DNS with minimal introduction

Minimal DNS (Domain Name System)
  • Introduction
When we browse any website, we usually use web address which is easy to remember and human readable rather than remembering or typing series of digits i.e. IP Address (like instead of www.example.com). But Computer understands only digital language so there must be the way to translate those human readable domain names to computer readable IP Address.
Moreover IP address may change with time too, if the company owns more than one server like Google has more than 1 server so it can have more than one IP Address at the same time which points to the same google.com

That is why DNS (Domain Name Service) comes into the picture which is an internet service which translates human readable domain names into IP addresses for the purpose of locating computer services and devices anywhere located in the world!. Technically it’s an Application Layer protocol.

It works like it has its own network and if one Domain Name Server doesn’t resolve the domain name to IP Address; it will pass it on to the other domain name server unless it gets resolved to a particular IP Address. (Remember the error?  “The requested URL could not be retrieved”). It is something like a phone directory for the internet!
DNS Overview

  • History
Prior to Domain Name System, NIC was handling the mapping of hostname to IP Address using a text file called host.txt. It is still there under /etc/hosts or “C:\Windows\System32\drivers\etc\hosts”.  You might have seen something like    Localhost which is nothing but mapping of localhost with IP Address
With the passage of time number of hosts increased exponentially and Local organizations were administering their own names and addresses, but had to wait for the NIC to change HOSTS.TXT to make changes visible to the Internet at large.  Organizations also wanted some local structure on the name space. IT created a need for general purpose for this host name to IP Address mapping.
So DNS came into the picture in 1982 and was proposed & first implemented by Jon Postel, Paul Mockapetris.
DNS in minimal depth
  • What is Domain Name
As I mentioned earlier that the most people find difficult remembering the series of numbers which is so called an IP address, and because IP addresses sometimes need to change, all servers on the Internet have human-readable names which is called nothing but domain names. For example, www.aliencoders.org is a domain name (human-readable name) which is much easier for most of us to remember than to remember
The name www.aliencoders.org actually has three parts:
    The host name ("www")
    The domain name ("aliencoders")
    The top-level domain name ("com")
Domain names within the ".com" domain are managed by the registrar called VeriSign. VeriSign also manages ".net" domain names. Other registrars (like RegistryPro, NeuLevel and Public Interest Registry) manage the other domains (like .pro, .biz and .org). For more details on authorized domain names, you can visit this website: http://www.icann.org/registrar-reports/accredited-list.html
VeriSign creates the top-level domain names and guarantees that all names within a top-level domain are unique. VeriSign also maintains contact information for each site and runs the "whois" database.
The host name is created by the company hosting the domain. "www" is a very common host name, but many places now either omit it or replace it with a different host name that indicates a specific area of the site. For example, in encarta.msn.com, the domain name for Microsoft's Encarta encyclopedia, "encarta" is designated as the host name instead of "www".
  • What is the work of Registrar (Domain Name Registrar)?
Registrar in simple word is the person or an organization which keeps the record of all the details for a company or for a college etc. (Registrar in a college will have your details when you were studying in the college.)
In the same way, a Domain Name Registrar is a service provided by different valid registrars through whom you can register your domain name which will be unique and will be owned by you only.

Domain name registrars are authorized by the Internet Corporation for Assigned Names and Numbers (ICANN). ICANN is a private (non-government), non-profit corporation that has been given the responsibility of allocating IP addresses and managing the Domain Name System.

  • How DNS works? (With Image)
Elements of DNS
  • DNS has three major components (structure with Image)

    • Domain name space and space records
Domain name space is like a tree of different nodes and leaves. A tree will start with root which is of zero length node and will follow all top level domain names as node which will again follow with other nodes and leaves as sub-domains and host names.
The domain name of a node is the list of the labels on the path from the node to the root of the tree.  By convention, the labels that compose a domain name are printed or read left to right, from the most specific (lowest, farthest from the root) to the least specific (highest, closest to the root).
Internally, programs that manipulate domain names should represent them as sequences of labels, where each label is a length octet followed by an octet string.  Because all domain names end at the root, which has a null string for a label, these internal representations can use a length byte of zero to terminate a domain name.

Domain Name Space

  • Name servers and its types
Domain Name system is maintained by a database systems which has all the information in structured way.  These are called Name Servers which are the server program which hold the detailed information about domain tree structure, subset of domains (subdomains), pointers to other name servers that can be used to lead to information from any part of the domain tree. 
A name server is said to be an AUTHORITY for these parts of the name space.  Authoritative information is organized into units called ZONEs, and these zones can be automatically distributed to the name servers which provide redundant service for the data in a zone.  Zone records will be stored in a zone file which will be updated all across the domain servers.
It is of mainly two types (third is a kind of combination the above two) :
  1. Authoritative Name Server
An authoritative name server only returns answers to queries about domain names that have been specifically configured by the administrator.
An authoritative name server can either be a master server or a slave server. A master server is a server that stores the original (master) copies of all zone records. A slave server uses an automatic updating mechanism of the DNS protocol in communication with its master to maintain an identical copy of the master records.
Every DNS zone must be assigned a set of authoritative name servers that are installed in NS records in the parent zone. Ex: www.aliencoders.org (Fully Qualified Domain Name or FQDN) is an example of an authoritative name server which serves root name servers as www->aliencoders->com->root tree structure and from com it is served as com->root
  1. Recursive Name Servers
To get the IP Address from FQDN every DNS uses recursive algorithms apart from authoritative name servers which recursively looks from root to the lowest node/leaf and get the IP Address. Ex: www.aliencoders.org will start from root to com then com to aliencoders then aliencoders to www
  1. Caching Name Servers
To improve the efficiency, reduce DNS traffic over the Internet, and to increase the performance at end-user side, DNS supports DNS cache servers which store DNS query results for a period of time determined in the configuration (time-to-live) of the domain name record which is termed as Caching Name Servers.
  • Resolvers
RESOLVERS are programs that extract information from name servers in response to client requests.  Resolvers must be able to access at least one name server and use that name server’s information to answer a query directly, or pursue the query using referrals to other name servers.  A resolver will typically be a system routine that is directly accessible to user programs; hence no protocol is necessary between the resolver and the user program.
A DNS query may be either a non-recursive query or a recursive query:
  • A non-recursive query is one in which the DNS server provides a record for a domain for which it is authoritative itself, or it provides a partial result without querying other servers.
  • A recursive query is one for which the DNS server will fully answer the query (or give an error) by querying other name servers as needed. DNS servers are not required to support recursive queries.
Overview of DNS mechanism (Image source: bytemark.co.uk)
Working of DNS
  • How DNS message is transmitted?
The DNS assumes that messages will be transmitted as datagrams or in a byte stream carried by a virtual circuit.  While virtual circuits can be used for any DNS activity, datagrams are preferred for queries due to their lower overhead and better performance.  Zone refresh activities must use virtual circuits because of the need for reliable transfer.
The Internet supports name server access using TCP [RFC-793] on server port 53 (decimal) as well as datagram access using UDP [RFC-768] on UDP port 53 (decimal).
Messages carried by UDP are restricted to 512 bytes (not counting the IP or UDP headers) and is not acceptable for zone transfers, but is the recommended method for standard queries in the Internet.
  • What happens when one registers a new domain name?
Each new configuration you add is called a record which will be stored in a file called zone file which contains details about the zone records, and the following are the most common types of records you can configure for your DNS server:
  • Host (A) — This is the basic mapping of IP address to host name, the essential component for any domain name.
  • Canonical Name (CNAME) — This is an alias for your domain. Anyone accessing that alias will be automatically directed to the server indicated in the A record.
  • Mail Exchanger (MX) — This maps e-mail traffic to a specific server. It could indicate another host name or an IP address. For example, people who use Google for the e-mail for their domain will create an MX record that points to ghs.google.com.
  • Name Server (NS) — This contains the name server information for the zone. If you configure this, your server will let other DNS servers know that yours is the ultimate authority (SOA) for your domain when caching lookup information on your domain from other DNS servers around the world.
  • Start of Authority (SOA) — This is one larger record at the beginning of every zone file with the primary name server for the zone and some other information. If your registrar or hosting company is running your DNS server, you won't need to manage this. If you're managing your own DNS, Microsoft's support information has a helpful article on the structure of a DNS SOA Record.
  • Text (TXT) —it is an informational record which is used for additional information about a host or for technical information to servers.
  • Service Records (SRV) — SRV records are resource records used to identify computers hosting specific services.
  • AAAA — AAAA records store a 128-bit Internet Protocol version 6 (IPv6) address that does not fit the standard A record format. For example, 2007:0db6:85a3:0000:0000:6a2e:0371:7234 is a valid 128-bit/IPv6 address.
  • What about the DNS Security?
DNS responses are traditionally not cryptographically signed which may lead and leads now even to many vulnerable attacks. The Domain Name System Security Extensions (DNSSEC) modifies DNS to add support for cryptographically signed responses. (It needs another depth reading to post an article on it specially)
Other well-known vulnerabilities are DNS Cache poisoning (DNS Spoofing) and DNS Hijacking (DNS Redirection)
This was just the overview of what DNS is and how it works. If you are interested in detailed explanation rfc 1034 is the right place, especially for networking people.

Wikipedia: http://en.wikipedia.org/wiki/Domain_Name_System
How Stuff Works: http://www.howstuffworks.com/dns.htm
Domain Name- Concepts and Facilities: rfc 1034 and
Domain Names – Implementation and Specifications:  rfc 1035

Sanjeev Jaiswal

He loves web programming and security and co-founder of Alien Coders. He usually shares and helps engineering students and IT professionals in academics and jobs. An avid reader and quick learner.

Share your comment

%d bloggers like this: