amazon.com
and ironbark.bendigo.latrobe.edu.au
.We have not yet mentioned the fact that actual packet delivery in the Internet (what we called, in lecture 2, the network delivery service) is based on a separate, fixed-length numeric IP Address. IP addresses are used by the Internet's delivery service, the Internet Protocol, or IP, to route packets of data through the Internet to their destination.
We return to IP addresses in much greater detail later. However, for
the moment we simply need to know that every system has a unique 4-byte
address usually written in the form
a.b.c.d
, where each of the letters represents the
decimal value of the appropriate byte in the address. For example, the
IP address of ironbark
is
149.144.21.60
.
.com
, .edu
,
.org
) and a large number of country-based domains
(eg .au
, .my
,
.uk
). Each TLD supports a group of "second-level"
domains, and so on, all the way down to individual hosts.
bindi.bendigo.latrobe.edu.au.
Domain_name TTL Type Class Value
SOA
A
NS
IN
", for Internet
sheoak
is
a nameserver for the zone bendigo.latrobe.edu.au.
This
means that if I want to look up a particular IP address in that zone, I
can ask sheoak
.Exactly which server is responsible for a particular zone is specified in start of authority (SOA) RRs. An SOA RR specifies, for the particular name server, the zones for which it has authority. It also has the email address of the site administrator, a unique serial number and various other bits and pieces.
The DNS system forms a distributed database of domain information.
A resolver is a library function[1] which queries the nameserver when called from a user program. It can check the local cache of names and, if necessary, request a RR from a nameserver (privately caching the response). In other words, a resolver is software which asks a nameserver for information.
[1] Such as is implemented in the Unix library function
gethostbyname(3)
.
The server responds with one or more appropriate RRs. It also sends an ADDITIONAL INFORMATION section, which contains extra RRs which the resolver will probably find useful. For example, if a resolver queries for a particular{query domain name, type, class}
NS
RR, the server will return it,
plus additional information giving the IP address of the name server
specified in the main body of the reply.The most common DNS query is of type A, where the resolver is required to map a domain name to an IP address - that is, "looking up" an IP address. Some typical type A RRs look like:
Note that the "domain name" part of these RRs has been omitted (leaving only the hostnames) for clarity.ironbark 86400 IN A 149.144.21.60 redgum 86400 IN A 149.144.21.3 bindi 86400 IN A 149.144.20.82
bendigo.latrobe.edu.au
) is configured to "know" the
IP address of its local nameserver. What happens when it sends a query
for a non-local name, (eg amazon.com
)? The sequence
of events is something like:
latrobe.edu.au
.
.com
domain, which will have
the desired name-to-address mapping.
ironbark IN MX 10 ironbark IN MX 20 redgum IN MX 40 sheoak
in-addr.arpa
) and address
format is used to map IP addresses to domain names, thus:
This is called a PTR RR. Performing reverse lookups is much more difficult than normal forward address lookups.60.21.144.149.in-addr.arpa
The DNS requires that all nameservers be replicated at
least once -- that is, for each zone of authority there must be at
least two authoritative nameservers -- a
primary and one or more secondaries.
The rules for replication are quite stringent -- at least one backup
server must be located "off-site", attached to a different network, and
with an independent power supply. So, for example, a secondary for
sheoak.bendigo.latrobe.edu.au
is
luga.latrobe.edu.au
, located at the Bundoora campus
of La Trobe.
DNS queries and responses are an excellent example of an application where the reliable, connection-oriented transport mechanism of TCP is not necessary, and simply has too much overhead. In fact, queries are encapsulated in unreliable UDP datagrams, see later. If a resolver does not receive a reply from a nameserver, it usually either tries again, or tries the next nameserver for the same domain.