The document discusses the Domain Name System (DNS) and how it works. DNS is an internet directory service that maps hostnames to IP addresses, allowing users to use names instead of numbers. It uses a distributed, hierarchical system of name servers to perform this name resolution in a scalable way. DNS caches mappings for performance, starting queries at the highest level domains and following delegations between servers until the answer is found. DNS has become a major attack vector, so protection of DNS infrastructure and traffic is important.

1. 1
DOMAIN NAME SYSTEM

2. WHAT IS DNS?
 Internet Directory Service.
 A client-server application that maps host
names into their corresponding IP addresses.
 Mapping host names into their corresponding
IP addresses is called name resolution or
name translation or name mapping or
Address Resolution.
2

3. WHY WE NEED DNS?
 As the system grew, HOSTS.TXT had problems
with:
 Scalability (traffic and load)
 Reliability
 Dynamicity
 Name collisions
 Consistency
3

4. WHY WE NEED TO USE NAME
INSTEAD OF IP NUMBERS?
 IP addresses are difficult to remember
 IP addresses can change
•Problem:
Network only understands numeric addresses
•Solution:
Use alpha numeric names to refer to hosts
Add a distributed, hierarchical protocol (called
DNS) to map between alpha numeric host
names and IP addresses.
4

5. THE DNS NAME SPACE
 The Internet is divided into more than 200 top-level
domains
 Domain: It is sub tree of the domain name space
and consists of group of hosts that are under the
administrative control of a single entity such as a
company or a government agency
 Each domain is sub divided into sub domains
 The leaves represent domains that have no sub
domains
 A leaf domain may contain a single host, or
represent a company with thousands of hosts
5

6. THE DNS NAME SPACE
 Top level domains
 A portion of the Internet domain name space 6

7. DOMAIN
 Domain is a sub tree of domain name space
 Root node is empty
 Domain is divided into sub-domains
 Domain name is the domain name of the node at
the top of the sub tree
7
Sub
Sub
Sub

8. HIERARCHY OF NAME SERVERS
 DNS is a distributed data base system
 Uses a large number of computers called name servers
 Organized in a hierarchical way and distributed all over
the world
 No single host has all the exact mappings for all the
hosts in the Internet
8

9. HOW DNS WORKS
 A network host is configured with an initial cache (so
called hints) of the known addresses of the root name
servers. Such a hint file is updated periodically by an
administrator from are liable source.
 DNS zone is loaded on authoritative servers keep in sync
using information in SOA RR via AXFR, IXFR or other
means.
 DNS caches only store data for a short time.
 DNS Recursive Resolvers start at “longest match” on
query name they have when looking for data, and follow
delegations until an answer or a negative answer is
received. 9

10. HOW DNS WORKS
10

11. ADVANCED DNS PROTECTION
 DNS is one of the fastest growing attack vectors.
DNS is now tied with http as the top targeted
service of application layer attacks and is the
number one protocol used in reflection/
amplification attacks. DNS-based attacks can bring
down the network or redirect users away from your
website.
11

12. INFOBLOX ADVANCED DNS PROTECTION
12

13. 13