DNS
The Domain Name System is a distributed database. This structure allows local control of the segments of the overall database, yet data in each segment is available across the entire network through a client/server scheme. Robustness and adequate performance are achieved through replication and caching.
Programs called nameservers constitute the server half of DNS's client/server mechanism. Nameservers contain information about some segments of the database and make that information available to clients, called resolvers. Resolvers are often just library routines that create queries and send them across a network to a nameserver. (Liu and Albitz 2006, chap. 1 p.4)
> dig +noall +answer wikipedia.org wikipedia.org. 276 IN A 195.200.68.224 # or > dig +noall +answer wikipedia.org AAAA wikipedia.org. 185 IN AAAA 2a02:ec80:700:ed1a::1
| Human-Friendly Name | Machine-Friendly Name |
|---|---|
| www.wikipedia.com | 195.200.68.224 |
| dns.cloudfare.com | 1.1.1.1 |
The Domain Namespace
Each node in the tree has a text label (without dots) that can be up to 63 characters long. A null (zero-length) label is reserved for the root. The full domain name of any node in the tree is the sequence of labels on the path from that node to the root. Domain names are always read from the node toward the root (“up” the tree), with dots separating the names in the path.
Domains and Subdomains
A domain may have several subtrees of its own, called subdomains.
A simple way of determining if a domain is a subdomain of another domain is to compare their domain names. A subdomain's domain name ends with the domain name of its parent domain.
- A domain is a set of related nodes.
- Every node in the DNS tree has a label.
- The root label is empty.
- Labels are separated by a dot (
.). - Items are sorted from most to least specific (i.e.
en.wikipedia.org->wikipedia.org->org).
| Node | Subdomain | Domain | TLD | Root | |||
|---|---|---|---|---|---|---|---|
| www | . | abc | . | xyz | . | com | |
| www | . | en | . | wikipedia | . | org |
where TLD is an abbreviation for "Top Level Domain".
Resource Records
The data associated with domain names is contained in resource records, or RRs. Records are divided into classes, each of which pertains to a type of network or software.
Delegation
In DNS, each domain can be broken into a number of subdomains, and responsibility for those subdomains can be doled out to different organizations. For example, an organization called EDUCAUSE manages the
edu(educational) domain but delegates responsibility for theberkeley.edusubdomain to U.C. Berkeley.
- Delegation allows an organization to assign control of a subdomain to another organization.
- Zones are the administrative unit in DNS.
Root Servers
The root zone is overseen by ICANN (Internet Corporation for Assigned Names and Numbers) and its name servers are hosted by a total of 12 organizations, this can be verified on the list published by IANA (a subsidiary of ICANN).
> dig +short ns . g.root-servers.net. e.root-servers.net. l.root-servers.net. m.root-servers.net. a.root-servers.net. j.root-servers.net. c.root-servers.net. h.root-servers.net. d.root-servers.net. i.root-servers.net. k.root-servers.net. b.root-servers.net. f.root-servers.net.
Name Servers and Resolvers
There are two types of DNS servers:
- Authoritative
- Answer queries for specific zones they have authority over.
- Recursive
- Perform DNS lookups for users, retrieving and collecting DNS data from authoritative servers by using recursive queries. Accepting a recursive query forces a given name server to follow all the links until a match occurs or no more referrals are found.
| Zone | Name Server |
|---|---|
| wikipedia.org | |
| wikipedia.org | |
| wikipedia.org | |
| org |
dig +noall +answer +trace en.wikipedia.org
Caching
- TTLs can range from seconds to hours to days.
- The administrator of a zones are the ones decidings the values for the TTLs.
Zone Transfer
The SOA Record
Records
| Record Name | Synonims | Description |
|---|---|---|
A |
Maps a domain name to an IPV4 address | |
AAAA |
Quad A | Maps a domain name to an IPV6 address |
NS |
Maps a domain name to an authoritative DNS server |