guide to tcp/ip fourth edition chapter 8: name resolution on ip networks

Guide to TCP/IP Fourth Edition

Chapter 8:Name Resolution on IP Networks

2

Objectives

• Describe the characteristics of the various name resolution protocols, such as WINS, DNS, and LLMNR

• Explain how name resolution works in IPv4 networks, including the DNS database structure, the DNS namespace, DNS database records, the delegation of DNS authority, and the different types of DNS servers, and explain how name servers work

© 2013 Course Technology/Cengage Learning. All Rights Reserved.

3

Objectives (cont'd.)

• Describe how name resolution works on IPv6 networks, including the use of AAAA records, how forward and reverse mapping works, the use of source and destination address selection, how rules are organized by the source and destination address algorithms, and the end-to-end address selection process


4

Objectives (cont'd.)

• Explain how name resolution is supported in Windows operating systems, including how host files are used, the function of the DNS server service and DNS dynamic updates, how Windows manages source and destination address selection, LLMNR support, working with ipv6-literal.net names, and the use of the peer name resolution protocol

• Describe the common sources for name resolution failure and use common name resolution troubleshooting tools such as NBTSTAT, NETSTAT, AND NSLOOKUP


Understanding Name Resolution Fundamentals

• Name resolution– Process by which a computer maps the human-

readable names to the numeric addresses

• Before a network device can send an IP packet– Name-to-address resolution must occur

• Methods– Consult a name-to-address file or table on hard drive– Send a network broadcast requesting the destination

computer’s IP address– Contact a server that maintains a database of name-

to-address entries5© 2013 Course Technology/Cengage Learning. All Rights Reserved.

Network Name Resolution Protocols

• Name resolution protocols– Procedures that govern the rules and conventions

used in manually and dynamically providing for name resolution systems in a networked environment

– Provide the definitions and mechanisms involved in client and server applications that are used in name resolution

6© 2013 Course Technology/Cengage Learning. All Rights Reserved.

NetBIOS over TCP/IP

• Allow Windows 2000/XP computers to talk with devices running older Windows OSs

• Maintains a list of unique names assigned to network resources

• Two serious drawbacks– Does not have a network component to its

namespace– Constantly sends short messages for a wide variety

of purposes

• Defined by RFC 1001


WINS

• Windows Internet Name Service (WINS)– Service that resolves NetBIOS names to IP addresses

in routed networks

• Use of a WINS server on a network automates dynamic name resolution

• WINS servers rely on direct communications (unicasts) between themselves and the clients

• WINS-enabled clients can be configured to use more than one WINS server

• Support a special name registration regime called burst mode


DNS

• Domain Name System (DNS)– Described by RFCs 1034 and 1035– System used for naming computers and network

services– Uses a hierarchical structure for organizing those

objects into domains

• RFC 3596 describes the DNS extensions for IPv6


LLMNR

• Link-Local Multicast Name Resolution (LLMNR)– Defined by RFC 4795– Protocol based on the DNS packet format– Allows IPv4 and IPv6 network nodes to perform

name resolution for other devices connected to the same local link

• Usage limited to a single network segment

• Ideal for smaller networks and other environments


LLMNR (cont’d.)


12

Name Resolution in IPv4 Networks

• RFCs 882 and 883– Original RFCs for DNS– Created by Paul Mockapetris (also created JEEVES)

• BIND (Berkeley Internet Name Domain)– Written by Kevin Dunlap in 1988

• Database segments– Include only a portion of the overall namespace that

DNS can access for its clients


13

Name Resolution in IPv4 Networks (cont'd.)

• DNS combines the following virtues– Allows local control over domain name database

segments– Data from all database segments is available

everywhere– Database information is robust and highly available

• DNS– One of the most effective uses of distributed

database technology in the world today


14

DNS Database Structure

• Mirrors structure of the domain namespace itself

• Top-level domains in the U.S.– .com– .edu– .gov– .mil– .net– .org


DNS Database Structure (cont’d.)


16

The DNS Namespace

• DNS – Arbitrarily partitions tree and creates subtrees for

database information

• Domains (such as ibm.com) – Can be broken into subdomains (such as

clearlake.ibm.com)

• Any valid domain name– Ultimately resides within some specific DNS

database


17

DNS Database Records

• Resource records– Stores data associated with domain names, address

records, and other specific data– Most commonly used types

• Address (A) record

• Canonical name (CNAME) record

• Host information (HINFO) record

• Mail exchange (MX) record

• Name server (NS) record


18

Delegating DNS Authority

• DNS– Permits database record for primary DNS server to

delegate authority to DNS servers lower in domain namespace

• Once authority is delegated– Database for name server includes NS records that

point to name servers

• Organization of global DNS database– Designed to make it quick and easy for name

servers to point to other name servers


19

Types of DNS Servers

• Primary master name DNS server – Where the primary DNS database files for the

domain(s) or subdomain(s) reside

• Primary master– Distinguished from other name servers for a domain

• For any DNS zone– There can be only one primary master name server


20

Secondary DNS Server

• Gets its data for the zone from the master server for that zone

• Zone data on a secondary server – Always originates from a primary server

• Zone transfer– Secondary DNS server gets data for the zone from

the master server for that zone

• Secondary, or slave, DNS servers– Provide a back-up copy of the domain database for a

specific zone


21

Caching Servers

• Store recently accessed DNS records from other domains

• Caching-only server– Speeds access to specific domain names by storing

a copy of the lookup data locally

• Size and Internet access volume – Factors that determine if an organization implements

separate caching-only servers


22

How Domain Name Servers Work

• A TCP/IP client– Usually some application or service that encounters

a domain name for which it needs an IP address

• Servers – Queried in the order in which they appear in TCP/IP

configuration files (from top down)

• DNS servers – Handle real name resolution


23

Recursive Query

• Used by DNS resolvers to:– Delegate the first DNS server that they contact to go

out and find the necessary address translation

• In the grand DNS server hierarchy– Any DNS server can issue iterative queries– Only a DNS client or a root server can issue

recursive queries


24

Iterative or Non-Recursive Queries

• Issued when one DNS server receives a recursive request

• Do not cause other queries to be issued

• Reason some recursive name queries involve a root server– Root server always knows how to find whatever DNS

server is authoritative for the domain


25

Importance of DNS Caching

• All data in a DNS cache – Has an expiration value

• DNS servers – Cache name and address pairs for addresses they

resolved – Keep information about name requests that result in

error messages


26

DNS Configuration Files and Resource Record Formats

• domain.dns– The files that map host names to addresses

• addr.in-addr.arpa.dns– Files that map addresses to domain names for

reverse lookups

• Every DNS zone file must contain:– SOA and NS records– Records about host names or addresses in that zone


27

Start of Authority Record

• Identifies the current name server as the best source of information for data in its zone

• Both secondary and primary name servers: – Can designate themselves as authoritative in their

own SOA records


28

Address and Canonical Name Records

• DNS, by default– Accesses only the first IP address for a host when

multiple entries for a single domain name are defined

• DNS round robin load balancing– Permits a DNS server to keep track of which IP

addresses it has provided for a specific translation– Rotates the IP addresses within the list of addresses

available


29

Mapping Addresses to Names

• Records in the db.addr file – Provided to support reverse DNS lookups

• Reverse address lookups– Used primarily to determine if IP address that user

presents matches originating domain name

• Classful– File structure of reverse DNS lookups


Name Resolution in IPv6 Networks

• DNS continues to operate in IPv6 environments– Basic mechanisms of DNS continue unaltered– Task of name resolution is made more complex

• IPv6 offers backup service that can stand in for DNS

• LLMNR protocol uses the same message format that conventional DNS uses– But runs on different ports


DNS in IPv6

• RFC 1886 (obsoleted by RFC 3596)– Defined the DNS extensions supporting IPv6

• AAAA record– Developed to accommodate larger IPv6 addresses

• ip6.int (substituted with ip6.arpa)– Created to support IPv6 reverse-mapping domain

• Forward mapping– Involves sending a request to a remote host with its

domain name and requesting its IP address


DNS in IPv6 (cont’d.)


Source and Destination Address Selection

• Specified by RFC 3484

• IPv6 addressing– Allows multiple unicast addresses to be assigned to

a computer’s network interface– Addresses can have different reachability scopes

• For an IPv6 node with multiple addresses– Multiple IPv6 addresses are returned in the DNS

Name Query Response message

• Source and destination address must be matched to each other for both address scope and purpose


Source and Destination Address Selection (cont’d.)


Source Address Selection Algorithm

• Eight rules processed sequentially– Prefer the source address that equals the destination

address– Prefer the source address that has the appropriate

scope for D-Addr– Prefer addresses that are not depreciated– Prefer a home address (for IPv6 mobile)– For routers, prefer the source address that is

assigned to the next-hop interface pointing at D-Addr


Source Address Selection Algorithm (cont’d.)

• Eight rules processed sequentially (cont’d.)– Prefer the source address that has the same label in

the prefix policy table as D-Addr– Prefer the source address that uses a public address

over the source address that uses a temporary address

– Prefer the source address that has the longest matching prefix with D-Addr


Destination Address Selection Algorithm

• Ten rules processed sequentially– Prefer a destination that is reachable over one that is

not– Prefer the destination that matches the scope of the

source address– Prefer a destination address with a source address

that is not deprecated– Prefer a destination with a source address that is a

home address (for IPv6 mobile)– Prefer a destination address that has the same label

from the prefix policy table as its source address


Destination Address Selection Algorithm (cont’d.)

• Ten rules processed sequentially (cont’d.)– Prefer a destination address that has the highest

precedence in the prefix policy table– Prefer a native IPv6 destination over an IPv6

transition technology destination– Prefer a destination address with the smallest scope– Prefer a destination address possessing the longest

matching prefix length with its source address– Otherwise, leave the order unchanged


Using Address Selection

• Address selection from end to end– Operator on Node1 queries remote host for its

configured addresses– Remote host replies with multiple addresses– Node1 uses source address selection algorithm– Node1 uses destination address selection algorithm– Application on Node1 is provided with the ordered

destination addresses and related source addresses– Application attempts to use the source/destination

address pairs until successfully establishing communication


Using Address Selection (cont’d.)

• Changing the destination address scope preference– Destination address selection algorithm rule 8

• Gives preference to destination addresses with the smallest scope

– You may want to change the policy table to reverse the default preference

– Use Windows command netsh interface ipv6 set prefixpolicy


Name Resolution Support in Windows Operating Systems

• NetBIOS and WINS– Historical and native name resolution methods for

Windows– Have been made obsolete by the ubiquitous

presence of DNS


Hosts File

• Stored locally on the Windows computer

• Must be updated manually

• On Windows 7– You can locate the hosts file at C:\Windows\

System32\drivers\etc

• Can map both IPv4 and IPv6 addresses to computer host names


Hosts File (cont’d.)


DNS Resolver

• Responsible for initiating and sequencing DNS queries

• Two types of queries:– Nonrecursive query to a DNS server– Recursive query to a DNS server


45

Client Side of DNS

• Resolvers – Issue requests for service, called name queries or

address requests, to domain name servers

• An address request – Seeks to resolve a domain name to a corresponding

numeric IP address

• Name query (inverse DNS query)– Seeks to resolve an address to a domain name


DNS Server Service

• Older Windows servers such as Windows NT relied on NetBIOS and WINS

• Windows Server 2003 and Windows Server 2008 naturally support DNS

• Windows servers also support stub zones– Copies of a zone that contains only the resource

records

• DNS server service on Windows supports incremental zone transfers


DNS Dynamic Update

• Dynamic DNS (DDNS)– Allow automatic machine registration and record

updating on DNS servers

• Steps– Client sends DNS query to locate an authoritative

DNS server– Local name server responds– Client attempts to dynamically update the

authoritative DNS server– Authoritative DNS server replies with a success or

failure message47© 2013 Course Technology/Cengage Learning. All Rights Reserved.

Source and Destination Address Selection

• When a Windows computer has more than one IP address configured for a network interface– TCP/IP stack will choose one unicast address to use

as the computer’s source IP address– In compliance with the standards set in RFC 3484

• Windows Vista and Windows 7 computers support IPv6 destination address selection– As defined by RFC 3484


LLMNR Support

• Supported and enabled by default on Windows Vista/7/Server 2008

• On client computers, it will attempt to search for a domain controller (DC) on the domain

• Can be disabled either using:– Group Policy in AD domains– Registry for individual computers


Working with ipv6-literal.net Names

• Ipv6-literal.net names– Supported by Windows Vista/7/Server 2008– Can be used by applications and services that are

unable to recognize the syntax of IPv6 addresses

• Specified by RFC 2732– Obsoleted by RFC 3986– Provides generic syntax for Uniform Resource

Identifiers (URIs) and addresses


Peer Name Resolution Protocol

• Microsoft Windows IPv6 proprietary peer-to-peer name resolution system

• First developed for Windows XP SP2– Updated for Windows Vista

• Peer name groups– Global cloud– Link-local cloud– Site-specific cloud


Peer Name Resolution Protocol (cont’d.)


Troubleshooting Name Resolution Problems and Failures

• DNS shortcomings– Database updates usually require a qualified

administrator or special purpose tools– Propagation delay


Common Sources of Failure

• Two common sources of name resolution failure– Negative response to a query– Positive response to a query with an incorrect name

• Common causes of a negative result– Incorrect domain suffix appended to a queried name– Incorrect IP configuration on a client or server– Querying a name server that is not authoritative– Inability to connect to the correct name server

• Causes for positive but incorrect name server – Incorrect data stored in name server’s resolver cache


Tools for Troubleshooting NetBIOS and WINS Problems

• Tools that are useful for diagnosing and troubleshooting TCP/IP networks in general– Also useful in maintaining NetBIOS and WINS

services

• Ping – Excellent way to test connectivity

• Traceroute and Netstat– Useful diagnostic tools


Tools for Troubleshooting DNS Problems

• Process of troubleshooting DNS for IPv4 and IPv6 is essentially the same

• Differences– Knowing how to specify an IPv6 name server– Knowing how to format forward and reverse

mappings for each IP version


57

Nbtstat

• Command-line program that returns statistics on NetBIOS

• A fast way to:– Check the status of a particular NetBIOS host– Get a quick snapshot of NetBIOS name resolution

activity on the local network segment


Netstat

• Shows active TCP connections, listening ports, Ethernet statistics, IPv4 statistics, and IPv6 statistics

• Available on Windows, UNIX, and UNIX-like computers


59

Nslookup

• Supported by Windows and UNIX

• Provides access to all kinds of DNS information

• Essential tool for testing, when configuring or troubleshooting a DNS server

• Syntax– nslookup domain-name [name-server]


60

Nslookup (cont’d.)


61


62

Using Nslookup

• set OPTION command – Used to examine specific types of resource records

• ls –a or ls –d– Used to extract information from certain well-known

name servers


63



64



65

Nslookup and IPv6


66

Summary

• The Domain Name System– Provides key address resolution service that makes

today’s Internet possible

• Impetus for DNS – Arose from difficulty of maintaining static HOSTS

files for computers on the ARPANET

• DNS name servers – Come in multiple varieties


67

Summary (cont'd.)

• DNS– Maintains its data on a large collection of name

servers around the Internet

• DNS databases – Consist of a collection of resource records (RRs)

• DNS clients – Rely on resolver to interact with available DNS

server for name resolution services


68

Summary (cont'd.)

• DNS packet structures– Incorporate type information that identifies the kind of

RR being carried

• IPv6 networks use DNS extensions but must be able to work in hybrid IPv4–IPv6 environments

• IPv6 source and destination address selection is managed by algorithms that use a set of rules

• Windows operating system supports a variety of name resolution technologies

• There are a number of common causes of name resolution problems and failures


guide to tcp/ip fourth edition chapter 8: name resolution on ip networks

Documents

address resolution

resolution systems

resolution failure

resolution protocoldescribe

destination address

dns server service

dns namespace

dns database records