Table of Contents DOS
TCP/IP Tutorial and Technical Overview

4.5 Domain Name System (DNS)




Figure: The Domain Name System

The Domain Name System is a standard protocol with STD number 13. Its status is recommended. It is described in RFC 1034 and RFC 1035. This section explains the implementation of the Domain Name System, and the implementation of name servers. See Domain Name System for an overview of the Domain Name System and its relationship to the IP addressing scheme.

4.5.1 The Distributed Name Space

The Domain Name System uses the concept of a distributed name space. Symbolic names are grouped into zones of authority, or more commonly zones. In each of these zones, one or more hosts has the task of maintaining a database of symbolic names and IP addresses and providing a server function for clients who wish to translate between symbolic names and IP addresses. These local name servers are then (through the internet on which they are connected) logically interconnected into a hierarchical tree of domains. Each zone contains a part or a subtree of the hierarchical tree and the names within the zone are administered independently of names in other zones. Authority over zones in vested in the name servers. Normally, the name servers which have authority for a zone will have domain names belonging to that zone, but this is not required. Where a domain contains a subtree which falls in a different zone, the name server(s) with authority over the superior domain are said to delegate authority to the name server(s) with authority over the subdomain. Name servers may also delegate authority to themselves; in this case, the domain name space is still divided into zones moving down the domain name tree, but authority for two zones is held by the same server. The division of the domain name space into zones is accomplished using resource records stored in the Domain Name System:

Start of Authority (SOA) Records
Defines the start of a zone
Name Server (NS) Records
Marks the end of a zone started by an SOA record and points to a name server having authority for the next zone
In this context, the start of a domain is closer to the root of the tree than the end. At the root, there can be no higher name servers to delegate authority: authority for the zone encompassing the root of the name space is vested in a set of root name servers. (11)

The results of this scheme are:

Note: Although domains within the namespace will frequently map in a logical fashion to networks and subnets within the IP addressing scheme, this is not a requirement of the Domain Name System. Consider a router between two subnets: it has two IP addresses, one for each network adapter, but it would not normally have two symbolic names.

4.5.2 Domain Resolution

Domain resolution is a client/server process. The client function (called the resolver or name resolver) is transparent to the user and is called by an application to resolve symbolic high-level names into real IP-addresses or vice versa. The name server (also called a domain name server) is a server application providing the translation between high-level machine names and the IP addresses. The basic process is shown in Figure - Using a Full Resolver for Domain Name Resolution and Figure - Using a Stub Resolver for Domain Name Resolution. The former shows a program called a full resolver, which is a program distinct from the user program, which forwards all queries to a name server for processing. Responses are cached by the name server for future use, and often by the name server. The latter shows a stub resolver, which is a routine linked with the user program, which forwards the queries to a name server for processing. Responses are cached by the name server but not usually by the resolver although this is implementation dependent. On UNIX, the stub resolver is implemented by two library routines: gethostbyname() and gethostbyaddr() for converting host names to IP addresses and vice versa. Other platforms have the same or equivalent routines. Stub resolvers are much more common than full resolvers.


Figure: Using a Full Resolver for Domain Name Resolution




Figure: Using a Stub Resolver for Domain Name Resolution

4.5.2.1 Domain Name Resolver Operation

Domain name queries can be one of two types: recursive or iterative (also termed non-recursive). A flag bit in the domain name query specifies whether the client desires a recursive query and a flag bit in the response specifies whether the server supports recursive queries. The difference between a recursive and an iterative query arises when the server receives a request for which it cannot supply a complete answer by itself. A recursive query requests that the server should issue a query itself to determine the requested information and return the complete answer to the client. An iterative query means that the name server should return what information it has available and also a list of additional servers for the client to contact to complete the query.

Domain name responses can be one of two types: authoritative and non-authoritative. A flag bit in the response indicates which type a response is. When a name server receives a query for a domain in a zone over which it has authority, it returns all of the requested information in a response with the authoritative answer flag set. When it receives a query for a domain over which it does not have authority, its actions depend upon the setting of the recursion desired flag in the query.

  • If the recursion desired flag is set and the server supports recursive queries, it will direct its query to another name server. This will either be a name server with authority for the domain given in the query, or it will be one of the root name servers. If the second server does not return an authoritative answer (for example if it has delegated authority to another server) the process is repeated.

    When a server (or a full resolver program) receives a response, it will cache it to improve the performance of repeat queries. The cache entry is stored for a maximum length of time specified by the originator in a 32-bit time-to-live (TTL) field contained in the response. 172,800 seconds (two days) is a typical TTL value.

  • If the recursion desired flag is not set or the server does not support recursive queries, it will return whatever information it has in its cache and also a list of additional name servers to be contacted for authoritative information.
  • 4.5.2.2 Domain Name Server Operation

    Each name server has authority for zero or more zones. There are three types of name server:

    primary
    A primary name server loads a zone's information from disk, and has authority over the zone.
    secondary
    A secondary name server has authority for a zone, but obtains its zone information from a primary server using a process called zone transfer. To remain synchronized, the secondary name servers query the primary on a regular basis (typically every three hours) and re-execute the zone transfer if the primary has been updated. A name server can operate as a primary or a secondary name server for multiple domains, or a primary for some domains and as a secondary for others. A primary or secondary name server performs all of the functions of a caching only name server.
    caching-only
    A name server that does not have authority for any zone is called a caching-only name server. A caching-only name server obtains all of its data from primary or secondary name servers as required. It requires at least one NS record to point to a name server from which it can initially obtain information.

    When a domain is registered with the root and a separate zone of authority established, the following rules apply:

    It is also recommended that name servers which delegate authority also apply these rules, since the delegating name servers are responsible for the behavior of name servers under their authority.

    4.5.3 Domain System Resource Records

    The Domain Name System's distributed database is composed of resource records (RRs). They provide a mapping between domain names and network objects. The most common network objects are the addresses of Internet hosts, but the Domain Name System is designed to accommodate a wide range of different objects. The general format of a resource record is:

     name ttl class type rdata
    

    where:

    name
    Is the domain name to be defined. The domain name system is very general in its rules for the composition of domain names. However, it recommends a syntax for domain names which will minimize the likelihood of applications which use a DNS resolver (that is, nearly all TCP/IP applications) from misinterpreting a domain name. A domain name adhering to this recommended syntax will consist of a series of labels consisting of alphanumeric characters or hyphens, each label having a length of between 1 and 63 characters, starting with an alphabetic character. Each pair of labels is separated by a dot (period) in human readable form, but not in the form used within DNS messages. Domain names are not case-sensitive.
    ttl
    Is the time-to-live (TTL) time in seconds that this resource record will be valid in a name server cache. This is stored in the DNS as an unsigned 32-bit value. 86400 (one day) is a typical value for records pointing to IP addresses.
    class
    Identifies the protocol family. Commonly used values are:
    IN
    The Internet system
    CH
    The Chaos system
    type
    Identifies the type of the resource in this resource record.

    The different types are described in detail in RFCs 1034, 1035 and 1706. Each type has a name and a value. Commonly used types include:




    Rdata
    The value depends on the type, for example:
    A
    A 32-bit IP address (if the class is IN)
    CNAME
    A domain name
    MX
    A 16-bit preference value (low values being preferred) followed by a domain name.
    NS
    A host name
    PTR
    A domain name

    4.5.4 Domain Name System Messages

    All messages in the Domain Name System protocol use a single format. This format is shown in Figure - DNS Message Format. This frame is sent by the resolver to the name server. Only the header and the question section are used to form the query. Replies and/or forwarding of the query use the same frame, but with more sections filled in (the answer/authority/additional sections).


    Figure: DNS Message Format

    4.5.4.1 Header Format

    The header section is always present and has a fixed length of 12 bytes. The other sections are of variable length.

    ID
    A 16-bit identifier assigned by the program. This identifier is copied in the corresponding reply from the name server and can be used for differentiation of responses when multiple queries are outstanding at the same time.
    Parameters
    A 16-bit value in the following format:



    QR
    Flag identifying a query (0) or a response(1)
    Op code
    4-bit field specifying the kind of query:
    0
    standard query (QUERY)
    1
    inverse query (IQUERY)
    2
    server status request (STATUS) Other values are reserved for future use
    AA
    Authoritative answer flag. If set in a response, this flag specifies that the responding name server is an authority for the domain name sent in the query.
    TC
    Truncation flag. Set if message was longer than permitted on the physical channel.
    RD
    Recursion desired flag. This bit signals to the name server that recursive resolution is asked for. The bit is copied to the response.
    RA
    Recursion available flag. Indicates whether the name server supports recursive resolution.
    zero
    3 bits reserved for future use. Must be zero.
    Rcode
    4-bit response code. Possible values are:
    0
    No error.
    1
    Format error. The server was unable to interpret the message.
    2
    Server failure. The message was not processed because of a problem with the server.
    3
    Name error. The domain name in the query does not exist. This is only valid if the AA bit is set in the response.
    4
    Not implemented. The requested type of query is not implemented by name server
    5
    Refused. The server refuses to respond for policy reasons. Other values are reserved for future use.
    QDcount
    An unsigned 16-bit integer specifying the number of entries in the question section.
    ANcount
    An unsigned 16-bit integer specifying the number of RRs in the answer section.
    NScount
    An unsigned 16-bit integer specifying the number of name server RRs in the authority section.
    ARcount
    An unsigned 16-bit integer specifying the number of RRs in the additional records section.

    4.5.4.2

    Question Section

    The next section contains the queries for the name server. It contains QDcount (usually 1) entries, each in the format shown in Figure - DNS Question Format.


    Figure: DNS Question Format - All of the fields are byte-aligned. The alignment of the Type field on a 4-byte boundary is for example purposes and is not required by the format.

    length
    A single byte giving the length of the next label.
    label
    One element of the domain name (for example ``ibm'' from ral.ibm.com) characters. The domain name referred to by the question is stored as a series of these variable length labels, each preceded by a 1-byte length.
    00
    X'00' indicates the end of the domain name and represents the null label of the root domain.
    Type
    2 bytes specifying the type of query. It may have any value from the Type field in a resource record.
    Class
    2 bytes specifying the class of the query. For Internet queries, this will be "IN".
    For example, the domain name raleigh.ibm.com would be encoded with the following fields:
           X'07'
           "raleigh"
           X'03'
           "ibm"
           X'03'
           "com"
           X'00'
    
    Thus the entry in the question section for raleigh.ibm.com would require 21 bytes: 17 to store the domain name and 2 each for the Qtype and Qclass fields.

    4.5.4.3 Answer, Authority and Additional Resource Sections

    These three sections contain a variable number of resource records. The number is specified in the corresponding field of the header. The resource records are in the format shown in Figure - DNS Answer Record Entry Format.


    Figure: DNS Answer Record Entry Format - All of the fields are byte-aligned. The alignment of the Type field on a 4-byte boundary is for example purposes and is not required by the format.

    Where the fields before the TTL field have the same meanings as for a question entry and:

    TTL
    A 32-bit time-to-live value in seconds for the record. This defines how long it may be regarded as valid.
    RDlength
    A 16-bit length for the Rdata field.
    Rdata
    A variable length string whose interpretation depends on the Type field.

    4.5.4.4 Message Compression

    In order to reduce the message size, a compression scheme is used to eliminate the repetition of domain names in the various RRs. Any duplicate domain name or list of labels is replaced with a pointer to the previous occurrence. The pointer has the form of a 2-byte field:




    4.5.5 A Simple Scenario

    Consider a stand-alone network (no outside connections), consisting of two physical networks: one has an internet network address 129.112, the other has a network address 194.33.7, interconnected by an IP gateway (VM2).


    Figure: A Simple Configuration - Two networks connected through an IP gateway.

    Let us assign the name server function to VM1. Remember that the domain hierarchical tree forms a logical tree, completely independent of the physical configuration. In this simple scenario, there is only one level in the domain tree. Let's give this configuration the domain name test.example.

    The zone data for the name server will then be as shown in Figure - Zone Data for the Name Server.

    ;note: an SOA record has no TTL field
    ;
    $origin test.example.                                         ;note 1
    ;
    @             IN SOA VM1.test.example. ADM.VM1.test.example.
                        (870611            ;serial number for data
                         1800              ;secondary refreshes every 30 mn
                         300               ;secondary reties every 5 mn
                         604800            ;data expire after 1 week
                         86400)            ;minimum TTL for data is 1 week
    ;
    @       99999 IN NS  VM1.test.example.                        ;note 2
    ;
    VM1     99999 IN A   129.112.1.1                              ;note 3
            99999 IN WKS 129.112.1.1 TCP (SMTP                    ;note 4
                                          FTP
                                          TELNET
                                          NAMESRV)
    ;
    RT1     99999 IN A     129.112.1.2
                  IN HINFO IBM RT/PC-AIX                       ;note 5
    RT2     99999 IN A     129.112.1.3
                  IN HINFO IBM RT/PC-AIX
    PC1     99999 IN A     129.112.1.11
    PC2     99999 IN A     194.33.7.2
    PC3     99999 IN A     194.33.7.3
    ;
    ;VM2 is an IP gateway and has 2 different IP addresses
    ;
    VM2     99999 IN A     129.112.1.4
            99999 IN A     194.33.7.1
            99999 IN WKS   129.112.1.4 TCP (SMTP FTP)
                  IN HINFO IBM-3090-VM/CMS
    ;
    4.1.112.129.in-addr.arpa.  IN  PTR  VM2                    ;note 6
    ;
    ;Some mailboxes
    ;
    central 10    IN MX  VM2.test.example.                     ;note 7 and 8
    ;
    ;a second definition for the same mailbox, in case VM2 is down
    ;
    central 20    IN MX  VM1.test.example.
    waste   10    IN MX  VM2.test.example.
    
    

    Figure: Zone Data for the Name Server


    ****
    Notes ****
    1
    The $origin statement sets the @ variable to the zone name (test.example.). Domain names which do not end with a period are suffixed with the zone name. Fully qualified domain names (those ending with a period) are unaffected by the zone name.
    2
    Defines the name server for this zone.
    3
    Defines the Internet address of the name server for this zone.
    4
    Specifies well-known services for this host. These are expected to be always available.
    5
    Gives information about the host.
    6
    Used for inverse mapping queries (see Mapping IP Addresses to Domain Names - Pointer Queries).
    7
    Will allow mail to be addressed to user@central.test.example.
    8
    See SMTP and the Domain Name System for the use of these definitions.

    4.5.6 Extended Scenario

    Consider the case where a connection is made to a third network (129.113) which has an existing name server with authority for that zone.


    Figure: Extended Configuration - A third network is connected to the existing configuration.

    Let us suppose that the domain name of the other network is tt.ibm.com and that its name server is located in VM9.

    All we have to do is add the address of this name server to our own name server database, and to reference the other network by its own name server. The following two lines are all that is needed to do that:

    tt.ibm.com.        99999  IN NS       VM9.tt.ibm.com.
    VM9.tt.ibm.com.    99999  IN A        129.113.1.9
    
    This simply indicates that VM9 is the authority for the new network, and that all queries for that network will be directed to that name server.

    4.5.7 Transport

    Domain Name System Messages are transmitted either as datagrams (UDP) or via stream connection (TCP).

    UDP usage

    Server port 53 (decimal).

    Messages carried by UDP are restricted to 512 bytes. Longer messages are truncated and the TC bit is set in the header. Since UDP frames can be lost, a retransmission strategy is required.

    TCP usage

    Server port 53 (decimal).

    In this case, the message is preceded by a 2-byte field indicating the total message frame length.

    STD 3 - Host Requirements requires that:

    4.5.8 References

    The following RFCs define the Domain Name System standard and the information kept in the system:

    4.5.9 DNS Applications

    Three common utilities for querying name servers are provided with many DNS implementations:

    host
    Obtains an IP address associated with a host name or a host name associated with an IP address.
    nslookup
    Allows you to locate information about network nodes, examine the contents of a name server database and establish the accessibility of name servers.
    dig
    Allows you to exercise name servers, gather large volumes of domain name information and execute simple domain name queries. DIG stands for Domain Internet Groper.

    4.5.10 Implementations

    All of the IBM TCP/IP platforms use stub resolvers in each client application. All except OS/400 and DOS include a name server implementation, which we will discuss in detail in the following sections.

    4.5.10.1 VM

    TCP/IP for VM allows for the use of a local site tables or the use of the Domain Name System.

    The use of local site tables or the use of the Domain Name System is specified in the TCPIP DATA file using the NSINTERADDR statement. If this statement is omitted, then TCP/IP will use a local site table. If this statement exists, TCP/IP will use the Domain Name System. If the parameter on the NSINTERADDR statement is the loopback address (127.0.0.1) (12)then the local name server will be used. Otherwise one (or more) more remote name servers specified on the NSINTERADDR statements will be used. This provides a total of five possible configurations.

    Using a local site table

    To use a local site table, omit the NSINTERADDR statement from the TCPIP DATA file. Name resolvers need access to a site table to resolve symbolic names. The source for this is the HOSTS LOCAL file which must be converted into a machine-readable form by running the MAKESITE utility. MAKESITE generates two files, HOSTS ADDRINFO and HOSTS SITEINFO, which comprise the site table. The site table is used if no name server is available, that is, if no name server is specified or if the specified name server(s) are unavailable. The only exception is SMTP, which never uses the site tables if it is configured to use a name server.

    Using a remote name server

    The resolver program obtains the IP addresses of the remote name server(s) from the NSINTERADRR statement(s) in the TCPIP DATA file. If multiple NSINTERADDR statements are found, then connections to the remote name servers are attempted in the order they appear in this configuration file. The number of times that each connection is tried and the timeout interval for the server to respond to the UDP datagram containing the query are specified on the RESOLVERUDPRETRIES and RESOLVERTIMEOUT statements.

    Caching-only name server

    The name server software is run in a service virtual machine, normally called NAMESRV. Resolver programs use the loopback address specified on the NSINTERADDR statement in the TCPIP DATA file. The server does not have any data available locally, other than a set of resource records specifying the IP addresses name servers to query for particular domains (and possibly an initial set of other resource records). However, the server caches data locally so that subsequent queries for the same domain name can be quickly answered, and it also provides for recursion if recursive resolution is asked by the client resolver. The only data required are the IP addresses of the remote server(s).

    The name server configuration file name is specified in the PROFILE EXEC on the NAMESRV 191 minidisk as an argument to the NSMAIN command which starts the name server. The default is NSMAIN DATA. In this configuration file, the entry:

    CACHINGONLY fn ft fm
    
    specifies the file name of the data file to be used. The information is written in standard resource record format, for example:
    PARIS.IBM.COM                        IN NS     VMA.PARIS.IBM.COM
    LAHULPE.IBM.COM                      IN NS     MIDVMB.LAHULPE.IBM.COM
     ..                                  IN NS     SRI-NIC.ARPA
    SRI-NIC.ARPA                         IN A      10.0.0.51
                                         IN A      26.0.0.73
    VMA.PARIS.IBM.COM                    IN A      9.37.17.2
    MIDVMB.LAHULPE.IBM.COM               IN A      9.36.1.4
    
    This simply means that all queries for domain PARIS.IBM.COM will be forwarded to VMA.PARIS.IBM.COM, all queries for LAHULPE.IBM.COM to MIDVMB.LAHULPE.IBM.COM, and all others to the root server SRI-NIC.ARPA.
    Full-function name server

    The name server software is run in the NAMESRV service virtual machine and resolver programs use the loopback address. The name server can operate as a primary and/or a secondary name server. The domain data is stored in an SQL/DS table.

    Mail eXchanger (MX) records are supported. They are only used by SMTP ( see SMTP and the Domain Name System for more details about the use of MX records).

    The NSMAIN DATA contains PRIMARY and/or SECONDARY statements instead of a CACHINGONLY statement. An example is shown in Figure - Sample NSMAIN DATA File for VM.

    ;***********************************************************
    ; This file is read by the name server upon initialization.
    ; The default name of this file is NSMAIN DATA *.
    ; A different file may be read by suppling a parameter when
    ; the name server is started... NSMAIN MY FILE B for example.
    ;
    ; This file contains the startup parameter values which define
    ; the name server as authoritative for stn.mlv.fr and
    ; tst.mlv.fr.   The data for stn.mlv.fr is defined locally,
    ; whereas the data for  tst.mlv.fr is defined remotely and zone
    ; transferred to the local name server.
    ;
    ; If you are not using SQL, remove all PRIMARY and SECONDARY
    ; statements and use the CACHINGONLY statement to define a
    ; database of remote name servers.
    ;***********************************************************
    ;
    ; The PRIMARY and SECONDARY statements are used if you are using an
    ; SQL database.
    ;
    PRIMARY stn.mlv.fr STN  ; Use authoritative tables STN0 & STN1
    SECONDARY tst.mlv.fr TST 152.9.271.2
    ;                    ; Use authoritative tables TST0 & TST1
    ;                    ; Transfer domain data for tst.mlv.fr into tables
    ;                    ; TST0 and TST1 from 152.9.271.2
    ;
    ; The CACHINGONLY statement is used to define a caching only name server
    ; that obtains all records from remote name servers.
    ;
    ; CACHINGONLY  NSMAIN CACHE A     ; Sample CACHINGONLY data file
    ;
    ;
    NEGATIVECACHING                 ; The NS will store negative query answers
    STANDARDQUERYCACHE     100      ; The number of Standard queries to cache
    INTERMEDIARYQUERYCACHE  50      ; The number of Intermediary queries to cache
    INVERSEQUERYCACHE        5      ; The number of Inverse queries to cache
    DATABASEQUERYCACHE       5      ; The number of Data Base queries to cache
    ;
    ;
    LRUTIME                300      ; Time an entry must be in the cache before it
                                    ; can be replaced by the LRU algorithm
    HOSTNAMECASE         LOWER      ; Host names in the SQL tables are in lower case
    DOMAINNAMEPORT          53      ; Listen on port N, default is 53
    ; UDPONLY                       ; Use UDP only when contacting a remove NS
    UDPRETRYINTERVAL         5      ; After N seconds, try next remote NS
    ; NORECURSION                   ; Prevents NS from performing recursion
    MSGNOH                          ; Specifies the NS use CP MSGNOH, not CP MSG
    SMSGUSERFILE    VALIDUSR EXEC A ; SMSG userid authorization file
    TRACE              QUEUE        ; Display query origination and query name
    

    Figure: Sample NSMAIN DATA File for VM

    User Applications

    VM provides the NSLOOKUP and DIG programs to query name servers. For more information on these programs, please refer to IBM TCP/IP Version 2 Release 3 for VM: User's Guide.

    4.5.10.2 MVS

    Note: Consult IBM TCP/IP Version 3 Release 1 for MVS: Customization and Administration Guide for information on the search order used for TCP/IP data sets.

    TCP/IP for MVS supports both local site tables and the Domain Name System.

    The use of local site tables or the use of the Domain Name System is specified in the TCPIP.DATA data set using the NSINTERADDR statement. If this statement is omitted, TCP/IP will use a local site table. If this statement exists TCP/IP will use the Domain Name System. If the parameter on the NSINTERADDR statement is the loopback address (127.0.0.1) (13)then the local name server will be used, otherwise one (or more) more remote name servers specified on the NSINTERADDR statements will be used. This provides a total of five possible configurations.

    Using a local site table

    To use a local site table, omit the NSINTERADDR statement from the TCPIP.DATA data set. Name resolvers need access to a site table to resolve symbolic names. The source for this is the HOSTS.LOCAL data set, which must be converted into a machine-readable form by running the MAKESITE utility. MAKESITE generates two data sets, HOSTS.ADDRINFO and HOSTS.SITEINFO, which comprise the site table. The site table is used if no name server is available, that is, if no name server is specified or if the specified name server(s) are unavailable. The only exception is SMTP, which never uses the site tables if it is configured to use a name server.

    Using a Remote Name Server

    The resolver program obtains the IP addresses of the remote name server(s) from the NSINTERADRR statement(s) in the TCPIP.DATA data set. If multiple NSINTERADDR statements are found then connections to the remote name servers are attempted in the order they appear in this configuration file. The number of times that each connection is tried and the timeout interval for the server to respond to the UDP datagram containing the query are specified on the RESOLVERUDPRETRIES and RESOLVERTIMEOUT statements.

    Caching-only name server

    The name server software is run in a separate address space. Resolver programs use the loopback address specified on the NSINTERADDR statement in the TCPIP DATA file. The server does not have any data available locally, other than a set of resource records specifying the IP addresses name servers to query for particular domains (and possibly an initial set of other resource records). However, the server caches data locally so that subsequent queries for the same domain name can be quickly answered, and it also provides for recursion if recursive resolution is asked by the client resolver. The only data required are the IP addresses of the remote server(s).

    The NSMAIN.DATA configuration data set contains the entry:

    CACHINGONLY data_set_name
    
    which gives the name of the data set containing these IP addresses. The information is written in standard resource record format, for example:
    PARIS.IBM.COM                        IN NS     MVSA.PARIS.IBM.COM
    LAHULPE.IBM.COM                      IN NS     MIDVMB.LAHULPE.IBM.COM
     ..                                  IN NS     SRI-NIC.ARPA
    SRI-NIC.ARPA                         IN A      10.0.0.51
                                         IN A      26.0.0.73
    MVSA.PARIS.IBM.COM                   IN A      9.37.17.2
    MIDVMB.LAHULPE.IBM.COM               IN A      9.36.1.4
    
    This simply means that all queries for domain paris.ibm.com will be forwarded to mvsa.paris.ibm.com, all queries for lahulpe.ibm.com to midvmb.lahulpe.ibm.com, and all others to the root server sri-nic.arpa.
    Full-function name server

    The name server software is run in a separate address space and resolver programs use the loopback address. The name server can operate as a primary and/or a secondary name server. The domain data is stored in a DB2 SQL table.

    The name server software is run in the NAMESRV service virtual machine and resolver programs use the loopback address. The name server can operate as a primary and/or a secondary name server. The domain data is stored in an SQL/DS database.

    Mail eXchanger (MX) records are supported. They are only used by SMTP (see SMTP and the Domain Name System for more details about the use of MX records).

    The NSMAIN DATA contains PRIMARY and/or SECONDARY statements instead of a CACHINGONLY statement. An example is shown in Figure - Sample NSMAIN DATA File for MVS.

    ;
    DB2SYSNAME SYS1      ; Define Local DB2 subsystem
    PRIMARY watson.ibm.com WATSON  ; Use authoritative tables WATSON0, WATSON1
    SECONDARY ibm.com IBM 129.34.128.245
    ;                    ; Transfer domain data for ibm.com into tables
    ;                    ; IBM0 and IBM1 from 129.34.128.245
    ;
    NEGATIVECACHING                 ; The NS will store negative query answers
    STANDARDQUERYCACHE     100      ; The number of Standard queries to cache
    INTERMEDIARYQUERYCACHE  50      ; The number of Intermediary queries to cache
    INVERSEQUERYCACHE        5      ; The number of Inverse queries to cache
    ;
    ;
    LRUTIME                300      ; Time an entry must be in the cache before it
                                    ; can be replaced by the LRU algorithm
    HOSTNAMECASE         UPPER      ; Host names in the DB2 tables are in upper case
    DOMAINNAMEPORT          53      ; Listen on port N, default is 53
    UDPONLY                       ; Use UDP only when contacting a remove NS
    UDPRETRYINTERVAL         5      ; After N seconds, try next remote NS
    ; NORECURSION                   ; Prevents NS from performing recursion
    TRACE               QUEUE       ; Display query origination and query name
    

    Figure: Sample NSMAIN DATA File for MVS

    A sample DB2 configuration is shown schematically in Figure - DB2 Storage Group, Tablespace, and Table Definition.


    Figure: DB2 Storage Group, Tablespace, and Table Definition

    User Applications

    MVS provides the NSLOOKUP and DIG programs to query name servers. For more information on these programs, please refer to IBM TCP/IP Version 3 Release 1 for MVS: User's Guide.

    For more information on their installation, please refer to the IBM TCP/IP Version 3 Release 1 for MVS: Customization and Administration Guide.

    4.5.10.3 OS/400

    TCP/IP on OS/400 systems does not support the name server function but can use a remote name server (that is, the user applications include a stub resolver). A flat name space is supported and the local host table is configured using the OS/400 TCP/IP configuration panels.

    4.5.10.4 AIX

    Domain name services are fully implemented in AIX/6000. AIX/ESA provides similar services. We shall concentrate on the AIX/6000 implementation here. The following types of name server are supported:

    1. Primary name server
    2. Secondary name server
    3. Caching-only server
    4. Forwarder or client server (not on AIX/ESA)
    5. Remote server

    The AIX resolver routines, gethostbyaddr() and gethostbyname(), attempt to resolve names using the following procedure:

    The named daemon provides the name server function. It is controlled by the AIX SRC (system resource control). It can be started automatically with each system restart by either using the smit stnamed fastpath command or by editing the rc.tcpip file to uncomment the line:

    #start /etc/named "$src_running"
    
    The named daemon can also be started by issuing the startsrc -s named command.

    An AIX host can be configured to use a name server by using the following steps:

    The daemon also supports resource records for mail of types MB (mailbox domain name), MR (mail rename domain name), MG (mail group member), MINFO (mailbox or mail list information) and MX (mail exchange).

    User Applications

    AIX/6000 includes the host and nslookup programs. AIX/6000 also provides the dig program to query name servers.

    4.5.10.5 OS/2

    TCP/IP for OS/2 provides a similar implementation to that in AIX. The following types of name server are supported:

    1. Primary name server
    2. Secondary name server
    3. Caching-only server
    4. Remote server
    5. Flat name space

    In order to use any of the first three, the named server which is included in the Domain Name Server kit is required.

    The OS/2 resolver routines, gethostbyaddr() and gethostbyname() attempt to resolve names using the following procedure:

    The named daemon provides the name server function. It is configured using the \TCPIP\ETC\NAMEDB\NAMED.BT file.

    User Applications

    The HOST and NSLOOKUP programs are included in TCP/IP for OS/2.

    Please refer to IBM TCP/IP Version 2.0 for OS/2: User's Guide for more details about the HOST and NSLOOKUP commands.

    4.5.10.6 DOS

    TCP/IP for DOS system does not support the name server function but can use a remote name server (that is, the user applications include a stub resolver). A flat name space is supported and the local host table is found in the \TCPDOS\ETC\HOSTS file.

    User Applications

    The HOST program is included with TCP/IP for DOS.

    Please refer to IBM TCP/IP Version 2.1.1 for DOS: User's Guide for more details about the HOST command.

    Table of Contents Simple Mail Transfer Protocol (SMTP)