Types of DNS queries
By Sandra Henry-Stocker Last week, we followed a DNS query from the point at which the user pressed his enter key, resulting in a DNS request, to the point at which the IP address of the target system was returned to the user's process. What we glossed over -- in describing the way that the DNS client makes a request of its server and the DNS server tracks down the required data, enlisting the services of the root domain servers to find the responsible (authoritative) server for the target domain -- were a number of distinct types of queries that DNS servers make. These are called recursive, iterative, inverse and reverse lookup queries. Recursive queries Recursive queries are like putting a street address in MapQuest and requesting directions from your office. You get a complete answer and it might even be accurate. A recursive query is one for which a domain server fully takes on the responsibility for getting the answer. There are only three valid responses to a recursive query: 1. The IP address of the target system 2. An error that says the host or domain does not exist 3. A lookup failure (e.g., saying that the server cannot reach other DNS servers -- maybe due to networking problems) What a name server does not do when conducting a recursive query is refer the client to other DNS servers. Instead, it makes all of the subsequent queries needed to arrive at one of the three acceptable responses. DNS servers are not required to service recursive requests, though many do. A named.conf file for a DNS server that supports recursion might begin like this: options { directory "/var/named"; recursion yes; DNS servers that support recursion take on more work on behalf of their clients. Iterative queries An iterative query is like asking for directions from someone who doesn't live in the area. They might be able to move you a little closer to your goal, but they aren't likely to be able to give you exact directions or get you to your destination. When a server makes an iterative query, it responds to the resolver on the client system with a partial answer. This answer may be the IP address for the target domain. The client resolver then has to make another query. And, if the record sent back is a CNAME (i.e., alias) record, it has to make yet another query to resolve the real name of the target system into an IP address. Inverse queries and reverse lookups DNS servers can also start with an IP address and return the associated FQDNs. This type of query is useful, for example, in verifying that a system representing itself as mail.trustme.org really is mail.trustme.org. DNS has two type of queries for doing this kind of search - inverse queries and reverse lookups. Inverse queries, defined in RFC 1035, are simple in concept but problematical in operation. DNS servers that support inverse queries have to conduct an exhaustive of its data to find records for the requested IP address or maintain a separate database set up to facilitate these searches. Reverse lookups use pointer (PTR) records to make the process of deriving a host name from an IP address straight-forward. PTR records did not exist in the early DNS servers. What type of query are you using? For the most part, the type of query that a DNS client makes is transparent to the end user, just as most of what DNS does on the user's behalf is transparent. However, only DNS servers that support recursive queries will make recursive queries. A client's request, therefore, usually includes a request that the query be made recursively. While we can't get into all the details of the DNS resolver running on each host, we can grab a few packets of the local net and take a look at the DNS requests that are being made. When we do, we see requests such as this excerpt from a snoop on port 53: DNS: ----- DNS Header ----- DNS: DNS: Query ID = 19968 DNS: Opcode: Query DNS: RD (Recursion Desired) DNS: 1 question(s) DNS: Domain Name: world.std.com. DNS: Class: 1 (Internet) DNS: Type: 1 (Address) DNS: and this kind of reply: DNS: ----- DNS Header ----- DNS: DNS: Response ID = 19968 DNS: RA (Recursion Available) DNS: Response Code: 0 (OK) DNS: Reply to 1 question(s) DNS: Domain Name: world.std.com. DNS: Class: 1 (Internet) DNS: Type: 1 (Address) DNS: DNS: 1 answer(s) DNS: Domain Name: world.std.com. DNS: Class: 1 (Internet) DNS: Type: 1 (Address) DNS: TTL (Time To Live): 172800 DNS: Address: 192.74.137.5 DNS: DNS: 2 name server resource(s) DNS: Domain Name: std.com. DNS: Class: 1 (Internet) DNS: Type: 2 (Authoritative Name Server) DNS: TTL (Time To Live): 172800 DNS: Authoritative Name Server: dns.std.com. DNS: DNS: Domain Name: std.com. DNS: Class: 1 (Internet) DNS: Type: 2 (Authoritative Name Server) DNS: TTL (Time To Live): 172800 DNS: Authoritative Name Server: dns.theworld.com. DNS: DNS: 2 additional record(s) DNS: Domain Name: dns.std.com. DNS: Class: 1 (Internet) DNS: Type: 1 (Address) DNS: TTL (Time To Live): 172800 DNS: Address: 192.74.137.5 DNS: DNS: Domain Name: dns.theworld.com. DNS: Class: 1 (Internet) DNS: Type: 1 (Address) DNS: TTL (Time To Live): 172800 DNS: Address: 192.74.137.112 DNS: There's a lot more to understanding DNS than knowing the basic record types. How queries are processed and host names resolved involves a lot more than your local settings. ________________________________________________________________________________ SPONSORED LINK Improving Productivity & Lowering Costs Through Asset Management Let Netopia present you with a practical approach to reducing the cost of supporting PC's in a multi-platform environment. Learn how to realize increased benefits from network computing. Find out about the advantages of network-based asset management tools. Discover how to create and carry out an asset management plans. Understand inventory and asset tracking. And hear about the software distribution, auditing and metering capabilities found in Netopia's netOctopus: The comprehensive system administration solution. Download this Free White Paper now. http://ui.unixinsider.com/GoNow/a14724a111262a76264127a2 ________________________________________________________________________________ About the author(s) ------------------- Sandra Henry-Stocker has been administering Unix systems for nearly 18 years. She describes herself as "USL" (Unix as a second language) but remembers enough English to write books and buy groceries. She currently works for TeleCommunication Systems, a wireless communications company, in Annapolis, Maryland, where no one else necessarily shares any of her opinions. She lives with her second family on a small farm on Maryland's Eastern Shore. Send comments and suggestions to mailto:sstocker@itworld.com. ________________________________________________________________________________ ITWORLD.COM RESOURCES The global standard for website security Discover what virtually every Fortune 500 company already knows. Digital security through VeriSign is the only way to go. Watch this webcast now! http://ui.unixinsider.com/GoNow/a14724a111262a76264127a1 ________________________________________________________________________________ CUSTOMER SERVICE VIEW YOUR NEWSLETTERS http://www.itworld.com/nl/registration UNSUBSCRIBE For instruction on how to unsubscribe, go to: http://www.itworld.com/response/site_support.html#unsubnl CHANGE YOUR E-MAIL ADDRESS To change your e-mail, go to: http://www.itworld.com/nl/email For instruction on how to change your e-mail address, go to: http://www.itworld.com/response/site_support.html#email NEWSLETTER ARCHIVES http://www.itworld.com/nl/archive.html NEWSLETTER FAQS For commonly asked newsletter questions, go to: http://www.itworld.com/response/site_support.html ________________________________________________________________________________ CONTACTS * Advertising: Clare O'Brien, Vice President of Sales, clare_obrien@accelacommunications.com * Other inquiries: Jodie Naze, Director, ITworld.com Site Network, jodie_naze@accelacommunications.com ________________________________________________________________________________ PRIVACY POLICY http://www.itworld.com/Privacy/ ITworld.com is a product of: Accela Communications, Inc. 118 Turnpike Road Southborough, MA 01772 USA Copyright 2004 Accela Communications, Inc., All Rights Reserved. http://www.accelacommunications.com ________________________________________________________________________ VISIT OUR SITE NETWORK http://open.itworld.com http://security.itworld.com http://smallbusiness.itworld.com http://storage.itworld.com http://utilitycomputing.itworld.com http://wireless.itworld.com http://www.itworld.com