next up prev
The DNS database is hierarchical: there is a tree of nodes; each node can have records associated with it; each node has a label that distinguishes it from sibling nodes. The root node has the empty string ("") as its label; no other node can have this label. A node is identified by a fully-qualified domain name (FQDN), formed as a sequence of labels, starting with the node's own label, followed by its parent's label, and so on, ending with the empty label for the root node. Textually, the labels are separated by dots: somewhere.cwru.edu (or, more properly, somewhere.cwru.edu.). In queries and responses, a domain name is encoded by preceding each label with a byte giving the length of the label - limited to 63 characters - so the labels can contain arbitrary bytes, including dots and even nulls. The whole domain name, including the label-length bytes, is limited to 255 bytes.
A zone is a collection of nodes under common administrative control, including a common ancestor node. It might be a whole subtree, starting from a given node, or there might be child zones that are part of the subtree; the nodes in a child zone are not part of the parent zone. A DNS server controls one or more zones, meaning that it serves records for names in those zones, for the most part, and the parent zones' servers have delegated authority for those zones to the child server. A server makes a delegation by responding to a query with a NS (name server) record, giving the name server that is closer to the requested name. E.g., a name server for the edu domain, seeing a query for the name somewhere.cwru.edu, would respond with an NS record giving the name server for the cwru.edu domain. The node at the top of a zone has a few special records associated with it: NS records, mentioned above, and an SOA (start of authority) record, which lists the primary name server, a serial number, and other information about the domain, mostly used in zone transfers.
A DNS query includes, among other things, a domain name (e.g., somewhere.cwru.edu, a record type (e.g., A, PTR, CNAME, or the catch-all ANY, which requests all records belonging to the specified domain name), a class (almost always IN, for Internet), and an arbitrary query ID. The record type, class, and query ID are encoded as 16-bit numeric values. A query may have the RD (recursion desired) flag set, which requests the server to send supplemental queries to other name servers if it does not have the requested records available locally.
A response to a query copies the information from the query, and includes three response sections: an answer section, giving the requested records; an authority section, reminding the client of name server records so that cache entries can be refreshed; and an additional section, containing records that the server thinks may be useful to the client. It also includes an RA (recursion available) flag that specifies whether recursion was performed, if requested, and an AA bit that specifies whether the name server is an authority for the records returned. A failed request might occur if the domain name does not have any records of the requested type, or if the name does not exist. Responses distinguish between these conditions.
Zone transfers are a way of copying data from a primary server to secondary servers. A secondary server polls the primary, requesting the SOA record for the root node of the zone. It checks the serial number in this record. If the serial number has increased since the last zone transfer, the secondary sends a query for the root node, with AXFR as the query type. The primary server responds with a list of all records in the zone. There have been improvements to this strategy, involving notifying secondaries when records have changed so that polling is unnecessary, and using incremental transfers instead of sending the whole zone each time a change is made, but there are usually much easier ways to mirror this data.