SlideShare ist ein Scribd-Unternehmen logo

Domain Name System(ppt)

Als PPT, PDF herunterladen
C
chovatiyabhautik

PPT FOR COMPUTER NETWORK SUBJECT HAVING TOPIC DNS.

Ingenieurwesen
1 von 52
DNS ( DOMAIN NAME SYSTEM ) Prepared by: •YASH NIMAVAT-91600103106 •BHAUTIK CHOVATIYA-91600103130 •CHETAN KHUNTI-91600103105 •BHAVIK VAISHNANI-91600103074 •JAY JOSHI-91600103094
Overview Introduction to the DNS DNS Components  The name space  The servers  The resolvers DNS Structure and Hierarchy The DNS in Context
DNS History  ARPANET utilized a central file HOSTS.TXT  Contains names to addresses mapping  Maintained by SRI’s NIC (Stanford-Research-Institute: Network-Information-Center)  Administrators email changes to NIC  NIC updates HOSTS.TXT periodically  Administrators FTP (download) HOSTS.TXT
 As the system grew, HOSTS.TXT had problems with:  Scalability (traffic and load)  Name collisions  Consistency  In 1984, Paul Mockapetris released the first version (RFCs* 882 and 883, superseded by 1034 and 1035 …) *RFC: Request for Comments
The DNS is… The “Domain Name System”. What Internet users use to reference anything by name on the Internet. The mechanism by which Internet software translates names to attributes such as addresses.
The DNS is also… A globally distributed, scalable, reliable database. Comprised of three components :  A “name space”  Servers making that name space available  Resolvers (clients) which query the servers about the name space
DNS as a Lookup Mechanism Users generally prefer names to numbers e.g. – google.com, fb.com etc. Computers prefer numbers to names e.g. – 10.2.1.32, 10.2.4.56 etc. DNS provides the mapping between the two  I have “x”, give me “y”  i.e. for e.g. : “google.com” with “10.2.1.32”.
DNS as a Database Keys to the database are “domain names”  www.foo.com, 18.in-addr.arpa, 6.4.e164.arpa Over 200,000,000 domain names stored. Each domain name contains one or more attributes:  Known as “resource records” Each attribute individually retrievable.
Global Distribution Data is maintained locally, but retrievable globally  No single computer has all DNS data DNS lookups can be performed by any device. Remote DNS data is locally cacheable to improve performance.
Loose Coherency Each version of a subset of the database (a zone) has a serial number  The serial number is incremented on each database change Changes to the master copy of the database are propagated to replicas according to timing set by the zone administrator Cached data expires according to timeout set by zone administrator
Scalability No limit to the size of the database. No limit to the number of queries  Tens of thousands of queries handled easily every second Queries distributed among masters, slaves, and caches.
Reliability Data is replicated  Data from master is copied to multiple slaves Clients can query  Master server  Any of the copies at slave servers Clients will typically query local caches. DNS protocols can use either UDP or TCP  If UDP, DNS protocol handles retransmission, sequencing, etc.
Dynamicity Database can be updated dynamically  Add/delete/modify of any record  Only master can be dynamically updated Modification of the master database triggers replication.
The Name Space The name space is the structure of the DNS database  An inverted tree with the root node at the top. Each node has a label  The root node has a null label, written as “” t h ir d -le v e l n o d e s e c o n d - le v e l n o d e s e c o n d - le v e l n o d e t o p -le v e l n o d e t h ir d -le v e l n o d e t h ir d -le v e l n o d e s e c o n d - le v e l n o d e t o p -le v e l n o d e s e c o n d - le v e l n o d e s e c o n d - le v e l n o d e t o p -le v e l n o d e T h e r o o t n o d e " "
An Analogy – E.164 Root node maintained by the ITU (call it “+”) Top level nodes contains country codes (1, 81, etc) Second level nodes contains regional codes (1-402, 81-3, etc.) . . . . . . 2 0 2 6 0 0 3 3 8 1 6 0 0 3 7 7 9 6 5 0 8 0 8 1 5 2 2 6 2 0 2 4 3 4 8 9 3 4 8 5 2 8 1 . . . " + "
fo o fo o to p -1 fo o a t& t to p -2 b a r b a z to p -3 "" Labels Each node in the tree must have a label  A string of up to 63 bytes  RFCs 852 and 1123 define legal characters for “hostnames”  A-Z, 0-9, and “-” only with a-z and A-Z treated as the same. Sibling nodes must have unique labels. The null label is reserved for the root node.
Domain Names A domain name is the sequence of labels from a node to the root, separated by dots (“.”s), read left to right  The name space has a maximum depth of 127 levels  Domain names are limited to 255 characters in length A node’s domain name identifies its position in the name space d a k o ta w e s t t o r n a d o e a s t w w w n o m in u m m e ta in fo c o m b e r k e le y n w u e d u g o v n a to in t a r m y m il u u n e t o rg " "
Subdomains One domain is a subdomain of another if its domain name ends in the other’s domain name  So sales.nominum.com is a subdomain of nominum.com & .com  nominum.com is a subdomain of .com
Dividing a Domain into Zones .a r p a a c m e b w m o lo k a i s k y e r w c w w w f tp g o u d a c h e d d a r a m s n o m in u m n e ts o l .c o m . e d u " " nominum.com domain nominum.com zone ams.nominum.com zonerwc.nominum.com zone
Name Servers Name servers store information about the name space in units called “zones”  The name servers that load a complete zone are said to “have authority for” or “be authoritative for” the zone Usually, more than one name server are authoritative for the same zone  This ensures redundancy and spreads the load
Name Servers and Zones 128.8.10.5 nominum.com 204.152.187.11 202.12.28.129 Name Servers isc.org Zones128.8.10.5 serves data for both nominum.com and isc.org zones 202.12.28.129 serves data for nominum.com zone only 204.152.187.11 serves data for isc.org zone only
Types of Name Servers Two main types of servers  Authoritative – maintains the data  Master – where the data is edited  Slave – where data is replicated to  Caching – stores data obtained from an authoritative server No special hardware necessary.
Name Server Architecture You can think of a name server as part of:  database server, answering queries about the parts of the name space it knows about (i.e., is authoritative for),  cache, temporarily storing data it learns from other name servers, and  agent, helping resolvers and other name servers find data
Name Resolution Name resolution is the process by which resolvers and name servers cooperate to find data in the name space Closure mechanism for DNS?  Starting point: the names and IP addresses of the name servers for the root zone (the “root name servers”)  The root name servers know about the top-level zones and can tell name servers whom to contact for all TLD(TOP LEVEL DOMAINS).
Name Resolution A DNS query has three parameters:  A domain name (e.g., www.nominum.com),  Remember, every node has a domain name!  A class (e.g., IN), and  A type (e.g., A)  http://network-tools.com/nslook/ Upon receiving a query from a resolver, a name server : 1) looks for the answer in its authoritative data and its cache. 2) If step 1 fails, the answer must be looked up
ping www.nominum.com. The Resolution Process Let’s look at the resolution process step-by-step: annie.west.sprockets.com
What’s the IP address of www.nominum.com? The workstation annie asks its configured name server, dakota, for www.nominum.com’s address ping www.nominum.com. annie.west.sprockets.com dakota.west.sprockets.com
The name server dakota asks a root name server, m, for www.nominum.com’s address ping www.nominum.com. annie.west.sprockets.com m.root-servers.net dakota.west.sprockets.com What’s the IP address of www.nominum.com?
The root server m refers dakota to the com name servers This type of response is called a “referral” ping www.nominum.com. annie.west.sprockets.com m.root-servers.net dakota.west.sprockets.com Here’s a list of the com name servers. Ask one of them.
The name server dakota asks a com name server, f, for www.nominum.com’s address ping www.nominum.com. annie.west.sprockets.com m.root-servers.net dakota.west.sprockets.com What’s the IP address of www.nominum.com? f.gtld-servers.net
The com name server f refers dakota to the nominum.com name servers ping www.nominum.com. annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com Here’s a list of the nominum.com name servers. Ask one of them.
The name server dakota asks a nominum.com name server, ns1.sanjose, for www.nominum.com’s address ping www.nominum.com. annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net What’s the IP address of www.nominum.com?
The nominum.com name server ns1.sanjose responds with www.nominum.com’s address ping www.nominum.com. annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.netHere’s the IP address for www.nominum.com
Here’s the IP address for www.nominum.com The name server dakota responds to annie with www.nominum.com’s address ping www.nominum.com. annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net
ping ftp.nominum.com. Resolution Process (Caching) After the previous query, the name server dakota now knows:  The names and IP addresses of the com name servers  The names and IP addresses of the nominum.com name servers  The IP address of www.nominum.com Let’s look at the resolution process again annie.west.sprockets.com
ping ftp.nominum.com. What’s the IP address of ftp.nominum.com? The workstation annie asks its configured name server, dakota, for ftp.nominum.com’s address annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net
ping ftp.nominum.com. What’s the IP address of ftp.nominum.com? Resolution Process (Caching) dakota has cached a NS record indicating ns1.sanjose is an nominum.com name server, so it asks it for ftp.nominum.com’s address annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net
ping ftp.nominum.com. Here’s the IP address for ftp.nominum.com The nominum.com name server ns1.sanjose responds with ftp.nominum.com’s address annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net
ping ftp.nominum.com. Here’s the IP address for ftp.nominum.com The name server dakota responds to annie with ftp.nominum.com’s address annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net
DNS Structure and Hierarchy The DNS imposes no constraints on how the DNS hierarchy is implemented except:  A single root  The label restrictions  So, can we create a host with a name a.wonderful.world? If a site is not connected to the Internet, it can use any domain hierarchy it chooses  Can make up whatever TLDs (top level domains) you want Connecting to the Internet implies use of the existing DNS hierarchy
Top-level Domain (TLD) Structure In 1983 (RFC 881), the idea was to have TLDs correspond to network service providers  e.g., ARPA, DDN, CSNET, etc. By 1984 (RFC 920), functional domains was established  e.g., GOV for Government, COM for commercial, EDU for education, etc. RFC 920 also  Provided country domains  Provided “Multiorganizations”
The Current TLDs C O M C o m m e r c ia l O r g a n iz a tio n s N E T N e tw o rk I n fr a s tr u c tu re O R G O t h e r O r g a n iz a tio n s G e n e r ic T L D s ( g T L D s ) A F A fg h a n is t a n A L A lb a n ia D Z A lg e r ia . .. Y U Y u g o s la v ia Z M Z a m b ia Z W Z im b a b w e C o u n try C o d e T L D s ( c c T L D s ) I N T I n t e r n a t io n a l T r e a ty O r g a n iz a t io n s A R P A ( T r a n s itio n D e v ic e ) In t e rn a t io n a l T L D s ( iT L D s ) G O V G o v e r n m e n t a l O r g a n iz a tio n s M I L M ilit a r y O r g a n iz a t io n s E D U E d u c a t io n a l I n s t it u tio n s U S L e g a c y T L D s ( u s T L D s ) " ."
Root Name Server Operators Nameserver Operated by: A Verisign (US East Coast) B University of S. California –Information Sciences Institute (US West Coast) C Cogent Communications (US East Coast) D University of Maryland (US East Coast) E NASA (Ames) (US West Coast) F Internet Software Consortium (US West Coast) G U. S. Dept. of Defense (ARL) (US East Coast) H U. S. Dept. of Defense (DISA) (US East Coast) I Autonomica (SE) J Verisign (US East Coast) K RIPE-NCC (UK) L ICANN (US West Coast) M WIDE (JP)
The Root Nameservers The root zone file lists the names and IP addresses of the authoritative DNS servers for all top-level domains (TLDs) The root zone file is published on 13 servers, “A” through “M”, around the Internet Root name server operations currently provided by volunteer efforts by a very diverse set of organizations
Registries, Registrars, and Registrants A classification of roles in the operation of a domain name space Registry  the name space’s database  the organization which has edit control of that database Registrar  the agent which submits change requests to the registry on behalf of the registrant
Registrant  the entity which makes use of the domain name .COM, .NET, and .ORG  By far the largest top level domains on the Internet today Verisign received the contract for the registry for .COM, .NET, and .ORG  also a registrar for these TLDs
Registries, Registrars, and Registrants Registry Zone DB RegistrantsRegistrants End user requests add/modify/delete Registrar submits add/modify/delete to registry Registrar RegistrarRegistrar Master updated Registry updates zone Slaves updated
Load Concerns DNS can handle the load  DNS root servers get approximately 3000 queries per second  Empirical proofs (DDoS attacks) show root name servers can handle 50,000 queries per second  Limitation is network bandwidth, not the DNS protocol  in-addr.arpa zone, which translates numbers to names, gets about 2000 queries per second
Performance Concerns DNS is a very lightweight protocol  Simple query – response Any performance limitations are the result of network limitations  Speed of light  Network congestion  Switching/forwarding latencies
Security Concerns Base DNS protocol (RFC 1034, 1035) is insecure  DNS spoofing (cache poisoning) attacks are possible DNS Security Enhancements (DNSSEC, RFC 2565) remedies this flaw  But creates new ones  DoS attacks  Amplification attacks
Questions?

Empfohlen

Domain name system
Domain name systemDomain name system
Domain name system
Siddharth Chandel
 
Presentation on Domain Name System
Presentation on Domain Name SystemPresentation on Domain Name System
Presentation on Domain Name System
Chinmay Joshi
 
Domain name system presentation
Domain name system presentationDomain name system presentation
Domain name system presentation
Anchit Dhingra
 
Domain name system
Domain name systemDomain name system
Domain name system
Siddique Ibrahim
 
Domain Name System (DNS)
Domain Name System (DNS)Domain Name System (DNS)
Domain Name System (DNS)
Dhingani Harshil
 
Dns 2
Dns 2Dns 2
Dns 2
Tech_MX
 
DNS ( Domain Name System)
DNS ( Domain Name System)DNS ( Domain Name System)
DNS ( Domain Name System)
Prakhar Rastogi
 
Dns ppt
Dns pptDns ppt
Dns ppt
Mauood Hamidi
 

Empfohlen

Domain name system
Domain name systemDomain name system
Domain name system
Siddharth Chandel
 
Presentation on Domain Name System
Presentation on Domain Name SystemPresentation on Domain Name System
Presentation on Domain Name System
Chinmay Joshi
 
Domain name system presentation
Domain name system presentationDomain name system presentation
Domain name system presentation
Anchit Dhingra
 
Domain name system
Domain name systemDomain name system
Domain name system
Siddique Ibrahim
 
Domain Name System (DNS)
Domain Name System (DNS)Domain Name System (DNS)
Domain Name System (DNS)
Dhingani Harshil
 
Dns 2
Dns 2Dns 2
Dns 2
Tech_MX
 
DNS ( Domain Name System)
DNS ( Domain Name System)DNS ( Domain Name System)
DNS ( Domain Name System)
Prakhar Rastogi
 
Dns ppt
Dns pptDns ppt
Dns ppt
Mauood Hamidi
 
Domain Name System
Domain Name SystemDomain Name System
Domain Name System
ABDUL GAFOOR K V
 
Domain Name System DNS
Domain Name System DNSDomain Name System DNS
Domain Name System DNS
Akshay Tiwari
 
Intro to DNS
Intro to DNSIntro to DNS
Intro to DNS
ThousandEyes
 
Dns
DnsDns
Dns
Sanoj Kumar
 
Domain Name System
Domain Name SystemDomain Name System
Domain Name System
Aashima Wadhwa
 
Presentation on dns
Presentation on dnsPresentation on dns
Presentation on dns
Anand Grewal
 
Chapter03 Creating And Managing User Accounts
Chapter03 Creating And Managing User AccountsChapter03 Creating And Managing User Accounts
Chapter03 Creating And Managing User Accounts
Raja Waseem Akhtar
 
Domain name system (dns)
Domain name system (dns)Domain name system (dns)
Domain name system (dns)
Atikur Rahman
 
Domain name system
Domain name systemDomain name system
Domain name system
Nifras Ismail
 
Dhcp ppt
Dhcp pptDhcp ppt
Dhcp ppt
Hema Dhariwal
 
Dns presentation
Dns presentationDns presentation
Dns presentation
Anurag Pandey
 
Domain name server
Domain name serverDomain name server
Domain name server
Mobile88
 
Dns ppt
Dns pptDns ppt
Dns ppt
Bizuworkk Jemaneh
 
Linux and DNS Server
Linux and DNS ServerLinux and DNS Server
Linux and DNS Server
Prabhakar Thota
 
Linux commands
Linux commandsLinux commands
Linux commands
Mannu Khani
 
Windows Network concepts
Windows Network conceptsWindows Network concepts
Windows Network concepts
Duressa Teshome
 
DNS (Domain Name System)
DNS (Domain Name System)DNS (Domain Name System)
DNS (Domain Name System)
Shashidhara Vyakaranal
 
Clientserver Presentation
Clientserver PresentationClientserver Presentation
Clientserver Presentation
Tuhin_Das
 
Dns server
Dns serverDns server
Dns server
Subrata Kumer Paul
 
cloud computing:Types of virtualization
cloud computing:Types of virtualizationcloud computing:Types of virtualization
cloud computing:Types of virtualization
Dr.Neeraj Kumar Pandey
 
Dns
DnsDns
Dns
Patruni Chidananda Sastry
 
Dns
DnsDns
Dns
aimanqalla
 

Weitere ähnliche Inhalte

Was ist angesagt?

Presentation on dns
Presentation on dnsPresentation on dns
Presentation on dns
Anand Grewal
 
Chapter03 Creating And Managing User Accounts
Chapter03 Creating And Managing User AccountsChapter03 Creating And Managing User Accounts
Chapter03 Creating And Managing User Accounts
Raja Waseem Akhtar
 
Domain name server
Domain name serverDomain name server
Domain name server
Mobile88
 
Clientserver Presentation
Clientserver PresentationClientserver Presentation
Clientserver Presentation
Tuhin_Das
 

Was ist angesagt? (20)

Domain Name System
Domain Name SystemDomain Name System
Domain Name System
 
Domain Name System DNS
Domain Name System DNSDomain Name System DNS
Domain Name System DNS
 
Intro to DNS
Intro to DNSIntro to DNS
Intro to DNS
 
Dns
DnsDns
Dns
 
Domain Name System
Domain Name SystemDomain Name System
Domain Name System
 
Presentation on dns
Presentation on dnsPresentation on dns
Presentation on dns
 
Chapter03 Creating And Managing User Accounts
Chapter03 Creating And Managing User AccountsChapter03 Creating And Managing User Accounts
Chapter03 Creating And Managing User Accounts
 
Domain name system (dns)
Domain name system (dns)Domain name system (dns)
Domain name system (dns)
 
Domain name system
Domain name systemDomain name system
Domain name system
 
Dhcp ppt
Dhcp pptDhcp ppt
Dhcp ppt
 
Dns presentation
Dns presentationDns presentation
Dns presentation
 
Domain name server
Domain name serverDomain name server
Domain name server
 
Dns ppt
Dns pptDns ppt
Dns ppt
 
Linux and DNS Server
Linux and DNS ServerLinux and DNS Server
Linux and DNS Server
 
Linux commands
Linux commandsLinux commands
Linux commands
 
Windows Network concepts
Windows Network conceptsWindows Network concepts
Windows Network concepts
 
DNS (Domain Name System)
DNS (Domain Name System)DNS (Domain Name System)
DNS (Domain Name System)
 
Clientserver Presentation
Clientserver PresentationClientserver Presentation
Clientserver Presentation
 
Dns server
Dns serverDns server
Dns server
 
cloud computing:Types of virtualization
cloud computing:Types of virtualizationcloud computing:Types of virtualization
cloud computing:Types of virtualization
 

Ähnlich wie Domain Name System(ppt)

Domain name system
Domain name systemDomain name system
Domain name system
Rahul Baghla
 
Domain name system advanced power point presentation
Domain name system advanced power point presentationDomain name system advanced power point presentation
Domain name system advanced power point presentation
rituchouhan1508
 

Ähnlich wie Domain Name System(ppt) (20)

Dns
DnsDns
Dns
 
Dns
DnsDns
Dns
 
Introduction
IntroductionIntroduction
Introduction
 
Dns
DnsDns
Dns
 
Dns And Snmp
Dns And SnmpDns And Snmp
Dns And Snmp
 
Meeting 4 DNS
Meeting 4 DNSMeeting 4 DNS
Meeting 4 DNS
 
DNS for Developers - NDC Oslo 2016
DNS for Developers - NDC Oslo 2016DNS for Developers - NDC Oslo 2016
DNS for Developers - NDC Oslo 2016
 
Ch20 system administration
Ch20 system administration Ch20 system administration
Ch20 system administration
 
Domain name system
Domain name systemDomain name system
Domain name system
 
CSE dns ppt.pptx
CSE dns ppt.pptxCSE dns ppt.pptx
CSE dns ppt.pptx
 
Domainnamesystem
DomainnamesystemDomainnamesystem
Domainnamesystem
 
Domain Name System ppt
Domain Name System pptDomain Name System ppt
Domain Name System ppt
 
DNS for Developers - ConFoo Montreal
DNS for Developers - ConFoo MontrealDNS for Developers - ConFoo Montreal
DNS for Developers - ConFoo Montreal
 
Dns
DnsDns
Dns
 
DNSSEC - WHAT IS IT ? INSTALL AND CONFIGURE IN CHROOT JAIL
DNSSEC - WHAT IS IT ? INSTALL AND CONFIGURE IN CHROOT JAILDNSSEC - WHAT IS IT ? INSTALL AND CONFIGURE IN CHROOT JAIL
DNSSEC - WHAT IS IT ? INSTALL AND CONFIGURE IN CHROOT JAIL
 
Hands-on DNSSEC Deployment
Hands-on DNSSEC DeploymentHands-on DNSSEC Deployment
Hands-on DNSSEC Deployment
 
Dns
DnsDns
Dns
 
The Application Layer
The Application LayerThe Application Layer
The Application Layer
 
Domain name system advanced power point presentation
Domain name system advanced power point presentationDomain name system advanced power point presentation
Domain name system advanced power point presentation
 
DNS.pptx
DNS.pptxDNS.pptx
DNS.pptx
 

Kürzlich hochgeladen

University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
Kamal Acharya
 
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Call Girls in Nagpur High Profile
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
SUHANI PANDEY
 
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
roncy bisnoi
 
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
roncy bisnoi
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 

Kürzlich hochgeladen (20)

Unleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapUnleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leap
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
Intze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdfIntze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdf
 
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced LoadsFEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdf
 
Intro To Electric Vehicles PDF Notes.pdf
Intro To Electric Vehicles PDF Notes.pdfIntro To Electric Vehicles PDF Notes.pdf
Intro To Electric Vehicles PDF Notes.pdf
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
 
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
 
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
 
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
 
Design For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startDesign For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the start
 
NFPA 5000 2024 standard .
NFPA 5000 2024 standard .NFPA 5000 2024 standard .
NFPA 5000 2024 standard .
 
Unit 2- Effective stress & Permeability.pdf
Unit 2- Effective stress & Permeability.pdfUnit 2- Effective stress & Permeability.pdf
Unit 2- Effective stress & Permeability.pdf
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - V
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
 

Domain Name System(ppt)

  • 1. DNS ( DOMAIN NAME SYSTEM ) Prepared by: •YASH NIMAVAT-91600103106 •BHAUTIK CHOVATIYA-91600103130 •CHETAN KHUNTI-91600103105 •BHAVIK VAISHNANI-91600103074 •JAY JOSHI-91600103094
  • 2. Overview Introduction to the DNS DNS Components  The name space  The servers  The resolvers DNS Structure and Hierarchy The DNS in Context
  • 3. DNS History  ARPANET utilized a central file HOSTS.TXT  Contains names to addresses mapping  Maintained by SRI’s NIC (Stanford-Research-Institute: Network-Information-Center)  Administrators email changes to NIC  NIC updates HOSTS.TXT periodically  Administrators FTP (download) HOSTS.TXT
  • 4.  As the system grew, HOSTS.TXT had problems with:  Scalability (traffic and load)  Name collisions  Consistency  In 1984, Paul Mockapetris released the first version (RFCs* 882 and 883, superseded by 1034 and 1035 …) *RFC: Request for Comments
  • 5. The DNS is… The “Domain Name System”. What Internet users use to reference anything by name on the Internet. The mechanism by which Internet software translates names to attributes such as addresses.
  • 6. The DNS is also… A globally distributed, scalable, reliable database. Comprised of three components :  A “name space”  Servers making that name space available  Resolvers (clients) which query the servers about the name space
  • 7. DNS as a Lookup Mechanism Users generally prefer names to numbers e.g. – google.com, fb.com etc. Computers prefer numbers to names e.g. – 10.2.1.32, 10.2.4.56 etc. DNS provides the mapping between the two  I have “x”, give me “y”  i.e. for e.g. : “google.com” with “10.2.1.32”.
  • 8. DNS as a Database Keys to the database are “domain names”  www.foo.com, 18.in-addr.arpa, 6.4.e164.arpa Over 200,000,000 domain names stored. Each domain name contains one or more attributes:  Known as “resource records” Each attribute individually retrievable.
  • 9. Global Distribution Data is maintained locally, but retrievable globally  No single computer has all DNS data DNS lookups can be performed by any device. Remote DNS data is locally cacheable to improve performance.
  • 10. Loose Coherency Each version of a subset of the database (a zone) has a serial number  The serial number is incremented on each database change Changes to the master copy of the database are propagated to replicas according to timing set by the zone administrator Cached data expires according to timeout set by zone administrator
  • 11. Scalability No limit to the size of the database. No limit to the number of queries  Tens of thousands of queries handled easily every second Queries distributed among masters, slaves, and caches.
  • 12. Reliability Data is replicated  Data from master is copied to multiple slaves Clients can query  Master server  Any of the copies at slave servers Clients will typically query local caches. DNS protocols can use either UDP or TCP  If UDP, DNS protocol handles retransmission, sequencing, etc.
  • 13. Dynamicity Database can be updated dynamically  Add/delete/modify of any record  Only master can be dynamically updated Modification of the master database triggers replication.
  • 14. The Name Space The name space is the structure of the DNS database  An inverted tree with the root node at the top. Each node has a label  The root node has a null label, written as “” t h ir d -le v e l n o d e s e c o n d - le v e l n o d e s e c o n d - le v e l n o d e t o p -le v e l n o d e t h ir d -le v e l n o d e t h ir d -le v e l n o d e s e c o n d - le v e l n o d e t o p -le v e l n o d e s e c o n d - le v e l n o d e s e c o n d - le v e l n o d e t o p -le v e l n o d e T h e r o o t n o d e " "
  • 15. An Analogy – E.164 Root node maintained by the ITU (call it “+”) Top level nodes contains country codes (1, 81, etc) Second level nodes contains regional codes (1-402, 81-3, etc.) . . . . . . 2 0 2 6 0 0 3 3 8 1 6 0 0 3 7 7 9 6 5 0 8 0 8 1 5 2 2 6 2 0 2 4 3 4 8 9 3 4 8 5 2 8 1 . . . " + "
  • 16. fo o fo o to p -1 fo o a t& t to p -2 b a r b a z to p -3 "" Labels Each node in the tree must have a label  A string of up to 63 bytes  RFCs 852 and 1123 define legal characters for “hostnames”  A-Z, 0-9, and “-” only with a-z and A-Z treated as the same. Sibling nodes must have unique labels. The null label is reserved for the root node.
  • 17. Domain Names A domain name is the sequence of labels from a node to the root, separated by dots (“.”s), read left to right  The name space has a maximum depth of 127 levels  Domain names are limited to 255 characters in length A node’s domain name identifies its position in the name space d a k o ta w e s t t o r n a d o e a s t w w w n o m in u m m e ta in fo c o m b e r k e le y n w u e d u g o v n a to in t a r m y m il u u n e t o rg " "
  • 18. Subdomains One domain is a subdomain of another if its domain name ends in the other’s domain name  So sales.nominum.com is a subdomain of nominum.com & .com  nominum.com is a subdomain of .com
  • 19. Dividing a Domain into Zones .a r p a a c m e b w m o lo k a i s k y e r w c w w w f tp g o u d a c h e d d a r a m s n o m in u m n e ts o l .c o m . e d u " " nominum.com domain nominum.com zone ams.nominum.com zonerwc.nominum.com zone
  • 20. Name Servers Name servers store information about the name space in units called “zones”  The name servers that load a complete zone are said to “have authority for” or “be authoritative for” the zone Usually, more than one name server are authoritative for the same zone  This ensures redundancy and spreads the load
  • 21. Name Servers and Zones 128.8.10.5 nominum.com 204.152.187.11 202.12.28.129 Name Servers isc.org Zones128.8.10.5 serves data for both nominum.com and isc.org zones 202.12.28.129 serves data for nominum.com zone only 204.152.187.11 serves data for isc.org zone only
  • 22. Types of Name Servers Two main types of servers  Authoritative – maintains the data  Master – where the data is edited  Slave – where data is replicated to  Caching – stores data obtained from an authoritative server No special hardware necessary.
  • 23. Name Server Architecture You can think of a name server as part of:  database server, answering queries about the parts of the name space it knows about (i.e., is authoritative for),  cache, temporarily storing data it learns from other name servers, and  agent, helping resolvers and other name servers find data
  • 24. Name Resolution Name resolution is the process by which resolvers and name servers cooperate to find data in the name space Closure mechanism for DNS?  Starting point: the names and IP addresses of the name servers for the root zone (the “root name servers”)  The root name servers know about the top-level zones and can tell name servers whom to contact for all TLD(TOP LEVEL DOMAINS).
  • 25. Name Resolution A DNS query has three parameters:  A domain name (e.g., www.nominum.com),  Remember, every node has a domain name!  A class (e.g., IN), and  A type (e.g., A)  http://network-tools.com/nslook/ Upon receiving a query from a resolver, a name server : 1) looks for the answer in its authoritative data and its cache. 2) If step 1 fails, the answer must be looked up
  • 26. ping www.nominum.com. The Resolution Process Let’s look at the resolution process step-by-step: annie.west.sprockets.com
  • 27. What’s the IP address of www.nominum.com? The workstation annie asks its configured name server, dakota, for www.nominum.com’s address ping www.nominum.com. annie.west.sprockets.com dakota.west.sprockets.com
  • 28. The name server dakota asks a root name server, m, for www.nominum.com’s address ping www.nominum.com. annie.west.sprockets.com m.root-servers.net dakota.west.sprockets.com What’s the IP address of www.nominum.com?
  • 29. The root server m refers dakota to the com name servers This type of response is called a “referral” ping www.nominum.com. annie.west.sprockets.com m.root-servers.net dakota.west.sprockets.com Here’s a list of the com name servers. Ask one of them.
  • 30. The name server dakota asks a com name server, f, for www.nominum.com’s address ping www.nominum.com. annie.west.sprockets.com m.root-servers.net dakota.west.sprockets.com What’s the IP address of www.nominum.com? f.gtld-servers.net
  • 31. The com name server f refers dakota to the nominum.com name servers ping www.nominum.com. annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com Here’s a list of the nominum.com name servers. Ask one of them.
  • 32. The name server dakota asks a nominum.com name server, ns1.sanjose, for www.nominum.com’s address ping www.nominum.com. annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net What’s the IP address of www.nominum.com?
  • 33. The nominum.com name server ns1.sanjose responds with www.nominum.com’s address ping www.nominum.com. annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.netHere’s the IP address for www.nominum.com
  • 34. Here’s the IP address for www.nominum.com The name server dakota responds to annie with www.nominum.com’s address ping www.nominum.com. annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net
  • 35. ping ftp.nominum.com. Resolution Process (Caching) After the previous query, the name server dakota now knows:  The names and IP addresses of the com name servers  The names and IP addresses of the nominum.com name servers  The IP address of www.nominum.com Let’s look at the resolution process again annie.west.sprockets.com
  • 36. ping ftp.nominum.com. What’s the IP address of ftp.nominum.com? The workstation annie asks its configured name server, dakota, for ftp.nominum.com’s address annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net
  • 37. ping ftp.nominum.com. What’s the IP address of ftp.nominum.com? Resolution Process (Caching) dakota has cached a NS record indicating ns1.sanjose is an nominum.com name server, so it asks it for ftp.nominum.com’s address annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net
  • 38. ping ftp.nominum.com. Here’s the IP address for ftp.nominum.com The nominum.com name server ns1.sanjose responds with ftp.nominum.com’s address annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net
  • 39. ping ftp.nominum.com. Here’s the IP address for ftp.nominum.com The name server dakota responds to annie with ftp.nominum.com’s address annie.west.sprockets.com f.gtld-servers.net m.root-servers.net dakota.west.sprockets.com ns1.sanjose.nominum.net
  • 40. DNS Structure and Hierarchy The DNS imposes no constraints on how the DNS hierarchy is implemented except:  A single root  The label restrictions  So, can we create a host with a name a.wonderful.world? If a site is not connected to the Internet, it can use any domain hierarchy it chooses  Can make up whatever TLDs (top level domains) you want Connecting to the Internet implies use of the existing DNS hierarchy
  • 41. Top-level Domain (TLD) Structure In 1983 (RFC 881), the idea was to have TLDs correspond to network service providers  e.g., ARPA, DDN, CSNET, etc. By 1984 (RFC 920), functional domains was established  e.g., GOV for Government, COM for commercial, EDU for education, etc. RFC 920 also  Provided country domains  Provided “Multiorganizations”
  • 42. The Current TLDs C O M C o m m e r c ia l O r g a n iz a tio n s N E T N e tw o rk I n fr a s tr u c tu re O R G O t h e r O r g a n iz a tio n s G e n e r ic T L D s ( g T L D s ) A F A fg h a n is t a n A L A lb a n ia D Z A lg e r ia . .. Y U Y u g o s la v ia Z M Z a m b ia Z W Z im b a b w e C o u n try C o d e T L D s ( c c T L D s ) I N T I n t e r n a t io n a l T r e a ty O r g a n iz a t io n s A R P A ( T r a n s itio n D e v ic e ) In t e rn a t io n a l T L D s ( iT L D s ) G O V G o v e r n m e n t a l O r g a n iz a tio n s M I L M ilit a r y O r g a n iz a t io n s E D U E d u c a t io n a l I n s t it u tio n s U S L e g a c y T L D s ( u s T L D s ) " ."
  • 43. Root Name Server Operators Nameserver Operated by: A Verisign (US East Coast) B University of S. California –Information Sciences Institute (US West Coast) C Cogent Communications (US East Coast) D University of Maryland (US East Coast) E NASA (Ames) (US West Coast) F Internet Software Consortium (US West Coast) G U. S. Dept. of Defense (ARL) (US East Coast) H U. S. Dept. of Defense (DISA) (US East Coast) I Autonomica (SE) J Verisign (US East Coast) K RIPE-NCC (UK) L ICANN (US West Coast) M WIDE (JP)
  • 44. The Root Nameservers The root zone file lists the names and IP addresses of the authoritative DNS servers for all top-level domains (TLDs) The root zone file is published on 13 servers, “A” through “M”, around the Internet Root name server operations currently provided by volunteer efforts by a very diverse set of organizations
  • 45. Registries, Registrars, and Registrants A classification of roles in the operation of a domain name space Registry  the name space’s database  the organization which has edit control of that database Registrar  the agent which submits change requests to the registry on behalf of the registrant
  • 46. Registrant  the entity which makes use of the domain name .COM, .NET, and .ORG  By far the largest top level domains on the Internet today Verisign received the contract for the registry for .COM, .NET, and .ORG  also a registrar for these TLDs
  • 47. Registries, Registrars, and Registrants Registry Zone DB RegistrantsRegistrants End user requests add/modify/delete Registrar submits add/modify/delete to registry Registrar RegistrarRegistrar Master updated Registry updates zone Slaves updated
  • 48. Load Concerns DNS can handle the load  DNS root servers get approximately 3000 queries per second  Empirical proofs (DDoS attacks) show root name servers can handle 50,000 queries per second  Limitation is network bandwidth, not the DNS protocol  in-addr.arpa zone, which translates numbers to names, gets about 2000 queries per second
  • 49.
  • 50. Performance Concerns DNS is a very lightweight protocol  Simple query – response Any performance limitations are the result of network limitations  Speed of light  Network congestion  Switching/forwarding latencies
  • 51. Security Concerns Base DNS protocol (RFC 1034, 1035) is insecure  DNS spoofing (cache poisoning) attacks are possible DNS Security Enhancements (DNSSEC, RFC 2565) remedies this flaw  But creates new ones  DoS attacks  Amplification attacks

Hinweis der Redaktion

  1. Advanced Research Projects Agency Network (ARPANET) was the world's first operational packet switching network, the first network to implement TCP/IP
  2. ITU: International Telecommunication Union 1: US/CA 81: JP
  3. BIND: Berkeley Internet Name Domain
  4. Also, the caching resolver can insert data into the cache, and can "query" the cache and the database server.
  5. ARPA: Advanced Research Projects Agency
  6. ARPA: originally was the acronym for the Advanced Research Projects Agency (ARPA), the funding organization in the United States that developed the precursor of the Internet (ARPANET), it now stands for Address and Routing Parameter Area.
  7. a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data