jszhn

Recent Notes

DNS

3 min read

The Domain Name System (DNS) is a distributed database implemented in a hierarchy of DNS servers. It is described by an application layer protocol that allows hosts to query the distributed database to find the addresses given a domain name (i.e., en.wikipedia.org to an IP address).

DNS servers run on Unix machines. The DNS protocol is defined to use UDP on port 53. DNS also provides additional functionality:

  • Host aliasing, where a specific hostname (a canonical hostname) may have two aliases. DNS will provide a translation for this.
  • Mail server aliasing, which does a similar task as the above.
  • Load distribution for replicated servers. A set of IPs might be associated with one alias hostname. So any requests will be distributed among the set of IPs.

Construction

DNS is designed to use a hierarchy of 3 types of servers:

  • Root, which are the first point of contact. There are 13 groups of root name servers worldwide, which correspond to different geographical locations.
  • Top-level domain (TLD), like .com or .org.
  • Authoritative, which is managed at the organisation-level.

A local name server (or default name server) doesn’t strictly belong to the hierarchy. Each ISP has one. When a host makes a DNS query, it is sent to its local DNS server, and the DNS server will essentially execute the query for the requesting host.

A DNS library will do the following steps (for example, for eecg.toronto.edu), assuming no caching mechanisms:

  • It will first query the root server to find the TLD server (.edu).
  • Then, it’ll query the .edu server to get the toronto.edu DNS server.
  • Then, it’ll query the toronto.edu server to get the IP address for eecg.toronto.edu.

An iterative query is like BFS, where it successively directly queries each server level and returns back to it. A recursive query is like DFS, and it puts the burden on name resolution on deeper contacted name servers.

In practice, once any name server learns a mapping, it will cache it (with a set timeout) to reduce egregious delays. Oftentimes a local DNS server will be able to cache the IP address of requested authoritative servers. It’ll also be able to cache the IP addresses of TLD servers, so in practice, the root servers are rarely queried.

Message format

The DNS protocol defines query and reply messages, both with the same message format. A message consists of:

  • A header of 12 bytes.
    • The identification is a 16-bit number that identifies the query. The reply to the query uses the same number, so it can be matched.
    • Flags have extra metadata. They’re usually 1-bit large.
      • Query or reply
      • Recursion desired
      • Recursion available — sent in a reply if the DNS server supports recursion.

Timing

DNS adds an additional translation delay to applications that use it. Assuming no caching:

  • Host to default name server
  • Default name server to root
  • Root to default name server
  • Default to TLD server
  • TLD server to default
  • Default to authoritative
  • Authoritative to default
  • Default to host

Graph View

Backlinks