Domain Name System

Domain Name System (DNS)

YASH PAL,

Domain Name System – The domain is a logical grouping of file servers within a network, managed as an integrated whole. However, Microsoft defines a domain as a “logical grouping of users and computers organized for administrative purposes”.

What is a Domain Name System (DNS)?

DNS is a distributed database system that works at the transport layer to provide name-to-address mapping for client applications. DNS servers maintain databases that consist of hierarchical name structures of the various domains in order to use logical names for device identification.

This type of address/name resolution is called service-provider initiated. The largest use of DNS is on the Internet. on the internet, the domain name space (tree) is divided into three different sections:

  1. Generic domains
  2. Country domains
  3. Inverse domains

Generic Domains

The generic domains define registered hosts according to their generic behavior. each node in the tree defines a domain, which is an index to the domain name space database. The first level in the generic domain section allows seven possible three-character labels. These labels describe the organization types listed below.

  • com – Commercial organization
  • edu – Educational institutions
  • gov – Government institutions
  • int – International organizations
  • mil – Military groups
  • net – Network support centers
  • org – Nonprofit organizations

Recently a few more first-level labels have been proposed that are listed below.

  • art – Cultural organizations
  • firm – Business or firms
  • info – Information service providers
  • nom – Personal nomenclatures
  • rec – Recreation/entertainment organization
  • store – Business offering goods to purchase
  • web – Web-related organizations

Country Domains

The country domain section follows the same format as the generic domains but uses two-character country abbreviations (e.g., ‘us‘ for the United States) in place of the three-character organizational abbreviations at the first level. Second-level labels can be organizational, or they can be more specific national destinations. The United States, for example, uses state abbreviations as a subdivision of “us” (e.g, ab.us).

Inverse Domain

The inverse domain is used to map an address to a name. This may happen, for example, when a server receives a request from a client to do a task. whereas the server has a file that contains a list of authorized clients, the server lists only the IP address of the client (extracted from the received IP packet). to determine if the client is on the authorized list, it can send a query to the DNS server and ask for a mapping of the address to a name.

Difference between workgroup and Domain

The major difference between a workgroup and a domain is that users are authenticated for the resources they are trying to access. in a workgroup, user accounts are defined locally on the machine that holds the resource.

In a domain, user accounts are defined locally on the machine that holds the resource. in a domain, user accounts are defined and managed in a central database. this database is called the Security Accounts Manager (SAM). this database is managed by Windows NT’s or 2000 directory services.

Windows NT’s or 2000 domain would be defined as an administrative grouping of users and computers defined and managed through a single database. All NT-based computers (both server and Workstation) have a Security Account Manager (SAM) that defines permissions to local resources. In a domain, all members share a common SAM. this shared SAM provides a central point of management.

In Windows NT, a domain controller is an NT server that contains the domain SAM or accounts database. Domain controllers are responsible for the authentication of the user or in other words, the login process. Although the accounts database can support up to 40,000 addresses of the machines connected in the network, a system might be designed with multiple domains (accounts databases) for the following reasons:

  1. Having more than 40,000 users, computers, and groups.
  2. Wanting to group users or resources for management purposes.

The act of splitting the users and resources into multiple domains is called partitioning the database. There are two benefits to this type of design:

  1. One can delegate administration for each domain so that each department or location can manage its own resources.
  2. You can reduce the length of the list that the NT server has to scroll through to find a given object.

By default, each domain is a separate entity. Domains do not share information and resources from one domain to users defined in another domain.

To allow users to access resources in another domain, you need to establish trust between the two domains. Trust can be defined as a one-way communication link between two domains. There are two domains involved in a trust: one that contains the user accounts that should have access to resources and another that contains those resources. the domain with the user account is called the trusted domain. the domain with the resource is called the trusting domain.

Resolving Names to Addresses

In the early days of ARPAnet, a system resolved names to addresses using the host’s file. Standford Research International (SRI) maintained the host’s file, and each site periodically downloaded an updated copy of the file. as the number of sites connected to ARPAnet increased, this method proved too hard to maintain and placed an increasing burden on the network.

In 1984 Paul Mockapetris, of the University of Southern California’s Information Sciences Institute, released RFCs (882 and 883) that describe the domain name system.

Domain Name System
DNS

Today, the Domain Name System (DNS) is the standard for resolving names to addresses. However, the host file still plays a role in name resolution during the booting of a system and as a means to provide LAN resolution when DNS is down. In a nutshell, DNS is a distributed database whose structure looks like the UNIX file system.

DNS is a client/server to find an address record for a domain name. the query process begins with the root name servers. if the root name server does not know the answer, it returns the address of a name server that knows more details about the domain name. the resolver then queries the new name server. this iterative process continues until a name server responds with the address for the domain name.

Domain names describe organizational or geographical existence. they either indicate the country and sometimes further details. the domain could be like www.thecscience.com

DNS servers and the Internet

The IP uses Internet address information to deliver mail and other data from computer to computer. Every IP address on the Internet is actually a series of four numbers separated by periods called dots, such as 163.53.111.30. but it will be difficult to remember numeric addresses to communicate with someone using electronic mail. Sun Microsystems developed the Domain Name System (DNS) in the early 1980s as an easier way to keep track of addresses.

It has been the addressing system on the Internet ever since. the DNS establishes a hierarchy of domains, which are groups of computers on the Internet. the DNS gives each computer on the net an Internet address, or domain name, using easily recognizable letters and words instead of numbers.

The root of the DNS database on the Internet is managed by the Internet Network Information Center. the top-level domains were assigned organization-wise, and by country.

Also, read

  1. network architecture in networking
  2. Client-server architecture
  3. Types of Internet connection
  4. Internet security threats
  5. Types of Firewalls
Digital communication engineering subjects

Leave a Reply