Information Technology Reference
In-Depth Information
Inverse Queries
Inverse queries
use pointer (PTR) records. Instead of supplying a name and then asking
for an IP address, the client first provides the IP address and then asks for the name.
Because there's no direct correlation in the DNS namespace between a domain name and
its associated IP address, this search would be fruitless without the use of the
in-addr.arpa
domain. Nodes in the
in-addr.arpa
domain are named after the numbers in the dotted-
octet representation of IP addresses. However, because IP addresses get more specific from
left to right and domain names get less specific from left to right, the order of IP address
octets must be reversed when building the
in-addr.arpa
tree. With this arrangement,
administration of the lower limbs of the DNS
in-addr.arpa
tree can be given to companies
as they are assigned their Class A, B, or C subnet address or delegated even further down
thanks to Variable Length Subnet Masking (VLSM).
Once the domain tree is built into the DNS database, a special PTR record is added to
associate the IP addresses with the corresponding hostnames. In other words, to find a
hostname for the IP address 206.131.234.1, the resolver would query the DNS server for
a PTR record for
1.234.131.206.in-addr.arpa
. If this IP address is outside of the local
domain, the DNS server will start at the root and sequentially resolve the domain nodes
until arriving at
234.131.206.in-addr.arpa
, which would contain the PTR record for the
desired host.
Caching and Time to Live
When a name server is processing a recursive query, it may be required to send out several
queries to find the definitive answer. Name servers, acting as resolvers, are allowed to cache
all of the received information during this process; each record contains information called
time to live (TTL)
. The TTL specifies how long the record will be held in the local cache
until it must be resolved again. If a query comes in that can be satisfied by this cached data,
the TTL that's returned with it equals the current amount of time left before the data is
flushed.
There is also a negative cache TTL. The
negative cache TTL
is used when an
authoritative server responds to a query indicating that the record queried doesn't exist, and
it indicates the amount of time that this negative answer may be held. Negative caching is
quite helpful in preventing repeated queries for names that don't exist.
The administrator for the DNS zone sets TTL values for the entire zone. The value
can be the same across the zone, or the administrator can set a separate TTL for each RR
within the zone. Client resolvers also have data caches and honor the TTL value so that
they know when to flush.
Choosing appropriate TTl values
For zones that you administer, you can choose the TTL values for the entire zone, for
negative caching, and for individual records. Choosing an appropriate TTL depends on a
number of factors, including the following:
Search WWH ::
Custom Search