DNS zone
From Wikipedia, the free encyclopedia
A DNS zone is a portion of the global Domain Name System (DNS) namespace.
Contents |
[edit] Definition
The DNS namespace is defined by RFC 1034, "Domain Names - Concepts and Facilities" and RFC 1035, "Domain Names - Implementation and Specification", and is laid out in a tree structure from right to left, such that divisions of the namespace are performed by prepending a series of characters followed by period ('.'), to the upper namespace (e.g. 'com.' to 'wikipedia.com.').
The correlation between domain names and DNS zones is that each period indicates a break in DNS namespace where authority can be delegated. This delegation may be administrative (as in top-level domains which are tracked by organizations and governments) or technical (where a system becomes responsible for the management of information within that zone) or both.
Thus a reasonable definition of a zone would be a portion of the DNS namespace where responsibility has been delegated.
[edit] The root domain and top-level domains
In the context of the current global domain system, root domain is administered by a set of 13 root servers, and delegation is handed down to organizations that administer the top-level domains (TLDs) like 'com.', 'net.', 'org.' as well as country domains like 'ie.'. Thus on a global level the DNS root may be considered a zone, as may each of the TLDs.
The majority (probably all) of these high-level delegations are both administrative and technical, but specific delegation of zones beneath these defined root elements is dependent on the organizations involved. For example, the 'uk.' domain is further broken into specific zones for specific purposes (e.g. 'co.uk.' is for companies) before being delegated to individual people or organizations.
[edit] Second-level domains
Once we reach a locally (i.e. single organization) administered portion of the DNS namespace, it becomes more flexible. However, a domain name will be represented by a single zone in the majority of cases. That zone will manage the entire domain's namespace serving out information like Internet addresses (i.e. translating "en.wikipedia.org." to 145.97.39.155) even when more complex logical divisions of the namespace are used (for example, we create a subnet and name it internal.wikipedia.org. and prepend desktop system names to it).
In more complicated scenarios a zone (e.g. 'wikipedia.org.') may well be delegated, perhaps numerous times, so that there will be a distinct 'internal.mycompany.com' zone and an 'external.mycompany.com' zone. These zones may then be administered, updated, and managed on entirely distinct systems.
[edit] Common DNS zones
The most common DNS zones are the ones already mentioned, the ubiquitous DNS root zone, and the TLDs. These are the domains that people commonly purchase to represent their companies or personal presence on the Internet (or more precisely, they purchase it to obtain a website address), but there are other zones within DNS system that play a vital role in the Internet.
The most important of these domains is the 'in-addr.arpa.' zone. The 'in-addr.arpa.' zone is a DNS zone (and, note, portion of the namespace) that holds a mapping from Internet addresses to names. This is the opposite (but not equal) transaction to normal whereby we look up a name to find an address. This can be useful in a number of ways and is detailed better in domain name system.
[edit] Technical details
The above is not very specific about the technical details of what a zone is. This is partly due to the non-specific nature of a zone (i.e. administrative/technical), as well as the many different systems that manage these zones, and finally because of the extensive use of domain-style naming for totally unrelated functions. Not that the above are problems, per-se, but they do clutter the technical discussion with qualifications and clarifications that eventually make it entirely indigestible.
[edit] Example
Let's have a look at "en.wikipedia.org." as an example. We shall take on the role of a DNS client, and attempt to read this hostname. This is a recursive process, reading the domain from right to left. At each step of the process we will know what the previous zone was, and figure out the zone we must query to find the next zone we need to enter. Finally we will reach the zone that can actually give us an IP address for the hostname.
Note: This demonstrates the recursive method of DNS resolution, using which I will highlight the DNS zones we cross in order to resolve a hostname.
[edit] Step 0
This step never really happens, but it could in theory.
- Current Zone: none
- We read the token "." from "en.wikipedia.org." - this is the dot at the right-most position in the hostname.
- We conclude the next zone is the Root zone.
- Next Zone: "."
We have entered the Root zone.
[edit] Step 1
- Current Zone: "."
- We read the token "org" from "en.wikipedia.org."
- Since we are in the Root zone, we know that we must query the table of TLDs to find out who controls the TLD ".org".
- For the sake of simplicity, let's say that we find that ".org." is controlled by "a.root-nameserver.net."
- Next Zone: ".org."
We have entered the .org zone.
[edit] Step 2
- Current Zone: ".org."
- We read the token "wikipedia" from "en.wikipedia.org."
- We are in the ".org." zone, and we know that this zone is controlled by "a.root-nameserver.net.", so we execute a DNS query to find out who controls the zone "wikipedia.org." and find out that it is controlled by several servers, the first of which is "ns1.wikimedia.org."
We have entered the wikipedia.org zone.
[edit] Step 3
- Current Zone: "wikipedia.org."
- We read the token "en" from "en.wikipedia.org."
- We are in the "wikipedia.org." zone, and we know this zone is controlled by (among others) "ns1.wikimedia.org.", so we execute a DNS query to find out about "en.wikipedia.org.", and discover that it has an A record, which is an IPv4 address for that hostname. The IP address is 91.198.174.2. That's lucky for us, since we have run out of tokens to read in the hostname. If there hadn't been an A record, then we might not have known how to translate the hostname "en.wikipedia.org." into an IP address.
We have resolved the hostname "en.wikipedia.org." into the IP address 91.198.174.2.