Yu Cheng (Jade) ICS 351 Prelab Report 8 November 19, 2008 [Question 1] Briefly explain what the command `host` does The host command is used to find the ipaddress of the given domain name and also prints the domain name for the given ip. [Question 2] Describe the following terms that are used in the Domain Name System a. Top-level doanmain It is sometimes refered as Top-level domain name (TLDN). It is the last part of an internet domain name. For example "com" in "www.google.com". b. CNAME(canonical name) It is a record in a DNS database that indicates the true, or canonical host name of a computer that its aliases are associated with. It is information of alias of one name to another. the DNS lookup will continue by retrying the lookup with the new name. This helps when running multiple services (like an FTP and a webserver; each running on different ports) from a single IP address. Each service can then have its own entry in DNS (like ftp.example.com. and www.example.com.) c. Resolver and d. Name server DNS has a client-sever type of interaction. The DNS client is called a DNS resolver also resolver. The DNS server is called a name server. e. Label Each node in the DNS tree has a name consisting of zero or more labels that are treated in a case insensitive fashion. DNS was specified in the era of [ASCII]. f. FQKN(fully qualified domain name) A fully qualified domain name (or FQDN) is an unambiguous domain name that specifies the exact location in the Domain Name System's tree hierarchy through to a top-level domain and finally to the root domain. g. BIND BIND (Berkeley Internet Name Domain or "named") is the most commonly used DNS server on the Internet, especially on Unix-like systems h. Inverse lookup look up the name by address in the zone data file. i. RR(resource record) Resource Records (RRs) are the DNS data records. The most important fields in a resource record are Name, Class, Type, and Data. Name is a domain name, Class and Type are two-byte integers, and Data is a variable-length field to be interpreted in the context of Class and Type. Almost all Internet applications use Class 1, the Internet Class. j. SOA(start of authority) Start of authority is abbreviated as SOA. It is a type of resource record that is used by the Domain Name System (DNS). Every domain name has an SOA record in its database that indicates basic properties of the domain and the zone that the domain is in. The SOA record contains: The host name for the primary name server for the zone. * An e-mail address of the person who is responsible for the domain. * The serial number for the zone. * The refresh interval. This is how often, in seconds, the secondary name servers check with the primary name server to see if any changes have been made to the domain's zone file. * The time, in seconds, a secondary server waits before retrying a failed zone transfer. * The time, in seconds, before a secondary server stops responding to queries, or "expires" a zone, after a lapsed refresh interval where the zone was not refreshed or updated. * The minimum time-to-live (TTL). This value is supplied in query responses by servers for the zone to inform others how long they should cache a resource record provided in an answer. [Question 3] Explain the following types of DNS queries: a. Inverse queries Inverse queries work differently. When a DNS server receives an inverse query, it returns the friendly name for an IP address, rather than an IP address for a friendly name. However, searching the entire Internet for a friendly name match would prove time consuming. Rather than waste resources, use of the in-addr.arpa domain notifies name servers of an inverse query. b. Iterative queries In iterative queries, name servers return the best information they have. Although a DNS server may not know the IP address for a given friendly name, it might know the IP address of another name server likely to have the IP address being sought, so it sends that information back. c. Recursive queries When a client system sends a recursive query to a local name server, that local name server must return the IP address for the friendly name entered, indicate that it can't find an address, or return an error saying that the requested address does not exist. [Question 4] What is the difference between a DNS domain and a DNS zone. Domain name servers store information about part of the domain name space called a zone. The name server is authoritative for a particular zone. A single name server can be authoritative for many zones. A zone is simply a portion of a domain. For example, the Domain Microsoft.com may contain all of the data for Microsoft.com, Marketing.microsoft.com and Development.microsoft.com. However, the zone Microsoft.com contains only information for Microsoft.com and references to the authoritative name servers for the subdomains. If there are no subdomains, then the zone and domain are essentially the same. In this case the zone contains all data for the domain. [Question 5] What are some of the top-level domains in the DNS namespace. The Generic top-level domain names include .biz, .info, .name, .net, .org, .pro. [Question 6] Are domain names case sensitive? What, if any, is te constraint on the length f domain names? The DNS ASCII labels are not case sensitive and their lengths range from zero to 63 octets. [Question 7] Provide a list of te names and IP addresses of all root servers of the Internet. There are thirteen of root name servers in total serving the needs of the entire public Internet world-wide. A 198.41.0.4 B 192.228.79.201 C 192.33.4.12 D 128.8.10.90 E 192.203.230.10 F 192.5.5.241 G 192.112.36.4 H 128.63.2.53 I 192.36.148.17 J 192.58.128.30 K 193.0.14.129 L 198.32.64.12 M 202.12.27.3 [Question 8] What is the purpose of the top-level domain arpa? The .arpa is an Internet top-level domain (TLD) used exclusively for Internet-infrastructure purposes. The name is a backronym for Address and Routing Parameter Area. [Question 9] From a command prompt on a Unix or Windows machine, run the command nslookup www.cnn.com, which shows the IP addresses that are associated with the domain name www.cnn.com. When you access www.cn.com using a web browser on your computer, which IP address is chosen by our computer? I used www.google.com as an example. I issued `nslookup www.google.com` and `tracert www.google.com` to have a look at which IP address is chosen. It looks like the first IP address was used. -------------------------------------------------------------------------------- $ nslookup www.google.com Server: 120.9.94.66.in-addr.arpa Address: 66.94.9.120 Non-authoritative answer: Name: www.l.google.com Addresses: 209.85.171.104, 209.85.171.147, 209.85.171.103, 209.85.171.99 Aliases: www.google.com -------------------------------------------------------------------------------- $ tracert www.google.com Tracing route to www.l.google.com [209.85.171.104] over a maximum of 30 hops: 1 908 ms 426 ms 497 ms 142.15.176.10.in-addr.arpa [10.176.15.142] 2 533 ms 746 ms 468 ms 178.15.176.10.in-addr.arpa [10.176.15.178] 3 578 ms 602 ms 592 ms 85.15.176.10.in-addr.arpa [10.176.15.85] 4 434 ms 867 ms 403 ms 18.10.176.10.in-addr.arpa [10.176.10.18] 5 573 ms 386 ms 405 ms m81025e42.tmodns.net [66.94.2.129] 6 367 ms 448 ms 353 ms ge-6-24.car2.Seattle1.Level3.net [4.79.106.37] 7 438 ms 349 ms 337 ms GOOGLE-INC.car2.Seattle1.Level3.net [4.79.106.42] 8 557 ms 772 ms 501 ms 209.85.249.34 9 * * 1147 ms 209.85.249.16 10 520 ms 1626 ms * 72.14.239.12 11 527 ms 415 ms 442 ms 216.239.46.211 12 479 ms 515 ms 480 ms 64.233.174.97 13 421 ms * 1027 ms 209.85.251.125 14 517 ms 438 ms 706 ms 74.125.31.6 15 447 ms 626 ms 362 ms cg-in-f104.google.com [209.85.171.104] Trace complete. --------------------------------------------------------------------------------