DynDNS

Only, thus IP address never changing a firm computer name can assign itself to computers with firmer. Since however a great many users with home computers have a variable IP address (with each a choice in Internet another IP address from a pool is assigned), give it in the meantime DynDNS operators (for example DynDNS.org or MyDyn.de or pdns.de), that ensure that one is attainable over the same computer names as always as possible also with such rapidly changing addresses. The free program GnuDip makes a server and a Client available, with which users their own DynDNS can develop themselves.

Reverse DNS returns the delivery here only the names, which the line offerer gave to the IP address, - e.g. dslb-084-056-159-008.pools.arcor-ip.net. From the IP address the DynDns names to judge, is not possible.

See also: List of the TCP/IP-based network services

DynDNS to firm IP addresses

Even if it sounds at first sight paradoxical, it can be skillful in some cases to put on a firm IP addresses DynDNS. Who offers services for example on a root server or a Vserver and this with DynDNS does, can arbitrary server removals make, without needing the assistance of a Providers. Who does this, it must ensure however that its DynDNS Client in regular intervals renews the IP, even if this were actually not necessary - many offerers of DynDNS deactivate an account, if they did not hear several days anything of it.

Further intended purposes

In E-Mail traffic the DNS can be used, in order to query whether a Mailserver an open represents Relay. Since over open Relays frequently Spam is dispatched, the Spam arising is to be reduced by rejecting a connection or rejecting the E-Mail. In addition the Mailserver inquires with a real-time Blackhole cunning (RBL) and/or DNS based Blackhole cunning (DNSBL) whether the IP address of the detailed smtp connection is registered as open Relay. The answer "“127.0.0.1"” meant does not register; "“127.0.0.x"” with x>1 meant in the Blacklist registers, whereby the value of "“x"” can contain statements about the kind of the registration.

With telephones the NUMBER Mapping are put down telephone numbers in the Domain Name System, in order to facilitate the IP-Telefonie. Portable radio operators use DNS with their Triple A systems, in order to for example internally query in their system for a IP address of a customer the mobile Subscriber ISDN NUMBER.

There are also beginnings to use the Domain Name System to tunnels from utilizable data to and so a Firewall go around.

DNS in the local area network

DNS is not limited to Internet. It is easily possible and with the definition compatible to furnish for the dissolution of local names own zones in the name server and to register the appropriate addresses there. With the tool Web min can be managed this also without deep knowledge. The unique expenditure for installation is worthwhile itself also with relatively small nets, since then all addresses in the net can be administered central.

The DNS server BIND can also with DHCP co-operate and thus for each Client in the net a dissolution of name possible make.

Under Windows there is the service WINS of the one similar function for the order places, however completely different minutes used.

DNS and distribution of load (load balancing)

If with DNS for a name several IP addresses are registered, with inquiries these addresses are alternating returned (Round Robin). Thus services can be distributed statistically equivalently on several servers. Upstream scripts can naturally examine the availability of the individual servers and register only those servers in the name server, which is up-to-date actually available. With it distribution of load and loss safety device can be connected.

More sophisticated techniques are realizable with so-called SRV records. There there are also priorities and weights. Unfortunately the Clients must also support these records, which at present is rather rare.

An unpleasant, but useful possibility consists of registering the IP addresses according to its priority several times into the table e.g. ADSL line three times, transmit-strains only once.

Anmerkung-1: The distribution by DNS is even naturally only in the sense, which concerns the dispatching. About the actual load developing thereafter DNS does not know anything.

Anmerkung-2: How often one inquires, hangs also of the Clients - e.g. Browser - off. Mozilla e.g. inquires with Mail (smtp and IMAP) after some minutes of inactivity again, while the same program does not do this with Web (for the Proxyserver).

DNS Security

The DNS is a central component of an interlaced IT-infrastructure. A disturbance can draw substantial costs and be a falsification of DNS data starting point of attacks. More than ten years according to the original specification DNS was supplemented around Security functions. The following procedures are available:

• With TSIG (Transaction Signatures) it concerns a simple procedure which is based on symmetrical keys, with which the data traffic between DNS servers can become secured.
• With DNSSEC (DNS Security) by an asymmetrical Kryptosystem use is made, with which almost all DNS safety requirements can be fulfilled. Apart from server server communication also Client server communication becomes secured.

DNS Spoofing

DNS Spoofing is the attempt to smuggle an inquiring Client a wrong IP address under in order to lead it thereby in an apparently trustworthy address. An example of such an attack is with BSI. Theoretically an aggressor can pretend also over IP-Spoofing, a trustworthy name server be. A simple preventive measure consists of permitting by Firewallregel DNS inquiries only to certain, trustworthy name servers.

Domain registration

In order, must the owner admits to be able to make DNS names in the Internet the Domain, which contains these names, register. It is guaranteed by a registration that certain formal rules are kept and that Domain names are world-wide clear. Domain registrations are made by organizations (Registrars), which were authorized to it of the IANA and/or ICANN. Registrations are chargeable. In Germany the Denic is responsible.

Detailed information is under Domain registration.

Alternative root DNS

In the course of the time alternatives to IANA and/or ICANN were created. Details see under Top level Domain.

Bonjour/Zeroconf

Apple made several extensions at the DNS, which is to make the comprehensive self configuration possible of services in LANs with the development of Mac OS X. On the one hand MulticastDNS ("„mDNS "“) was introduced, the dissolutions of name in a LAN without a dedicated name server was permitted. Additionally still DNS-SD (for "„DNS service Discovery "“) was introduced, the search ("„Browsing "“) was made possible after network services into the DNS and/or mDNS. mDNS and DNS-SD are so far no official RFCs of the IETF, are however nevertheless already in different (also free) implementations available. Together with a set of other techniques Apple DNS-SD summarizes and mDNS under the name "„Zeroconf "“, than a component of Mac OS X also than "„rendezvous "“and/or "„Bonjour "“.

Analysis of the DNS

Errors in the DNS can have effects handing far. For investigation usually two sources are near drawn:

(1) DNS server Logs/Configs

First source: The configuration and log files of the respective DNS server. This step presupposes that entrance to the DNS server is given. Advantage: Directly the source is determined "„tapped "“, the behavior. Disadvantage: By the entire DNS group only one DNS server is regarded.

(2) DNS Client/server communication

Second source: The data traffic of the DNS servers and DNS Clients. This is done over recording and evaluation of the data traffic over the means of the LAN analysis via so-called Sniffer. Advantage: (Depending upon measuring point) all DNS procedures of all DNS participants are seized and evaluated. Disadvantage: Only the effects become, not however absolutely the causes visible.

It is shown thus that on the end both sources of realization are to be pulled near. For this DNS server Admins and LAN SWITCH Admins must work together, since everyone has only access to in each case one of the two data sources.

DNS and error tracing in the net

Disturbances or errors in the DNS can cause various subsequent problems, whose connection with DNS is not always obvious. It should be therefore basic rule of each strategy to the error tracing to convince itself of the normal function of the DNS.

The diagnosis is extraordinarily made more difficult by the DNS Caching. Incorrect entries up to invalid zones can hold themselves for hours until weeks in the individual servers. The consistency of the volume of data is lost through it: To and the same time can different servers different DNS data possess.

Articles in category "Domain Name System [3 / 4]"

We found here 69 articles.

Related Websites

We found here 4 related websites.

• DNS - Wikipedia, the free encyclopedia
  Domain Name System · Direct numerical simulation · Doctor of Nursing Science · 3,5-Dinitrosalicylic acid. This is a disambiguation page: a list of articles ...


• DNS Resources Directory (DNSRD)
  The Domain Name System (DNS) is a distributed internet directory service. DNS is used mostly to translate between domain names and IP addresses, ...


• Domain name system - Wikipedia, the free encyclopedia
  The domain name system or domain name server (DNS) is a system that stores and ... Less recognized, the domain name system makes it possible for people to ...


• What is DNS - A Word Definition From the Webopedia Computer ...
  Describes the IETF Domain Name System security working group and includes contact and mailing list information and links to Internet draft documents. ...