DNS

DNS Name Space Hierarchy DNS Packet Format

. Root
0 bit 16 bit 31 bit
Version IHL TOS Total Length
Root Domain
Identification Flags Fragment Offset

IP Header
(20 Bytes)
net com org ir us de travel museum ‫ﺍﯾﺮﺍﻥ‬ рф Time to Live Protocol = 17 Header Checksum
Top Level Domain (TLD)
IPv4 Source Address
google
Second Level Domain (SLD) Ipv4 Destination Address

gTLD

(8 Bytes)
Source Port = (random) Dest Port = 53
ccTLD

UDP
Sponsored gTLD www ftp smtp FQDN: www.google.com
UDP Length UDP Checksum
IDN ccTLD Third Level Domain (Subdomains or hosts)
Query ID Q Opcode DNS Flag Rcode
Terminology R

(12 Bytes)
DNS
Question Count Answer Record Count
Domain Name System (DNS) client-server application that maps host
names into their corresponding IP addresses, uses Port 53 TCP/UDP Authority Record Count Additional Record Count

Registry an organization that manages and set rules/policy for domain name Question Entries

(Variable Length)
extensions (TLD) which has edit control of the database. I.e. Verisign
Answer RR

Registrar an organization that sells domain name to public and submit
change requests to the registry on behalf of the registrant. I.e. Godaddy
Registrant a person or company who registers and use the domain name.
Manage their domain name’s settings through their registrar. I.e. Google
Resource Records (RR) are the dns data in DNS database and consist
of {label, ttl, class, type, rdata (Resource Data)}.
[ www.google.com. IN A 172.217.25.4 ]
Resource Record Sets (RRsets) a set of RRs with same name, class, TTL
& type. I.e. RRSet would contain multiple NS records for a zone/domain
[ google.com. IN NS ns1.google.com.
google.com. IN NS ns2.google.com.]
DNS Main Components
www.google.com
Referral to .com NS
www.google.com www.google.com
8.8.8.8 Referral to Google NS
Stub Resolver Recursive
(Client) Resolver/ www.google.com
Cache Server Answer 8.8.8.8
Authoritative Server contains records in its zone file & answer to queries
for data under its authority. if can’t answer, it points to another authority
Recursive Resolver queried by stub resolvers to resolve names and they
query authoritative servers for the answer and cache the result base on TTL
Stub Resolver / Resolver a DNS client that sends DNS messages to
obtain information about the requested domain name space
Lookup Methods
Recursive Resolution DNS client requests information from the DNS
server that is set to query subsequent authoritative server until the
complete answer is returned to the client. The queries from recursive
DNS server to authoritative servers are iterative queries
Iterative Queries when the name server of a host cannot resolve a query,
it sends a “refferal to another server message” to the resolver
Last update January 08, 2018 (version 1.02)
References: https://cloudpacket.net/bookmarks/
DNS
Authority
Additional Information
Resource Record Types
A address record for IPv4 (32-bit IPv4 address)
[ www.apnic.net. IN A 203.176.189.99 ]
AAAA address record for IPv6 (128-bit IPv6
address) [ www.apnic.net. IN AAAA 2001:db8::1 ]
NS provides name of authoritative name server
for zone [ apnic.net. IN NS ns1.apnic.net. ]
CNAME maps one name to another (name aliasing)
[ web.apnic.net. IN CNAME www.apnic.net. ]
<< . >>
Root MX provides name of e-mail handling host for a
Authoritative
domain [ apnic.net. IN MX 10 mail01.apnic.net. ]
Server (.com) SOA authoritative information for the zone {name
Authoritative servers, contact, serial number, zone transfer timers}
Server
[ apnic.net. IN SOA ns1.apnic.net.
(google.com)
noc-notify.apnic.net. 110022 3600 1800 691200 10800 ]
DNS Transactions
DNS Query/Response query originates from a
resolver to dns server and contain quname
(domain name), qtype (A, AAAA, MX, AXFR, iXFR...),
qclass (IN, CH, HS) and flag (QR, RD, EDNS, ...)
Zone Transfer (AXFR, IXFR) synchronization of
new/updated domains between master and slave
DNS servers by comparing their serial number
Dynamic Update a method for adding, replacing or
deleting records in a master server (allow-update)
DNS Notify a method which master servers notify
slave for change in zone file & slave will initiate zone
transfer if their version of zone file is not current
Prepared By Shakib Shaygan