Scribd
Upload
120 views9 pages

DNS Slides

The document explains the Domain Name System (DNS), which translates human-readable domain names into IP addresses, facilitating easier navigation on the internet. It outlines the structure of DNS, including its layers, components like DNS resolvers and authoritative name servers, and the importance of DNS for load balancing and IP address management. Additionally, it notes the security vulnerabilities of DNS and mentions efforts to enhance its security through encryption methods like DoT and DoH.

Uploaded by

Jogtrott
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODP, PDF, TXT or read online on Scribd
120 views9 pages

DNS Slides

The document explains the Domain Name System (DNS), which translates human-readable domain names into IP addresses, facilitating easier navigation on the internet. It outlines the structure of DNS, including its layers, components like DNS resolvers and authoritative name servers, and the importance of DNS for load balancing and IP address management. Additionally, it notes the security vulnerabilities of DNS and mentions efforts to enhance its security through encryption methods like DoT and DoH.

Uploaded by

Jogtrott
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODP, PDF, TXT or read online on Scribd
You are on page 1/ 9

DNS

Domain Name System


husseinnasser

DNS
Domain Name System
husseinnasser

Why DNS www.husseinnasser.com


● People can’t remember IPs
● A domain is a text points to an IP or a collection of IPs
● Additional layer of abstraction is good
● IP can change while the domain remain
● We can serve the closest IP to a client requesting the same domain
● Load balancing
husseinnasser

DNS
● A new addressing system means we need a mapping. Meet DNS
● If you have an IP and you need the MAC, we use ARP
● If you have the name and you need the IP, we use DNS
● Built on top of UDP
● Port 53
● Many records (MX, TXT, A, CNAME)

Google.com
(142.251.40.46)
husseinnasser

How DNS works


● DNS resolver - frontend and cache
ANS
● ROOT Server - Hosts IPs of TLDs
● Top level domain server - Hosts IPs of the ANS
● Authoritative Name server - Hosts the IP of the target server

TLD

server Resolver
ROOT
husseinnasser

How DNS works le.c


om
(6)
og
f go
I Po
is the
at 7)
Wh .46
(
40
51
. ANS1
42.2
1
What is the IP of Its
google.com (1)
Where is the Authoritative name
server of google.com (4)

Its 142.251.40.46 (8)


)
(9

Here it is ANS1 (5)


e
ak

Resolver
sh

W
nd

he TLD1
ha

re
se is t
P
TC

rve he
rs .C
He ( 2 OM
)
re
is
TL a TL
D1 D
(3 serv
) er

Google.com
(142.251.40.46) ROOT
DNS Packet

Source: https://www.usenix.org/system/files/sec20-zheng.pdf
RFC: https://datatracker.ietf.org/doc/html/rfc1035
husseinnasser

Notes about DNS


● Why so many layers?
● DNS is not encrypted by default.
● Many attacks against DNS (DNS hijacking/DNS poisoning)
● DoT / DoH attempts to address this
husseinnasser

Example
● Let us use nslookup to look up some DNS

You might also like