The Domain Name System (DNS)

The Domain Name System (DNS) is the method by which hostnames are translated into Internet Protocol (IP) addresses in the application layer to enable network requests to find the correct destination for that request. As people, in general, prefer descriptive unique hostnames rather than having to use unique numbers as with an IP address, the DNS is extremely important to the operation of the Internet as without it hostnames like www.liverpool.ac.uk could not be translated into their IP address 209.85.147.139 (correct per Wireshark on 17 Apr 2011) and anyone using the hostname would not be able to reach the correct server. It is possible to use the IP address directly to contact the server if it is known however some servers or services use aliasing and load distribution where the IP address may change, Kurose & Ross (2010, p133-134); the DNS would handle this change from the hostname automatically (assuming that DNS caches are accurated/updated), perhaps by Dynamic Host Configuration Protocol (DHCP) IP address allocation, and therefore DNS maintains reliable routes from hostnames to services over a network.

“If the DNS server crashes, so does the entire Internet!” Kurose & Ross (2010, p135). This was evidenced only a few days ago where a UK based DNS server (not the main root server) experienced problems in maintaining IP addresses for a few thousand web sites on a particular gateway; the popular TalkTalk email gateway simply disappeared with the error message “domain does not exist” according to Kobie (2011) leaving users unable to send any email. Whilst this was only a minor issue in terms of global DNS, it affected thousands of sites and users. In addition we should remember that IPv6 is now replacing IPv4 and we are in a transition period between the two and transitional technologies are being introduced that will ensure that IPv4 content is available to IPv6 users and vice versa. However, if not done correctly this could affect the ability of a web site to work correctly where “applications no longer work correctly because a broadband provider serving its customers is using one of these transitional technologies” Doyle (2011).

As the DNS is so critical to the operation of the Internet, it has to be able to mitigate attacks that intend to compromise security and seek to stop its correct operations. Kurose & Ross (2010, p145-6) states that “DNS has demonstrated itself to be surprisingly robust against attacks” by using packet filtering against distinguishable datagrams (e.g. ICMP ping messages) in Distributed Denial of Service (DDoS) attacks and caching at various levels through the DNS which allows requests to bypass some DNS servers and reach the correct destination. This is not to say that the DNS system is completely infallible, as other attacks such as spoofing and poisoning have taken place, however such attacks are difficult to implement and have not met any major success to date.

References

Doyle, J (2011) Four Steps On The Path To IPv6 [Online]. Available at http://www.networkcomputing.com/next-gen-network/four-steps-on-the-path-to-ipv6.php (Accessed 17 Apr 2011).

Kobie, N (2011) PC Pro: DNS problem takes down TalkTalk sites [Online]. Available at http://www.pcpro.co.uk/news/366814/dns-problem-takes-down-talktalk-sites (Accessed 17 Apr 2011).

Kurose & Ross (2010) Computer Networking: A Top-Down Approach (Fifth Edition). Addison Wesley.