Understanding DNS and Network Address Translation

Slide Note
Embed
Share

DNS, or Domain Name System, is a vital component of the internet that translates domain names into IP addresses. This essential system allows users to easily navigate the web using familiar names instead of complex numbers. Explore the importance of DNS, its structure, and how it functions within computer networks. Learn about common DNS gTLDs and the role of DNS servers in facilitating internet connectivity. Delve into the world of network address translation and its significance in ensuring seamless communication across diverse devices. Uncover the history of DNS and the evolution of technology that has shaped its current form.

ahm_mcq
ahm_mcq Follow

Uploaded on Oct 10, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. DNS AND NETWORK ADDRESS TRANSLATION Dr.Yue Sun CHENGDU UNIVERSITY OF TECHNOLOGY

  2. WHAT IS DNS? DNS stands for Domain Name System or Domain Name Server DNS resolves an IP address to a host name DNS is basically a large database which resides on many computers that contain the names and IP addresses of various hosts/domains

  3. Why is DNS Important? DNS servers are the maps for the internet Your web browser doesn t understand www.baidu.com" And so when you type this into a url it must be translated into a number

  4. Lets try it out If you are using Windows please open up a command prompt or if you re using a MAC please open a terminal window Try to ping www.baidu.com you should get 104.193.88.123 Now copy/paste that number into your web browser

  5. What if no DNS server is available? Early computer networks used a simple text file called a hosts file that mapped host names to IP addresses This enabled computers to refer to other computers by the name rather than having to enter the IP address number manually each time On Windows machines the hosts file is located (normally) at C:\Windows\system32\drivers\etc\hosts.txt This was a bad solution - slow, took forever to process, updates were difficult

  6. Structure of DNS DNS uses a hierarchal tree based name structure At the top of the tree is the root which is a . followed by the TLD (top level domain) The top level is unfortunately controlled by the USA Top level domains are further divided into 2 categories Generic TLD Country Code TLD

  7. Common DNS gTLDs .com - commercial web sites .org - non profit organizations .edu - restricted to schools and universities .net - originally for network infrastructures but now is unrestricted

  8. Country Code TLDs .cn - China .in - India .uk - United Kingdom .ru - Russia .dom - Dominican Republic :)

  9. Structure of the DNS tree

  10. Authority The Authority for the root domain and gTLD lies with the Internet Corporation for Assigned Numbers and Names (ICANN). ccTLD s are delegated to individual county governments for administration purposes Each level in the hierarchy may delegate the authoritative contralto the next lower level

  11. Authority continued There is a DNS server running in every level of the hierarchy and the responsibility of running the DNS server lies with the Authority at that level Example - when the root domain gets a DNS query for www.baidu.com the root will delegate responsibility for resolving this to its lower level .com , which in turn will delegate to baidu . Finally the DNS server in the baidu will respond with the IP address of the hostname www

  12. In the Zone A zone file is simply a portion of a domain Example: baidu.com may contain all the information for a translate.baidu.com, shopping.baidu.com, and music.baidu.com However usually baidu.com delegates the responsibility for translate.baidu.com to translate rather than keep all the information itself

  13. Resource Records A DNS zone database is made up of a collection of resource records Each resource record specifies information about a particular object and the DNS server uses these records to answer queries for hosts in its zone The records are called A records which map a host name to an IP address and reverse-lookup pointer (PTR) records which map an IP address to a host name

  14. Resources - NS Records An NS record or name server record maps a domain name to a list of DNS servers that are authoritative for that domain Delegations depend on NS records

  15. Resources - MX Records An MX record or mail exchange record maps a domain name to a list of mail exchange servers for that domain When you send an email to 123@qq.com the mail will be routed to the Mail server as specified in the MX record

  16. DNS Queries A DNS query would be something like what is the IP address of www.taobao.com A DNS server may receive such a query for any domain, which it has no direct information about Depending on what information the DNS server has, it will respond differently!

  17. DNS Queries II A DNS server may service three types of queries Recursive Query Iterative Query Inverse Query

  18. DNS Recursive Query In a recursive query the following are the steps taken by the DNS server for translate.baidu.com Host sends query what is the IP address of translate.baidu.com to locally configured DNS server. DNS server looks up translate.baidu.com in local tables not found DNS sends query to a root-server for the IP of translate.baidu.com The root-server replies with a referral to the TLD servers for .com The DNS server sends query what is the IP address translate.baidu.com to one of the .com TLD servers. The TLD server replies with a referral to the name servers for baidu.com The DNS server sends query what is the IP address translate.baidu.com to name server for baidu.com. Zone file defines a A record which shows translate s IP address is x.x.x.x. DNS returns the A record for translate .

  19. DNS Iterative Query In a iterative query, if the DNS server doesn t know the answer it will refer to another DNS server for a response So the client which initiated the query will then try to contact the new DNS server for a response

  20. DNS Inverse Query In a Inverse query, an IP address will be provided and a hostname will be asked This query can take the same path as the Recursive and Iterative query possibilities The only difference is that it is providing an IP address and requesting a hostname

  21. Some useful tools nslookup (on Windows and MACS) is a useful tool for direct querying of IP addresses or host domains

  22. nslookup Useful for finding the IP address of a host Finding the domain name of an IP address Finding the mail servers for a domain

  23. Example - nslookup At a command prompt or terminal window

  24. nslookup continued By default nslookup will use the domain server that is currently configured for your system You can switch DNS server using the *server name* or *server IP address* option

  25. The non-authoritative answer You may get a not authoritative name server - all that means is that the DNS has resolved this recently and the information is stored in its cache

  26. Part 2 - NAT - Network Address Translation In order to go to the internet a client computer needs a public IP address However having your own public IP address costs money and moreover there are not enough of them to go around Therefore a technology called Network Address Translation was implemented

  27. What is Network Address Translation? Network Address Translation translates a private LAN address such as 192.168.1.37 into a public IP address like 47.65.34.123 It is a function of the outward facing router

  28. When do we use Network Address Translation? There are several situations where we need address translation such as when a network does not have sufficient public IP addresses but still wants to connect all its clients to the internet or two networks that have the same IP addresses want to merge together Security is also a consideration - many organizations don t want to expose their internal IP structure to the outside world

  29. NAT terminology Description Term Inside Local IP address Before translation source IP address located INSIDE the local network Inside Global IP address After translation source IP address located outside the local network Outside Global IP address Before translation destination IP address located outside the remote network Outside Local IP address After translation destination IP address located inside the remote network

  30. An example

  31. Inside or outside? Whether you are inside or outside depends on where you are! From the perspective of the user making the request he is inside and the other router R2 is outside From router R2 s perspective the user is outside and it is inside

  32. Types of NAT There are 3 types of NAT Static NAT Dynamic NAT PAT These three types define how inside local IP addresses will be mapped with the inside global IP address

  33. Types of NAT - Static Static NAT - in this type we manually map each inside local IP address with an inside global IP address This type using one to one mapping and we will need exactly the same number of IP addresses on both sides of the router Static NAT only works if you have few clients or several public IP addresses to use

  34. Types of NAT - Dynamic Dynamic NAT - in this type we create a pool of inside global IP addresses and let the NAT device map inside local IP addresses with the available global IP addresses from the pool automatically

  35. Types of NAT - PAT PAT - in this type a single inside global IP address is mapped with multiple local IP addresses using the source port address This is also known as PAT (Port Address Translation) or NAT over-load

  36. When is NAT used? The Network is built with private IP addresses and we want to connect it to the internet. To do this we need to use public IP addresses In this situation we use a NAT device which will map a private IP address with a public IP address

  37. When is NAT used - part II Two networks are using *the same* IP address scheme and want to merge. In this situation the NAT device is used to prevent IP conflicts We want to connect multiple computers with the internet through a single public IP address. In this situation NAT is used to map the multiple IP addresses with a single IP address through port numbers

  38. How NAT works

  39. Advantages of NAT NAT hides the internal IP structure of an organization NAT allows us to connect with any network without changing IP addresses NAT allows us to connect multiple computers with the internet through a single public IP address

  40. Disadvantages of NAT NAT adds additional delays in the network Several applications are not compatible with NAT End to end IP traceability will not work with NAT NAT hides the actual end device

Related


Understanding DNS Performance and Issues in Information-Centric Networks

Understanding DNS Performance and Issues in Information-Centric Networks

jennli
Proactive Network Protection Through DNS Security Insights

Proactive Network Protection Through DNS Security Insights

rserv
Understanding Domain Name System (DNS) and Content Distribution Networks (CDNs)

Understanding Domain Name System (DNS) and Content Distribution Networks (CDNs)

idecl
Challenges of DNS Centrality in Internet Infrastructure

Challenges of DNS Centrality in Internet Infrastructure

jessic
Translation Strategies and Principles for Effective Communication

Translation Strategies and Principles for Effective Communication

bran_4
Understanding Domain Name Service (DNS) in Linux Network Administration

Understanding Domain Name Service (DNS) in Linux Network Administration

teey962
Understanding DNS Registration: Importance and Process Explained

Understanding DNS Registration: Importance and Process Explained

ajas
Understanding DNS Flag Day and EDNS: A Comprehensive Overview

Understanding DNS Flag Day and EDNS: A Comprehensive Overview

tri_m
Understanding DNS Security Mechanisms

Understanding DNS Security Mechanisms

lunau
Enhancing Privacy in DNS Zone Exchanges

Enhancing Privacy in DNS Zone Exchanges

aronoff_j
DNS Forensics & Protection: Analyzing and Securing Network Traffic

DNS Forensics & Protection: Analyzing and Securing Network Traffic

hanish
Understanding Network Security Fundamentals

Understanding Network Security Fundamentals

chae_220
Translation Strategies and Equivalence Models in Modern Translation Studies

Translation Strategies and Equivalence Models in Modern Translation Studies

vtoc
Overview of Translation Theories from Dryden to Derrida

Overview of Translation Theories from Dryden to Derrida

emel
Understanding Address Translation in Computer Systems

Understanding Address Translation in Computer Systems

pinh_d
Understanding DNS Centrality: The Internet's Core Challenge

Understanding DNS Centrality: The Internet's Core Challenge

aren_ete
Roadmap for DNS Load Balancing Service at CERN - HEPiX Autumn 2020 Workshop

Roadmap for DNS Load Balancing Service at CERN - HEPiX Autumn 2020 Workshop

norbert
Understanding DNSSEC: Adding Digital Signatures to DNS Responses

Understanding DNSSEC: Adding Digital Signatures to DNS Responses

sdaco
Understanding the Domain Name System (DNS) Structure

Understanding the Domain Name System (DNS) Structure

paj
DNS Testing and Signatures Rollover Analysis

DNS Testing and Signatures Rollover Analysis

naif959
Automating DNS Maintenance with Catalog Zones: A New Approach

Automating DNS Maintenance with Catalog Zones: A New Approach

kkai
The Future of Computer-Assisted Translation: Insights and Trends

The Future of Computer-Assisted Translation: Insights and Trends

bren_80
Exploring Different Types of Translation

Exploring Different Types of Translation

alexandre
Evolution of Translation Theory: From Literal to Sense-for-Sense

Evolution of Translation Theory: From Literal to Sense-for-Sense

zyler

More Related Content