7. DNS (Domain Name System)

Question 1

What problem does Domain Name Service (DNS) solve? Why is a single, central database not a feasible solution for this problem globally?

Answer 1

DNS solves the problem of mapping between IP addresses and IP names (like hostnames). This mapping is necessary because humans find names easier to remember than numerical IP addresses.

A single, central database is not a feasible solution because keeping billions of such records in one database used by billions of users is almost impossible to manage and scale. The data is constantly changing, and the sheer volume of queries and updates would overwhelm a single server or location.

Therefore, DNS employs a distributed solution.

Question 2

How is the DNS name space organised? Explain the concepts of Domain and Zone and who is responsible for them.

Answer 2

The DNS name space is organised as a tree. Different domains are organised hierarchically within this tree, allowing any domain to find others via the parent node. The root of the tree is a well-known common point with IP addresses that never change.
* A Domain is described as a leaf node in the domain name space. A domain can contain many subdomains and Fully Qualified Domain Names (FQDNs).
* A Zone is a portion of a domain with separate management. The name space of a domain is divided into zones that are managed separately, and there is at least one server in each zone or domain responsible for answering queries about that zone/domain.

Question 3

From the perspective of a DNS client’s resolver library, what are the two main kinds of DNS queries? Briefly describe what happens in each type.

Answer 3

DNS queries are divided into two kinds:
1. Recursive queries: The client asks the server to provide the final answer to the query. The server is expected to do the work of contacting other servers if necessary to get the complete resolution.
2. Iterative queries: The client asks the server for the best answer it currently has. The server may redirect the client to another server that is closer to the authority for the requested domain. The client then repeats the query to the new server.

Question 4

Describe how DNS servers collaboratively resolve a Fully Qualified Domain Name (FQDN), such as www.google.com, when a client’s local DNS server doesn’t have the answer cached.

Answer 4

When a client (like a computer in the otago.ac.nz domain) needs to resolve an FQDN (www.google.com) that its local DNS server (otago.ac.nz’s server) does not have cached, the process involves collaboration between multiple servers across the DNS hierarchy.

1. The client’s resolver library sends a query (often recursive) to its configured local DNS server (e.g., the otago.ac.nz server).
2. If the local server does not have the answer, it will typically perform iterative queries on behalf of the client (if the client sent a recursive query).
3. The local server starts by querying one of the well-known Root Servers for the IP address of the server responsible for the .com top-level domain.
4. The Root Server responds with the IP address of a .com TLD (Top-Level Domain) server.
5. The local server then queries the .com TLD server for the IP address of the server responsible for the google.com domain.
6. The .com TLD server responds with the IP address of a google.com authoritative name server.
7. Finally, the local server queries the google.com authoritative name server for the IP address of www.google.com.
8. The google.com server responds with the IP address for www.google.com (e.g., an ‘A’ or ‘AAAA’ resource record).
9. The local server caches this answer (respecting the TTL) and returns the IP address to the client’s resolver, completing the process.

This collaborative lookup follows the hierarchy of the DNS tree from the root down to the authoritative server for the specific domain