Internet Technologies/Domain names

The Domain Name System, most often known as simply DNS, is a core feature of the Internet. It is a distributed database that handles the mapping between host names (domain names), which are more convenient for humans, and the numerical Internet addresses. For example, www.wikipedia.org is a domain name and 130.94.122.199 the corresponding numerical internet address. The domain name system acts much like an automated phone book, so you can "call" www.wikipedia.org instead of 130.94.122.199. So, it converts human-friendly names such as "www.wikipedia.org" into computer-friendly (IP) addresses such as 130.94.122.199. It can also handle the reverse mapping, meaning that we can query for a name for 130.94.122.199, that return larousse.wikipedia.org

DNS was first invented in 1983 by Paul Mockapetris; the original specifications are described in RFC 882. In 1987 RFC 1034 and RFC 1035 were published which updated the DNS specification and made RFC 882 and RFC 883 obsolete. Subsequent to that there have been quite a few RFCs published that propose various extensions to the core protocols.

DNS implements a hierarchical name space by allowing name service for parts of a name space known as zones to be "delegated" by a name server to subsidiary name-servers. DNS also provides additional information, such as alias names for systems, contact information, and which hosts act as mail hubs for groups of systems or domains.

The present restriction on the length of domain names is 63 characters, excluding the www. and .com or other extension. Domain names are also limited to a subset of ASCII characters, preventing many languages from representing their names and words correctly. The Punycode-based IDNA system, which maps Unicode strings into the valid DNS character set, has been approved by ICANN and adopted by some registries as a workaround.

The DNS system is run by various flavors of DNS software, including:

  • BIND (Berkeley Internet Name Domain), the most commonly used namedaemon.
  • DJBDNS (Dan J Bernstein's DNS implementation)
  • MaraDNS
  • NSD (Name Server Daemon)
  • PowerDNS

Any IP computer network can use DNS to implement its own private name system. However, the term "domain name" is most commonly used to refer to domain names implemented in the public Internet DNS system. This is based on thirteen "root servers" worldwide, all but three of which are in the United States of America. From these thirteen root servers, the rest of the Internet DNS name space is delegated to other DNS servers which serve names within specific parts of the DNS name space.

An 'owner' of a domain name can be found by looking in the WHOIS database: for most TLDs a basic WHOIS is held by ICANN, with the detailed WHOIS maintained by the domain registry which controls that domain. For the 240+ Country Code TLDs the position is usually that the registry holds the entire authorative WHOIS for that extension, as part of their many functions.

The current way the main DNS system is controlled is often criticized. The most common problems pointed at are that it is abused by monopolies or near-monopolies such as VeriSign Inc., and problems with assignment of top-level domains.

Some also allege that many implementations of DNS server software fail to work gracefully with dynamically allocated IP addresses, although that is the failure of specific implementations and not failures of the protocol itself.

DNS uses TCP and UDP port 53. Most DNS queries (such as name resolution requests) use UDP connections as the amount of data transferred is small and the session establishment overhead would introduce unnecessary traffic and load on nameservers. DNS zone file transfers between nameserver peers use TCP connections as the volume of data transferred is potentially much larger.

A DNS domain definition (sometimes referred to as a 'zone file') consists of individual DNS records. There are several record types in common usage:

  • SOA or Start Of Authority records contain parameters for the domain definition itself.
  • A records resolve names into an IP addresses
  • PTR records resolve IP addresses to names
  • NS records define the authoritative nameservers for the domain.
  • CNAME or Canonical Name records allow aliasing of one name to another.
  • MX or Mail Exchange records define the mail server associated with a domain or A record.
  • HINFO or Hardware Information records can be used to hold descriptive text about a specific device.

Virtually all modern operating systems and network applications contain resolved libraries or routines for interrogating DNS services. However, OSs generally provide a command line interface for querying DNS servers. The Windows NT family of operating systems provides the 'nslookup' command. Unix-based operating systems may also offer 'nslookup' or 'dig' tools.

nslookup can either be used interactively, or non-interactively. An example of non-interactive usage follows. In this example, we gather the A record for www.wikipedia.org from the client's default nameserver:

nslookup www.wikipedia.org

Nslookup is somewhat more powerful when used interactively. An example of this follows. In the example, we find the mail servers for the domain wikipedia.org:

nslookup

> set q=MX

> wikipedia.org

Non-authoritative answer:

wikipedia.org MX preference = 50, mail exchanger = mormo.org

wikipedia.org MX preference = 10, mail exchanger = mail.wikimedia.org

>

See also: cybersquatting, dynamic DNS, ICANN, DNSSEC

edit