Intro to DNS 101: Dyn Chief Scientist Tom Daly

DNS 101: The Domain Name System (DNS) Tom Daly Chief Scien5st, Dyn Labs tom@dyn.com | @tomdyninc Dyn.com | @dyninc

Agenda •  Welcome and Introduc5on •  DNS Components and Terminology •  DNS is Cri5cal Internet Infrastructure •  Challenges of Opera5ng DNS •  Introduc5on to DynECT Managed DNS •  Q&A DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

Let’s dive into DNS hMp://www.ﬂickr.com/photos/maM_gibson/2559703930/sizes/o/in/photostream/

An Analogy to Start… •  Servers on the Internet have IP Addresses, like a telephone number. •  A Domain Name (like dyn.com, twiMer.com, and amazon.com) is a name badge on the Internet. •  DNS (domain name system) service is the Internet’s Telephone Book. •  If you have someone’s name, you can look up their phone number. •  DNS maps domain names to IP addresses and other pieces of network data to get you to the right place. DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

Domain Names •  Domain Names are registered through ICANN accredited registrars – companies who work with domain name registries. •  Example Registrars: –  Dyn.com –  GoDaddy –  Network Solu5ons •  Example Registries: –  .com, .net, .org, .info, .biz, .mobi, .co.uk, .com.cn, .de, .dk DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

The Domain Name System (DNS) •  Fundamentally, the DNS is a mul5-‐level database distributed throughout the world. •  DNS maps domain names to network resources, such as the IP address of a web server, FTP server, or e-‐mail server. •  This is accomplished through a variety of DNS record types. Record types give you the hint about the type of remote server you’re contac5ng. DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

The Goal: Your Customers Connect DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

Components and Terminology hMp://www.ﬂickr.com/photos/kryptos5/3281740790/sizes/z/in/photostream/

Naming in DNS •  Fully Qualiﬁed Domain Name (FQDN): A complete name for something in the DNS. –  ex: server1.www.dyn.com. –  Alterna5vely known as a “Hostname” •  Domain Name: A registered name with a registry. –  ex: dyn.com •  Subdomain Name: A registered name within a Domain, but not an FQDN. –  ex: www.dyn.com DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

The DNS Hierarchy •  There are over 141,922,316 domain names registered in the main TLDs today. •  That’s a lot of data for a single sever to have mapping informa5on about. •  The DNS is broken up into various levels to help spread out the database. •  Let’s look at how server1.www.dyn.com is setup in DNS – shall we? DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

It all starts at <root> <root> server1.www.dyn.com. ? A

With databases for each Top Level Domain <root> .com .net .org server1.www.dyn.com. ? A

With databases for each Domain in the TLD <root> .com dyn.com cnn.com cnbc.com server1.www.dyn.com. ? A

Combining data helps to ﬁnd the answer… <root> .com dyn.com server1.www.dyn.com. ? A 204.13.248.106

AuthoritaZve DNS servers have a copy of the data at every level. <root> Root DNS Servers .com .com Servers dyn.com dyn.com Servers

And delegaZons help us ﬁnd relaZonships… <root> Root DNS Servers .com .com Servers dyn.com dyn.com Servers

What are we searching for? •  FQDNs and DNS Records – Ul5mate answers about where you want to go. •  DelegaZons – Points to help you ﬁnd the right path if the current authorita5ve server doesn’t know the answer. •  DNS Security (DNSSEC) InformaZon – Secret passphrases and keys to secure DNS informa5on (an advanced topic!) DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

Popular Record Types •  (A) – point names to IPv4 addresses –  ex. dyn.com A to 204.13.248.106 •  (AAAA) – points names to IPv6 addresses –  ex. dyn.com AAAA to 2600:2001:0:3::106 •  (CNAME) – points one name to another –  ex. www.dyn.com CNAME is an alias for dyn.com •  (MX) – points email to an inbound email server –  ex. dyn.com MX to zmta-‐01-‐mht.dyndns.com. •  (SPF) – declares authorized email servers for a domain –  ex. dyn.com TXT to "v=spf1 ip4:216.146.45.0/24” DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

DNS Servers in Two Parts •  AuthoritaZve DNS: The copies of maps about where to go. –  We some5mes call this part “the Internet’s telephone book.” –  Geeks think of it as a huge, globally distributed database. –  Generally run by registrars, hos5ng providers, and managed DNS providers. •  Recursive DNS: The driver looking for maps, and taking you to the informa5on. –  More like “Directory Assistance” –  Ability to search for informa5on across lots of diﬀerent Authorita5ve DNS servers and temporarily store a copy of the info. –  Generally run by ISPs, or Dyn Internet Guide, OpenDNS, GoogleDNS DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

The AuthoritaZve DNS Server •  Clusters of authorita5ve DNS servers work together to provide redundancy. •  Delega5ons indicate all of a domain’s poten5al servers in a cluster. ns1.dyn.com ns2.dyn.com dyn.com ns3.dyn.com ns4.dyn.com DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

The Recursive DNS Server •  One or two recursive DNS servers are given to your ISP or provider – you only use one at a 5me. •  They help ﬁnd you answers about the Internet, places to go, things to do. •  Recursive DNS servers cache Recursive DNS answers for a period of 5me, DNS known as the Time to Live (TTL). •  This helps DNS be less noisy on the Internet. DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

Working Together: The Lifecycle of a DNS Request <root> Root DNS Servers .com .com Recursive Servers DNS dyn.com dyn.com Servers server1.www.dyn.com. 204.13.248.106

DNS is core Internet Infrastructure hMp://www.poslovnipuls.com/wp-‐content/uploads/2011/05/sta5s5ka_v.jpg

Internet ApplicaZons Depends on DNS •  Web: U5lizes A (IPv4) and AAAA (IPv6) records to locate web servers for web sites. •  Email: U5lizes MX records to locate email servers and to implement automated email server failover. •  An5-‐SPAM: SPF, DKIM and DMARC all used to prevent junk from gesng to the inbox. •  VPN: IPSECKEY records help secure connec5ons. •  Collabora5on: SRV records help locate chat, audio, and video conferencing bridges and components. DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

DNS for the Web DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

DNS for Email DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

DNS for VOIP DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

DNS for Audio and Video DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

Challenges of OperaZng DNS hMp://www.poslovnipuls.com/wp-‐content/uploads/2011/05/sta5s5ka_v.jpg

DNS MisconfiguraZon •  Misconfigura5on of DNS s5ll accounts for a significant number of site outages worldwide. •  State of the Art is a Text Editor: •  Some appliances have a fancy UI on them. DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

Availability and Performance •  DNS must always be available, otherwise, web, email, video, VOIP, and online services are down. •  Need to build redundancy into the network, and maintain specially clustered systems. •  Risk of aMack on your DNS? •  When things go wrong, people say: DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

Limited Visibility and Monitoring •  Except for custom tools, repor5ng for DNS is limited. •  DNS needs global monitoring and availability repor5ng. •  Can you really tell if you are up or down from within your network? •  Even worse, what happens when your customers noZce?!!! DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

SoluZon: DynECT Managed DNS hMp://www.ﬂickr.com/photos/nhuisman/3168683736/sizes/l/in/photostream/

Web UI or API? SOAP REST API API Dynamic WebUI DNS DNS API Core Engine DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

Global ResoluZon Network DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

Extensive ReporZng DNS 101: The Domain Name System (DNS) Tom Daly @tomdyninc Dyn.com | @dyninc

A Proven Track Record

And an amazing team!

Stay Tuned! DNS 102: Managing Traﬃc with DynECT Managed DNS Advanced Services October 31st @ 02:00pm Eastern Time Thanks for listening! Dyn.com | @dyninc

Thank You! Email: tom@dyn.com TwiMer: @tomdyninc Thanks for listening! Dyn.com | @dyninc

http://dyn.com	594
http://wpdev-01-dmcauliffe.mht.dyndns.com	9
http://wpdev-01-mht.dyndns.com	3
http://wpdev-01-cshaw.mht.dyndns.com	2

Intro to DNS 101: Dyn Chief Scientist Tom Daly

by Dyn on Sep 21, 2012

Accessibility

Categories

Upload Details

Usage Rights

4 Embeds 608

Statistics

Intro to DNS 101: Dyn Chief Scientist Tom Daly Presentation Transcript