Most
of us are quite familiar with the term DNS or Domain Name System. DNS can be
thought of as an attendance register for various websites present over the internet.
In the case of DNS, it maintains the database of all the websites Domain Names
and their IP (Internet Protocol) addresses that are operational all over the
world.
Historical
Notes
The origins of DNS date back to
the time of ARPANET, when there were only a
few computers to get an entry in the database. A HOSTS.TXT file was maintained
by Stanford Research Institute, which constituted the data of all the machines,
and was copied by all the host machines to remain updated.
Jon Postel from the Information
Sciences Institute requested Paul Mockapetris to design the very first
implementation of DNS, at the University of California, Irvine, in 1983. Then
in 1984, BIND (Berkeley Internet Name Domain) was created by four students,
Douglas Terry, Mark Painter, David Riggle, and Songnian Zhou, for Unix
machines. After some revisions made in 1985 by Kevin Dunlap, it was later
ported to Windows machines and is still the most widely used DNS on the planet.
Working
Mechanism
To understand the basic working of
DNS, let me guide you with an example of a hotel. Let us assume, you need to
visit your friend at some hotel. Now, what will you do? You’ll reach the hotel
reception and ask the receptionist for the room number of your friend. In order
to do so, you’ll need to tell the name of your friend to the receptionist,
who’ll check the same in her database and tell you the room number of your
friend. She’ll also call your friend to confirm whether he is available or not.
Now, try to relate the example to
working of DNS. In this case, you’re the client sending a request to a DNS
server, the receptionist, and your friend’s name is the domain name and his
room number is his IP address.
The receptionist will type your
friend’s name on her computer containing the database of all the guests, called
the Domain Name Space, if your friend is staying in the hotel she’ll tell you
the room number, otherwise not. Similar thing happens, when you type the
website name in your browser, the browser sends a request to the DNS server, if
the website domain name is registered in the database with the DNS, then it’ll
reply you with the IP address of the website you are trying to access, which is
something like 117.234.214.14
Understanding
the Domain Name and IP Address
Take the domain name, www.google.com.
The naming convention moves from right to left and vice-versa for IP address.
In the domain name for Google, first, the DNS will check for com which
stands for the commercial domain, and is a top-level domain. Proceeding
further, google is a sub-domain to com and subsequently, www is a
sub-domain to google domain. The dot (.) is used to separate the domains from
their sub-domains. The full domain name can only consist of 253 characters.
Now, if someone wants to know
the domain name registered against an IP address, he will request the DNS
server with the IP address of the website. Say, the IP address sent is
31.13.79.246, the DNS will first check the 31 then 13 then 79 and finally
246, concluding that the IP address belongs to www.fb.com. The DNS resembles
the hierarchy structure of a tree, not the biological one, there is a different
tree in computer data structures, in which the address 31 belongs to the top
position of the tree and is the primary domain in the hierarchy, addresses 13,
79, 246 are consecutive sub-domains. The number 246 refers to the server
machine hosting the website www.fb.com. All this domain and the sub-domain
thing is not that much complicated as you think, but it’ll take some time for
you to get it correctly if you’re new to this concept.
Evolution
of DNS
In earlier days, a master file was
maintained by one main server which was updated manually with the entry of
every new website and then it was copied by other servers. But, as the count of
websites proliferated with time, it was hard to maintain the domain name
database manually. So, the need of an automated system was felt and then the
ability to automatically update the database all around the world was
introduced to the newer generations of DNS.
So, if you register your website
name with a Domain Name Registrar, it will take around 24 hours for your
website to be present in the DNS databases all around the world.
The Master-Slave server relations
were introduced in which a master server maintained the database and Slave
server only had to copy the database to remain updated. In order to facilitate
the dynamic updates to DNS database, the mechanisms NOTIFY and IXFR were
introduced.
In NOTIFY, when the master server
updates the database, it sends a notification to the slave servers about the
update, which then copies the database. IXFR (Incremental Zone Transfer)
eliminates the need to copy the whole database every time a single entry has
been made, it allows the slave servers to only add the updated entry in their
database, thus reducing the efforts and making the dynamic update process
faster.
Resolving
IP Address
It refers to the process of
translation of a domain name to its respective IP address. The DNS resolver is
the client PC, you in that hotel example, which sends the query to the DNS
server, the receptionist. There are two methods used for resolution:
Recursive: Now continuing with the hotel example, assume the hotel has
more than one branch in the city, and the receptionist was unable to find your
friend’s room number. Then she’ll check if your friend has been staying in the
other branch by contacting the receptionist present there. So, if the DNS
server is unable to find any IP associated with the domain name sent in the
query then it’ll ask the other servers connected to resolve the IP address for
the requested domain. It’ll gather the information from those servers and reply
to you with the appropriate IP address.
Iterative: Suppose you also want to know the floor on which the
friend’s room is situated, in order to do so, you’ll again ask the
receptionist. Similarly, if the DNS resolver wants more information about a
domain, it’ll initiate a new query for the same DNS server.
DNS
Cache
The DNS server temporarily stores
the request queries in the form of Cache, so as to reduce the response time if
any other DNS resolver requests the same query. The time for which the Cache
information remains valid, called TTL (Time To Live), is set by the
administrator for each query record stored in the cache.
DNS
Applications
The first and foremost application
of DNS is nslookup, in which a DNS server replies with the IP address of the
domain name requested in the query. DNS is used by different Mail Transfer
Agents (MTA) like Microsoft Exchange Server and IBM Domino, so that they can
deliver the e-mails more efficiently.
DNS proves to be very helpful in identifying
black-listed IP addresses over the internet and barring the users from
accessing them. This helps in protecting the users from spam e-mails and
potential hacking attacks.
The data for each domain name and
its IP address is kept on more than one DNS server, so as to retrieve the data
in case any problem occurs on one server.
DNS
Vulnerabilities
Cache Poisoning: Also called DNS Spoofing, is the technique used by
malevolent people, in which they alter the data in resolver cache of the DNS
server, rendering incorrect IP address to DNS resolver, may be to divert the
user to a hacker’s machine.
DNS responses are not encrypted thus
allowing the possibilities of potential attacks. However, Domain Name System
Security Extensions (DNSSEC) are used to render cryptographically signed
DNS responses.
Phishing attacks can be planned due to a visual resemblance of some
characters on the user’s screen, like the letter l and 1 appear the same on
some screens, thus redirecting users to different IP addresses by displaying
the same look and feel as of the original website.
Use
custom DNS
What if that hotel receptionist is
very slow and many people are asking for room numbers at the same time, then
she’ll not be able to provide you with correct room number quickly. So, you may
ask some other person at the reception counter to attend your concern.
Similarly, when we connect to the internet, we generally use the DNS Server
provided by our ISPs. But what if the default DNS server is irresponsive or if
it can’t handle a large number of queries at a given moment, such instances
will only degrade your browsing experience. But don’t worry, there is another
way out. You can configure your system to use a different DNS server for
resolving IP addresses.
Popular
DNS servers:
Google’s Public DNS: The search giant has set-up some serious high-grade DNS
servers capable of handling millions of requests at any given moment. And
they’re absolutely free to use just like Google’s other services. You can
configure your machine to use the following DNS addresses:
8.8.8.8 and 8.8.4.4
OpenDNS: This is a private company which provides safe and reliable
DNS server for free. Just configure the following addresses on your machine:
208.67.222.222 and 208.67.220.220
For those readers who
don’t know how to configure DNS on your machine, please refer the link below:
Winding
Up
DNS has been a topic of utmost
importance since its advent as a systematic way to maintain such a huge
database of millions of websites and servers around the world. Without DNS, it
would’ve instigated a whole lot of mess of all the domain names and IP addresses,
and it would’ve taken ages just to locate google.com from a haphazard
collection of all the domain names. DNS has streamlined the process of IP
resolution and seriously, if DNS wasn’t there, I know you would’ve burnt your
brain circuits in order to remember all those IP addresses. And let me ask you,
do you remember Facebook’s IP address I mentioned above. And don’t scroll up
now, even I don’t remember it because DNS is there to remember it for us. We
only need to express our gratitude for the noble work DNS has been doing since
the last three decades, and it has become faster, smarter and more reliable.
No comments:
Post a Comment