dns domain name service america.pcs.cnu.edu->137.155.2.10
Post on 21-Dec-2015
217 Views
Preview:
TRANSCRIPT
DNSDomain Name Service
america.pcs.cnu.edu->137.155.2.10
BIND an implementation of DNS
• A resolver for the client– libraries linked into client code
• A server NAMED
• Database files with the mapping
Client App
Resolver library Named
Database
But it’s a little more complicated
• The client asks the server
• Server sometimes has to ask other servers for answers
• Each domain (pcs…) has responsibility for its own machines
Client
Server
pcs.cnu.edu
Internet
A Distributed System
• The internet has a collection of servers
• Each domain takes care of its own
• If a server can’t find the IP address, it either directly asks or forwards the request to a server which helps.
• Redundancy is important
• You design your server approach
• Physical location of server in domain is NOT required
Domains(root)
edu gov mil com others
cnu odu wm
pcs
isl
math
Domains can delegateresponsibility for some ofthe domain to others
Types of servers
• Resolver Only (NO server on client machine
• Primary
• Secondary– gets info from primary
• Caching only (slave)– only caches what it retrieves – does not get updates from servers
A typical design
Internet
primary
secondary
secondary secondary
slave slave slave slave slave slave
Configuring the client(resolver)
• Every machine is a client
• The process of looking up a name is configured in a file : resolv.conf
• Tells the library linked into your code– how to search for names (domain entries)– where to look for names(nameserver entries)
domain pcs.cnu.edunameserver 137.155.2.10nameserver 137.155.12.24
Exampleresolv.conf
domain entry
Unix% telnet sappho
What is the IP of this machine?
domain pcs.cnu.edunameserver 137.155.2.10nameserver 137.155.12.24
RESOLVER
server
Find the IP of sappho.pcs.cnu.edu.
A user types this
NOTE: multiple domains can be listed (add cnu.edu)
nameserver entry
domain pcs.cnu.edunameserver 137.155.2.10nameserver 137.155.12.24
RESOLVER
First ask 137.155.2.10what the IP is
Second ask 137.155.12.24what the IP is if there is noanswer from 137.155.2.10
Windows has the same info in network/TCPIP/properties
That’s it for the client!Two entries in resolv.conf
Now for the server!Lots more options
More types of servers
Servers and domains
cnu.edu
pcs.cnu.edu
america
sappho
drake
wm.edu
bio.wm.edu
BioNs
frogs
WmNs
rootserver rootserver
edu
8
2
3
4
5 67
91
sappho wants tocontactfrogs.bio.wm.edu
1-sappho asks its nameserver (america .. from resolv.conf)2-america doesn’t know so asks rootserver from cache3- rootserver knows only knows .edu and forwards request 4- edu server responds to america with an answer for wm.edu5-america contacts wm.edu nameserver WmNs which has delegated a subdomain to BioNs6- WmNs contacts nameserver BioNs to which is the nameserver for bio.wm.edu7- BioNs responds to WmNs with the IP for frogs8- WmNs responds to america with the IP for frogs9- america responds to sappho with the IP for frogs.
As responses are generated, names and servers are cached for subsequent use. E.g. 6-7 could be bypassed if WmNs has already asked BioNs about frogs
Queries
• nameserver entry directs the request• Servers can be set up to forward requests or
to go directly to rootservers (america bypasses drake in this example)
• General approach is to resolve from the top
• Results are cached for future use
• Nameservers are not always physically located in the domain they serve
Major files at a server
• Named.boot– tells the server (named) where its data is stored
and for which domains it has responsibility as the primary server
• Database files– primary has THE copy of mappings– secondary is told where to get copies and where
to store them
named.bootdirectory /whatever (/etc/named)primary localhost localhostprimary 0.0.127.IN-ADDR.ARPA localrev.dnscache . cache
Caching only
directory /whatever (/etc/named)primary pcs.cnu.edu pcs.dnsprimary 2.155.137.IN-ADDR.ARPA pcsrev.dnsprimary localhost localhostprimary 0.0.127.IN-ADDR.ARPA localrev.dnscache . cache
Primary(for pcs net)
(assume at 137.155.2.10)
directory /whatever (/etc/named)primary wm.edu wm.dnsprimary 146.138.IN-ADDR.ARPA wmrev.dnssecondary pcs.cnu.edu 137.155.2.10 pcs.dnssecondary 2.155.137.IN-ADDR.ARPA pcsrev.dnsprimary localhost localhost primary 0.0.127.IN-ADDR.ARPA localrev.dnscache . cache
Secondary(for pcs but could
be located anywhere!)
Primaryfor wm.edu
Primary named.boot
directory /whatever (/etc/named)primary pcs.cnu.edu pcs.dnsprimary 2.155.137.IN-ADDR.ARPA pcsrev.dnsprimary localhost localhostprimary 0.0.127.IN-ADDR.ARPA localrev.dnscache . cache
Primary(for pcs net)
(assume at 137.155.2.10)
This server stores files in /whatever directoryusually someplace in /etc like /etc/named
Primary server for pcs.cnu.edu andstores THE database for that domain in /whatever/pcs.dnsName(pcs.dns) is not important
All servers take of this for their self
Reverse dns for the pcs domain
Reverse dns for the loopback
Cache initializationstarts out with rootserversstored in /whatever/cache
Secondary named.boot
directory /whatever (/etc/named)primary wm.edu wm.dnsprimary 146.138.IN-ADDR.ARPA wmrev.dnssecondary pcs.cnu.edu 137.155.2.10 pcs.dnssecondary 2.155.137.IN-ADDR.ARPA pcsrev.dnsprimary localhost localhost primary 0.0.127.IN-ADDR.ARPA localrev.dnscache . cache
Secondary(for pcs but could
be located anywhere!)
Primaryfor wm.edu
Primary server for wm.eduwith database in wm.dns
Reverse dns for wm.edu whichis in 138.146.0.0 subnet
Secondary dns for pcs.cnu.edugets files from 137.155.2.10 whichis the primary server for that domain
Secondary reverse dns for pcs domain
Root servers
• Initialize your cache with root servers..done
• periodically update the list via ftp from– ftp site nic.ddn.mil– file netinfo/root-servers.txt
99999999 IN NS TERP.UMD.EDU. 99999999 IN NS AOS.BRL.MIL. 99999999 IN NS C.NYSER.NET. 99999999 IN NS A.ISI.EDU. TERP.UMD.EDU. 99999999 IN A 128.8.10.90 AOS.BRL.MIL. 99999999 IN A 192.5.25.82 C.NYSER.NET. 99999999 IN A 192.33.4.12 A.ISI.EDU. 99999999 IN A 26.3.0.103 AND OTHERS ..
DNS Server Database entries
An example for localhost for sappho
; @ is used to indicate the domain is the same as ORIGIN ; ORIGIN defined in named.boot for each domain ; here it would be localhost.@ IN SOA localhost. dgame.pcs.cnu.edu. ( 1 ; serial or version # change w/mods 36000 ; refresh every 100 hours 3600 ; retry after 1 hour 3600000; expire after 1000 hours 36000 ; default ttl is 100 hours ) IN NS localhost. IN A 127.0.0.1
Simple server db file ; ORIGIN for this should be defined as pcs.cnu.edu@ IN SOA america.pcs.cnu.edu. root.pcs.cnu.edu. ( ( 10000, 43000, 3600, 3600000, 2592000 )
; nameservers IN NS america.pcs.cnu.edu. ; NOTE . On endisl IN NS xyz.isl.pcs.cnu.edu. ; delegates subdomain to isl
; name server Ipsxyz.isl.pcs.cnu.edu. IN A 137.155.38.12america.pcs.cnu.edu. IN A 137.155.2.10sappho IN A 137.155.2.20endeavor IN A 137.155.2.21 …. ; mail server IN MX 5 mail.pcs.cnu.edu. ;5 is priority ; define mail servermail IN A 137.155.2.10
Reverse DNS137.155.2.20 -> sappho.pcs.cnu.edu
Exists within the DNS system
com edu
cnu wm
arpa
in-addr
137
155
2
(db file)
Reverse DNS example db file
; reverse dns for 137.155.0.0$ORIGIN 155.137.in-addr.arpa.@ SOA drake.cnu.edu. root.cnu.edu. ( 10 80000 3600 3600000 600000 ) IN NS drake.cnu.edu. ; found through normal dns2 IN NS america.pcs.cnu.edu.210.12 IN PTR drake.pcs.cnu.edu.213.12 IN PTR pompeii.pcs.cnu.edu.
137.155.12.213 -> pompeii137.155.12.210 -> drake
Example serverfor cnu.edu
(delegate subnet 2)
; reverse dns for 137.155.2.0$ORIGIN 2.155.137.in-addr.arpa.@ SOA america.pcs.cnu.edu. root.pcs.cnu.edu. ( 10 80000 3600 3600000 600000 ) IN NS america.pcs.cnu.edu.20 IN PTR sappho.pcs.cnu.edu.21 IN PTR endeavor.pcs.cnu.edu.
Example serverfor pcs.cnu.edu
(delegated subnet 2)
137.155.2.21 -> endeavor137.155.2.20 -> sappho
How are these started?
• named is in one of your startup scripts– reads basic configuration information from named.boot
– reads all of the data base files or contacts the primary servers
• resolver does not “start”– part of your application code– checks resolv.conf when application runs
• resolver and named create BIND system
Checking it out with nslookup
• An interactive program to let you check configuration
• Available on unix
• Responds with server used and response
• Can set type of responses requested
• You can control which server is used
• Try the exercise on-line at – www.pcs.cnu.edu/~dgame/cs336/topics/DNS/nslookup.html
top related