And this lectures on Section two point DNS, the domain name system. In life, it's important for us to have identifiers. It really helps us talk about things and identify what we're talking about. People have lots of identifiers. Can you think of some identifiers that uniquely represent a person? They're next. There is one. What else? Their Social Security number. Got other numbers, too, like your passport number, your student I.D.. These are identifiers for people like was on the Internet.

Hosts and routers need to have unique identifiers so that they can be addressed so that packets can be sent to them and so we can communicate. As it turns out, things on the host on the Internet have two names. They have a name that's very human readable. That's what. The domain name. Right. So something like Yahoo! Dot com. Google, Facebook, dot com. Those are the. That's a name for that computer. Really?

That server. But computers and routers want to address that in a format that's more that's easier for computers, in what format computers use to address hosts on an IP network IP address. Right. Which is a 32 bit number. We look at it as four decimals with decimal numbers, with dots in between. So since we have two names, we have a human readable domain name and a computer readable IP address. There's going to be times when we need to map from the human readable name to the real IP address and the domain name system.

DNS is the answer to the question how do we map IP addresses to names? So DNS is an application, their protocol that provides the service. And this is what I want you to remember in a very simple way. What's the point of DNS? The point of DNS is to map. To connect. Right. To make associations between. Names and IP addresses and generally the way that mapping goes is from its name to its IP address. When you type in Google dot com to your Web browser, it needs to figure out what's the IP address of Google dot com so that they can send the HTP request message to that server.

All right. There are three key characteristics of DNS that I have listed here. Number one, it's a distributed. Database with a distributed hierarchical database distributed means that it doesn't just sit in one place. It's everywhere. It's separated. It exists in pieces, in lots of different places. Secondly, it's hierarchical, meaning that it's structured in a way that its components are of. Kind of got categorized in a hierarchy. And lastly, it's a database that is it's this way of storing a lot of structured information.

And mostly that information is what is the IP address for this name? All right. Got these three characteristics. Let's think about the design of a system centralized versus distribution. All right. So why not centralize DNS? And you see, we've got got some interests up here, but I want you to really think about what this means. And I'm very firm as a first approximation, that's kind of the easy way of doing DNS would be to store a file on your computer where you have the name Google dot com and you have its IP address, which maybe you've looked up the hard way or somebody just told you.

So let's say you have a file where this file has basically like two columns. One column is names, one column is IP addresses. You can have that file and it would get the job done for you. And you go to a site that's not on your list. Yeah, that would be annoying to add the new name IP address mapping. Can you think of any other problems with the system if you just had a file on your computer, which was your DNS database?

You can get corrupt, meaning? So maybe your computer gets hacked, your brother logs on your computer and he just starts mixing stuff around you type in Google dot com. And then you go to Facebook because he swapped some of the entries around. That would be annoying. And perhaps it could be really bad if somebody's really malicious. Got in there. Sent you to a site that looked like your bank's Web site. Right. But it was actually something else.

And then you lose your password, username, password, and you lose your money. So there's there's ways of doing lots of stuff like that. But this points out that's one issue with one problem with centralizing DNS. If it's just that one source, then it can be tampered with. It could be destroyed. Another problem is it would be such a pain to maintain. Imagine if if one of these services actually moves to a different IP address and you've got to update your file.

So that still works. OK. So to think about this a little bit more formally, why not just have this super duper server that is the DNS server for the world? Number one, that is a single point of failure. If that server goes down, everybody's DNS goes down and nobody is going to be able to use the Web because they are not going to be able to resolve names, IP addresses. Number two, the volume of traffic.

If you've got one place, it's going to have to support all the traffic. That's going to be overwhelming. If you can divide it and distribute the work, then you'll have lower traffic. Number three, the distance, if you just had one DNS server, you've got to put it somewhere. It's got to physically be somewhere. And that means it's going to be far away from some places in the world. So as Americans revive, think, well, let's just put that in America.

It'll be fast for us. And what about all the people on the other side of the world? Why do all their DNS questions have to come all the way to America to be answered? And that's going to take several seconds, at least for I spent a long time to do that. So the distance is going to be bad. And fourthly, the maintenance, right? If you have to do maintenance on a central server, it's just gonna be a beast to maintain everything, to update this master database that holds everything.

Bottom line, the centralized approach doesn't scale. Well, it doesn't ramp up. So that's why a long time ago, the designers of DNS designed it to work in a distributed fashion. So let's look at how that works. Here are four features of DNS. The main thing, as I said before, is it's a hostname to IP address. Translation. Give me a hostname and D.A. will return an IP address for that hostname. Another thing that it provides is host aliasing, meaning that you can have.

Multiple server names that have to get resolved down to one actual server so you can have an alias name like F and shoot out, you gets resolved to our Web server W w w dot if you're getting to you. Also gets resolved to our our same server. So two names, they end up kind of point at the same place. Makes sense. DNS supports this. Another thing that DNS does is it allows you to aliased the mail server, meaning we can allow systems to look up the IP address and name of the mail server for Domain.

So when you something sends up that FSU to you, the mail server can No. How to find the mouseover if you don't need it, whether it's mail that happens here to eat you or some other funky name. Lastly, DNS can help implement low distribution if you had four Web servers. All four were the same and they all are serving your Web site. D and asking actually have a set of IP addresses and return them. Which are different ones with different queries that make sense.

You can imagine. Right. We've got four Web servers. Whenever anybody asks where's FSU? Got you. The Web server for FSU idea. One time VNS returns address a second time address B, third time address C. And then we go back to address ABC. And by doing that, it's automatically distributing the low, distributing the request to different servers. Does that make sense? OK. This is the structure of the distributed hierarchical database, which is DNS and Will, this is a first approximation.

We'll revise this later on. But this is kind of close. The idea is.

If there is a client, a dealership client, that DNS client, once the IP address for W w w dot Amazon.com. How does it find it? Well, first the client is going to query. The root DNS servers to find where the. Com servers are. So it's going to ask for the concert. It's going to be one of these comm servers. The? Com server knows the address of all of the domains that in in dot com.

Then there's another Dorji set of servers and another set of servers. Once we have this guy's IP address, we'll pick one of these. Com servers and say, where is Amazon? It will return the IP address for Amazon.com and on Amazon, dot coms, DNS servers will ask, where is the W-W server on your domain? So you see how we started at the top and we how quickly went down. We went down the hierarchy from the route DNS servers, which just knows the addresses of com or even you that these second level services servers know the IP addresses of the domain names.

Yahoo! Dot com. Google, dot com, Amazon.com, and then this DNS server knows the addresses of all the addresses in that Amazon domain. Questions on this structure. All right. So at the top, we do have these root named servers, which, as your home or lists out there, name A through M dot root servers, dot net. And they are distributed throughout the world and they're replicated. Right. They all have to have the same information to be able to distribute to root queries, to answer queries.

All right. So these top level domain servers are the name of the servers that know the mappings for com or net e you those kinds of domains. And they're also top level country domains like UK and France and so forth, Japan. The second or the third level servers are called authoritative DNS servers, and these are the organization's DNS servers typically maintained by the organization or a service provider for that organization. So for FH you we have a name server that knows where all of the names, subdomains, FHL, EDI.

So w w w eventuating. Those were the w w server is. Those were the projects server, as the developments are, knows that MAPI. Do you see these three bubbles, root servers, top level servers, top level domain? They'll be an authoritative DNS servers. Those are our three levels of the hierarchy that are generally going to be present. So let's see. Two methods of answering DNS queries. Averageness, give them one version. One way to answer this query is through an iterated fashion.

And notice this example. So we've got this guy see polit idea. That's the name of this requesting he. And he's trying to connect to this guy at CBS at UMass DOT. You all right. So then this is the local DNS server for Pollet Idea and its name is DNS. Stop by not eating you. It knows the mappings of everybody at the Pollet idea. This is the authoritative DNS server for UMass. So it knows the. DNS settings, the names and addresses for everything you mess.

Actually, this is just the same as I U.S. the CSA, that U.S. sub domain. So let's see how this question is asked and answered. So this request, you know, is just first going to send it was lovely DNS server, which is going to ask the question. This local DNS server is going to do the work of VNS. It's going to ask the question to the routine server. Where is. Where is E.T. you and it's going to say.

OK, on three, the EU server is right here. The T.L., the top level domain for each of you is right here. So this local DNS server. So he's kind of acting on behalf of this requesting host. He's doing the DNS job. He's going to number four, ask the server. OK. Where is you, Massai? Yeah. And five, it's going to get an answer. An IP address back. So then we'll send this request on six to the authoritative DNS server for CSK that you must eat to you.

So it's really at this case. He asked for it. Yes. Yes. Thank you. This guy is going to return the address of. Gadot, yes. You must eat to you on seven and then on eight. He'll have the IP address of this computer and can actually address the packet to that server. So you see how this iterated where this guy is kind of doing all the work in an iterative fashion. OK. So basically, when you ask somebody a question and that other Dienes over doesn't have the answer to your full question, he's going to say, I don't know.

But you should ask the server instead. OK? That's kind of how we're going down the chain. You with me? My computer throws its stuff. So the. OK. This is another way of doing a recursive query. When a restart. With recursive, we're going to see that we're going to let go. We're going to let each subsequent server ask and answer the question for the previous guy instead of putting all the work on this local DNS server.

So we sent our first request to the local D.A. over. He sends the request for the E use to the root DNS server room DNS server, sends this request to the top level domain for each of you. He sends his request to the DNS, the local DNS server at UMass. This guy actually has the answer to the question, what is the IP address of Gadot? See us at UMass. He returns it. Discover Turnage, his answer to the previous asqar.

To the previous asqar. To the original asking the question. So you see how. We've kind of distributed the load and let it a little bit in this way and let everybody forward queries instead of just this. I'm not sure what happens in practice. We should look into that. I think both scenarios are supported by the DNS system. I would kind of expect that they would put more of a burden on the local server to that the big servers, the TMD and the roots do what they're good at.

All right. Now, here's the thing. The reason why our first description of DNS was incorrect is because there's caching and updating everywhere, every possible place. There's caching going on. There is a time out on that cache, meaning this data is only good for so long. And after that much time, you're going to have to actually ask the question again. But because there are lots of people asking the same question, if you can cache that information, you don't have to ask that question again, if you already have the answer.

So at each level, we have caching going on. So there's a really good chance if you're gonna go to Google dot com, the first DNS server at Free Hardeman is going to know that IP address and we'll return it to you and you. It's not going to ask all the way up the chain and get answers all the way back to June. Does that make sense? So that makes sense. Cache everything but update when appropriate. Right. When the time outs over clearer and didn't do.

In fact, let's look a little bit the structure of DNS records. It is a database and you can imagine this database is storing four elements, four pieces of information on a row. The four things in stores are a name, a value, a type and a time to live. And this time to live is the amount of time that this information. This record. This kind of resource record. This row of four pieces of data. This time to live is how long this information is good for.

And when that time is done, then we'll have to it'll be evicted from the database. And be refreshed. OK. There are four types of records. The main type is a.. And in a record. The name is a hostname. And the value is an IP address. So this is the main functionality that I mentioned. MAPI names two IP addresses. The second thing is an invoice record. And in this record that stands for name server.

And in this case, the name is a domain like FSU to you. And the value is the hostname of the authoritative name server for that domain. So this is how you figure out who the name server is for Domain. The third type C name is used for aliasing, where the C means canonical. The real name. So FHC to each of you is kind of our canonical name. It is our canonical name. But we may be storing that information on a web server name, web server three dot something, something something.

Dot Evans, you don't need to. Right. And since even though that name is really ugly, we're gonna just use that as an alias for FHC to you. And these kind of records allow that. The last one is an imex record. And that's for a mail server. This shows the name. The name is the value of the mail server. The name is the domain. And the value is the name of the mail server. So this is going to tell you if I'm sending mail to FHA to you.

I need to be in contact with the server that's named Mail that FHC. Let me give you an example of each of these. So this this type is going to be one of these four options. So if it's type A, the name is the hostname like this. If it's your idea and the value is an IP address to have Taipei and then some time to live, which is going to be a number, we're going to ignore that for this discussion.

And in s record, the name field is a domain and the value is the name of the authoritative name server. So this we're saying is the name of the true name server that supplies DNS queries, answer Jenas queries for this domain. C name. As I said, is a canonical an aliasing. So this IBM Scob may actually this domain name here is just an alias for the Southeast. Back backup to the IBM BCom. Certain. That makes sense.

We're just linking those together, so if I look up on the ENCOM, I'm going to find a record like this that says you really need to look up the southeast up back up to dive in and ask, okay, well, what's the IP address at that server? And that would be a record of what type? Right. Right. So I have to do two queries to get that this last time is immense, which is the male. And you can see here, as I said, for some.

Domain name, what's the mail server for that? That's going to be important for male servers like implementing S.A.G. to get connected with the right mail server for each domain. This is the structure of the DNS messages. You see, he has an I.D., some flags. We have a number which represents the number of questions, the number of answers with resource records, the number of authority, resource records and a number of additional resource records. And then down here, you can ask a variable number of questions where the questions are.

What's the IP address for this name, for this thing, for this. So you kind of group them together. What's the IP address and the mail server for this? These are the answers. And you can see here, if they're authoritative names from an authoritative server. They're going to go in a special spot. You in the flag. You can do things like, say, recursion is desired or the reply is authoritative. So this is really the DNS protocol is just about asking questions and getting answers.

And you'll see that represented or use tools like did where it clearly shows. This is the question I'm asking and this is the answer that I received. When you register a new domain name, what really happens is a registrar, domain registrar and some records to the DNS servers. So if you registered network Utopia dot com, then you're at least going to need these two. Research records added to the DNS distributed hierarchical database. You're going to need to know that.

That work you told me, dot com. Its name server is whatever it is, this DNS one dot never Patoka dot com. And we're going to need to know where that server is. Where it's IP addresses. So that begins to show you kind of how. DNS operates and how you would modify DNS to bring on your site online questions about DNS. So if I were to ask you, what is the point of DNS? How would you answer that?

What does DNS do in one sentence plan? That's exactly right. Put that on the test and you'll be going. My name's IP addresses. All right. So this is D.A. It's really, really important to the Web. If you didn't have DNS, then you'd have to type every you are real tapped to start it with an IP address slash and some some pad. So the NSA makes the Web a lot more human usable.