Solution: The Domain Name System
$ grep '129.82.44.1[3-7][0-9]' /etc/hosts 129.82.44.130 austin.cs.colostate.edu austin 129.82.44.131 baton-rouge.cs.colostate.edu baton-rouge 129.82.44.132 bismarck.cs.colostate.edu bismarck 129.82.44.133 boise.cs.colostate.edu boise 129.82.44.134 boston.cs.colostate.edu boston 129.82.44.135 carson-city.cs.colostate.edu carson-city 129.82.44.136 charleston.cs.colostate.edu charleston 129.82.44.137 cheyenne.cs.colostate.edu cheyenne 129.82.44.138 columbia.cs.colostate.edu columbia 129.82.44.139 columbus-oh.cs.colostate.edu columbus-oh 129.82.44.140 concord.cs.colostate.edu concord 129.82.44.141 denver.cs.colostate.edu denver 129.82.44.142 des-moines.cs.colostate.edu des-moines 129.82.44.143 dover.cs.colostate.edu dover 129.82.44.144 frankfort.cs.colostate.edu frankfort 129.82.44.145 harrisburg.cs.colostate.edu harrisburg 129.82.44.146 hartford.cs.colostate.edu hartford 129.82.44.147 helena.cs.colostate.edu helena 129.82.44.148 honolulu.cs.colostate.edu honolulu 129.82.44.149 indianapolis.cs.colostate.edu indianapolis 129.82.44.150 jackson.cs.colostate.edu jackson 129.82.44.151 jefferson-city.cs.colostate.edu jefferson-city 129.82.44.152 juneau.cs.colostate.edu juneau 129.82.44.153 lansing.cs.colostate.edu lansing 129.82.44.154 lincoln.cs.colostate.edu lincoln 129.82.44.155 little-rock.cs.colostate.edu little-rock 129.82.44.156 madison.cs.colostate.edu madison 129.82.44.157 montgomery.cs.colostate.edu montgomery 129.82.44.158 montpelier.cs.colostate.edu montpelier 129.82.44.159 nashville.cs.colostate.edu nashville 129.82.44.160 oklahoma-city.cs.colostate.edu oklahoma-city 129.82.44.161 olympia.cs.colostate.edu olympia 129.82.44.162 phoenix.cs.colostate.edu phoenix 129.82.44.163 pierre.cs.colostate.edu pierre 129.82.44.164 providence.cs.colostate.edu providence 129.82.44.165 raleigh.cs.colostate.edu raleigh 129.82.44.166 richmond.cs.colostate.edu richmond 129.82.44.167 sacramento.cs.colostate.edu sacramento 129.82.44.168 saint-paul.cs.colostate.edu saint-paul 129.82.44.169 salem.cs.colostate.edu salem 129.82.44.170 salt-lake-city.cs.colostate.edu salt-lake-city 129.82.44.171 santa-fe.cs.colostate.edu santa-fe 129.82.44.172 springfield.cs.colostate.edu springfield 129.82.44.173 tallahassee.cs.colostate.edu tallahassee 129.82.44.174 topeka.cs.colostate.edu topeka 129.82.44.175 trenton.cs.colostate.edu trenton 129.82.44.176 washington-dc.cs.colostate.edu washington-dc 129.82.44.177 acorn.cs.colostate.edu acorn 129.82.44.178 almond.cs.colostate.edu almond
An Early Centralized System:
DNS Today
A typical host name: “denver.cs.colostate.edu.” is a Fully Qualified Domain Name (FQDN) made up of parts:
root
│
┌──────────┼───────┬───────┐
│ │ │ │
edu com mil se
│ │ │ │
┌─┴────┐ │ │ │
│ │ │ │ │
colostate mit hp │ mil
│ │
┌───┼────┐ ┌─┴──┐
│ │ │ │ │
engr cs www af navy
│ │
┌───┴────┐ │
│ │ │
www denver buckley
root
│
┌───────┼────┬────┐
edu com mil se
┌─┴────┐ │ │ │
colostate mit hp │ mil
┌───┼────┐ ┌─┴──┐
engr cs www af navy
┌───┴────┐ │
www denver buckley
┌────────┐ │ Home │ │ laptop │ │ │ └────────┘
My laptop’s browser wants the IP address of www.colostate.edu.
┌────────┐ ┌────────┐ │ Home │--“www.colostate.edu?”(1)-▷│ Home │ │ laptop │ │ router │ │ │ │ │ └────────┘ └────────┘
My laptop doesn’t know the IP address, so it asks its smart friend.
┌────────┐ ┌────────┐
│ Home │--“www.colostate.edu?”(1)-▷│ Home │--“www.colostate.edu?”(2)┐
│ laptop │ │ router │ │
│ │ │ │ │
└────────┘ └────────┘ │
▽
┌─────────────┐
│ │
│ │
│ │
│ │
│ Comcast │
│ DNS │
│ server │
│ │
│ │
│ │
│ │
└─────────────┘
My router doesn’t know, either, so it asks its smart friend, the Comcast server.
┌────────┐ ┌────────┐
│ Home │--“www.colostate.edu?”(1)-▷│ Home │--“www.colostate.edu?”(2)┐
│ laptop │ │ router │ │
│ │ │ │ │
└────────┘ └────────┘ │
▽
┌─────────────┐
┌────────────────────┐◁----“www.colostate.edu?”(3)---------│ │
│ j.root-servers.net │ │ │
└────────────────────┘ │ │
│ │
│ Comcast │
│ DNS │
│ server │
│ │
│ │
│ │
│ │
└─────────────┘
The Comcast server doesn’t know, either, so it asks a random root server.
┌────────┐ ┌────────┐
│ Home │--“www.colostate.edu?”(1)-▷│ Home │--“www.colostate.edu?”(2)┐
│ laptop │ │ router │ │
│ │ │ │ │
└────────┘ └────────┘ │
▽
┌─────────────┐
┌────────────────────┐◁----“www.colostate.edu?”(3)---------│ │
│ j.root-servers.net │ │ │
└────────────────────┘-----“Ask c.edu-servers.net”(4)-----▷│ │
│ │
│ Comcast │
│ DNS │
│ server │
│ │
│ │
│ │
│ │
└─────────────┘
The root server doesn’t know the IP address, but it knows who handles .edu.
┌────────┐ ┌────────┐
│ Home │--“www.colostate.edu?”(1)-▷│ Home │--“www.colostate.edu?”(2)┐
│ laptop │ │ router │ │
│ │ │ │ │
└────────┘ └────────┘ │
▽
┌─────────────┐
┌────────────────────┐◁----“www.colostate.edu?”(3)---------│ │
│ j.root-servers.net │ │ │
└────────────────────┘-----“Ask c.edu-servers.net”(4)-----▷│ │
│ │
┌────────────────────┐◁----“www.colostate.edu?”(5)---------│ Comcast │
│ c.edu-servers.net │ │ DNS │
└────────────────────┘ │ server │
│ │
│ │
│ │
│ │
└─────────────┘
The Comcast DNS server asks the .edu server to resolve www.colostate.edu.
┌────────┐ ┌────────┐
│ Home │--“www.colostate.edu?”(1)-▷│ Home │--“www.colostate.edu?”(2)┐
│ laptop │ │ router │ │
│ │ │ │ │
└────────┘ └────────┘ │
▽
┌─────────────┐
┌────────────────────┐◁----“www.colostate.edu?”(3)---------│ │
│ j.root-servers.net │ │ │
└────────────────────┘-----“Ask c.edu-servers.net”(4)-----▷│ │
│ │
┌────────────────────┐◁----“www.colostate.edu?”(5)---------│ Comcast │
│ c.edu-servers.net │ │ DNS │
└────────────────────┘-----“Ask dns1.colostate.edu”(6)----▷│ server │
│ │
│ │
│ │
│ │
└─────────────┘
The .edu server knows several authoritative servers for .colostate.edu.
┌────────┐ ┌────────┐
│ Home │--“www.colostate.edu?”(1)-▷│ Home │--“www.colostate.edu?”(2)┐
│ laptop │ │ router │ │
│ │ │ │ │
└────────┘ └────────┘ │
▽
┌─────────────┐
┌────────────────────┐◁----“www.colostate.edu?”(3)---------│ │
│ j.root-servers.net │ │ │
└────────────────────┘-----“Ask c.edu-servers.net”(4)-----▷│ │
│ │
┌────────────────────┐◁----“www.colostate.edu?”(5)---------│ Comcast │
│ c.edu-servers.net │ │ DNS │
└────────────────────┘-----“Ask dns1.colostate.edu”(6)----▷│ server │
│ │
┌────────────────────┐◁----“www.colostate.edu?”(7)---------│ │
│ dns1.colostate.edu │ │ │
└────────────────────┘ │ │
└─────────────┘
The Comcast server asks dns1.colostate.edu to resolve the name.
┌────────┐ ┌────────┐
│ Home │--“www.colostate.edu?”(1)-▷│ Home │--“www.colostate.edu?”(2)┐
│ laptop │ │ router │ │
│ │ │ │ │
└────────┘ └────────┘ │
▽
┌─────────────┐
┌────────────────────┐◁----“www.colostate.edu?”(3)---------│ │
│ j.root-servers.net │ │ │
└────────────────────┘-----“Ask c.edu-servers.net”(4)-----▷│ │
│ │
┌────────────────────┐◁----“www.colostate.edu?”(5)---------│ Comcast │
│ c.edu-servers.net │ │ DNS │
└────────────────────┘-----“Ask dns1.colostate.edu”(6)----▷│ server │
│ │
┌────────────────────┐◁----“www.colostate.edu?”(7)---------│ │
│ dns1.colostate.edu │ │ │
└────────────────────┘-----“It is 129.82.103.106”(8)------▷│ │
└─────────────┘
The dns1.colostate.edu server, on the CSU campus, replies with the IP address.
┌────────┐ ┌────────┐
│ Home │--“www.colostate.edu?”(1)-▷│ Home │--“www.colostate.edu?”(2)┐
│ laptop │ │ router │ │
│ │ │ │◁--“129.82.103.106”(9) │
└────────┘ └────────┘ △ │
│ ▽
┌─────────────┐
┌────────────────────┐◁----“www.colostate.edu?”(3)---------│ │
│ j.root-servers.net │ │ │
└────────────────────┘-----“Ask c.edu-servers.net”(4)-----▷│ │
│ │
┌────────────────────┐◁----“www.colostate.edu?”(5)---------│ Comcast │
│ c.edu-servers.net │ │ DNS │
└────────────────────┘-----“Ask dns1.colostate.edu”(6)----▷│ server │
│ │
┌────────────────────┐◁----“www.colostate.edu?”(7)---------│ │
│ dns1.colostate.edu │ │ │
└────────────────────┘-----“It is 129.82.103.106”(8)------▷│ │
└─────────────┘
The Comcast server sends the IP address to my home router.
┌────────┐ ┌────────┐
│ Home │--“www.colostate.edu?”(1)-▷│ Home │--“www.colostate.edu?”(2)┐
│ laptop │ │ router │ │
│ │◁--“129.82.103.106”(10)----│ │◁--“129.82.103.106”(9) │
└────────┘ └────────┘ △ │
│ ▽
┌─────────────┐
┌────────────────────┐◁----“www.colostate.edu?”(3)---------│ │
│ j.root-servers.net │ │ │
└────────────────────┘-----“Ask c.edu-servers.net”(4)-----▷│ │
│ │
┌────────────────────┐◁----“www.colostate.edu?”(5)---------│ Comcast │
│ c.edu-servers.net │ │ DNS │
└────────────────────┘-----“Ask dns1.colostate.edu”(6)----▷│ server │
│ │
┌────────────────────┐◁----“www.colostate.edu?”(7)---------│ │
│ dns1.colostate.edu │ │ │
└────────────────────┘-----“It is 129.82.103.106”(8)------▷│ │
└─────────────┘
My home router tells my laptop the IP address.
That was the worst case. Really, caching occurs at all levels:
But, for how long?
Multiple servers for each zone in case any one server fails:
Recursive query:
Iterated query:
Typical trip to a hardware store:
Ideal trip to a hardware store:
Either system works, I suppose.
The Start of Authority (SOA) record defines global parameters for a “zone”:
DNS RFC defines a text representation for records as well as a binary or “wire” representation. SOA records have the following text format:
; Name TTL Class RType Email
acns.colostate.edu 3600 IN SOA dnsadmin.colostate.edu. (
249427 ; sn
900 ; refresh (15 min)
600 ; retry (10 min)
86400 ; expiry (1 day)
3600 ; minTTL (1 hour)
)
Name Server (NS): Defines the authoritative name server(s) for a domain. Actually located both at the root of the zone and at the point of delegation in the parent zone.
The NS records for acns.colostate.edu reside in the parent zone, “colostate.edu”, like this :
Name TTL Class RecordType Data
acns IN NS dns1.colostate.edu
acns IN NS dns2.colostate.edu
And they exist in the acns.colostate.edu zone where they look like:
Name TTL Class RecordType Data
@ IN NS dns1.colostate.edu
@ IN NS dns2.colostate.edu
IPv4 Address (A): Associates a name with an IPv4 address The A record for chico.cs.colostate.edu resides in the “cs.colostate.edu” zone and looks like:
Name TTL Class RecordType Data
www IN A 129.82.45.30
IPv6 Address (AAAA): Associates a name with an IPv6 address An AAAA record looks like:
Name TTL Class RecordType Data
www IN AAAA 2002:8152:e6d2::8052:f8d1
Canonical Name (CNAME): Associates an alias with another DNS name record. The CNAME record for www.cs.colostate.edu looks like:
Name TTL Class RecordType Data
www IN CNAME parsons.cs.colostate.edu
According to the RFC, you may not create any other records with the same name as a CNAME record. Recently added exceptions for DNSSEC record types RRSIG, NSEC and KEY.
Others… There are ~71 record types. The other, more common records include:
This is also a tree structure, delegated in a similar fashion. All reverse space is rooted in the special domain called “in-addr.arpa”
For delegation to work as in the forward space, the networks are listed most specific to least specific. Thus CSU’s IP space (129.82/16) has a reverse DNS zone of “82.129.in-addr.arpa”
arpa
│
in-addr
│
┌─────┼─────┐
128 129 130
│
┌─────┼─────┐
81 82 83
│
┌─────┼─────┐
44 45 46
│
┌─────┼─────┐
113 114 115
$ host www.cs.colostate.edu www.cs.colostate.edu is an alias for beethoven.cs.colostate.edu. beethoven.cs.colostate.edu has address 129.82.45.48 $ host 129.82.45.114 114.45.82.129.IN-ADDR.ARPA domain name pointer parsons.cs.colostate.edu. 114.45.82.129.IN-ADDR.ARPA domain name pointer parsons.cs-win.colostate.edu.
Internet Assigned Numbers Authority (IANA) and Internet Network Information Center (InterNIC) originally established by various US Government agencies and now run under contract by a private, non-profit organization.
Internet Corporation for Assigned Names and Numbers (ICANN) is responsible for:
DNS Registry — the authoritative source for a DNS domain.
DNS Registrar — entity authorized to manage registry data.
Dynamic DNS (DDNS) — Allows clients to update A and PTR records on the fly. It’s handy when your ISP doesn’t guarantee a constant IP address.
wget from cron.
| Command | Purpose |
|---|---|
ping | Ping and incidentally reveal IP address |
nslookup | Show DNS record info |
dig | Get DNS record info |
host | Get DNS record info |
whois | Get contact information |
$ ping -c2 localhost PING localhost(localhost (::1)) 56 data bytes 64 bytes from localhost (::1): icmp_seq=1 ttl=64 time=0.012 ms 64 bytes from localhost (::1): icmp_seq=2 ttl=64 time=0.027 ms --- localhost ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1009ms rtt min/avg/max/mdev = 0.012/0.019/0.027/0.008 ms
$ nslookup whitehouse.gov Server: 129.82.45.181 Address: 129.82.45.181#53 Non-authoritative answer: Name: whitehouse.gov Address: 192.0.66.168 Name: whitehouse.gov Address: 2a04:fa87:fffd::c000:42de
#53 mean?
$ dig www.frii.com ; <<>> DiG 9.11.36-RedHat-9.11.36-16.el8_10.2 <<>> www.frii.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9659 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 3 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ; COOKIE: 0c7ecc8783a54d49cb7764ed67404ae4d48b948dd96a6fcf (good) ;; QUESTION SECTION: ;www.frii.com. IN A ;; ANSWER SECTION: www.frii.com. 8943 IN CNAME frii.com. frii.com. 8936 IN A 204.144.128.57 ;; AUTHORITY SECTION: frii.com. 132664 IN NS ns1.cpanel.frii.com. frii.com. 132664 IN NS ns2.cpanel.frii.com. ;; ADDITIONAL SECTION: ns1.cpanel.frii.com. 132664 IN A 204.144.128.56 ns2.cpanel.frii.com. 132664 IN A 204.144.128.55 ;; Query time: 0 msec ;; SERVER: 129.82.45.181#53(129.82.45.181) ;; WHEN: Fri Nov 22 02:12:04 MST 2024 ;; MSG SIZE rcvd: 174
dig produces a straightforward dump of the actual DNS query.
$ host ebay.com ebay.com has address 23.67.33.5 ebay.com has address 23.67.33.31 ebay.com mail is handled by 10 mx2.hc2186-24.iphmx.com. ebay.com mail is handled by 10 mx1.hc2186-24.iphmx.com.
$ whois colostate.edu | sed '1,/^---/d' Domain Name: COLOSTATE.EDU Registrant: Colorado State University Colorado State University Ft. Collins, CO 80523 USA Administrative Contact: Domain Admin Colorado State University Colorado State University Ft. Collins, CO 80523 USA +1.9704915600 dns.admin@colostate.edu Technical Contact: Domain Admin Colorado State University Colorado State University Ft. Collins, CO 80523 USA +1.9704915600 dns.admin@colostate.edu Name Servers: DNS3.COLOSTATE.EDU DNS1.COLOSTATE.EDU DNS2.COLOSTATE.EDU Domain record activated: 27-May-1987 Domain record last updated: 09-Jul-2024 Domain expires: 31-Jul-2025
These websites can look up things for you:
|
Modified: 2017-11-16T15:52 User: Guest Check: HTML CSSEdit History Source |
Apply to CSU |
Contact CSU |
Disclaimer |
Equal Opportunity Colorado State University, Fort Collins, CO 80523 USA © 2015 Colorado State University |
|