分享
 
 
 

Domain Name Service

王朝other·作者佚名  2008-05-31
窄屏简体版  字體: |||超大  

The Domain Name System (DNS) is the method by which Internet addresses in mnemonic form sUCh as sunc.scit.wlv.ac.uk. are converted into the equivalent numeric IP address such as 134.220.4.1. To the user and application process this translation is a service provided either by the local host or from a remote host via the Internet. The DNS server (or resolver) may communicate with other Internet DNS servers if it cannot translate the address itself. These notes will discuss

The form of mnemonic addresses understood by DNS

The hierarchichal structure of DNS servers and their databases

How DNS servers communicate with each other

The user and program interfaces to DNS

DNS name structure

DNS names are constructed hierarchichally. The highest level of the hierarchy being the last component or label of the DNS address. Labels can be up to 63 characters long and are case insensitive. A maximum length of 255 characters is allowed. Labels must start with a letter and can only consist of letters, digits and hyphens. [Unfortunately some administrators construct names that start with digits. This is wrong and can easily cause problems with software that simply inspects the first character of a host address to determine whether a DNS name or an IP address has been quoted.]

Note In the early days of the Internet users in at least one country (the United Kingdom) adopted a similar scheme with the highest hierarchical level appearing first rather than last. I.e. uk.ac.wlv.scit.sun rather than sunc.scit.wlv.ac.uk. This practice is, fortunately, obsolete.

DNS addresses can be relative or fully qualified. A fully qualified address includes all the labels and is globally unique. A relative address can be converted by appending the local domain information. For example sunc.scit.wlv.ac.uk is a fully qualified name for the host sunc in the domain scit.wlv.ac.uk. Strictly there should be a stop at the end of a fully qualified name but this is often overlooked.

The final most significant label of a fully qualified name can fall into one of three classes

arpa

This is a special facility used for reverse translation, i.e. going from IP address to fully qualified domain address. If everything is properly configured a suitably framed query for 1.4.220.134.in-addr.arpa will return sunc.scit.wlv.ac.uk. Details of this will be described later.

3 letter codes

The DNS was orginally introduced in the United States of America and the final component of an address was intended to indicate the type of organisation hosting the computer. Some of the three letter final labels (edu, gov, mil) are still only used by organisations based in the USA, others can be used anywhere in the world.

The three letter codes are

code

meaning

com

Commercial. Now international.

edu

Educational.

gov

Government.

int

International Organisiation.

mil

Military.

net

Network related.

org

Miscellaneous Organisation.

Two letter codes

The final two letter codes indicate the country of origin and are defined in ISO 3166 with the minor exception that uk is used for the United Kingdom rather than gb although there are some .gb sites. [This apparently happened because the ISO committee was unaware that Northern Ireland was part of the United Kingdom but not part of Great Britain.]

The two letter code us is used by some sites in the United States of America.

In some countries there are sub-domains indicating the type of organisation such as ac.uk, co.uk, sch.uk in the United Kingdom and edu.au and com.au in Australia. Most European countries have not adopted this useful practice. A fuller discussion of the United Kingdom DNS domains is provided by the UK Network Information Centre.

To oBTain a domain address it is necessary to identify the administrator of the required domain and then all that is basically necessary is to send the administrator the required code and the associated IP address and they will, if they accept the request, include the details in their databases. Conditions for acceptance vary widely between administrators, the administrators for the com and org being, apparently, quite happy to accept anything from anywhere.

DNS servers and their databases

For any group of computers partaking of the DNS naming scheme there is likely to be a single definitive list of DNS names and associated IP addresses. The group of computers included in this list is called a zone. A zone could be a top level national domain or a university department. Within a zone DNS service for subsidiary zones may be delegated along with a subsidiary domain. The computer that maintains the master list for a zone is said to have authority for that zone and will be the primary name server for that zone, there will also be secondaries for that zone.

When any process needs to determine an IP address given a DNS address it calls upon the local host to resolve the address. This can be done in a variety of ways

Table lookup. On Unix hosts the table is called /etc/hosts

The process communicates with a local name server process. This is commonly called named on a Unix system. named initially obtains information from /etc/hosts but also maintains a cache of recent requests.

It sends a message to a remote system that is identified from the information in the file /etc/resolv.conf.

Finally if a network information system (NIS) is in use DNS service may be one of the facilities provided by the network information system. Most SUN systems work this way although the NIS master will use one or more of the techniques described above to build and maintain the master database.

If a named process cannot resolve an address locally it will call upon higher authority. Ultimately it will attempt to contact the system that is authoritative for the zone in question, however, unless the information is cached or in the hosts local files then it will not know the address of the authoritative server. This problem is resolved by recursive resolution of requests, i.e. any DNS server will pass requests it cannot handle to a higher level server and so on until either the request can be handled (either by sending a message to the identified authoritative host) or until the root of the DNS name space is reached.

There are eight servers that can serve requests at the root of the DNS name space, all servers should know their IP addresses so that DNS service can be offered even if there are no cached addresses and no local servers indicated by the /etc/resolv.conf file. The root servers will know the IP addresses of the servers for all the national DNS zones and the three letter zones.

Communication between servers

The message formats used for exchange of queries and responses between hosts and DNS servers is specified in RFC1035. Queries and responses can be transferred either via TCP or via UDP. There are "well-known" port numbers for DNS service using either protocol.

The format of a DNS query and response is

Bits 0-15

Bits 16-31

Identification

flags

number of questions

number of answer RRs

number of authority RRs

number of additional RRs

questions

answers (RRs)

authority (RRs)

additional information

RRs are Resource Records

The 16 flag bits provide further information about the query

QR bit.

A single indicating a query (0) or a response (1)

opcode

4 bits whose value means

Value

Meaning

0

Standard Query

1

Inverse Query

2

Server status request

AA bit

If set, this means that the server is authoritative for the domain in question.

TC bit

If set this means that the reply size exceeded 512 bytes and only the first 512 bytes were actually returned. This will only be used if the response is being returend via UDP.

RD bit.

If this bit is not set then recursion is denied. This means that if the responding server cannot resolve the query itself rather than passing it on to "higher authority" and returning the result it eventually receives, it will simply return a list of other servers to try.

RA bit.

If this bit is set by a responding server then that server is indicating that it can handle queries recusively.

3 unused bits.

These must be zero.

4 rcode bits.

This indicates the status

Value

Meaning

0

No error

1

Malformed Query

2

Server Failed

3

Name Does not Exist

4

Query type unsupported by server

5

Server refused to answer

After the 12 byte header the DNS query message consists of a block of questions which in turn consist of query name, query type and query class.

Typically the query name is the name of site, each component of the name is sent a sequence of characters preceded by a byte holding the binary count of the number of characters in the component. The name is terminated by a zero byte.

The query type indicates the type of information required encoded in a 16 bit field. Common values are

Name

Value

Description

A

1

IPv4 Address (32 bits)

NS

2

Name Server

CNAME

5

Canonical Name

PTR

12

Pointer Record

HINFO

13

Host Information

MX

15

Mail Exchange Record

TXT

16

Text String

AAAA

28

IPv6 Address (128 bits)

AXFR

252

Request for Zone Transfer

ANY

255

Request for All Records

Query class is usually 1 meaning an Internet domain query, other values could be used for different addressing domains.

Response Records known as RRs form the body of the reply to a DNS query. They are used for the answers, authority and additional information fields.

The form is

Bits 0-15

Bits 16-31

Domain Name

type

class

Time to live

Resource Data length

Resource Data

Resource data (continued)

The domain name is the query name from the query. The type is the query type. The class is 1 for the Internet domain. The time to live is the time for which the information can be cached by the client, typically two days, eXPressed in seconds. The resource data length specifies the number of bytes of resource data.

It is important to note that queries can be made for information relating to both individual hosts and for zones/domains. Most of the query types are fairly obvious. The MX query is used specifically for mail handling and can return information about hosts not directly or regularly connected to the Internet. The result of an MX query for such a host is the address of an Internet host that will receive mail for such a host and make its own arrangements for forwarding the mail via non-Internet means or when the host does connect. An MX query response for a domain provides the address of the host that will handle mail for that domain allowing email addresses of the form User@domain_name. The NS query can be used to identify the name servers for a particular domain.

User Interfaces

On Unix systems the normal user interface is the program /usr/sbin/nslookup. [The actual path may be different on some hosts]. This can be used to perform almost any DNS function and display the results to the user.

Here is an example of its use on scitsc.wlv.ac.uk. Note. This example was prepared before the scit.wlv.ac.uk zone was delegated, scitsc is now known as sunc although the old name still works.

bash$ /usr/etc/nslookup

Default Server: scitsc.wlv.ac.uk

Address: 134.220.4.1

> set q=A

> ccub.wlv.ac.uk.

Server: scitsc.wlv.ac.uk

Address: 134.220.4.1

Name: ccub.wlv.ac.uk

Address: 134.220.1.20

> set q=CNAME

> www.wlv.ac.uk.

Server: scitsc.wlv.ac.uk

Address: 134.220.4.1

www.wlv.ac.ukcanonical name = ccuf.wlv.ac.uk

> set q=MX

> wlv.ac.uk.

Server: scitsc.wlv.ac.uk

Address: 134.220.4.1

wlv.ac.ukpreference = 1, mail exchanger = wlv.ac.uk

wlv.ac.ukinet address = 134.220.1.12

> set q=HINFO

> ccub.wlv.ac.uk.

Server: scitsc.wlv.ac.uk

Address: 134.220.4.1

ccub.wlv.ac.ukCPU=SUN 690MPOS=Solaris 2.4

> set q=PTR

> 12.1.220.134.in-addr.arpa

Server: scitsc.wlv.ac.uk

Address: 134.220.4.1

12.1.220.134.in-addr.arpahost name = ccug.wlv.ac.uk

Here it shows that sunc was providing DNS service. A number of queries were made. The query type was specified using nslookup s set q= command.

Type A

A simple query for the IP address corresponding to ccub.wlv.ac.uk.

Type CNAME

A given host can have several DNS names. One of these is the canonical or reference name. This query reveals that www.wlv.ac.uk is really ccuf.wlv.ac.uk.

Type MX

A mail exchanger query, this time for the domain wlv.ac.uk which reveals that mail sent to user@wlv.ac.uk is actually sent to 134.220.1.12 which is really ccug.wlv.ac.uk. (see below).

Type HINFO

An HINFO query. This is only useful if the DNS domain administrator has bothered to create the relevant records and keep them up to date.

Type PTR

A PTR query. This shows "inverse" or "reverse" resolution. Notice the very clumsy way the query has to be entered, this is partly because IP addresses have the most sigificant part first whereas DNS addresses have the most significant part last. There are plenty of pieces of software that do reverse resolution without this clumsy interface.

Program Interface

The commonest program interface to DNS uses the library functions gethostbyname() and gethostbyaddr(). These are discussed in more detail elsewhere.

Exploring a zone

The nslookup program can be used to obtain a listing of all the hosts in a zone. To do this it is first necessary to identify the name server for the zone. This is done using an NS query, setting the server parameter to one or other of the identified name servers and then using nslookup s ls command. Note that in this example the user was careful to include the final dot on the domain name, this prevented nslookup from trying to append the local default domain name (scit.wlv.ac.uk.) to the required domain name. For large domains the ls command has an option to write its results to a file.

bash$ /usr/sbin/nslookup

Default Server: sunc.scit.wlv.ac.uk

Address: 134.220.4.1

> set q=NS

> bilston.ac.uk.

Server: sunc.scit.wlv.ac.uk

Address: 134.220.4.1

Non-authoritative answer:

bilston.ac.uk nameserver = unad1.wlv.ac.uk

bilston.ac.uk nameserver = ccua.wlv.ac.uk

bilston.ac.uk nameserver = ccub.wlv.ac.uk

Authoritative answers can be found from:

unad1.wlv.ac.uk internet address = 134.220.192.26

ccua.wlv.ac.uk internet address = 134.220.1.39

ccub.wlv.ac.uk internet address = 134.220.1.20

> server ccub.wlv.ac.uk

Default Server: ccub.wlv.ac.uk

Address: 134.220.1.20

> ls bilston.ac.uk.

[ccub.wlv.ac.uk]

bilston.ac.uk. server = ccub.wlv.ac.uk

bilston.ac.uk. server = unad1.wlv.ac.uk

bilston.ac.uk. server = ccua.wlv.ac.uk

gw 194.62.148.1

novix1 195.188.205.2

www 194.62.148.4

fc 194.62.148.5

student1 195.18.205.3

The session above was logged in March 1998. It reveals 5 hosts in the bilston.ac.uk domain. Surprisingly three different class C IP network addresses appear in the output. This was because the organisation was in the process of changing its Internet Service Provider accounting for two of the network addresses, the third (195.18.205) is, apparently, a typographical error for 195.188.205.

Furthre information on identifying the ownership of an IP network and, implicitly, a DNS domain can be found in the notes on IP routing.

Alternative DNS hierarchies

With the rapid commercialisation of the Internet in the late 1990 s disputes over DNS names arose from time to time and suggestions have been made for the creation of extra top level domains. The root of the current DNS hierarchy is maintained by the Network Information Center on a contract from the government of the United States of America. There have been several attempts to set up alternative hierarchies. The most succesful (at the time of writing - April 1998) is probably Alternic.

To use the Alternic DNS service you need to know the address of their root servers, one of these is mx.alternic.net. Here s an example showing that it does work for DNS resolution of www.alternic.nic.

bash$ /usr/sbin/nslookup

Default Server: sunc.scit.wlv.ac.uk

Address: 134.220.4.1

> server mx.alternic.net

Default Server: mx.alternic.net

Address: 206.191.128.47

> www.alternic.nic.

Server: mx.alternic.net

Address: 206.191.128.47

Name: www.alternic.nic

Address: 206.191.128.47

Alternic uses three letter top level domains for countries (such as jpn and ger) and has a large number of commercially oriented top level domains. At the time of writing the only domains with significant populations are porno and xxx.

A normal name server can only resolve Alternic addresses if they re already in its cache. Most DNS implementations with a list of root servers consult them in random order or consistently consult the first one in the list. Including one of the Alternic servers in amongst the list of root servers will not provide consistent resolution of addresses in both hierarchies.

[Note: this particular aberration seems to have fizzled out (May 1999)]

Zones of Convenience

It is tempting to think that an Internet host with a name ending in ".uk" is actually located in the United Kingdom. There is no requirement that this should be so. For example the well known host www.yahoo.co.uk is actually located in southern Germany. In the case of the United Kingdom it is simply necessary to present the organisation that runs the ".co.uk" domain with an IP address (and a suitable sum of money !) and the DNS address will be registered. The top-level administration of the ".uk" domain will only delegate to specifically UK based organisations.

Some administrations are distinctly less fussy and a number of "zones of convenience" along the same lines as "flags of convenience" have come into fairly common usage. These are mostly poor third world countries or tiny groups of islands desperate for some hard cash, they also tend to sell un-necessary sets of stamps and coins to guillible collectors.

The most common ones seem to be ".cc" (the Cocos-Keeling Islands), ".to" (Tonga) and ".nu" (Niue). At one time both ".is" (Iceland) and ".tm" (Turkmenistan) allowed their top level domains to be used in this fashion, but they now seem to adopt a more rational approach.

Some of the blame must attach to Internic who have created some pretty unlikely top-level domains. It is difficult to imagine anybody using ".bv", the allocated top-level domain for Bouvet Island, an uninhabited (an uninhabitable !) Norwegian Dependency about half-way between South Africa and Antarctica whose only claim to fame is that it is the most isolated piece of land in the world.

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
2023年上半年GDP全球前十五强
 百态   2023-10-24
美众议院议长启动对拜登的弹劾调查
 百态   2023-09-13
上海、济南、武汉等多地出现不明坠落物
 探索   2023-09-06
印度或要将国名改为“巴拉特”
 百态   2023-09-06
男子为女友送行,买票不登机被捕
 百态   2023-08-20
手机地震预警功能怎么开?
 干货   2023-08-06
女子4年卖2套房花700多万做美容:不但没变美脸,面部还出现变形
 百态   2023-08-04
住户一楼被水淹 还冲来8头猪
 百态   2023-07-31
女子体内爬出大量瓜子状活虫
 百态   2023-07-25
地球连续35年收到神秘规律性信号,网友:不要回答!
 探索   2023-07-21
全球镓价格本周大涨27%
 探索   2023-07-09
钱都流向了那些不缺钱的人,苦都留给了能吃苦的人
 探索   2023-07-02
倩女手游刀客魅者强控制(强混乱强眩晕强睡眠)和对应控制抗性的关系
 百态   2020-08-20
美国5月9日最新疫情:美国确诊人数突破131万
 百态   2020-05-09
荷兰政府宣布将集体辞职
 干货   2020-04-30
倩女幽魂手游师徒任务情义春秋猜成语答案逍遥观:鹏程万里
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案神机营:射石饮羽
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案昆仑山:拔刀相助
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案天工阁:鬼斧神工
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案丝路古道:单枪匹马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:与虎谋皮
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:李代桃僵
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:指鹿为马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:小鸟依人
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:千金买邻
 干货   2019-11-12
 
推荐阅读
 
 
 
>>返回首頁<<
 
靜靜地坐在廢墟上,四周的荒凉一望無際,忽然覺得,淒涼也很美
© 2005- 王朝網路 版權所有