Application Layer – Domain Name System (DNS internet working overview)

Spoiler : This post is long yet interesting!!

We already saw the different layers present in the TCP/IP reference model and different types of addressing methods implemented in any network transmission models. So now being armed with enough basic knowledge, its time for us to explore the real functionalities in each of these layers. So first we will start with the Application layer.

The application layer provides services to end-users and moreover most of the interesting applications are present in this particular layer. The other layers present below this layer mainly helps in facilitating the user to use various applications present in this layer.

 

The three top services provided by the application layer for the smooth functioning of different applications are :

• Network Security
• Domain Name Service (dns)
• network Management

So in this post, we are mainly concerned with the Domain Name System of the application layer.So before we may proceed, let us see some common  error messages we normally see while browsing the internet,

So after going through this post, hopefully, you can derive a well-learned solution to your problem(main root cause).

Domain Name System

We already learned about the Client server network configurations . So Domain name system is also one of the supporting programs of the client-server network.  It is used to handle the addressing and naming of the internet.

A user of an e-mail program may know the e-mail address of the recipient, however, the IP protocol(of TCP/IP model) needs the IP address. The DNS client program sends a request to a domain name server to map the e-mail address to the corresponding IP address.

It is also important to understand that every remote device (host in-network) will have an alias name. To identify an entity, TCP/IP protocol will use the IP address, which uniquely identifies the connection of a host(any remote device) to the Internet.

However, people prefer to use names instead of numeric addresses(for simplicity). Therefore, we need a system that can map a name to an address or an address to a name. So this entity is called DNS (Domain name system).

This service will not be directly used by the end-user, there is an application program for carrying out this mapping(of the alias and the ip address) work .

So how does Domain Name System(DNS)  really works ?

Initially there should be some application to map the alias name into their IP address (which is then used by the TCP/IP protocols). For this mapping , the application program calls a library procedure called resolver. The alias name will be passed on to the resolver as a parameter.

The resolver then sends a UDP packet to local DNS server which looks up the name and returns the corresponding IP address to the resolver.

The resolver then sends this address to the caller . Then the program can establish a TCP connection with the destination or sends in the UDP packets.

Name Space in DNS

The alias names that are assigned to each remote host in the network should be selected carefully from the namespace. In other words, each name has to be unique so that it can be bound with each unique IP address.A namespace that maps each address to a unique name can be organized in two ways:

• flat
• hierarchical

Flat Name Space 

In this a name is assigned to every address. There is no structure but only a sequence of characters present in this.The main disadvantage of a fiat namespace is that it can’t be used in a large system like on the Internet because it must be centrally controlled in order to avoid any ambiguity and duplication.

Hierarchical Name Space In DNS !!

In this , each name consists of many parts(in short a well defined structure is present to maintain the uniqueness). The first part may correspond to the nature of the organization , the second may define the name of the company then the third part will be department name, and so on…

The part that defines the nature of the institution is assigned by a central authority. The decision of structuring the rest of the name can be given to the company itself. The institute can add any prefix or suffix to the name for defining its host or resources. The central authority can only control the part of the name and not the complete name.

Domain Name Space

Basically the internet has been divided into many top-level domains.Each domain consists of many hosts.In order to have a hierarchical namespace, a domain name space was designed.

In this design the names are basically defined in an inverted tree structure with the root at the top. The tree can have only 128 levels i.e. level 0 (root) to level 127. The top level domains are of two types namely generic and countries.

Generic domains

The generic domain can be of different types i.e com (commercial) , edu (educational institutions) , gov (government) , int (international organization) , mil (military) , net (network providers) , and org (non-profit organizations) . The country domains generally include one entry for every country . Also each domain is named by following an upward path.

A full domain name is a sequence of labels separated by dots (.) for eg: mobile.dell.com. A full domain name always ends in a null label, which means the last character is a dot because the null string is nothing.This is called hierarchical naming.

 

 

Label

Each node in the tree has a lable and it can be specified using 63 characters.It is very difficult for us to remember the string of numbers (ip addresses) and that is where domain names comes into picture. Let us now take some examples:

www.yahoo.com , encarta.msn.com , www.bbc.co.uk are some of the domain names . In this , the com and uk portions of these domain names are called the top-level domain .

There are many other top-level domain names including com, edu , gov , mil , net , org , int, and the unique two letter combinations of every country. So every ‘com’ top level domain must be unique.

The leftmost word i.e www or encarta is the host name . It specifies the name of specific machine(with specific ip address) in a domain. Thus any domain may consists of millions of hostnames provided all are unique in nature.

Note : Domain names are not case sensitive i.e edu and EDU will be same.Component names can have upto 63   characters.To create any new domain we have to take the permission of the domain in which it is to be included.

What is a Domain?  

A domain is typically a subtree of the domain name space. The name of any domain is the domain name of the node at the top of the subtree. A domain can be further divided into subdomains.

Distribution of Name Space

The information contained in any domain name space must be stored. However, it is very inefficient and also unreliable to have only one computer store such a huge amount of information. Failure of any one computer can make the data inaccessible .

Hierarchy of Name Servers

The simple solution to these problems is to distribute the information among many computers called DNS servers. One way to implement this is to divide the whole space into many domains based on the first level.

Name server contains the DNS database i.e various names and their corresponding ip addresses. In other words, we let the root stand alone and create as many domains (subtrees) as there are first-level nodes.

Because a domain created in this way could be very large, DNS allows domains to be divided further into smaller domains (subdomains).The first level domains are further divided into smaller subdomains called the second level  domains. The hierarchy of the servers will be the same as that of the names.

Zones :

We need to define the area over which each server has authority.This restricted region over which a particular server has authority is called as zone.The server makes a database called zonefile and it keeps all the information for every node under that domain.

However, if any server divides its domain into sub-domains and delegates part of its authority to other servers, domain and zone refer to different things.

The information about the nodes in the subdomains is further stored in the servers at the lower levels, with the original server keeping some sort of reference to these lower-level servers.

Root Server:

This referred to the zone  consists of the whole DNS tree. It only keeps the reference of these servers.There are several root servers, each covering the whole domain name space. The servers are distributed all around the world.

DNS define two types of servers namely primary and secondary servers.

Primary servers:

This type of server stores files about its zone.It has the authority to create , update, and delete any zone file and store it in a local disc.

Secondary Servers:

This server transfers complete information about a zone from another server which may be primary or secondary server . The transferred info will be then stored in disc storage. It is not authorized to create and update a zone file.

What Is DNS in the Internet ?

We will now understand how the DNS is implemented on the internet. In the Internet, the domain name space (tree) is divided into three different sections: generic domains, country domains, and the inverse domain.

1.Generic Domain

The first level of the generic domain section allows 14 possible values.The generic domains define registered hosts according to their generic behavior. for eg we have edu for education etc.

Label	Description
aero	Airlines and aerospace companies
biz	Businesses or firms (similar to “com”)
com	Commercial organizations
coop	Cooperative business organizations
edu	Educational institutions
gov	Government institutions
info	Information service providers
int	Information service providers
mil	Military groups
museum	Museums and other nonprofit organizations
name	Personal names (individuals)
net	Network support centers
org	Nonprofit organizations
pro	Professional individual organizations

 2.  Country Domain

This domain uses two characters country abbreviations eg US for united states. Second label in this domain specifies organization or national designations. 

3. Inverse Domain

This is used for mapping an address to a name . This may happen, for example, when a server has received a request from a client to do a task.

Although the server has a file that contains a list of authorized clients, only the IP address of the client (extracted from the received IP packet) is listed.

The server then asks its resolver to send a query to the DNS server to map an address to a name in order to determine if the client is on the authorized list. This is exactly opposite to a process of mapping a name to a address discussed earlier.

Name Address Resolution:

The process of mapping a name to address and vice versa is called as name address resolution.

What is Resolver in DNS ? 

DNS application is based upon the client-server model.So to map any name to address(or vice versa) in DNS ,it will call a DNS client named as resolver.

The resolver then sends a mapping request to closest DNS server and accesses its storage.If this requested server don’t have the information then it will refer the resolver to other server or ask another server to furnish required info.

Thus, in the end, a resolver receives a mapping from some source and then it checks for error and if found error free , it delivers the mapping to the requesting process(host) .

Mapping names to addresses:

Firstly the resolver gives the name of the host to server and requests for the corresponding IP address. The server then checks the generic or country domains to gt the required address.

If the local DNS server server don’t have an answer then it will refer the resolver to other server .The same method will be followed for the name from the country domain.

Mapping addresses to names:

Now, a client sends an IP address to a server and requests for its name . This type of query is called as PTR(pointer) query.To answer queries of this kind, DNS uses the inverse domain. However, in the request, the IP address is reversed  and the two labels in-addr and arpa are appended to create a domain acceptable by the inverse domain section.

For example, if the resolver receives the IP address 132.34.45.121, the resolver first inverts the address and then adds the two labels before sending. The domain name sent is “121.45.34.132.in-addr.arpa.” which is received by the local DNS and resolved .

Recursive Resolution

The client (resolver) can simply ask for a recursive answer from a name server. This means that the resolver expects the server to supply the final answer. If the server is the authority for the domain name, it then checks its database and responds.

If the server is not the authority, it then sends the request to another server (the parent usually) and waits for its response. If the parent is the authority, it responds and otherwise, it sends the query to yet another server.

 

Iterative Resolution

In this, if the server has the authority for the name  then it will send the answer. But if it won’t have the answer then it will send the the client the ip address of the server that holds the answer to the query.

If the newly addressed server can able to resolve the problem, it answers the query with the IP address, otherwise, it will return the IP address of a new server to the client. Now , the client must repeat the query subsequently to the third server. This process is called iterative resolution .

DNS Message Format

DNS has two types of messages as follows and both of then has the same format

• Query
• Responses or reply

Both query and response messages will have the same header format with some fields set to zero for the query messages. The header is 12 bytes and the identification subfield is used by the client to match the response with the query.

 

 

What is Caching in DNS ?

Each time any server receives a query for a name that is not in its domain, it then searches in its database for a server IP address. The reduction of this search time would increase efficiency. DNS handles this with a mechanism called caching.

When a server asks for a mapping from another server and then receives the response, it must store this information in its cache memory before sending it to the client. If the same or another client again asks for the same mapping, it can check its cache memory and solve the problem in less time duration.

See you soon with the next interesting application in the application layer in my next post.So stay tuned..