types

• A= Address – This register is used to translate host names to IPv4 addresses.
• AAAA= Address – This record is used to translate host names to IPv6 addresses.
• CNAME= Canonical Name – (Canonical Name) It is used to create additional hostnames, or aliases, for hosts in a domain. It is used when multiple services (like ftp and web server) are running on a server with a single ip address. Each service has its own DNS entry (such as ftp.example.com. and www.example.com.). this is also used when running multiple http servers, with different names, on the same host.
• NS= Name Server – (Server of Names) Defines the association that exists between a domain name and the name servers that store the information of said domain. Each domain can be associated with any number of nameservers.
• MX (record)= Mail Exchange – (Mail Exchange Record) Associates a domain name with a list of mail exchange servers for that domain.
• PTR= Pointer – Also known as a ‘reverse record’, it works in reverse of the A record, translating IPs into domain names.
• SOA= Start of authority – Provides information about the zone.
• HINFO= Host INFOrmation – (Information of the computer system) Description of the host, allows people to know the type of machine and operating system to which a domain corresponds.
• TXT= TeXT – (Textual Information) Allows domains to identify themselves in arbitrary ways.
• LOC= LOCalization – Allows you to indicate the coordinates of the domain.
• WKS– Generalization of the MX record to indicate the services offered by the domain. Obsolete in favor of SRV.
• SRV= SeRVicios – Allows you to indicate the services offered by the domain. RFC 2782