Understanding DNS and Network Address Translation
DNS, or Domain Name System, is a vital component of the internet that translates domain names into IP addresses. This essential system allows users to easily navigate the web using familiar names instead of complex numbers. Explore the importance of DNS, its structure, and how it functions within computer networks. Learn about common DNS gTLDs and the role of DNS servers in facilitating internet connectivity. Delve into the world of network address translation and its significance in ensuring seamless communication across diverse devices. Uncover the history of DNS and the evolution of technology that has shaped its current form.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
E N D
Presentation Transcript
DNS AND NETWORK ADDRESS TRANSLATION Dr.Yue Sun CHENGDU UNIVERSITY OF TECHNOLOGY
WHAT IS DNS? DNS stands for Domain Name System or Domain Name Server DNS resolves an IP address to a host name DNS is basically a large database which resides on many computers that contain the names and IP addresses of various hosts/domains
Why is DNS Important? DNS servers are the maps for the internet Your web browser doesn t understand www.baidu.com" And so when you type this into a url it must be translated into a number
Lets try it out If you are using Windows please open up a command prompt or if you re using a MAC please open a terminal window Try to ping www.baidu.com you should get 104.193.88.123 Now copy/paste that number into your web browser
What if no DNS server is available? Early computer networks used a simple text file called a hosts file that mapped host names to IP addresses This enabled computers to refer to other computers by the name rather than having to enter the IP address number manually each time On Windows machines the hosts file is located (normally) at C:\Windows\system32\drivers\etc\hosts.txt This was a bad solution - slow, took forever to process, updates were difficult
Structure of DNS DNS uses a hierarchal tree based name structure At the top of the tree is the root which is a . followed by the TLD (top level domain) The top level is unfortunately controlled by the USA Top level domains are further divided into 2 categories Generic TLD Country Code TLD
Common DNS gTLDs .com - commercial web sites .org - non profit organizations .edu - restricted to schools and universities .net - originally for network infrastructures but now is unrestricted
Country Code TLDs .cn - China .in - India .uk - United Kingdom .ru - Russia .dom - Dominican Republic :)
Authority The Authority for the root domain and gTLD lies with the Internet Corporation for Assigned Numbers and Names (ICANN). ccTLD s are delegated to individual county governments for administration purposes Each level in the hierarchy may delegate the authoritative contralto the next lower level
Authority continued There is a DNS server running in every level of the hierarchy and the responsibility of running the DNS server lies with the Authority at that level Example - when the root domain gets a DNS query for www.baidu.com the root will delegate responsibility for resolving this to its lower level .com , which in turn will delegate to baidu . Finally the DNS server in the baidu will respond with the IP address of the hostname www
In the Zone A zone file is simply a portion of a domain Example: baidu.com may contain all the information for a translate.baidu.com, shopping.baidu.com, and music.baidu.com However usually baidu.com delegates the responsibility for translate.baidu.com to translate rather than keep all the information itself
Resource Records A DNS zone database is made up of a collection of resource records Each resource record specifies information about a particular object and the DNS server uses these records to answer queries for hosts in its zone The records are called A records which map a host name to an IP address and reverse-lookup pointer (PTR) records which map an IP address to a host name
Resources - NS Records An NS record or name server record maps a domain name to a list of DNS servers that are authoritative for that domain Delegations depend on NS records
Resources - MX Records An MX record or mail exchange record maps a domain name to a list of mail exchange servers for that domain When you send an email to 123@qq.com the mail will be routed to the Mail server as specified in the MX record
DNS Queries A DNS query would be something like what is the IP address of www.taobao.com A DNS server may receive such a query for any domain, which it has no direct information about Depending on what information the DNS server has, it will respond differently!
DNS Queries II A DNS server may service three types of queries Recursive Query Iterative Query Inverse Query
DNS Recursive Query In a recursive query the following are the steps taken by the DNS server for translate.baidu.com Host sends query what is the IP address of translate.baidu.com to locally configured DNS server. DNS server looks up translate.baidu.com in local tables not found DNS sends query to a root-server for the IP of translate.baidu.com The root-server replies with a referral to the TLD servers for .com The DNS server sends query what is the IP address translate.baidu.com to one of the .com TLD servers. The TLD server replies with a referral to the name servers for baidu.com The DNS server sends query what is the IP address translate.baidu.com to name server for baidu.com. Zone file defines a A record which shows translate s IP address is x.x.x.x. DNS returns the A record for translate .
DNS Iterative Query In a iterative query, if the DNS server doesn t know the answer it will refer to another DNS server for a response So the client which initiated the query will then try to contact the new DNS server for a response
DNS Inverse Query In a Inverse query, an IP address will be provided and a hostname will be asked This query can take the same path as the Recursive and Iterative query possibilities The only difference is that it is providing an IP address and requesting a hostname
Some useful tools nslookup (on Windows and MACS) is a useful tool for direct querying of IP addresses or host domains
nslookup Useful for finding the IP address of a host Finding the domain name of an IP address Finding the mail servers for a domain
Example - nslookup At a command prompt or terminal window
nslookup continued By default nslookup will use the domain server that is currently configured for your system You can switch DNS server using the *server name* or *server IP address* option
The non-authoritative answer You may get a not authoritative name server - all that means is that the DNS has resolved this recently and the information is stored in its cache
Part 2 - NAT - Network Address Translation In order to go to the internet a client computer needs a public IP address However having your own public IP address costs money and moreover there are not enough of them to go around Therefore a technology called Network Address Translation was implemented
What is Network Address Translation? Network Address Translation translates a private LAN address such as 192.168.1.37 into a public IP address like 47.65.34.123 It is a function of the outward facing router
When do we use Network Address Translation? There are several situations where we need address translation such as when a network does not have sufficient public IP addresses but still wants to connect all its clients to the internet or two networks that have the same IP addresses want to merge together Security is also a consideration - many organizations don t want to expose their internal IP structure to the outside world
NAT terminology Description Term Inside Local IP address Before translation source IP address located INSIDE the local network Inside Global IP address After translation source IP address located outside the local network Outside Global IP address Before translation destination IP address located outside the remote network Outside Local IP address After translation destination IP address located inside the remote network
Inside or outside? Whether you are inside or outside depends on where you are! From the perspective of the user making the request he is inside and the other router R2 is outside From router R2 s perspective the user is outside and it is inside
Types of NAT There are 3 types of NAT Static NAT Dynamic NAT PAT These three types define how inside local IP addresses will be mapped with the inside global IP address
Types of NAT - Static Static NAT - in this type we manually map each inside local IP address with an inside global IP address This type using one to one mapping and we will need exactly the same number of IP addresses on both sides of the router Static NAT only works if you have few clients or several public IP addresses to use
Types of NAT - Dynamic Dynamic NAT - in this type we create a pool of inside global IP addresses and let the NAT device map inside local IP addresses with the available global IP addresses from the pool automatically
Types of NAT - PAT PAT - in this type a single inside global IP address is mapped with multiple local IP addresses using the source port address This is also known as PAT (Port Address Translation) or NAT over-load
When is NAT used? The Network is built with private IP addresses and we want to connect it to the internet. To do this we need to use public IP addresses In this situation we use a NAT device which will map a private IP address with a public IP address
When is NAT used - part II Two networks are using *the same* IP address scheme and want to merge. In this situation the NAT device is used to prevent IP conflicts We want to connect multiple computers with the internet through a single public IP address. In this situation NAT is used to map the multiple IP addresses with a single IP address through port numbers
Advantages of NAT NAT hides the internal IP structure of an organization NAT allows us to connect with any network without changing IP addresses NAT allows us to connect multiple computers with the internet through a single public IP address
Disadvantages of NAT NAT adds additional delays in the network Several applications are not compatible with NAT End to end IP traceability will not work with NAT NAT hides the actual end device