DNS


News	Science	Technology	Contact	Index

DOMAIN NAME SYSTEM (DNS)

DNS protocol is utilized to identify servers by their IP addresses and aliases given their registered name. The request is usually simple, including just the name of the server. The response however is usually very complex because it contains all the addresses and aliases that the server might have. Because of this a compression algorithm is utilized in all cases to reduce the number of redundant data and the size of the datagrams. UDP is utilized to send and receive DNS requests.

DNS MESSAGE FORMAT

Header

Question

Answer

Authority

Additional

DNS HEADER FORMAT

OCTET 1,2 ID

OCTET 3,4 QR(1 bit) + OPCODE(4 bit)+ AA(1 bit) + TC(1 bit) + RD(1 bit)+ RA(1 bit) +

Z(3 bit) + RCODE(4 bit)

OCTET 5,6QDCOUNT

OCTET 7,8ANCOUNT

OCTET 9,10NSCOUNT

OCTET 11,12ARCOUNT

QUESTION FORMAT

OCTET 1,2,…n QNAME

OCTET n+1,n+2QTYPE

OCTET n+3,n+4QCLASS

ANSWER, AUTHORITY, ADDITIONAL FORMAT

OCTET 1,2,..n NAME

OCTET n+1,n+2TYPE

OCTET n+3,n+4CLASS

OCTET n+5,n+6,n+7,n+8TTL

OCTET n+9,n+10RDLENGTH

OCTET n+11,n+12,…..RDATA

DNS SESSION (example)

SEND

7E FF 03 00 21 45 00 00 40 00 02 00 00 3C 11 E0 30 CE D9 8F 1F C7 B6 78 CB 04 6D 00 35 00 2C 0D 54 00 02 01 00 00 01 00 00 00 00 00 00 04 70 6F 70 64 02 69 78 06 6E 65 74 63 6F 6D 03 63 6F 6D 00 00 01 00 01 C7 00 7E

Start 7E

Address FF 03

SEP 00 21

IP Header 45 00 00 40 00 02 00 00 3C 11 E0 30 CE D9 8F 1F C7 B6 78 CB 04 6D

UDP Header 00 35 00 2C 0D 54

DNS Header 00 02 01 00 00 01 00 00 00 00 00 00

DNS Message 04 70 6F 70 64 02 69 78 06 6E 65 74 63 6F 6D 03 63 6F 6D 00 00 01 00 01

FCS C7 00

Stop 7E

IP Header

VER=4 IHL=5 TOS=0 TOL=64 ID=2 FLG=00 FRO=00 TTL=60 PRO=17 IP_SUM=E030

SRC=206.217.143.31. DEST=199.182.120.203. OPT=00000000

UDP Header

SRC_PORT=046D DEST_PORT=0035 UDP_LEN=002C UDP_SUM=0D54

DNS Header

ID=2 QR=0 OPCODE=0 AA = 0 TC=0 RD = 1 RA=0 Z =0 RCCODE=0 QDCOUNT=1

ANCOUNT=0 NSCOUNT=0 ARCOUNT=0

DNS Message

QNAME=04 70 6F 70 64 02 69 78 06 6E 65 74 63 6F 6D 03 63 6F 6D 00 QTYPE=0001 QCLASS=0001

Client sends a UDP/IP packet with a DNS question (QR=0) as a standard query (OPCODE=0) with one entry (QDCOUNT=1). It does not include any resource in neither one of the answer, authority or additional records (ANCOUNT=0 NSCOUNT=0 ARCOUNT=0).

The QNAME specifies the domain name of the resource the client is searching for (QNAME = popd.ix.netcom.com.). Note that the periods in the domain name are replaced by the length of the name that follows. The type and class of resource the client is searching for are QTYPE=1 (Host Address), QCLASS=1 (Internet).

RECV

7E 21 45 00 01 5F F6 79 40 00 F7 11 ED 98 C7 B6 78 CB CE D9 8F 1F 00 35 04 6D 01 4B 49 AA 00 02 85 80 00 01 00 03 00 06 00 06 04 70 6F 70 64 02 69 78 06 6E 65 74 63 6F 6D 03 63 6F 6D 00 00 01 00 01 C0 0C 00 05 00 01 00 00 00 3C 00 19 04 70 6F 70 64 04 62 65 73 74 02 69 78 06 6E 65 74 63 6F 6D 03 63 6F 6D 00 C0 30 00 05 00 01 00 00 00 00 00 06 03 69 78 36 C0 3A C0 55 00 01 00 01 00 00 1C 20 00 04 C7 B6 78 06 C0 3A 00 02 00 01 00 00 1C 20 00 06 03 6E 73 31 C0 3A C0 3A 00 02 00 01 00 00 1C 20 00 06 03 6E 73 32 C0 3A C0 3A 00 02 00 01 00 00 1C 20 00 06 03 6E 73 33 C0 3A C0 3A 00 02 00 01 00 00 1C 20 00 06 03 6E 73 34 C0 3A C0 3A 00 02 00 01 00 00 1C 20 00 0C 09 64 66 77 2D 69 78 6E 73 31 C0 3A C0 3A 00 02 00 01 00 00 1C 20 00 0C 09 64 66 77 2D 69 78 6E 73 32 C0 3A C0 77 00 01 00 01 00 00 1C 20 00 04 C7 B6 78 CB C0 89 00 01 00 01 00 00 1C 20 00 04 C7 B6 78 CA C0 9B 00 01 00 01 00 00 1C 20 00 04 C7 B6 78 01 C0 AD 00 01 00 01 00 00 1C 20 00 04 C7 B6 78 02 C0 BF 00 01 00 01 00 00 1C 20 00 04 CE D6 62 21 C0 D7 00 01 00 01 00 00 1C 20 00 04 CE D6 62 22 C8 4C 7E

IP Header

VER=4 IHL=5 TOS=0 TOL=351 ID=63097 FLG=02 FRO=00 TTL=247 PRO=17 IP_SUM=ED98

SRC=199.182.120.203. DEST=206.217.143.31. OPT=00000000

UDP Header

SRC_PORT=0035 DEST_PORT=046D UDP_LEN=014B UDP_SUM=49AA

DNS Header

ID=2 QR=1 OPCODE=0 AA=1 TC=0 RD=1 RA=1 RCODE=0 QDCOUNT=1 ANCOUNT=3 NSCOUNT=6 ARCOUNT=6

Server sends a response (QR=1) to the client standard query (OPCODE=0).

Server is an authority for the domain name (AA=1) and can support recursive queries (RA=1).

No errors occurred in the client's query (RCODE=0). The response has 1 entry in the question section (QDCOUNT=1), 3 resource records in the answer section (ANCOUNT=3), 6 resource records in the authority section (NSCOUNT=6) and 6 resource records in the additional records section (ARCOUNT=6). Note that offsets are used to replace domain names and reduce the size of the DNS message.

Start 7E

SEP 21

IP Header 45 00 01 5F F6 79 40 00 F7 11 ED 98 C7 B6 78 CB CE D9 8F 1F

UDP Header 00 35 04 6D 01 4B 49 AA

DNS Header 00 02 85 80 00 01 00 03 00 06 00 06

QUESTION 04 70 6F 70 64 02 69 78 06 6E 65 74 63 6F 6D 03 63 6F 6D 00 00 01 00 01

ANSWER

Name [C0 0C] (offset to position 12 of the DNS message)

Type [00 05] Class [00 01] TTL [00 00 00 3C] RDLENGTH [00 19]

RDDATA [04 70 6F 70 64 04 62 65 73 74 02 69 78 06 6E 65 74 63 6F 6D 03 63 6F 6D 00]

C0 30 00 05 00 01 00 00 00 00 00 06

03 69 78 36 C0 3A

C0 55 00 01 00 01 00 00 1C 20 00 04 C7 B6 78 06

AUTHORITY

C0 3A 00 02 00 01 00 00 1C 20 00 06

03 6E 73 31

C0 3A C0 3A 00 02 00 01 00 00 1C 20 00 06

03 6E 73 32 C0 3A

C0 3A 00 02 00 01 00 00 1C 20 00 06

03 6E 73 33 C0 3A

C0 3A 00 02 00 01 00 00 1C 20 00 06

03 6E 73 34 C0 3A

C0 3A 00 02 00 01 00 00 1C 20 00 0C 09

64 66 77 2D 69 78 6E 73 31 C0 3A

C0 3A 00 02 00 01 00 00 1C 20 00 0C 09

64 66 77 2D 69 78 6E 73 32 C0 3A

ADDITIONAL

C0 77 00 01 00 01 00 00 1C 20 00 04

C7 B6 78 CB

C0 89 00 01 00 01 00 00 1C 20 00 04

C7 B6 78 CA

C0 9B 00 01 00 01 00 00 1C 20 00 04

C7 B6 78 01

C0 AD 00 01 00 01 00 00 1C 20 00 04

C7 B6 78 02

C0 BF 00 01 00 01 00 00 1C 20 00 04

CE D6 62 21

C0 D7 00 01 00 01 00 00 1C 20 00 04

CE D6 62 22

FCS C8 4C

Stop 7E

QUESTION

popd.ix.netcom.com QTYPE=1 QCLASS=1

ANSWERS

NAME: .popd.ix.netcom.com

RDDATA: .popd.best.ix.netcom.com TYPE=5 CLASS=1 TTL=60

NAME: .popd.best.ix.netcom.com

RDDATA: .ix6.ix.netcom.com TYPE=5 CLASS=1 TTL=0

NAME: .ix6.ix.netcom.com

RDDATA: 199.182.120.6. TYPE=1 CLASS=1 TTL=7200

AUTORITIES

NAME: .ix.netcom.com

RDDATA: .ns1.ix.netcom.com TYPE=2 CLASS=1 TTL=7200

NAME: .ix.netcom.com

RDDATA: .ns2.ix.netcom.com TYPE=2 CLASS=1 TTL=7200

NAME: .ix.netcom.com

RDDATA: .ns3.ix.netcom.com TYPE=2 CLASS=1 TTL=7200

NAME: .ix.netcom.com

RDDATA: .ns4.ix.netcom.com TYPE=2 CLASS=1 TTL=7200

NAME: .ix.netcom.com

RDDATA: .dfw-ixns1.ix.netcom.com TYPE=2 CLASS=1 TTL=7200

NAME: .ix.netcom.com

RDDATA: .dfw-ixns2.ix.netcom.com TYPE=2 CLASS=1 TTL=7200

ADDITIONAL RECORDS

NAME: .ns1.ix.netcom.com

RDDATA: 199.182.120.203. TYPE=1 CLASS=1 TTL=7200

NAME: .ns2.ix.netcom.com

RDDATA: 199.182.120.202. TYPE=1 CLASS=1 TTL=7200

NAME: .ns3.ix.netcom.com

RDDATA: 199.182.120.1. TYPE=1 CLASS=1 TTL=7200

NAME: .ns4.ix.netcom.com

RDDATA: 199.182.120.2. TYPE=1 CLASS=1 TTL=7200

NAME: .dfw-ixns1.ix.netcom.com

RDDATA: 206.214.98.33. TYPE=1 CLASS=1 TTL=7200

NAME: .dfw-ixns2.ix.netcom.com

RDDATA: 206.214.98.34. TYPE=1 CLASS=1 TTL=7200

DNS Address = 199.182.120.6.

[News] [Science] [Technology] [Contact] [Index]

Contact email: qooljaq@qooljaq.com