1.0 Overview
Over simplifying wildly, the Domain Name System (DNS) defines a global tree-structured name space.
Each interior node and leaf node in the tree identifies a resource and can have zero or more associated resource records.
Each node in the tree has a label.
The name of a node is written as a dot separated list of the series of labels that result from traversing from that node to the root of the tree, with the root of the tree on the right
The label of the root node is the empty string so all node names end with a dot (.).
Each resource record has a class and a type.
A given DNS server maintains a database of all the resource records associated with a particular sub-tree of the entire name space.
Clients of the server can issue queries against the server’s database.
A query to a DNS server is a request for a set of resource records associated with a given node.
The query specifies a node within the DNS name space and the required record class and type.
If the specified node has a associated records of the given class and type they are returned in the response to the query.
In certain circumstances a DNS server may obtain an answer to a query it receives by performing a recursive query, that is, by itself querying another DNS name server.
Queries can be sent using either UDP or TCP. In both cases a DNS server listens on port 53.
2.0 Record Types
There are a large number of defined DNS record types.
For the purposes of service discovery we are only interested in three types
- PTR
- SRV
- TXT
but we may see two further types
- A
- AAAA
2.1 The A Record
An A record contains an IPv4 address.
2.2 The AAAA Record
An AAAA record contains an IPv6 address.
2.3 The PTR Record
A PTR record contains the name of a node in the DNS name space.
2.4 The SRV Record
A SRV record contains information about a server.
2.5 The TXT Record
A TXT record contains arbitrary text.
3.0 DNS Messages
Queries to a DNS server and responses from it use a single message format.
3.1 The DNS Message Format
3.1.1 Questions
A sequence of zero or more Questions.
If the message is a query than this section contains the question expressing the query.
If the message is a response than this section contains the question sent in the query to which this is the response.
3.1.2 Answers
A sequence of zero or more resource records.
If the message is a non-error response then this section contains the resource record(s) which match the query to which this is the response.
3.1.3 Authority
A sequence of zero or more resource records.
If the message is an error response then this section may contain resource record(s) identifying DNS servers which can be queried instead.
3.1.4 Additional
A sequence of zero or more Resource records.
If the message is a non-error response then this section may contain resource records, which do not match the query, but are related to it, e.g., other resource records for the same node.
3.2 The Header Format
3.2.1 The Message Id
If the message is a query then this is the id of the query allocated by the entity performing the query.
If the message is a response then this is the id of the query to which this is the response.
3.2.2 QR
A single bit field
0 if the message contains a query.
1 if the message contains a response.
3.2.3 Op Code
A four bit field
0 for a standard query
3.2.4 AA
A single bit field
Only valid in a response.
If set then the DNS server is the authority for the node specified in the question
3.2.5 TC
A single bit field
If set then this message was truncated.
3.2.6 RD
A single bit field
If set in a query then the server is requested to perform a recursive query if necessary.
If set in the query it will also bet set in the response.
3.2.7 RA
A single bit field
Only valid in a response.
If set then the server is capable of performing recursive queries.
3.2.7 Z
A three bit field
Not used. Reserved.
3.2.8 Response Code
A four bit field.
Only valid in a response.
0 if no error occurred.
3.2.9 Question Count
A 16-bit unsigned integer.
The number of questions in the questions section of this message.
3.2.10 Answer Count
A 16-bit unsigned integer.
The number of resource records in the answers section of this message.
3.2.11 Authority Count
A 16-bit unsigned integer.
The number of resource records in the authority section of this message.
3.2.12 Additional Count
A 16-bit unsigned integer.
The number of resource records in the additional section of this message.
3.3 The Question Format
3.3.1 Name
An N byte field.
The name of the node whose resource records are being requested.
3.3.2 Type
A 16-bit field.
The type of the requested resource record(s).
3.3.3 Class
A 16-bit field.
The class of the requested resource record(s).
3.4 The Resource Record Format
3.4.1 Name
An N byte field.
The encoded name of the node to which this resource record applies.
3.4.2 Type
A 16-bit field.
The type of this resource record.
3.4.3 Class
A 16-bit field.
The class of this resource record.
3.4.4 TTL
A 32-bit unsigned integer.
The number of seconds after which this record is no longer valid.
3.4.5 Record Data Length
A 16-bit unsigned integer field.
The length in bytes of the data that follows.
3.4.6 Record Data
An N byte field.
Contains the type specific record data. (see below)
3.5 Classes
Although there are a number of DNS classes defined the class of a resource record is usually IN (Internet) which has the value 1.
3.6 Types
Resource record types are specified using 16-bit integers.
For the resource record types we are interested or which we might see the values are as follows
| Record Type | Value |
|---|---|
| A | 1 |
| AAAA | 28 |
| PTR | 12 |
| SRV | 33 |
| TXT | 16 |
3.7 Node Names
3.7.1 Basic Encoding
In the basic encosing a node name is encoded as a sequence of labels.
Each label is encoded as a byte field specifying the length of the label followed by the bytes encoding the label.
Since the root label is the empty string an node name encoded in this way is always terminated by a zero byte.
3.7.1 Compressed Encoding
Alternatively all of a node name or the suffix of a node name can be encoded as a reference to all or the suffix of a previous node name in the message.
If the top two bits of the byte encoding the label length are set then the other 6-bits of the byte and the 8-bits of following byte specify the offset in the message of the ‘rest’ of the node name.
4.0 Specific Record Data Formats
4.1 A Record Data Format
A 32-bit IPv4 address in network byte order.
4.2 AAAA Record Data Format
A 128-bit IPV6 address in network byte order.
4.1 PTR Record Data Format
An encoded node name.
4.3 SRV Record Data Format
4.3.1 Priority
A 16-bit unsigned int in network byte order.
Intended to be used by a client to choose between servers.
The client should attempt to use the server with the lowest priority.
4.3.2 Weight
A 16-bit unsigned int network byte order.
Intended to be used by a client to choose between servers of the same priority.
The client should attempt to use the server with the highest weight.
4.3.2 Port
A 16-bit unsigned int in network byte order.
The port on which the server is listening.
4.3.3 Target
An N byte field.
The encoded name of the node which represents the host on which the server is running.
4.4 TXT Record Data Format
The format of the data of a TXT record is context specific.
Copyright (c) 2013 By Simon Lewis. All Rights Reserved.
Unauthorized use and/or duplication of this material without express and written permission from this blog’s author and owner Simon Lewis is strictly prohibited.
Excerpts and links may be used, provided that full and clear credit is given to Simon Lewis and justanapplication.wordpress.com with appropriate and specific direction to the original content.
Just An Application 