A.Provide one main reason why the root domain name servers use the iterative DNS

Question

A.Provide one main reason why the root domain name servers use the iterative DNS query mechanisms instead of the recursive DNS query mechanism.

b. When your laptop sends a DNS query to the local DNS server, it uses the recursive DNS query. Provide two main advantages of using the recursive DNS query here. What could be a possible disadvantage? 1

c. A local DNS server often sends out multiple DNS queries on behalf of many local hosts. When its receives a reply from an authoritative DNS server, how does it figure out which query this reply corresponds to?

d. Why does DNS use UDP instead of TCP? What happens if the DNS query sent from your laptop to the local DNS server is lost?

e. Suppose that instead of UDP, TCP is used to deliver DNS queries and replies between your laptop and the local DNS server. Assume that the propagation delay from your laptop to your local DNS server (and vice versa) is 5 ms. Further assume that the transmission or other delays are negligible. What is the minimal time it takes for your laptop to receive a DNS reply for a DNS query it has just issued to the local DNS server? Briefly justify your answer.

Explanation / Answer

a)Answer:

one main reason why the root domain name servers use the iterative DNS query mechanisms instead of the recursive DNS query mechanism is

An iterative name query is one in which a DNS client allows the DNS server to return the best answer it can give based on its cache or zone data. If the queried DNS server does not have an exact match for the queried name, the best possible information it can return is a referral (that is, a pointer to a DNS server authoritative for a lower level of the domain namespace).

The DNS client can then query the DNS server for which it obtained a referral. It continues this process until it locates a DNS server that is authoritative for the queried name, or until an error or time-out condition is met.

Best way to remember Iterative query is to memorize that burden is on Client to resolve the query.

Why are recursive DNS requests not recommended:

Servers that support this type of request are vulnerable to fake requests from a spoofed IP address (the victim of the attack), the spoofed IP address can get overwhelmed by the number of DNS results it receives and be unable to serve regular Internet traffic. This is called an Amplifier attack because this method takes advantage of DNS servers to reflect the attack onto a target while also amplifying the volume of packets sent to the victim.

A consequence of this activity is that third party Network administrators who detect these requests may block your IP addresses.  Your server could even be placed upon DNS blacklists.

d)Answer:

DNS use UDP instead of TCP:

DNS is an application layer protocol. All application layer protocols use one of the two transport layer protocols, UDP and TCP. TCP is reliable and UDP is not reliable. DNS is supposed to be reliable, but it uses UDP, why?

There are following interesting facts about TCP and UDP on transport layer that justify the above.

1) UDP is much faster. TCP is slow as it requires 3 way handshake. The load on DNS servers is also an important factor. DNS servers (since they use UDP) don’t have keep connections.
2) DNS requests are generally very small and fit well within UDP segments.
2) UDP is not reliable, but reliability can added on application layer. An application can use UDP and can be reliable by using timeout and resend at application layer

Related Questions

Navigate

• Browse (All)
• Browse A
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.