Understanding the Domain Name System

Monday, November 29, 2010

Global Knowledge

0dc5fdbc98f80f9aaf2b43b8bc795ea8

Article by Paul Simoneau

Systems like telephones and computers are good at looking at number to identify a destination address. Most people are less skilled at using numeric addresses and prefer easy to remember names.

When users begin applications such as e-mail or Web browsing, they find it easier to supply the name of the target system rather than that machine’s IP address especially as IP addresses expand to four times their current size.

This often involves a request to a local server that provides the DNS (Domain Name System) service. The DNS makes it easier to use applications without having to remember multiple IP addresses.

The DNS takes advantage of the context-based memory clues that names provide and translates those names into IP addresses. Network managers can also take advantage of this name to address mapping to control traffic to various servers in their networks.

DNS uses a distributed database that applications access to convert names into IP addresses. The DNS system is distributed among multiple DNS servers, each knowing about their own networks and having pointers to other servers.

No single Internet site or DNS server needs to know all the information. The application receives a name in an application request and turns to its names resolver to find the IP address to use for that name.

DNS becomes involved when the name is absent from the source system’s files. The resolver contacts the local domain name server to find the matching IP address. The resolver continues following the trail, and contacts as many DNS servers as it needs, to locate the correct IP address.

It stops only when it has a matching FQDN (fully qualified domain name) that ends in a period. In this example, that FQDN is unix​.class​.globalknowledge​.com.

The root or core of the DNS distributed server tree is an artificial point at which the DNS comes together. It is never named, but assumed to be the information after the final period (.) in an FQDN.

Top-Level Domains

  • .aero Air transport industry 
  • .biz Business
  • .com Commercial organizations 
  • .coop Cooperative associations 
  • .edu Education institutions 
  • .gov Civilian government
  • .info Information 
  • .int internal organizations 
  • .jobs Human resource managers
  • .mil United States military
  • .museum Museums 
  • .name Individuals 
  • .net Networks 
  • .org Nonprofit organizations
  • .pro Credentials
  • .travel Travel industry

From that point, the DNS server tree spreads to TLDs (top-level domains) listed above. All organizations fall under one of the top-level domains or the two character country domains (see the sample below). The number of domains within each organization may vary though each must be labeled with a unique name at each level.

Each of these labels or names is limited to 63 characters, though most are much shorter. Each case-insensitive label must start with a letter or number and may contain only letters, numbers, and the hyphen (-).

No other characters are allowed. Each of the labels are separated by a period or dot. Every node must have a unique domain name, though labels may be used more than once in the tree as long as they are at different levels.

Each domain name is more specific to its left side so that the first label is the system name. The exception is arpa domain that offers a reverse lookup capability: address to name mapping. For example, the resolver searches for the name that matches 192.136.118.123 by looking up 123​.118​.136​.192​.in​-addr​.arpa. in a DNS server.

Country Domain Sample

  • au Australia
  • ca Canada
  • de Germany
  • es Spain
  • eu European Union
  • fr France
  • it Italy
  • jp Japan
  • sg Singapore
  • tv Tuvalu
  • uk United Kingdom
  • us United States

Each of the 248 two-character codes is ISO’s abbreviated name for a sovereign nation-level body. One of the recent additions is .eu for the European Union. Many countries also form second-layer domains inside their country code similar to the referenced generic codes.

For example, the UK uses .co for commercial organizations and .ac for academic, which gives colleges and universities a domain name that ends with .ac​.uk and companies domain names that end in .co​.uk. For more information on ccTLDs (country code top-level domains) visit IANA.

Although many organizations in the United States use the three character domains, other organizations have chosen to use the .us country domain. State governmental agencies are among those who have made this choice (at times under pressure).

The only restricted generic domains in the United States are .gov and .mil. See RFC [Request for Comments]1480 for more detail on the .us domain.)

Root Servers Organization IPv4 Address

  • Autonomica/NORDUnet 192.36.148.17
  • Cogent Communications 192.33.4.12
  • ICANN 198.32.64.12
  • Information Sciences Institute 192.228.79.201
  • NASA Ames Research Center 192.5.5.241
  • Réseaux IP Européens 192.203.230.10
  • U.S. Army Research Lab 128.63.2.53 U.S.
  • DoD Network 192.112.36.4
  • University of Maryland 128.8.10.90
  • VeriSign 198.41.0.4
  • VeriSign Naming and Directory Services 192.58.128.30
  • WIDW Project 202.12.27.33

The DNS root server’s job is to reliably publish the root zone server: http://​www​.isoc​.org/​b​r​i​e​f​i​n​g​s​/​0​2​0​/​z​o​n​e​f​i​l​e​.​s​ html

The root zone file contains the names and IP addresses of the authoritative DNS servers for all top-level domains including generic, sponsored and country codes. As of the last change to the file (12-Dec-2004) there were 258 TLDs and 773 different authoritative servers for the listed TLDs.

When other name servers do not have information about a query, they send the query to the root name servers. The root name server responds by referring the request to the appropriate authoritative server or with an answer that shows no such TLD exists.

ICANN

|

IANA

|

____________________________________________________

|   |              |              |          |

APNIC ARIN RIPE LACNIC AFRINIC

The organizations in the chart above handle the Internet domain name administration. They are:

  • ICANN: The Internet Corporation for Assigned Names and Numbers coordinates IP address and name registration worldwide.
  • IANA: The Internet Assigned Numbers Authority administers IP address and name registration for the ICANN.
  • AfriNIC: African Network Information Centre is the Regional Registry for Internet Number Resources for Africa.
  • APNIC: The Asia-Pacific Network Information Center assigns names and numbers in Asia and the Pacific.
  • ARIN: The American Registry for Internet Numbers serves North America.
  • LACNIC: The Latin American and Caribbean Internet Addresses Registry administers IP address space, reverse resolution and other Internetresources of the Latin American and Caribbean region.
  • RIPE: The Réseaux IP Européens assigns names and numbers in Europe.

AfriNIC, APNIC, ARIN, LACNIC, and RIPE are Regional Internet Registries (RIRs). The RIRs delegate the domain name transaction process to organizations such as Internet Service Providers (ISPs) who work with organizations and individuals to help them get the desired domain name(s) assigned.

Cross-posted from Global Knowledge

Possibly Related Articles:
5134
Network->General
DNS Domain Administration IP Address Root Servers
Post Rating I Like this!
298f587406c914fad5373bb689300433
Lynn Wheeler Trivia comment x-over from the "system containment" topic ... the person responsible for creating DNS ... a decade earlier did a stint at the science center.
1291144871
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.