back

Domain Name System

Hierarchical decentralized naming system used since 30 years

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
00:42:40
Language
English
Abstract
Whenever you enter a name into your computer, it resolves it to a numerical IP address. This resolution uses the Domain Name System (DNS), which is a hierarchical decentralised naming system used on the Internet. DNS is organised in a way that top-level domain (e.g. .com, .org) are delegated to registrars, which delegate subdomains (e.g. foo.com). This delegation is done as well via the DNS protocol via nameserver (NS) records. Since different types of data are kept in DNS, it can as well be seen as a distributed (and cached!) key-value store - which is fault-tolerant.

I will explain the basic usage of DNS, including stub and recursive resolver, server, various protocol extensions (zone transfer, dynamic updates, authentication, notifications, ...), privacy extensions (query path minimisation, DNS-over-TLS), provisioning let's encrypt certificates. I will talk about attacks (poisoning, amplification, ...) and implementation pitfalls (not get stuck in the recursive resolver). I implemented DNS with above mentioned extensions as minimized MirageOS unikernels over past years.

DNS is used since 1985 for the Internet, and provides useful service for various protocols. Its initial design could not foresee its wide usage 30 years later. DNS is a core dependency of today's Internet usage. Within the <a href="https://mirage.io">MirageOS</a> project we re-develop network protocols, and I was eager to learn about all the details of DNS, a protocol which has been around and will be around for more time since a lot of systems depend on it.

Talk ID
9674
Event:
35c3
Day
3
Room
Clarke
Start
5:10 p.m.
Duration
00:40:00
Track
Security
Type of
lecture
Speaker
Hannes Mehnert
Talk Slug & media link
35c3-9674-domain_name_system
English
0.0% Checking done0.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
100.0% Nothing done yet100.0%
  

Work on this video on Amara!

English: Transcribed until

Last revision: 7 months, 3 weeks ago