The
Domain Name System (DNS) is the method by which Internet addresses in mnemonic
form such as sunc.scit.wlv.ac.uk.
are converted into the equivalent numeric IP address such as 134.220.4.1
.
To the user and application process this translation is a service provided
either by the local host or from a remote host via the Internet. The DNS server
(or resolver) may communicate with other Internet DNS servers if it
cannot translate the address itself. These notes will discuss
DNS names are constructed hierarchichally. The highest level of the hierarchy being the last component or label of the DNS address. Labels can be up to 63 characters long and are case insensitive. A maximum length of 255 characters is allowed. Labels must start with a letter and can only consist of letters, digits and hyphens. [Unfortunately some administrators construct names that start with digits. This is wrong and can easily cause problems with software that simply inspects the first character of a host address to determine whether a DNS name or an IP address has been quoted.]
Note
In the early days of the Internet users in at least one country (the United
Kingdom) adopted a similar scheme with the highest hierarchical level appearing
first rather than last. I.e. uk.ac.wlv.scit.sun
rather
than sunc.scit.wlv.ac.uk
.
This practice is, fortunately, obsolete.
DNS
addresses can be relative or fully qualified. A fully qualified address includes
all the labels and is globally unique. A relative address can be converted by
appending the local domain information. For example sunc.scit.wlv.ac.uk
is a fully qualified name for the host sunc
in the domain scit.wlv.ac.uk
.
Strictly there should be a stop at the end of a fully qualified name but this is
often overlooked.
The final most significant label of a fully qualified name can fall into one of three classes
This is a special facility
used for reverse translation, i.e. going from IP address to fully qualified
domain address. If everything is properly configured a suitably framed query for
1.4.220.134.in-addr.arpa
will return sunc.scit.wlv.ac.uk
.
Details of this will be described
later.
The DNS was orginally introduced in the United States of America and the final component of an address was intended to indicate the type of organisation hosting the computer. Some of the three letter final labels (edu, gov, mil) are still only used by organisations based in the USA, others can be used anywhere in the world.
The three letter codes are
code
|
meaning
|
com |
Commercial. Now international. |
edu |
Educational. |
gov |
Government. |
int |
International Organisiation. |
mil |
Military. |
net |
Network related. |
org |
Miscellaneous Organisation. |
The final two letter codes
indicate the country of origin and are defined in ISO
3166 with the minor exception that uk
is used for the United
Kingdom rather than gb
although there are some .gb
sites. [This apparently happened because the ISO committee was unaware that
Northern Ireland was part of the United Kingdom but not part of Great Britain.]
The two letter code us
is used by some
sites in the United States of America.
In
some countries there are sub-domains indicating the type of organisation such as
ac.uk
,
co.uk
,
sch.uk
in the United Kingdom and edu.au
and com.au
in Australia. Most European countries have not adopted this useful practice. A
fuller discussion of the United Kingdom DNS domains is provided by the UK
Network Information Centre.
To
obtain a domain address it is necessary to identify the administrator of the
required domain and then all that is basically necessary is to send the
administrator the required code and the associated IP address and they will, if
they accept the request, include the details in their databases. Conditions for
acceptance vary widely between administrators, the administrators for the com
and org
being, apparently, quite happy to accept anything from anywhere.
For any group of computers partaking of the DNS naming scheme there is likely to be a single definitive list of DNS names and associated IP addresses. The group of computers included in this list is called a zone. A zone could be a top level national domain or a university department. Within a zone DNS service for subsidiary zones may be delegated along with a subsidiary domain. The computer that maintains the master list for a zone is said to have authority for that zone and will be the primary name server for that zone, there will also be secondaries for that zone.
When any process needs to determine an IP address given a DNS address it calls upon the local host to resolve the address. This can be done in a variety of ways
/etc/hosts
named
on a Unix system. named
initially obtains information from /etc/hosts
but also
maintains a cache of recent requests./etc/resolv.conf
.If
a named
process cannot resolve an address locally it will call upon higher authority.
Ultimately it will attempt to contact the system that is authoritative for the
zone in question, however, unless the information is cached or in the hosts
local files then it will not know the address of the authoritative server. This
problem is resolved by recursive resolution of requests, i.e. any DNS
server will pass requests it cannot handle to a higher level server and so on
until either the request can be handled (either by sending a message to the
identified authoritative host) or until the root of the DNS name space is
reached.
There
are eight servers that can serve requests at the root of the DNS name space, all
servers should know their IP addresses so that DNS service can be offered even
if there are no cached addresses and no local servers indicated by the /etc/resolv.conf
file. The root servers will know the IP addresses of the servers for all the
national DNS zones and the three letter zones.