Web Site

Domain-name-system.org

» Domain Name System

Printer Friendly FormatPrinter Friendly Format
Bookmark page - Domain Name System [2 / 4]Bookmark this page
Page modified: Friday, June 23, 2006 20:29:01

Name server often commodity

  • BIND (Berkeley Internet Name Domain) is the Ur-Nameserver and today still usually-most name server often commodity, it the reference implementation of most RFCs to DNS represents not least there. BIND is open SOURCE software.
  • djbdns amber is considered is not any longer developed further as very safe and enjoys of rising popularity, however of Dan, because it regards it as finished.
  • PowerDNS was a liable to pay the costs implementation, which is available in the meantime also under the GPL and particularly for the direct operation of zones from SQL data bases and LDAP listings admits is.
  • MyDNS is a further open SOURCE software, which is specialized in MySQL and PostgreSQL data bases in particular.
  • Xyria: DNSd is an performance-optimized DNS server, which is about twice as fast as binds. Xyria: DNSd is at present still quite minimalistic and supports no zone transfers (except for instance via SSH), but however extremely reliably and stably.
  • NSD is optimized for servers those excluding autoritative answers to supply is.

Resolver

Resolvers are accumulations of libraries, which can call information up from the name servers. They form the interface between application and name server. The resolver takes over the inquiry of an application, supplements it if necessarily for a FQDN and it conveys to the name server configured firmly.

A resolver works either iterative or recursively and informs the name server about the used function. Usual resolvers of Clients work exclusively recursively, them also as Stub resolvers are then designated.

With a recursive inquiry the resolver sends an inquiry at it admitted name servers and expects from it a clear answer. This answer contains either the desired resource record or "„gives it not "“. Recursively working resolvers leave thus the work for complete dissolution to others.

With an iterative inquiry the resolver gets either the desired resource record or the address further name servers, which it asks as next. The resolver slope ELT from name server to name server to it with a autoritativen name server lands itself in such a way.

In such a way won answer hands over the resolver to the program, which requested the data, for example to the Webbrowser.

Well-known programs for the examination of the dissolution of name are dig nslookup, host and. Further information for iterative/recursive dissolution of name is under recursive and iterative dissolution of name.

Minutes

DNS inquiries are normally sent by UDP haven 53 to the name server. In addition, the DNS standard permits the TCP to minutes. If no Extended DNS is used (EDNS), amounts to the maximally permissible length of the DNS UDP package 512 bytes. Excessive answers are cut transferred therefore off. The inquiring Client is informed by setting the Truncated flag about this circumstances. It must decide then whether answer is enough to it or not. If necessary it will repeat the inquiry by TCP haven 53.

Zone transfers are always accomplished over haven 53 TCP. The release of zone transfer however usually takes place by UDP.

Example

In the example www.example.net in three steps is dissolved iterative "„by hand "“. The address of A.root-servers.net (198.41.0.4) is presupposed thereby, the expenditure is shortened on the substantial to be familiar. 

$ dig +norecurse @ 198.41.0.4 www.example.net net. 172800 IN LV A.GTLD-SERVERS.net. A.GTLD-SERVERS.net. 172800 @ 192.5.6.30 www.example.net example.net dig +norecurse IN A 192.5.6.30 $. 172800 IN LV a.iana-servers.net. a.iana-servers.net. 172800 @ 192.0.34.43 www.example.net www.example.net dig +norecurse IN A 192.0.34.43 $. 172800 IN A 192.0.34.166

With the A-records additionally spent by to non-responsible the name servers it concerns Glue record. The number forwards "‚IN `means the TTL (Time to Live) in seconds. It means, how long the Client may keep the answer in the Cache, before it must again inquire. With dynamic IP addresses this number mostly is between 60 (minimum) and 300 seconds.

Entries into the data base

DNS does not permit a free definition of entry types (resource record).

The most important inquiries refer certainly to IP addresses for a name. For this A-entries (ADDRESS) for IPv4 and AAAA entries for IPv6 are usually used. The name a.iana-servers.net. over a A-record in the address 192.0.34.43 is illustrated.

Quite also several IP addresses for a name may be registered. The resolver selects itself either all or one (for instance first). Some name servers mix the IP addresses, so that another address than first appears in each case. Thus a simple distribution of load is possible.

CNAME entries (canonical name) make the definition possible of Aliasen for names. One knows for instance www.example.net. on host1.dmz.example.net. illustrate. The alias can point to an A or again to an CNAME entry. To note it is however that each CNAME entry causes a further DNS inquiry for the dissolution of the Aliases, why with it in the sense of the waiting period for dissolution of name should be economically gone around.

PTR entries (pointers) form their own name hierarchy, which illustrates IP addresses on names. For this a pseudo Domain in ADDR ARPA is used. Below these Domain the decimal notation of the address is interpreted in reverse order as name. For the address 192.0.34.43 is looked for the PTR entry of the "“name"” 43.34.0.192.in addr.arpa. The result is then a.iana-servers.net.

MX entries (mail more exchanger) contain the next post office distributor for a Domain. These are provided with a priority (the smallest number has the highest priority). A central post office distributor with high priority of a larger organization receives the Mail from the Internet and distributes it if necessary to internal smaller post office distributors of low priority within the organization, which they further-distribute to the receipt computers.

If a Mail is dispatched about on user@domain.org, a computer determines first the MX entries for domain.org. From these he selects that with the highest priority as post office distributor. If no post office distributor is found, CNAME entries or address entries are used. A post office distributor determines the own priority over its MX entry and distributes only at post office distributors of lower priorities.

As LV entries (name server) one indicates, which name servers are responsible for a zone. In addition thereby points of delegation for Subzonen are defined.

SRV records make it possible to bind address entries to services and minutes. Thereby power pack takers can inquire who server offers the desired service.

TXT records can contain arbitrary text entries. These can be used as comments or also for data, which are evaluated by other services like e.g. To make to difficult Public key or SPF entries around Spammern falsifying from Mailservern.

A comprehensive list of permissible DNS Eintragstypen is here

Extension of the DNS

So far those were reduced label - as described - to alphanumeric indications and the indication "‚- `. This is connected above all with the fact that the DNS (like also Internet originally) in the USA was developed. However it gives to be used in many countries indication, those not in a label could (in the German linguistic area for example the umlauts and or indications from completely different writing systems (for example Chinese). Names with these indications were not originally DNS able.

RFC 2673 describes the Binary label, with which the full character set of a character sequence consisting of bytes can be used. Since both resolvers and name servers would have to implement the extensions, attain this procedure no world-wide surface covering use.

Another beginning for the enlargement of the character set is the 2003 in RFC 3490 described internationalization of Domain name IDNA. In order to keep the new system with the past compatible, the extended character sets with permissible indications are coded, illustrated thus on at present valid names. The extended character sets are normalized thereby first in accordance with the Nameprep algorithm (RFC 3491) and illustrated following by Punycode (RFC 3492) on the character set usable for DNS. IDNA requires an adjustment of the applications of networks (e.g. Web Browser), the name server infrastructure (server, resolver) does not need to be changed however. In the German-speaking countries 2004 German, of Liechtenstein, Austrian and Swiss Domains (.de, .li, .at and .ch) with umlauts can be registered and used for March. Also with some other Top level Domains, in particular in the asiatic area, the use of IDNA is possible.

1999 described Paul Vixie in the RFC 2671 some smaller, downward-compatible extensions at the Domain Name System, which are called EDNS version 0. By use from, but unused header codes reserved up to then, the inquiring can specify that it can receive UDP answers more largely than 512 bytes. In addition it became possible different label types to use. DNSSEC able servers and resolver must control EDNS.

A further current extension of the DNS represents ENUM (RFC 2916). This application makes the addressing of Internet services over telephone numbers, thus "„selecting "“from by Internet attainable devices with from the telephone network admitted numbering pattern from the broad spectrum of the application type offers itself in particular the use for Voice for over IP possible services.


Printer Friendly FormatPrinter Friendly Format
Back to topBack to top
Back to topBack to top

Related Websites

We found here 4 related websites.

Back to topBack to top
Page cached: Wednesday, July 5, 2006 14:16:07
Valid XHTML 1.0!  Valid CSS!
Page copy protected against web site content infringement by Copyscape