Paul Vixie
Abstract
DNS is a distributed, coherent, reliable, autonomous, hierarchical database, the first and only one of its kind. Created in the 1980s when the Internet was still young but overrunning its original system for translating host names into IP addresses, DNS is one of the foundation technologies that made the worldwide Internet possible. Yet this did not all happen smoothly, and DNS technology has been periodically refreshed and refined. Though it’s still possible to describe DNS in simple terms, the underlying details are by now quite sublime. This article explores the supposed and true definitions of DNS and shows some of the tension between these two definitions through the lens of the Internet protocol development philosophy.
- Davis, C., Vixie, P., Goodwin, T., Dickinson, I. 1996. A means for expressing location information in the Domain Name System. IETF; http://www.ietf.org/rfc/rfc1876.txt. Google Scholar
Digital Library
- Gulbrandsen, A., Vixie, P., Esibov, L. 2000. A DNS RR for specifying the location of services. IETF; http://www. ietf.org/rfc/rfc2782.txt. Google ScholarDigital Library
- Vixie, P. 1996. A mechanism for prompt notification of zone changes. IETF; http://www.ietf.org/rfc/rfc1996.txt. Google ScholarDigital Library
- Vixie, P., et al. 1997. Dynamic updates in the domain name system. IETF; http://www.ietf.org/rfc/rfc2136.txt. Google ScholarDigital Library
- Vixie, P., et al. 2000. Secret key transaction authentication for DNS. IETF; http://tools.ietf.org/html/rfc2845. Google ScholarDigital Library
- Vixie, P., Kato, A. 2004. Modern DNS as a coherent dynamic universal database. IEICE Transactions on Communications (October).Google Scholar
Index Terms
- DNS Complexity: Although it contains just a few simple rules, DNS has grown into an enormously complex system.
Recommendations
DNS Observatory: The Big Picture of the DNS
IMC '19: Proceedings of the Internet Measurement ConferenceThe Domain Name System (DNS) is thought of as having the simple-sounding task of resolving domains into IP addresses. With its stub resolvers, different layers of recursive resolvers, authoritative nameservers, a multitude of query types, and DNSSEC, ...
Comparing DNS resolvers in the wild
IMC '10: Proceedings of the 10th ACM SIGCOMM conference on Internet measurementThe Domain Name System (DNS) is a fundamental building block of the Internet. Today, the performance of more and more applications depend not only on the responsiveness of DNS, but also the exact answer returned by the queried DNS resolver, e.g., for ...
Securing DNS: Extending DNS Servers with a DNSSEC Validator
DNS Security Extensions (DNSSEC) is a proposed standard for securely authenticating information in the Domain Name System. DNSSEC validators check the digital signatures on DNS data. However, designing a validator worth the operational costs is a ...
Comments