Book Image

DNS in Action

By : CP Books a.s.
Book Image

DNS in Action

By: CP Books a.s.

Overview of this book

The Domain Name System is one of the foundations of the internet. It is the system that allows the translation of human-readable domain names into machines-readable IP addresses and the reverse translation of IP addresses into domain names. This book describes the basic DNS protocol and its extensions; DNS delegation and registration, including for reverse domains; using DNS servers in networks that are not connected to the internet; and using DNS servers on firewall machines. Many detailed examples are used throughout the book to show perform various configuration and administration tasks.

Related Content you might be interested in

Current Title:

Small book image
DNS in Action
CP Books a.s.
Apr, 2006 | 0 hours 0 minutes
No titles found
Table of Contents (16 chapters)
DNS in Action
DNS in Action
Credits
Credits
About the Authors
About the Authors
Preface
Preface
Free Chapter
1
Domain Name System
Domain Name System
1.1 Domains and Subdomains
1.2 Name Syntax
1.3 Reverse Domains
1.4 Domain 0.0.127.in-addr.arpa
1.5 Zone
1.6 Reserved Domains and Pseudodomains
1.7 Queries (Translations)
1.8 Resolvers
1.9 Name Server
1.10 Forwarder Servers
2
DNS Protocol
DNS Protocol
2.1 Resource Records
2.2 DNS Protocol
2.3 DNS Query
3
DNS Extension
DNS Extension
3.1 DNS Update
3.2 DNS Notify
3.3 Incremental Zone Transfer
3.4 Negative Caching (DNS NCACHE)
3.5 DNS IP version 6 Extension
3.6 DNS Security Protocols
3.7 TSIG
3.8 Saving Certificates to DNS
4
Name Server Implementation
Name Server Implementation
4.1 DNS Database
4.2 RR Format
4.3 Name Server Implementation in BIND
4.4 Microsoft’s Native Implementation of DNS in Windows 2000/2003
5
Tools for DNS Debugging and Administration
Tools for DNS Debugging and Administration
5.1 Tools for DNS Debugging
5.2 The rndc Program
5.3 Errors in DNS Configuration
6
Domain Delegation and Registration
Domain Delegation and Registration
6.1 Example 1
6.2 Example 2
6.3 Domain Registration
7
Reverse Domain Delegation
Reverse Domain Delegation
Server ns.company.com
Server ns.provider.net
Server ns.ripe.net (authoritative server for a superior domain)
Server ns.company.com
Server ns.branch.company.com
8
Internet Registry
Internet Registry
8.1 International Organizations
8.2 Regional Internet Registry (RIR)
8.3 IP Addresses and AS Numbers
8.4 Internet Registry
8.5 Delegation of Second-Level Domains
9
DNS in Closed Intranets
DNS in Closed Intranets
9.1 Configuring a Root Name Server on the Same Server (BIND Version 4)
9.2 Configuring a Root Name Server on a Separate Server (BIND Version 4)
9.3 Root DNS Server in Windows 2000/2003
10
DNS and Firewall
DNS and Firewall
10.1 Shared DNS for Internet and Intranet
10.2 Name Server Installed on Firewall
10.3 Dual DNS
10.4 End Remarks
Country Codes and RIRs
Country Codes and RIRs
Index
Index

1.3 Reverse Domains

We have already said that communication between hosts is based on IP addresses, not domain names. On the other hand, some applications need to find a name for an IP address—in other words, find the reverse record. This process is the translation of an IP address into a domain name, which is often called reverse translation.

As with domains, IP addresses also create a tree structure (see Figure 1.2). Domains created by IP addresses are often called reverse domains. The pseudodomains inaddr-arpa for IPv4 and IP6.arpa for IPv6 were created for the purpose of reverse translation. This domain name has historical origins; it is an acronym for inverse addresses in the Arpanet.

Under the domain in-addr.arpa, there are domains with the same name as the first number from the network IP address. For example, the in-addr.arpa domain has subdomains 0 to 255. Each of these subdomains also contains lower subdomains 0 to 255. For example, network 195.47.37.0/24 belongs to subdomain 195.in-addr.arpa. This actual subdomain belongs to domain 47.195.in-addr.arpa, and so forth. Note that the domains here are created like network IP addresses written backwards.

Figure 1.2: Reverse domain to IP address 195.47.37.2

This whole mechanism works if the IP addresses of classes A, B, or C are affiliated. But what should you do if you only have a subnetwork of class C affiliated? Can you even run your own name server for reverse translation? The answer is yes. Even though the IP address only has four bytes and a classic reverse domain has a maximum of three numbers (the fourth numbers are already elements of the domain—IP addresses), the reverse domains for subnets of class C are created with four numbers. For example, for subnetwork 194.149.150.16/28 we will use domain 16.150.149.194.in-addr.arpa. It is as if the IP address suddenly has five bytes! This was originally a mistake in the implementation of DNS, but later this mistake proved to be very practical so it was standardized as an RFC. We will discuss this in more detail in Chapter 7. You will learn more about reverse domains for IPv6 in Section 3.5.3.

Previous Section
End of Section 4
Next Section