Monday, January 4, 2010

How domain name system is controlled?

SkyHi @ Monday, January 04, 2010
Question:

I do not know how domain name system can avoid duplicate entries of same domain name across globe.



Say I start a domain name server and map domain google.com to my ip
address, how other domain name servers detect the ambiguity? Who is
responsible for avoiding such duplicates?


Answers:

The reason it wouldn't matter is because no one will ever ask your personal DNS server to resolve google.com.



Let's say I ask my browser for google.com. Here are the steps my
ISP's recursive nameserver goes through, assuming google's A record is
not locally cached:



  1. I request the DNS A record for google.com from my ISP's nameserver (and it's not in my personal DNS cache).
  2. If it's not recently cached, the nameserver knows it's not
    authoritative for the google.com zone, so it can't look it up in the
    local zone database. Thus, it asks a random one of the 13 root
    nameservers about google.com.
  3. The root server sends the ISP's nameserver to the Global Top-Level Domain server for the .COM TLD, using their NS records.
  4. The GTLD nameserver also doesn't know where google.com is, but it
    sends the nameserver the records for nameservers that are authoritative
    for the google.com zone.
  5. Now our nameserver asks the authoritative server, and it returns
    the A record for google.com, which is returned to us (and cached on the
    ISP's nameserver to avoid having to go through all this again).


As you can see, at no point in that process will I or my nameserver ask your DNS server where google.com is.



Now, there are potential vulnerabilities, through cache poisoning
and other similar attacks. One of the most famous is the Kaminsky
vulnerability.



For an awesome step-by-step guide to DNS resolution, plus descriptions of the serious issues and vulnerabilities, check out this illustrated guide.


A small point of contention here: Your ISP's
DNS servers don't query the root servers for Google's A record. The
root servers answer queries regarding the gTLD's. Ignoring any
cacheing, here's how it would go:



  1. Your ISP's DNS server will query a root server to find the authorative name server(s) for the .com gTLD

  2. Your ISP's DNS server will then query one of the gTLD servers
    responsible for the .com domain to find the authorative name server(s)
    for Google

  3. Your ISP's DNS server will then query one of Googles name servers for the A record



The root servers are responsible for the . domain and the gTLD
servers are responsible for the .com, .edu, etc. domains. The root
servers don't know anything about any domain under .com, .edu, etc.



There are two levels of hierarchy at work here:



a.root-servers.net through m.root-servers.net - responsible for the . domain



a.gtld-servers.net through m.gtld-servers.net - responsible for the .com, .edu, etc. domains


Reference: http://serverfault.com/questions/96887/how-domain-name-system-is-controlled/96889#96889