Domain Name System DNS (Domain Name System)

The internet has rapidly grown and expanded. Its expansion and progress is unstoppable as the rate of growth recently has been increasing tremendously. With a few keystrokes one is able to visit an online library, bookstore, newsstands, and connect with family and friends. Nowadays searching for a website or email is like visiting a library. As is the case with physical addresses, the internet to uses addresses to locate specific devices found online. "The addresses can either be 32 or 128 bit number, which is referred to as Internet Protocol (IP) addresses" Graham, 2001, p. 35.

The virtual world too uses names referred to as domains, just as in the physical world. Domain names are easily remembered and more informative than the IP addresses. To ensure that domain names are properly associated with their respective IP addresses, the internet uses Name servers. These name servers translate the domain name into its respective IP address. "Domain Name System (DNS) is a protocol found in the set of standards that govern how computers exchange data and information on the internet" Implications & Council, 2005, p. 20.

As earlier mentioned computers on the internet are identified using their IP addresses. These addresses are not easy to remember, and that is why they are converted into domain names. DNS name resolution is the process of converting a domain name into its respective IP address. Whenever a person send an email or visits a website, the computer the person is using for this purpose will use a DNS server to search for the specific address the person is trying to access.

Domain Name System history

DNS was invented in the early 1980's. According to Bixler, Chambers, and Phillips (2002)

"before this networked computers would retrieve a HOSTS.TXT file, which was used for the mapping of domain names with numerical address." With the rapid growth of the internet, it was impossible to maintain the central hosts file because system administrators had to be disciplined enough to ensure that they always pick the updated version regularly. With the rapid growth, this meant that the administrators had to retrieve a large host's file more frequent. There was also only one single central authority that was responsible for updating, and adding names on the file. This was a problem as the authority did not have a way of ensuring that the changes are correct.

The limitations of the host file led to the need for another system that would offer the same functionality, but would also be consistent, distributed, autonomous, and reliable. This requirement is what gave birth to DNS. DNS system is hierarchical, which allows different administrators to make changes. This makes it distributed. Autonomy is allowed as administrators have the right and capability to make independent of others. DNS is reliable as changes made are propagated automatically. Consistency is ensured by having the same response been provided when requests are made from different locations.

Sekiya, Cho, Kato, & Murai, 2006()

posits "DNS servers have the sole responsibility of translating domain names into IP addresses." Though this seems to be an easy task, and it would be one were it not for some factors. These factors include currently there are many machines that are using human readable names and the IP addresses in use are in billions. The DNS servers have to process billions of requests every second. There are millions of people who keep on changing their IP addresses and domain names each day. These factors make the work of DNS servers more difficult because any changes have to be propagated automatically. DNS servers rely heavily on internet protocols and network efficiency to ensure that it handles requests effectively.

Building blocks of DNS

"DNS consists of three main components namely servers, resolvers, and content" Vixie, 2009, p. 44.

The DNS infrastructure is formed of servers and...

Domains make up the content of DNS. A DNS server is also referred to as a name server. Its main job is storing domain names and their corresponding IP addresses. It is also charged with retrieving domain names from other DNS servers. The DNS server will store in its cache the responses it receives from other DNS servers temporarily, which reduces the need to keep fetching the information from other servers. This reduces unnecessary network traffic. The DNS clients that are charged with querying the name server are referred to as resolvers. A resolver will generally send a query to three or more name servers at a single time. The main work for the DNS content is translation of domain names to IP addresses, and routing of emails. The DNS will indicate where a specific email should be delivered. The routing of emails is made more robust by including alternative routes in the DNS.
DNS Meta information is used to establish where a specific domain can be found. The DNS content is stored in a tree structure, which has a high level referred to as root. In the hierarchical structure, the name provides information regarding the type and location of organization. Domain names that end with .uk are related to United Kingdom. It is also possible to navigate through the DNS structure by using the DNS Meta information. The DNS structure allows a branch responsibility to be delegated to other parties. For example, in the .com branch responsibilities can be delegated to Google, or Yahoo. This would create the domain google.com or yahoo.com. The content found in each domain needs to be maintained and updated regularly, which is the responsibility of the webmaster.

Primary and secondary DNS servers

The primary and secondary DNS server is where a domain name is saved. On both servers, the information is usually the same. The Internet Service Provider (ISP) or host provider will configure the values for the two servers. Ballard (2005, p. 67)

says "the main purpose of the secondary DNS server is for backup in case the primary DNS fails." This is mainly because there is no guarantee that the primary DNS will work at all times. Any domain name can function with its primary DNS only, but to ensure that the domain is available at all times there is need for a secondary DNS.

IPv4 and IPv6 with DNS

Since the internet was established it has been using IPv4 addresses. These addresses consist of four numbers that are separated by three decimals e.g. 173.194.34.39, which is the IP address for google.com. These addresses have all been allocated, and they will soon be exhausted. This has led to the need to a new technology that would succeed IPv4. The new system is referred to as IPv6, which will offer more numerical addresses and will simplify the address assignments. IPv6 will also provide additional features in network security. IPv6 comprises of eight hexadecimal numbers that are separated by colons e.g. 2a00:1450:4007:804::1013, which is the IPv6 address for google.com. The IPv6 addresses make use of 128 bits while IPv4 uses 32 bits. This means that the addresses will manage to support the rapid growth of domains that is been experienced currently.

Security issues

DNS servers are faced with security issues. Initially the internet was intended for a small community, but it is nowadays been used all over the world. This had led to several vulnerabilities. DNS cache poisoning is one of the vulnerabilities that DNS servers are exposed to. Caching resolvers are distributed with data that has been indicated to come from a genuine server. This would result in requests been forwarded to malicious servers. The best way to resolve this issue is by adding cryptographically signed responses, which would ensure that the data received is from a genuine source. The use of domain names that seem identical can be used for spoofing. For example, it would be difficult for a user to differentiate paypal.com and paypa1.com. The latter website could be used for malicious purposes. This is…