DNS

  1. Domain name system (DNS)
    1. NetBIOS name system (NBNS)
    2. Records
    3. Load balancing
  2. IPv6 DNS

Domain name system (DNS)

  • hierarchy: 13 root servers
  • UDP 53
  • TCP 53: between authoritative servers
    • data synchronization
    • packet size > 512 bytes
  • server types
    • authoritative: responsible for DNS zone
    • non-authoritative: serve requests using cache
  • modes
    • recursive
      • server itself polls upstream servers, then returns ultimate reply to the client
      • client interacts with one server
      • high load on server
    • iterative
      • server redirects to other servers
      • root servers operation mode
  • TLD: top level domain
  • RIR:
    • authoritative NS for /8 for reverse lookup
    • serves info according to RIR DB
; use DNS
(config)# ip domain-lookup

; DNS server address
(config)# ip name-server <IP>

NetBIOS name system (NBNS)

  • L2-segment scope
  • Windows internet NS (WINS)

Records

  • 255 bytes max
  • NS: authoritative server
  • MX: mail exchange
  • A: IPv4 address
  • AAAA: IPv6 address
  • CNAME: alternative name
  • PTR: reverse DNS (.in-addr.arpa or .ip6.arpa)
  • SRV service record
    • weighted load balancing
    • AD + DNS modify weight so that host selects closest controller
    • format: _service._proto.name TTL class SRV priority weight port target
  • HTTPS
    • server public key for TLS ECH
    • ALPN
    • IP addresses
  • NSEC
    • list of DNS record types that exist for the name

Load balancing

  • serve addresses in varying order: clients use first address from list → load-balancing
  • GeoIP-based
  • weights in SRV record

IPv6 DNS

  • AAAA record (A6 deprecated)
  • 2001:db8:800::1 → 1.0.0.0. … .0.0.8.0.8.b.d.0.1.0.0.2.ip6.arpa