Cyber Conflicts: Domain Name System

Let's understand the domain name service better. 
Let's look at a domain name such as icann.org. This is essentially the address of any entity on the Internet. It can be a person or an organization on the Internet. The domain name is a mapping of this IP address, of a public computer on the Internet to a pneumonic address that can be more easily remembered or the domain name.  

 
The domain name has three parts.

The first is the subdomain labeled such as the www, which is like worldwide web or mail, M-A-I-L.


These subdomains are managed by the host of the domain and can be used to organize services offered by that host. For instance www for world wide web. And the domain labels such as ICANN in www.icann.org, it must be unique within the top level domain.

The top level domain extension is the third part such as .org, .com. And the most common top level domains are .com, .org, and .net. And since the creation of these original domains we have created several other domains related to specific countries, like ru for Russia, and in for India, and cn for China. And in 2013 ICANN began improving an expansion of the genetic top level domains from .com, org, and net to include up to 1,300 new extensions. A lot of them have been auctioned off to private entities for profit.

And the fullest of them can be available on the Internet. Anyway, it has different extensions such as .science, .iu, .dentist. And when you type an Internet address in your browser your computer makes a request to a domain name server. Now DNS servers are typically operated by your own organization or Internet service provider. Then again, local directories of the gateways. For example, if a university will operate a domain name server to manage all the internal IP addresses to easy to remember pneumonic names.
This internal domain name service can also look up Internet addresses for services that are outside of your internal network.

The domain name server, much like a phone book, it's really like a phone book. It will compare the name to a list of numbers. When it locates a match, it responds to your computer with the number for your service.

Your computer will then use that number to connect to the remote computer or to the remote host. The only difference here is that unlike a phone book the domain name servers can change their mapping as need be. It is very dynamic.

As new domain names are registered or existing computers change, the addresses, the relationship between names and numbers, they need to be constantly updated, and that happens.
Symantec Corp. The overall domain name system is set up in a hierarchy. There are 13 authoritative root servers at the top. What does that mean? These are the 13 root servers which have the complete mapping. Below these 13 servers are millions of other servers who are responsible for resolving the name values. For instance, if you give a domain name they will give you the IP addresses. They update the other name servers and cache recent snapshots of common domain name queries. And below the authoritative root zones exist a top level domain service, such as a .us, .com, or the .ru. And below that lie name servers that maintains the original copy of registrations for the domain name. So it's really a hierarchy. When a domain name is registered, the domain name system requires at least two servers to act as the primary and secondary name servers for that domain.

This redundancy is really required in case one of the servers is unreachable or fails. In addition, we have two different types of name servers, a master and a slave. The master server maintains the original copies of the domain name records in the zone. And the zone can be anything from a geographic region to a specific organization to a top level domain. And what the slave does is it basically automatically syncs in with the master. And the slave is what is the public facing end of the domain name server.
 
And the master is something that constantly updates itself. So the master updates itself as the things change, and then the slave keeps syncing itself to the master periodically. And this allows queries to be continually addressed by the slave leaving the master server able to respond to changes in the domain and records. The domain name service also has an important role to play in the delivery of mail. There are mail transfer agents that use domain name service to find out where to deliver emails for given addresses. And you can use those to create blacklists of all the addresses where emails are capable of. Even servers are capable of rejecting spam using specific IP addresses.

And so as we reject this bad host we're basically able to cause some filtration. Now, there's one important difference between a phone book and a domain name system that does not exist in the phone book. One is the phone book is a one to one mapping between the numbers and names, and the domain servers have multiple mapping. A single Internet address can correspond to multiple domain names, and multiple domain names can point to a single IP address. And multiple IP addresses can point to a single domain name. The reason for that is flexibility and scalability. If the same server is going to serve multiple domains or multiple functions and use, that's why we have multiple domain mains go to the same IP address. And to provide scalability to very large organization like Google, they can have the same domain name like google.com assigning itself to multiple IP addresses for scalability. 
 

And so that allows them to provide a fast response to any of the requests that were made in real time and that's why it is important to make sure that multiple IP addresses can be allocated to the same domain. For instance, Google had their servers scattered throughout the globe and based where the request comes from it can go to the specific IP address within the local region.   

Who manages Domain Name System?
1. your organization
2. ISP The Teacher Store