a DNS server

Submitted by admin on Thu, 11/12/2009 - 13:04
yellow pages
  1. introduction
  2. what it is
  3. what it isn't
  4. history

introduction

Sites in the Internet have place names. These names are stored in the DNS (Domain Name System).

All Internet services use DNS. It provides a way of giving a memorable name to an IP address. An implementation of DNS contains a DNS server, DNS client (usually called a resolver) and a distributed database. The database contains a hierarchical name system of names such as www.planetlarg.net. The client and server talk to each other about domains by following the DNS protocol.

BIND is an open source DNS server. The sections of code below are from BIND files.

what it is

A DNS server answers DNS requests. The DNS protocol is not a plaintext one like HTTP and SMTP. You cannot use the telnet application to talk to the server directly. You must talk to it using a DNS client.

Answers are records copied from a zone database. A zone database contains names, IP addresses and a smattering of obscure letters. Like any configuration file, it is an open book to a wise man and alphabet soup to everyone else.

part of a zone file 
...
domain01    10800   IN      SOA     ns01.domain01.com.
hostmaster.ns.domain01.com.
(
                2005033001 3600 1800 604800 86400 )
          10800   IN      NS      ns01.domain01.com.
          10800   IN      NS      ns02.domain01.com.
          10800   IN      NS      ns03.domain01.com.
$ORIGIN domain01.com.
host01    10800   IN      A       192.168.1.2
host02    10800   IN      CNAME   host01
host03    10800   IN      A       192.168.3.4
...
A DNS database is usually small and kept in text files. It is read from many times and rarely written to so LDAP is used for big DNS databases.

A web browser uses a DNS client to find IP addresses. If the client asks for the IP address that matches the name "host01" the server's answer is "host01 10800 IN A 192.168.1.2". The server's answer is the entire record from the database. The relevant bit that the client is interested in is "192.168.1.2".

People often use a DNS client to find names associated with IP addresses. A web server log contain lists of requests from IP addresses. The web server does not bother to translate them. This is done later when someone analyses the log, to find out things like which customer used the web server the most. It If a DNS client asks for the name that matches the IP address "192.168.1.2" then the server answers "50 10800 IN PTR host01.domain01.com. ". The relevant bit of this record is "host01.domain01.com".

A DNS server keeps a database about hosts in its zone. Its zone is basically the hosts it knows about. The server is the authority for this zone and happily dishes out authoritative answers about its hosts.

The server keeps a list of a few other DNS servers for questions that it is not an authority on. If the server receives a question, looks in its database and does not find the answer, it either asks another server for the answer or it returns a list of general enquiry servers to the client, telling it to look elsewhere. A server has a built-in client for asking other servers, similar to an e-mail server. The servers that a request can be forwarded to are called "forwarders". Forwarders are listed in the DNS server's configuration file. The servers in the "no idea, try these guys" list are root domain servers. This list of root servers is stored in a file called the "hints" file.

part of a configuration file 
...
options {
        directory  "/var/named";
        listen-on { 192.168.1.2; };
        forwarders { 192.168.3.4; };
        forward only;
};

zone "." in {
        type hint;
        file "named.root";
};
...

DNS changes frequently because the Internet is altered all the time. All records have a TTL (Time To Live) ie. the records are assumed to be correct for a short time. When a client gets an answer it knows how long the answer can be relied upon for. The length of time is given in seconds, such as 3600 (1 hour) or 86400 (1 day). In the server answer "host01 10800 IN A 192.168.1.2" above the second field is the TTL.

A client keeps a copy of answers, called a cache, so it can save time with duplicate questions by providing the answer itself rather than asking a server. When an answer passes its sell-by date it is no good any more and is removed from the cache.

A network sometimes has more than one DNS server. A busy network has several more servers scattered across the network to handle traffic. Each server regularly copies the database from the first server; this procedure has the touchingly sci-fi name of "zone transfer". A configuration with a main server and a secondary server relying on it has the touchingly sado-masochistic name of "master and slave". The first server is the master and the rest are the slaves. The master is used to administer the database and the rest answer questions from clients.

Having just one master DNS server is bad news in an HA environment. If it crashes, the rest are in trouble. The master server is put in a cluster to avoid this problem.

what it isn't

Instant in all situations. The cache that DNS clients keep means that a new web site sometimes cannot be found until a day later.

history

In 1983 Paul Mockapetris designed DNS. He published his idea in in RFCs (Request For Comments) 882 and 883.