The minimum TTL value
For example, the UDP protocol is used for creation of standard requests of the Internet, but not used for transactions of conveyance of a zone as transaction accomplishment speed is in case of the former important, and in the second — reliability of joint for data transfer. Besides, the UDP protocol allows to establish more flexible monitoring of intervals of repeated drive of the lost packets. The TCP protocol is used, for example, when the server at the same time works with several joints or a client part requires for data transfer of installation of reliable joint.
Inquiry answer or contains the information required, or will readdress request for other name server, or reports about origin of an error of processing or drive of request.
Requests are passed in the form of messages of a special format. The message consists of title which contains particular controlling fields, such as field of an activity code (OPCODE), type of request, status of request, etc., and four sections for parameters of the recordings RR which maintenance depends on an activity code of request (fig. 9.13).
Header Query Answer Authority Additional
Fig. 9.13. Structure of the message of the DNS protocol
Header (Title). Contains controlling fields. Query (Request). Contains a name and other query parameters. Answer (Response). Supports RR of inquiry answer.
Authority (Is right). Supports RR describing others plenipotentiary for operation from this RR name servers.
Additional (Additional sections). Contain the additional information.
Ha of fig. 9.14 is shown a header layout of the message of the DNS protocol.
RD RA RD RA
Fig. 9.14. Header layout of the message of the DNS protocol
B title of the message of the DNS protocol contain the following fields and signs:
□ ID field (16 bits). Identifier of a cycle request response. The identifier of request is copied in the field of the message of the response which, in turn, can be request of the following iteration of initial request.
□ Sign of QR (1 bits). Flag of request or response (0/1).
□ OPCODE (4 bits). Request type (prime/inverse / request of the status).
□ AA (1 bits). Flag of the authorized response.
□ Sign of TC (1 bits). A flag of truncating of the message which is executed in that, a case if the size of the initial message exceeded MTU value of transmission channel.
□ Sign of RD (1 bits). A flag of preferable accomplishment of recursion when processing request by a name server (see the section. “Gears and algorithms of an upkeep of requests” Chapter 9).
□ Sign of RA (1 bits). A flag of a possibility of accomplishment of recursion when processing request by a name server.
□ Field Z (3 bits). It is reserved for further use.
□ RCODE field (4 bits). Response status code.
□ QDCOUNT field (16 bits). A record count in request section.
□ ANCOUNT field (16 bits). A record count in response section.
□ NSCOUNT field (16 bits). A record count in section of the authorized NS servers.
□ ARCOUNT field (16 bits). A record count in additional section.
The structure of the section Query of the message of the DNS protocol is introduced in fig. 9.15.
The standard request (section Query) contains a domain name, information on
System of domains and distributed database of DNS
which we want to receive (QNAME), type of request (QTYPE), a class of request (QCLASS). The QTYPE and QCLASS fields on 16 bits everyone, contain codes of type and a class to write of RR, information on which we want to obtain.
QCLASS QNAME QTYPE
Fig. 9.15. Structure of the section Query of the message of the DNS protocol
Using parameters of a name of the domain (host), type and class, the name server looks for the appropriate recordings in the table of the database.
For example, the host sender of mail can make request for availability in the domain ISI. EDU of email servers, for example, for sending mail to this domain. Query parameters will be the following: QNAME=ISI. EDU, QTYPE=MX, QCLASS=IN. B the response a host will receive the packet containing structure of the recording RR in section of the response (Answer) (see fig. 9.6), for example, with the following information:
ISI. EDU. MX 10 MARS. ISI. EDU.
MX 10 POMPA. ISI. EDU. the additional section of the response (Additional) may contain IP addresses of nodes of domains:
MARS. ISI. EDU. A 10.2.0.27 A 18.104.22.168 POMPA. ISI. EDU. A 10.1.0.52 A 22.214.171.124
Except usual requests there are so-called inverse requests. Their difference from standard consists that they determine a domain name (or domains) by characteristics of a particular resource. For example, if the standard request defines the recordings SOA RR corresponding to a domain name, then the appropriate inverse request determines a domain name by parameters of this recording.
The gear of inverse requests is used, for example, for establishment of compliance of IP addresses and names of hosts of the Internet. For correlation of IP addresses and names of hosts on the Internet the special domain IN-ADDR. ARPA of Recording in the domain IN-ADDR. ARPA is used consist of a suffix of IN-ADDR. ARPA and four tags preceding it. Each tag represents internet address byte. Tags as it should be, reverse to layout of bytes of an internet address are located. For example, if the internet address of domain 10.2.0.52, then in the domain IN-ADDR. ARPA corresponds to it
recording 126.96.36.199.IN-ADDR. ARPA. Such return representation of the address allows to define managing zones and gateways for classes of networks.
For example, if the domain IN-ADDR. ARPA contains information on the ISI gateway between network 10 and 26 and has addresses 10.2.0.22 and 188.8.131.52, then the database will contain the following recordings:
10.IN-ÄDDR. ARPA. PTR GW. ISI. EDU.
26.IN-ÄDDR. ARPA. PTR GW. ISI. EDU.
184.108.40.206.IN-ADDR. ARPA. PTR GW. ISI. EDU. 220.127.116.11.IN-ADDR. ARPA. PTR GW. ISI. EDU.
When using service of inverse requests it must be kept in mind that as the domain IN-ADDR. ARPA and the usual domain of this host or the gateway are located in different zones, it is possible that data in these domains will not be approved, besides, gateways, as a rule, have different names in different domains.
The purpose of the gear of the return requests and the domain IN-ADDR. ARPA consists in that it was possible to determine by the IP address of a host quickly the domain and controlling units of the domain where this host is located.
All name servers shall understand and recognize both standard, and inverse requests. It is clear, that inverse requests cannot guarantee completeness and uniqueness of the returned information even in the particular domain. These requests are, as a rule, used in case of installation and testing of different components of a name server.
Name servers manage databases of names and addresses of the domain. The database is partitioned into the sections called by zones which are distributed for an upkeep between different name servers. A primal problem of name servers is request processing on the basis of information of the local zones located on this host or readdressing of request for the servers having the information required.
The name server algorithm in many respects depends on the network environment of operation, an operating system of a host and on a data structure which the server steers. Fundamental unit of the database of a name space is the zone.
Concept of a zone. Division of DNS space into zones
The zone represents the complete specification of any part of a name space of the domain. K to this zone, as a rule, have access several name servers. B compliance with the agreement, each zone shall
System of domains and distributed database of DNS
to be available, at least, from two servers. Odpn a name server usually supports operation of one or more zones.
The database of the domain can be broken into zones by two modes: on classes and “cutoffs” of a name space.
□ Division no to classes. For any class the separate database is built and installed. As a name space same for all classes, data structures for separate classes it is possible to consider as parallel “trees” of a name space. It is clear, that data of nodes of these “trees” will depend on a class to which they belong. As a rule, need for the new data format or independent (from already existing) a name space is the reason of creation of a new class.
□ Division no to “cutoffs”. In the separate class “cutoff” in a name space it is possible to make between any two adjacent cross-links. After creation of such “cutoff” each group of a name space will represent a separate zone. Such “cutoff” in a name space can pass in different classes in different places of a name space, parts of new zones can belong to different name servers etc.
These rules of division imply that each zone has at least one node and a name of the domain which name space she owns. Besides, according to structure of “tree”, each zone has “parent” — the zone located in the system of hierarchy is closer to a root of “tree”. The zone parent name is used often for determination of a name of this zone.
Certainly, division of a name space in such a way that each domain would settle down in a separate zone or so that all nodes of the domain would settle down in a separate zone, was convenient in terms of uniform administration. However instead the database is most often partitioned by the organizational principle, i. e. each organization working with a particular part of “tree” wishes to control and change the part self-contained.
The information which is stored in a particular zone consists of four main parts:
1. Data on the rights of nodes in a zone.
2. The data defining a node of the parent of a zone.
3. Data on subbands of this zone.
4. Data on access rights to name servers of subbands of this zone.