P. Mockapetris, K. Dunlap, “Development of the Domain Name System,” ACM SIGCOMM Conference, 1988. [ACM]
Summary
The Domain Name System (DNS) was first proposed (circa 1982) to address the problems faced by the then existing HOSTS.TXT-based “host name to address” translation mechanism, which was suffering from scalability and distribution issues along with other problems common to any centralized system. This paper (circa 1988) gives an overview of the experiences in using DNS since its inception.
DNS Design
DNS design was motivated by several requirements: scalability, performance, decentralization, interoperability, and support for various topologies and OSes. Based on these goals, DNS was designed as a hierarchical name space to create a distributed and lean database that primarily maps names to addresses and performs some other mapping tasks. The internal name space is a variable-depth tree, where each node in the tree has an associated label. The domain name of a node is the concatenation of all the labels. Data for each name in DNS is organized as a set of resource records (RRs), each carrying a pre-defined type and class field, followed by applications data.
The DNS tree is divided into zones controlled by different organizations. Each zone can be a contiguous section of the tree, even though it is typically a simple subtree. Administrative authority flows hierarchically from top-to-bottom among zones. The active components of DNS are name servers, which store information and answer queries, and resolvers, which interface to client programs and find appropriate name servers. A particular name server can support any number of zones which may or may not be contagious and the name server need not be part of that zone. Answers originating from zone data are marked as being authoritative. DNS resolvers and combined name server/resolver programs also cache responses for later use. Each RR contains a TTL field that controls how long it can be cached.
Experiences
- At the time of writing this paper, most queries could be classified into four categories: all information (25-40%), host name to address mappings (30-40%), address to host mappings (10-15%), and MX lookups (10%).
- Response times experienced by clients varied from 500ms to 5s.
- The authors also observed that negative responses was around 10-50% and hence, should also be cached similar to positive responses.
- TTLs are often misused and misinterpreted by the system administrators.
Comments
This paper discusses the basics of DNS and some general system design/development principles. The most important thing to notice in this paper is the lack of concern about security (which is similar to many other papers from that era). Otherwise, despite many problems, DNS is sort of successful since it has managed to survive the boom of Internet sites and users, and still working.
It is interesting that most designs of that era don’t consider security as a high priority. Many of the security concerns of DNS are due to lack of authenticity and integrity checking of the data, something that is getting to be a pattern in many of the protocols we’ve looked at.