DNS (Domain Name System) Dezentrale Internet Datenbank, die für die Übersetzung von Rechnernamen in IP Adressen (forward lookup) und umgekehrt (reverse lookup) zuständig ist. Da es für den Menschen schwierig ist, sich viele Host-IP-Adressen zu merken, wurde ein System eingeführt, welches der IP-Adresse einen Domainnamen zuweist. Sogenannte Nameserver (NS) geben Auskunft über die Zuordnung von Domainnamen zu IP-Adressen. Nameserver enthalten Informationen über bestimmte Segmente der Datenbank. Die eigentliche Query zum DNS-Server übernimmt der Resolver, der meist im Betriebssystem eingebaut ist. Zur Leistungssteigerung verfügen alle Resolver über einen lokalen Cache, damit sie Mehrfachabfragen schneller beantworten können. Resolver bestehen häufig lediglich aus ein paar Libraryroutinen, welche Anfragen erstellen und diese durch das Netz an den Nameserver schicken. DNS Operation Diagramm:
Bsp: Domain Name Space Der Domain Name Space ist als baumartige Struktur angelegt. Ausgehend von der Wurzel (root) folgen die Top Level Domains (TLDs) wie "ch", "edu" oder "de". Diese spalten sich in weitere Subdomains auf. Die Name Server des DNS verwalten Zonen, die einen Knotenpunkt im DNS-Baum und alle darunterliegenden Zweige beinhalten. Durch die Existenz von Name Servern auf verschiedenen Tiefen des DNS-Baumes überlappen sich die Zonen der verschiedenen Name Server. Ein Name Server kennt jeweils seinen nächsthöheren und nächsttieferen Name Server. In jeder Zone gibt es aus Zuverlässigkeitsgründen mindestens zwei aktive Name Server (primary und secondary), die beide dieselben Informationen liefern. Der Hauptunterschied zwischen einen primary und einen secondary NS ist, dass der secondary NS seine Informationen vom primary NS bekommt, während der primary NS seine Daten von Files auf seinem System erhält.
Was passiert wenn man nur den Domainnamen hat und die entsprechende IP herausfinden will?
Was passiert wenn man nur die IP-Adresse hat und den entsprechenden Domainnamen herausfinden will? Zur Lösung dieses Problems wurde die Domain "in-addr.arpa" gebildet. Bsp: Bsp: Eintrag in einem Zonen File (für reverse lookups) primary 12.176.149.in-addr.arpa db.bla_bla_file Diese Domain wird inverse Domain genannt und die Auflösung von IP-Adressen nach Domainnamen bezeichnet man als reverse mapping oder reverse lookup. Die inverse Domain wird in der Form dargestellt, daß die Ziffern der IP- Adresse in umgekehrter Reighenfolge geschrieben werden und die Domain inaddr.arpa angehängt wird.
/etc/named.boot configuration file: ; This specifies a directory in which zone files reside. ; Names of files may be given relative to this directory. directory /etc/namedb ;type domain file ;--------------------------------------------------------------- ; This takes a domain name and a file name as an argument, declaring the local ; server authoritative for the named domain. As a primary server, named loads ; the zone information from the given master file. Generally, there will ; always be at least one primary entry in every boot file, namely for reverse ; mapping of network 127.0.0.0, which is the local loopback network. ; this file is responsible for mapping names to IPs ; this server will act on any requests made to it ; for anything under the domain "fh-regensburg.de" primary fh-regensburg.de db.fh-regensburg.de ; this is the config file for the "loopback" address primary 0.0.127.in-addr.arpa db.127.0.0 ; this files are responsible for mapping IPs to names ; for this subdomains... primary 104.95.194.in-addr.arpa db.194.95.104 primary 105.95.194.in-addr.arpa db.194.95.105 primary 106.95.194.in-addr.arpa db.194.95.106 primary 107.95.194.in-addr.arpa db.194.95.107 primary 108.95.194.in-addr.arpa db.194.95.108 primary 109.95.194.in-addr.arpa db.194.95.109 primary 132.95.194.in-addr.arpa db.194.95.132 ; This takes a domain and a file name as arguments. This file contains the ; root server hints, that is a list of records pointing to the root name ; servers. The domain argument is generally the root domain name. cache. db.cache ; this declares the local server a secondary master server for ; the domain specified. A secondary server holds authoritative data on the ; domain, too, but it doesn't gather it from files, but tries to download ; it from the primary server. The IP address of at least one primary server ; must thus be given to named in the address list. The local server will ; contact each of them in turn until it successfully transfers the zone ; database, which is then stored in the backup file given as the third ; argument. If none of the primary servers responds, the zone data is ; retrieved from the backup file instead. secondary uni-regensburg.de 132.199.1.2 urrz.zone
secondary 199.132.in-addr.arpa 132.199.1.2 urrz.revzone ; The basic difference between primary and secondary nameservers is that ; secondary servers obtain their information from the primary servers, ; while primary servers obtain their data from files on their host ; computer. ; if this server doesn't know something, ; it forwards requests to other ; DNS servers in this order forwarders ; forwarders 150.156.208.2 192.52.220.66 149.15.1.5 (not the real DNS IPs for this domain)
db.fh-regensburg.de master-zone file (forward lookups): ; each zone contains exactly one SOA-record @ IN SOA dns.fh-regensburg.de. feyrer.dns.fh-regensburg.de. ( 2000121801 ; serial 28800 ; refresh 7200 ; retry 604800 ; expire 172800 ; default ttl ) @ IN NS dns.fh-regensburg.de. @ IN NS rrzs2.rz.uni-regensburg.de. @ IN NS deneb.dfn.de. rfhs8001 IN A 194.95.108.14 dali IN CNAME rfhs8001 rfhs8001 IN HINFO "Sun Sparcstation 2" SunOS rfhs8002 IN A 194.95.108.16 fuchur IN CNAME rfhs8002 rfhs8002 IN HINFO "Sun Sparcstation IPC" NetBSD rfhs8004 IN A 194.95.108.20 gauguin IN CNAME rfhs8004 rfhs8004 IN HINFO "Sun Sparcstation IPC" SunOS rfhcip106 IN A 194.95.106.106 rfhcip106 IN HINFO GX1 WinNT rfhcip107 IN A 194.95.106.107 rfhcip107 IN HINFO GX1 WinNT rfhcip108 IN A 194.95.106.108 rfhcip108 IN HINFO GX1 WinNT rfhcip109 IN A 194.95.106.109 rfhcip109 IN HINFO GX1 WinNT rfhpc8301 IN A 194.95.108.17 rfhpc8301 IN HINFO "Dell Optiplex GX1p" Solaris/NT rfhpc8302 IN A 194.95.108.19 rfhpc8302 IN HINFO "Dell Optiplex GX1p" Solaris/NT rfhpc8303 IN A 194.95.108.21 rfhpc8303 IN HINFO "Dell Optiplex GX1p" Solaris/NT.... ;; Zusaetzliche Eintraege: ;; Nameserver, fester Name: dns dns IN A 194.95.104.1
;; Mail-Domains @ IN MX 10 rfhs0002 mailhub IN MX 10 rfhs0002 rz IN MX 10 rfhs0002 informatik IN MX 10 rfhs0002 mathematik IN MX 10 rfhs0002 e-technik IN MX 10 rfhs0002 mikro IN MX 10 rfhs0002 bau IN MX 10 rfhs0002 maschinenbau IN MX 10 rfhs0002 bwl IN MX 10 rfhs0002 soz IN MX 10 rfhs0002 architektur IN MX 10 rfhs0002 bib IN MX 10 rfhs0002 verwaltung IN MX 10 rfhs0002 stud IN MX 10 rfhs0002 extern IN MX 10 rfhs0002 *.mgate IN MX 10 rfhs0002 *.pgate IN MX 10 rfhs0002 @ IN MX 30 rfhs0009 mailhub IN MX 30 rfhs0009 rz IN MX 30 rfhs0009 informatik IN MX 30 rfhs0009 mathematik IN MX 30 rfhs0009 e-technik IN MX 30 rfhs0009 mikro IN MX 30 rfhs0009 bau IN MX 30 rfhs0009 maschinenbau IN MX 30 rfhs0009 bwl IN MX 30 rfhs0009 soz IN MX 30 rfhs0009 architektur IN MX 30 rfhs0009 bib IN MX 30 rfhs0009 verwaltung IN MX 30 rfhs0009 stud IN MX 30 rfhs0009 extern IN MX 30 rfhs0009 *.mgate IN MX 30 rfhs0009 *.pgate IN MX 30 rfhs0009 @ IN MX 50 rfhs0001 mailhub IN MX 50 rfhs0001 rz IN MX 50 rfhs0001 informatik IN MX 50 rfhs0001 mathematik IN MX 50 rfhs0001 e-technik IN MX 50 rfhs0001 mikro IN MX 50 rfhs0001 bau IN MX 50 rfhs0001 maschinenbau IN MX 50 rfhs0001 bwl IN MX 50 rfhs0001 soz IN MX 50 rfhs0001 architektur IN MX 50 rfhs0001 bib IN MX 50 rfhs0001 verwaltung IN MX 50 rfhs0001 stud IN MX 50 rfhs0001 extern IN MX 50 rfhs0001 *.mgate IN MX 50 rfhs0001 *.pgate IN MX 50 rfhs0001
db.194.95.106 zone file (reverse lookups): @ IN SOA dns.fh-regensburg.de. feyrer.dns.fh-regensburg.de. ( 2000121801 ; serial 28800 ; refresh 7200 ; retry 604800 ; expire 172800 ; default ttl ) @ IN NS dns.fh-regensburg.de. @ IN NS rrzs2.rz.uni-regensburg.de. @ IN NS deneb.dfn.de. 106 IN PTR rfhcip106.fh-regensburg.de. 107 IN PTR rfhcip107.fh-regensburg.de. 108 IN PTR rfhcip108.fh-regensburg.de. 109 IN PTR rfhcip109.fh-regensburg.de. 110 IN PTR rfhcip110.fh-regensburg.de. 111 IN PTR rfhcip111.fh-regensburg.de. 112 IN PTR rfhcip112.fh-regensburg.de. 113 IN PTR rfhcip113.fh-regensburg.de. 114 IN PTR rfhcip114.fh-regensburg.de. 121 IN PTR rfhcip121.fh-regensburg.de. 122 IN PTR rfhcip122.fh-regensburg.de. 123 IN PTR rfhcip123.fh-regensburg.de. 124 IN PTR rfhcip124.fh-regensburg.de. 125 IN PTR rfhcip125.fh-regensburg.de. 126 IN PTR rfhcip126.fh-regensburg.de. 127 IN PTR rfhcip127.fh-regensburg.de. 128 IN PTR rfhcip128.fh-regensburg.de. 129 IN PTR rfhcip129.fh-regensburg.de. 130 IN PTR rfhcip130.fh-regensburg.de. 131 IN PTR rfhcip131.fh-regensburg.de.
serial This is the version number of the zone file, expressed as a single decimal number. Whenever data is changed in the zone file, this number should be incremented. The serial number is used by secondary name servers to recognize when zone information has changed. To stay up to date, secondary servers request the primary server's SOA record at certain intervals, and compare the serial number to that of the cached SOA record. If the number has changed, the secondary servers transfers the whole zone database from the primary server. refresh This specifies the interval in seconds that the secondary servers should wait between checking the SOA record of the primary server. Again, this is a decimal number with at most eight digits. Generally, the network topology doesn't change too often, so that this number should specify an interval of roughly a day for larger networks, and even more for smaller ones. retry This number determines the intervals at which a secondary server should retry contacting the primary server if a request or a zone refresh fails. It must not be too low, or else a temporary failure of the server or a network problem may cause the secondary server to waste network resources. One hour, or perhaps one half hour, might be a good choice. expire This specifies the time in seconds after which the server should finally discard all zone data if it hasn't been able to contact the primary server. It should normally be very large. A NS This associates an IP address with a hostname. The resource data field contains the address in dotted quad nota- tion. For each host, there must be only one A record. The hostname used in this A record is considered the official or canonical hostname. All other hostnames are aliases and must be mapped onto the canonical hostname using a CNAME record. This points to a master name server of a subordinate zone. The resource data field contains the hostname of the name server. To resolve the hostname, an additional A record is needed, the so-called glue record which gives the name server's IP address. CNAME This associates an alias for a host with its canonical hostname. The canonical hostname is the one the master file provides an A record for; aliases are simply linked to that name by a CNAME record, but don't have any other records of their own. PTR This type of record is used to associate names in the in- addr.arpa domain with hostnames. This is used for reverse mapping of IP addresses to hostnames. The hostname given must be the canonical hostname. MX This announces a mail exchanger for a domain. HINFO This record provides information on the system's hardware and software.. ttl The ttl field specifies the time in seconds the information is valid after it has been retrieved from the server.