Domain Name Services
Although TCP/IP uses IP addresses to locate and connect to hosts
(computers and other TCP/IP network devices), users typically prefer to use
friendly names.
Just like the telephone network, contacting another
computer on the computer network is done by requesting a connection to its
numeric address. For example, to download the home page from the School of
Medicine's main web server, your computer has to make a connection to
computer 146.9.8.16.
These numbers, "IP addresses", are much longer and
harder to remember than telephone numbers. To make the network easier to
use, a "telephone book" equivalent must be kept by the network
administrators. This lets the computer user ask for a connection to www.med.wayne.edu" instead of
146.9.8.16. When a DNS server receives a DNS query, it attempts to
locate the requested information by retrieving data from its local zones
(domains). If this fails because the server is not authoritative for the DNS
domain requested and thus does not have the data for the requested domain,
the server can check its cache, communicate with other DNS servers to
resolve the request, or refer the client to another DNS server that might
know the answer. When you enter "www.med.wayne.edu",
your computer then asks the central DNS server which looks up the IP
address, and gives it back to your computer so that it can handle your
request.
This "telephone book" equivalent is called the Domain
Name System ("DNS"). Every networked computer that provides internet-based
services needs to be assigned a name in this directory. The DNS also
controls the routing of email to all of the various departmental addresses
within the "med.wayne.edu" domain and elsewhere.
On the Internet, before the implementation of DNS, the
use of names to locate resources on TCP/IP networks was supported by a file
called Hosts. Network administrators entered names and IP addresses into
Hosts, and computers used the file for name resolution.
Both the Hosts file and DNS use a namespace. A
namespace is a grouping in which names can be used to symbolically
represent another type of information, such as an IP address, and in which
specific rules are established that determine how names can be created and
used. Some namespaces, such as DNS, are hierarchically structured and
provide rules that allow for the namespace to be divided into subsets of
names for distributing and delegating parts of the namespace. Other
namespaces, such as the Hosts namespace cannot be divided and must be
distributed in their entirety. Because of this, using the Hosts file posed a
problem for network administrators. As the number of computers and users on
the Internet grew, the task of updating and distributing the Hosts file
became unmanageable.
DNS replaces the Hosts file with a distributed
database that implements a hierarchical naming system. This naming system
allows for growth on the Internet and the creation of names that are unique
throughout the Internet and private TCP/IP-based intranets. It also
reduces the likelihood of a single point of DNS failure by spreading the
load and data on different DNS servers on the internet. The SOM DNS
servers are "Authoritative" for the med.wayne.edu domain. This means
that all the other DNS servers on the internet only ask the SOM DNS server
for information.
The DNS is one of the more difficult areas of system
administration. But thanks to Dynamic DNS things are going to get
easier. Dynamic update is a new standard that provides a
means of dynamically updating zone data on a zone’s primary server.
Originally, DNS was designed to support only static
changes to a zone database. Because of the design limitations of static DNS,
the ability to add, remove, or modify resource records could only be
performed manually by a DNS system administrator. For example, a DNS
system administrator would edit records on a zone’s primary server and the
revised zone database is then propagated to secondary servers during zone
transfer. This design is workable when the number of changes is small and
updates occur infrequently, but can otherwise become unmanageable.
With dynamic update, on the other hand, the primary
server for the zone can also be configured to support updates that are
initiated by another computer or device that supports dynamic update. For
example, it can receive updates from workstations or from DHCP servers.
This means that when a computer starts it can register it's DNS name and IP
address with the DNS server automatically.
For the SoM environment, MSIS wanted to use DDNS for
all the Windows 2000 and XP machines for ease of management which many of
the management features use DNS resolution. But we didn't necessarily
want all these workstations registering in DNS and making themselves known
to the whole internet. So the current DNS design is that we have two
separate DNS systems for med.wayne.edu. One is a Windows 2000 DNS
server with it's secondary as backup which is to provide DNS services for
all the workstations and the Windows Active Directory environment. The
other DNS server is a Solaris Operating System running BIND which is the
true "authoritative" source for the med.wayne.edu domain and provides DNS
services for computers on the internet that are trying to find med.wayne.edu
services. So essentially, the idea is that we have one for internal
use and one for external use...a Intranet DNS server and a Internet DNS
server.
The only downside to this is that when new servers
that require for people outside SOM to have access to then we must add a
record to both systems but we've had to do that all along. But this
method allows us to leverage the SOM Windows networking environment so that
all it's services and functionality remain intact.
Home
