IP subnet routing
Chapter 4. Application Protocols
4.2 Domain Name System (DNS)
4.2.8 Domain Name Resolution
The domain name resolution process can be summarized in the following steps:
1. A user program issues a request such as the gethostbyname() sockets call.
(This particular call is used to ask for the IP address of a host by passing the hostname.)
2. The resolver formulates a query to the name server. (Full resolvers have a local name cache to consult first, stub resolvers do not.)
3. The name server checks to see if the answer is in its local authoritative database or cache, and if so, returns it to the client. Otherwise, it will query other available name server(s), starting down from the root of the DNS tree or as high up the tree as possible.
4. The user program will finally be given a corresponding IP address (or host name, depending on the query) or an error if the query could not be answered.
Normally, the program will not be given a list of all the name servers that have been consulted to process the query.
The query/reply messages are transported by either UDP or TCP.
Domain name resolution is a client/server process. The client function (called the resolver or name resolver) is transparent to the user and is called by an application to resolve symbolic high-level names into real IP addresses or vice versa. The name server (also called a domain name server) is a server application providing the translation between high-level machine names and the IP addresses.
4.2.8.1 Domain Name Full Resolver
Figure 107 shows a program called a full resolver, which is a program distinct from the user program, which forwards all queries to a name server for processing.
Responses are cached by the name server for future use, and often by the name server.
Full Resolver user
response user
query query
response
C a c h e User
Program
Name Server
Cache
Database
r q
Foreign Name Server
3376a\3376FDO3 Figure 107. DNS - Using a Full Resolver for Domain Name Resolution
4.2.8.2 Domain Name Stub Resolver
Figure 108 shows a stub resolver, a routine linked with the user program, which forwards the queries to a name server for processing. Responses are cached by the name server but not usually by the resolver although this is
implementation-dependent. On UNIX, the stub resolver is implemented by two library routines: gethostbyname() and gethostbyaddr() for converting host names to IP addresses and vice versa. Other platforms have the same or equivalent
routines. Stub resolvers are much more common than full resolvers.
query
response
C a c h e Name
Server Database
r q
Foreign Name Server
3376a\3376FDO9
Stub Resolver User
Program
Figure 108. DNS - Using a Stub Resolver for Domain Name Resolution
4.2.8.3 Domain Name Resolver Operation
Domain name queries can be one of two types: recursive or iterative (also termed non-recursive). A flag bit in the domain name query specifies whether the client desires a recursive query and a flag bit in the response specifies whether the server supports recursive queries. The difference between a recursive and an iterative query arises when the server receives a request for which it cannot supply a complete answer by itself. A recursive query requests that the server should issue a query itself to determine the requested information and return the complete answer to the client. An iterative query means that the name server should return what information it has available and also a list of additional servers for the client to contact to complete the query.
Domain name responses can be one of two types: authoritative and
non-authoritative. A flag bit in the response indicates which type a response is.
When a name server receives a query for a domain in a zone over which it has authority, it returns all of the requested information in a response with the
authoritative answer flag set. When it receives a query for a domain over which it does not have authority, its actions depend upon the setting of the recursion desired flag in the query.
If the recursion desired flag is set and the server supports recursive queries, it will direct its query to another name server. This will either be a name server with authority for the domain given in the query, or it will be one of the root name servers. If the second server does not return an authoritative answer (for
example, if it has delegated authority to another server), the process is repeated.
When a server (or a full resolver program) receives a response, it will cache it to improve the performance of repeat queries. The cache entry is stored for a maximum length of time specified by the originator in a 32-bit time-to-live (TTL) field contained in the response. 172,800 seconds (two days) is a typical TTL value.
If the recursion desired flag is not set or the server does not support recursive queries, it will return whatever information it has in its cache and also a list of additional name servers to be contacted for authoritative information.
4.2.8.4 Domain Name Server Operation
Each name server has authority for zero or more zones. There are three types of name servers:
Primary
A primary name server loads a zone's information from disk, and has authority over the zone.
Secondary
A secondary name server has authority for a zone, but obtains its zone information from a primary server using a process called zone transfer. To remain synchronized, the secondary name servers query the primary on a regular basis (typically every three hours) and re-execute the zone transfer if the primary has been updated.
A name server can operate as a primary or a secondary name server for multiple domains, or a primary for some domains and as a secondary for others. A primary or secondary name server performs all of the functions of a caching only name server.
Caching-only
A name server that does not have authority for any zone is called a
caching-only name server. A caching-only name server obtains all of its data from primary or secondary name servers as required. It requires at least one NS record to point to a name server from which it can initially obtain
information.
When a domain is registered with the root and a separate zone of authority established, the following rules apply:
The domain must be registered with the root administrator.
There must be an identified administrator for the domain.
There must be at least two name servers with authority for the zone that are accessible from outside and inside the domain to ensure no single point of failure.
It is also recommended that name servers that delegate authority also apply these rules, since the delegating name servers are responsible for the behavior of name servers under their authority.