guide to tcp/ip fourth edition chapter 8: name resolution on ip networks
TRANSCRIPT
Guide to TCP/IP Fourth Edition
Chapter 8:Name Resolution on IP Networks
2
Objectives
• Describe the characteristics of the various name resolution protocols, such as WINS, DNS, and LLMNR
• Explain how name resolution works in IPv4 networks, including the DNS database structure, the DNS namespace, DNS database records, the delegation of DNS authority, and the different types of DNS servers, and explain how name servers work
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
3
Objectives (cont'd.)
• Describe how name resolution works on IPv6 networks, including the use of AAAA records, how forward and reverse mapping works, the use of source and destination address selection, how rules are organized by the source and destination address algorithms, and the end-to-end address selection process
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
4
Objectives (cont'd.)
• Explain how name resolution is supported in Windows operating systems, including how host files are used, the function of the DNS server service and DNS dynamic updates, how Windows manages source and destination address selection, LLMNR support, working with ipv6-literal.net names, and the use of the peer name resolution protocol
• Describe the common sources for name resolution failure and use common name resolution troubleshooting tools such as NBTSTAT, NETSTAT, AND NSLOOKUP
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Understanding Name Resolution Fundamentals
• Name resolution– Process by which a computer maps the human-
readable names to the numeric addresses
• Before a network device can send an IP packet– Name-to-address resolution must occur
• Methods– Consult a name-to-address file or table on hard drive– Send a network broadcast requesting the destination
computer’s IP address– Contact a server that maintains a database of name-
to-address entries5© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Network Name Resolution Protocols
• Name resolution protocols– Procedures that govern the rules and conventions
used in manually and dynamically providing for name resolution systems in a networked environment
– Provide the definitions and mechanisms involved in client and server applications that are used in name resolution
6© 2013 Course Technology/Cengage Learning. All Rights Reserved.
NetBIOS over TCP/IP
• Allow Windows 2000/XP computers to talk with devices running older Windows OSs
• Maintains a list of unique names assigned to network resources
• Two serious drawbacks– Does not have a network component to its
namespace– Constantly sends short messages for a wide variety
of purposes
• Defined by RFC 1001
7© 2013 Course Technology/Cengage Learning. All Rights Reserved.
WINS
• Windows Internet Name Service (WINS)– Service that resolves NetBIOS names to IP addresses
in routed networks
• Use of a WINS server on a network automates dynamic name resolution
• WINS servers rely on direct communications (unicasts) between themselves and the clients
• WINS-enabled clients can be configured to use more than one WINS server
• Support a special name registration regime called burst mode
8© 2013 Course Technology/Cengage Learning. All Rights Reserved.
DNS
• Domain Name System (DNS)– Described by RFCs 1034 and 1035– System used for naming computers and network
services– Uses a hierarchical structure for organizing those
objects into domains
• RFC 3596 describes the DNS extensions for IPv6
9© 2013 Course Technology/Cengage Learning. All Rights Reserved.
LLMNR
• Link-Local Multicast Name Resolution (LLMNR)– Defined by RFC 4795– Protocol based on the DNS packet format– Allows IPv4 and IPv6 network nodes to perform
name resolution for other devices connected to the same local link
• Usage limited to a single network segment
• Ideal for smaller networks and other environments
10© 2013 Course Technology/Cengage Learning. All Rights Reserved.
LLMNR (cont’d.)
11© 2013 Course Technology/Cengage Learning. All Rights Reserved.
12
Name Resolution in IPv4 Networks
• RFCs 882 and 883– Original RFCs for DNS– Created by Paul Mockapetris (also created JEEVES)
• BIND (Berkeley Internet Name Domain)– Written by Kevin Dunlap in 1988
• Database segments– Include only a portion of the overall namespace that
DNS can access for its clients
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
13
Name Resolution in IPv4 Networks (cont'd.)
• DNS combines the following virtues– Allows local control over domain name database
segments– Data from all database segments is available
everywhere– Database information is robust and highly available
• DNS– One of the most effective uses of distributed
database technology in the world today
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
14
DNS Database Structure
• Mirrors structure of the domain namespace itself
• Top-level domains in the U.S.– .com– .edu– .gov– .mil– .net– .org
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
DNS Database Structure (cont’d.)
15© 2013 Course Technology/Cengage Learning. All Rights Reserved.
16
The DNS Namespace
• DNS – Arbitrarily partitions tree and creates subtrees for
database information
• Domains (such as ibm.com) – Can be broken into subdomains (such as
clearlake.ibm.com)
• Any valid domain name– Ultimately resides within some specific DNS
database
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
17
DNS Database Records
• Resource records– Stores data associated with domain names, address
records, and other specific data– Most commonly used types
• Address (A) record
• Canonical name (CNAME) record
• Host information (HINFO) record
• Mail exchange (MX) record
• Name server (NS) record
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
18
Delegating DNS Authority
• DNS– Permits database record for primary DNS server to
delegate authority to DNS servers lower in domain namespace
• Once authority is delegated– Database for name server includes NS records that
point to name servers
• Organization of global DNS database– Designed to make it quick and easy for name
servers to point to other name servers
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
19
Types of DNS Servers
• Primary master name DNS server – Where the primary DNS database files for the
domain(s) or subdomain(s) reside
• Primary master– Distinguished from other name servers for a domain
• For any DNS zone– There can be only one primary master name server
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
20
Secondary DNS Server
• Gets its data for the zone from the master server for that zone
• Zone data on a secondary server – Always originates from a primary server
• Zone transfer– Secondary DNS server gets data for the zone from
the master server for that zone
• Secondary, or slave, DNS servers– Provide a back-up copy of the domain database for a
specific zone
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
21
Caching Servers
• Store recently accessed DNS records from other domains
• Caching-only server– Speeds access to specific domain names by storing
a copy of the lookup data locally
• Size and Internet access volume – Factors that determine if an organization implements
separate caching-only servers
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
22
How Domain Name Servers Work
• A TCP/IP client– Usually some application or service that encounters
a domain name for which it needs an IP address
• Servers – Queried in the order in which they appear in TCP/IP
configuration files (from top down)
• DNS servers – Handle real name resolution
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
23
Recursive Query
• Used by DNS resolvers to:– Delegate the first DNS server that they contact to go
out and find the necessary address translation
• In the grand DNS server hierarchy– Any DNS server can issue iterative queries– Only a DNS client or a root server can issue
recursive queries
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
24
Iterative or Non-Recursive Queries
• Issued when one DNS server receives a recursive request
• Do not cause other queries to be issued
• Reason some recursive name queries involve a root server– Root server always knows how to find whatever DNS
server is authoritative for the domain
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
25
Importance of DNS Caching
• All data in a DNS cache – Has an expiration value
• DNS servers – Cache name and address pairs for addresses they
resolved – Keep information about name requests that result in
error messages
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
26
DNS Configuration Files and Resource Record Formats
• domain.dns– The files that map host names to addresses
• addr.in-addr.arpa.dns– Files that map addresses to domain names for
reverse lookups
• Every DNS zone file must contain:– SOA and NS records– Records about host names or addresses in that zone
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
27
Start of Authority Record
• Identifies the current name server as the best source of information for data in its zone
• Both secondary and primary name servers: – Can designate themselves as authoritative in their
own SOA records
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
28
Address and Canonical Name Records
• DNS, by default– Accesses only the first IP address for a host when
multiple entries for a single domain name are defined
• DNS round robin load balancing– Permits a DNS server to keep track of which IP
addresses it has provided for a specific translation– Rotates the IP addresses within the list of addresses
available
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
29
Mapping Addresses to Names
• Records in the db.addr file – Provided to support reverse DNS lookups
• Reverse address lookups– Used primarily to determine if IP address that user
presents matches originating domain name
• Classful– File structure of reverse DNS lookups
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Name Resolution in IPv6 Networks
• DNS continues to operate in IPv6 environments– Basic mechanisms of DNS continue unaltered– Task of name resolution is made more complex
• IPv6 offers backup service that can stand in for DNS
• LLMNR protocol uses the same message format that conventional DNS uses– But runs on different ports
30© 2013 Course Technology/Cengage Learning. All Rights Reserved.
DNS in IPv6
• RFC 1886 (obsoleted by RFC 3596)– Defined the DNS extensions supporting IPv6
• AAAA record– Developed to accommodate larger IPv6 addresses
• ip6.int (substituted with ip6.arpa)– Created to support IPv6 reverse-mapping domain
• Forward mapping– Involves sending a request to a remote host with its
domain name and requesting its IP address
31© 2013 Course Technology/Cengage Learning. All Rights Reserved.
DNS in IPv6 (cont’d.)
32© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Source and Destination Address Selection
• Specified by RFC 3484
• IPv6 addressing– Allows multiple unicast addresses to be assigned to
a computer’s network interface– Addresses can have different reachability scopes
• For an IPv6 node with multiple addresses– Multiple IPv6 addresses are returned in the DNS
Name Query Response message
• Source and destination address must be matched to each other for both address scope and purpose
33© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Source and Destination Address Selection (cont’d.)
34© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Source Address Selection Algorithm
• Eight rules processed sequentially– Prefer the source address that equals the destination
address– Prefer the source address that has the appropriate
scope for D-Addr– Prefer addresses that are not depreciated– Prefer a home address (for IPv6 mobile)– For routers, prefer the source address that is
assigned to the next-hop interface pointing at D-Addr
35© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Source Address Selection Algorithm (cont’d.)
• Eight rules processed sequentially (cont’d.)– Prefer the source address that has the same label in
the prefix policy table as D-Addr– Prefer the source address that uses a public address
over the source address that uses a temporary address
– Prefer the source address that has the longest matching prefix with D-Addr
36© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Destination Address Selection Algorithm
• Ten rules processed sequentially– Prefer a destination that is reachable over one that is
not– Prefer the destination that matches the scope of the
source address– Prefer a destination address with a source address
that is not deprecated– Prefer a destination with a source address that is a
home address (for IPv6 mobile)– Prefer a destination address that has the same label
from the prefix policy table as its source address
37© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Destination Address Selection Algorithm (cont’d.)
• Ten rules processed sequentially (cont’d.)– Prefer a destination address that has the highest
precedence in the prefix policy table– Prefer a native IPv6 destination over an IPv6
transition technology destination– Prefer a destination address with the smallest scope– Prefer a destination address possessing the longest
matching prefix length with its source address– Otherwise, leave the order unchanged
38© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Using Address Selection
• Address selection from end to end– Operator on Node1 queries remote host for its
configured addresses– Remote host replies with multiple addresses– Node1 uses source address selection algorithm– Node1 uses destination address selection algorithm– Application on Node1 is provided with the ordered
destination addresses and related source addresses– Application attempts to use the source/destination
address pairs until successfully establishing communication
39© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Using Address Selection (cont’d.)
• Changing the destination address scope preference– Destination address selection algorithm rule 8
• Gives preference to destination addresses with the smallest scope
– You may want to change the policy table to reverse the default preference
– Use Windows command netsh interface ipv6 set prefixpolicy
40© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Name Resolution Support in Windows Operating Systems
• NetBIOS and WINS– Historical and native name resolution methods for
Windows– Have been made obsolete by the ubiquitous
presence of DNS
41© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Hosts File
• Stored locally on the Windows computer
• Must be updated manually
• On Windows 7– You can locate the hosts file at C:\Windows\
System32\drivers\etc
• Can map both IPv4 and IPv6 addresses to computer host names
42© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Hosts File (cont’d.)
43© 2013 Course Technology/Cengage Learning. All Rights Reserved.
DNS Resolver
• Responsible for initiating and sequencing DNS queries
• Two types of queries:– Nonrecursive query to a DNS server– Recursive query to a DNS server
44© 2013 Course Technology/Cengage Learning. All Rights Reserved.
45
Client Side of DNS
• Resolvers – Issue requests for service, called name queries or
address requests, to domain name servers
• An address request – Seeks to resolve a domain name to a corresponding
numeric IP address
• Name query (inverse DNS query)– Seeks to resolve an address to a domain name
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
DNS Server Service
• Older Windows servers such as Windows NT relied on NetBIOS and WINS
• Windows Server 2003 and Windows Server 2008 naturally support DNS
• Windows servers also support stub zones– Copies of a zone that contains only the resource
records
• DNS server service on Windows supports incremental zone transfers
46© 2013 Course Technology/Cengage Learning. All Rights Reserved.
DNS Dynamic Update
• Dynamic DNS (DDNS)– Allow automatic machine registration and record
updating on DNS servers
• Steps– Client sends DNS query to locate an authoritative
DNS server– Local name server responds– Client attempts to dynamically update the
authoritative DNS server– Authoritative DNS server replies with a success or
failure message47© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Source and Destination Address Selection
• When a Windows computer has more than one IP address configured for a network interface– TCP/IP stack will choose one unicast address to use
as the computer’s source IP address– In compliance with the standards set in RFC 3484
• Windows Vista and Windows 7 computers support IPv6 destination address selection– As defined by RFC 3484
48© 2013 Course Technology/Cengage Learning. All Rights Reserved.
LLMNR Support
• Supported and enabled by default on Windows Vista/7/Server 2008
• On client computers, it will attempt to search for a domain controller (DC) on the domain
• Can be disabled either using:– Group Policy in AD domains– Registry for individual computers
49© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Working with ipv6-literal.net Names
• Ipv6-literal.net names– Supported by Windows Vista/7/Server 2008– Can be used by applications and services that are
unable to recognize the syntax of IPv6 addresses
• Specified by RFC 2732– Obsoleted by RFC 3986– Provides generic syntax for Uniform Resource
Identifiers (URIs) and addresses
50© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Peer Name Resolution Protocol
• Microsoft Windows IPv6 proprietary peer-to-peer name resolution system
• First developed for Windows XP SP2– Updated for Windows Vista
• Peer name groups– Global cloud– Link-local cloud– Site-specific cloud
51© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Peer Name Resolution Protocol (cont’d.)
52© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Troubleshooting Name Resolution Problems and Failures
• DNS shortcomings– Database updates usually require a qualified
administrator or special purpose tools– Propagation delay
53© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Common Sources of Failure
• Two common sources of name resolution failure– Negative response to a query– Positive response to a query with an incorrect name
• Common causes of a negative result– Incorrect domain suffix appended to a queried name– Incorrect IP configuration on a client or server– Querying a name server that is not authoritative– Inability to connect to the correct name server
• Causes for positive but incorrect name server – Incorrect data stored in name server’s resolver cache
54© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Tools for Troubleshooting NetBIOS and WINS Problems
• Tools that are useful for diagnosing and troubleshooting TCP/IP networks in general– Also useful in maintaining NetBIOS and WINS
services
• Ping – Excellent way to test connectivity
• Traceroute and Netstat– Useful diagnostic tools
55© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Tools for Troubleshooting DNS Problems
• Process of troubleshooting DNS for IPv4 and IPv6 is essentially the same
• Differences– Knowing how to specify an IPv6 name server– Knowing how to format forward and reverse
mappings for each IP version
56© 2013 Course Technology/Cengage Learning. All Rights Reserved.
57
Nbtstat
• Command-line program that returns statistics on NetBIOS
• A fast way to:– Check the status of a particular NetBIOS host– Get a quick snapshot of NetBIOS name resolution
activity on the local network segment
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
Netstat
• Shows active TCP connections, listening ports, Ethernet statistics, IPv4 statistics, and IPv6 statistics
• Available on Windows, UNIX, and UNIX-like computers
58© 2013 Course Technology/Cengage Learning. All Rights Reserved.
59
Nslookup
• Supported by Windows and UNIX
• Provides access to all kinds of DNS information
• Essential tool for testing, when configuring or troubleshooting a DNS server
• Syntax– nslookup domain-name [name-server]
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
60
Nslookup (cont’d.)
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
61
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
62
Using Nslookup
• set OPTION command – Used to examine specific types of resource records
• ls –a or ls –d– Used to extract information from certain well-known
name servers
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
63
Nslookup (cont’d.)
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
64
Nslookup (cont’d.)
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
65
Nslookup and IPv6
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
66
Summary
• The Domain Name System– Provides key address resolution service that makes
today’s Internet possible
• Impetus for DNS – Arose from difficulty of maintaining static HOSTS
files for computers on the ARPANET
• DNS name servers – Come in multiple varieties
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
67
Summary (cont'd.)
• DNS– Maintains its data on a large collection of name
servers around the Internet
• DNS databases – Consist of a collection of resource records (RRs)
• DNS clients – Rely on resolver to interact with available DNS
server for name resolution services
© 2013 Course Technology/Cengage Learning. All Rights Reserved.
68
Summary (cont'd.)
• DNS packet structures– Incorporate type information that identifies the kind of
RR being carried
• IPv6 networks use DNS extensions but must be able to work in hybrid IPv4–IPv6 environments
• IPv6 source and destination address selection is managed by algorithms that use a set of rules
• Windows operating system supports a variety of name resolution technologies
• There are a number of common causes of name resolution problems and failures
© 2013 Course Technology/Cengage Learning. All Rights Reserved.