Continued from page 1
HOW "CACHING"WORKS
DNS uses principle of ‘caching' for its operation. When a nameservers receives Information about a mapping, it caches this information .further queries for same mapping will use this cached result, thereby reducing search cost. The nameservers don't cache forever. The caching has a component called time to live (TTL) and TTL determines how long a server will cache a piece of information. So when nameservers caches receive an IP address, it receives TTL with it. The nameserver caches IP address for period of time then discards it.
When a process needs to determine an IP address given a DNS address, it calls upon local host to resolve address. This can be done in variety of ways:
•Table look up. On UNIX hosts, table is /etc/hosts.
•The process communicates with a local nameservers. This is named on a UNIX system.
•By sending a massage to remote system that is identified from information in file/etc/resolve.conf.
When a nameserver receives a query for a domain that is does not serve, it may send back a referral to client by specifying better nameservers. Typically operate in recursive manner wherein any DNS server passes requests it cannot handle to higher level server and so on, until either request can be handled or until root of DNS name space is reached.
The nameservers contain pointers to other nameserver with help of which it is possible to traverse entire domain naming hierarchy. A host with initial nameserver addresses has to be configured. After this, it is able to use DNS protocols to locate nameserver responsible for any part or DNS naming hierarchy.
Thus when a nameserver receives a request, it can do one of following:
•It can answer request with an IP address. This method is called iterative. In this, client simply asks server to resolve a domain name. The server accesses its database, finds its IP address and sends that back. If server does not find address, it sends back an error (‘DNS not found'). •Contact another nameserver and try to find IP address for requested name. •Send back a referral to client specifying IP address of better nameservers.
DNS transaction occurs widely over internet. The two most common types of transaction are DNS zone transfers and DNS queries/responses.
A popular user interface, called ‘nslookup'is available on UNIX system. With this, you can perform any DNS function. This program also displays result to user. Using is nslookup, you can obtain a listing of all hosts in a zone. In order to do this, you first need to identify nameserver for zone.
The threats that are associated with DNS are due to lack of integrity and authenticity checking of data held within DNS. Also, other protocols can use host names as an access control mechanism. The internet engineering task force (IETF) has come up with DNS security (DNSSEC) extensions to DNS protocol. The main objective to DNSSEC is to provide authentication and integrity to DNS. These are provided through use of cryptographic `
Pawan Bangar Technical Director, Birbals,India. Reach Pawan by:pawan@ebirbals.com visit ebirbals.com, birbals.com, seobirbals.com, hbirbals.com