Table of Contents DOS

4.5 Domain Name System (DNS)

The Domain Name System is a standard protocol with STD number 13. Its status is recommended. It is described in RFC 1034 and RFC 1035. This section explains the implementation of the Domain Name System, and the implementation of name servers. See Domain Name System for an overview of the Domain Name System and its relationship to the IP addressing scheme.

4.5.1 The Distributed Name Space

The Domain Name System uses the concept of a distributed name space. Symbolic names are grouped into zones of authority, or more commonly zones. In each of these zones, one or more hosts has the task of maintaining a database of symbolic names and IP addresses and providing a server function for clients who wish to translate between symbolic names and IP addresses. These local name servers are then (through the internet on which they are connected) logically interconnected into a hierarchical tree of domains. Each zone contains a part or a subtree of the hierarchical tree and the names within the zone are administered independently of names in other zones. Authority over zones in vested in the name servers. Normally, the name servers which have authority for a zone will have domain names belonging to that zone, but this is not required. Where a domain contains a subtree which falls in a different zone, the name server(s) with authority over the superior domain are said to delegate authority to the name server(s) with authority over the subdomain. Name servers may also delegate authority to themselves; in this case, the domain name space is still divided into zones moving down the domain name tree, but authority for two zones is held by the same server. The division of the domain name space into zones is accomplished using resource records stored in the Domain Name System:

Start of Authority (SOA) Records

Defines the start of a zone

Name Server (NS) Records

Marks the end of a zone started by an SOA record and points to a name server having authority for the next zone

The results of this scheme are:

• Rather than having a central server for the database, the work that is involved in maintaining this database is off-loaded to hosts throughout the name space.
• Authority for creating and changing symbolic host names and responsibility for maintaining a database for them is delegated to the organization owning the zone (within the name space) containing those host names.
• From the user's standpoint, there is a single database that deals with these address resolutions. The user may be aware that the database is distributed, but generally need not be concerned about this.

Note: Although domains within the namespace will frequently map in a logical fashion to networks and subnets within the IP addressing scheme, this is not a requirement of the Domain Name System. Consider a router between two subnets: it has two IP addresses, one for each network adapter, but it would not normally have two symbolic names.

4.5.2 Domain Resolution

Domain resolution is a client/server process. The client function (called the resolver or name resolver) is transparent to the user and is called by an application to resolve symbolic high-level names into real IP-addresses or vice versa. The name server (also called a domain name server) is a server application providing the translation between high-level machine names and the IP addresses. The basic process is shown in Figure - Using a Full Resolver for Domain Name Resolution and Figure - Using a Stub Resolver for Domain Name Resolution. The former shows a program called a full resolver, which is a program distinct from the user program, which forwards all queries to a name server for processing. Responses are cached by the name server for future use, and often by the name server. The latter shows a stub resolver, which is a routine linked with the user program, which forwards the queries to a name server for processing. Responses are cached by the name server but not usually by the resolver although this is implementation dependent. On UNIX, the stub resolver is implemented by two library routines: gethostbyname() and gethostbyaddr() for converting host names to IP addresses and vice versa. Other platforms have the same or equivalent routines. Stub resolvers are much more common than full resolvers.


Figure: Using a Full Resolver for Domain Name Resolution




Figure: Using a Stub Resolver for Domain Name Resolution

4.5.2.1 Domain Name Resolver Operation

Domain name queries can be one of two types: recursive or iterative (also termed non-recursive). A flag bit in the domain name query specifies whether the client desires a recursive query and a flag bit in the response specifies whether the server supports recursive queries. The difference between a recursive and an iterative query arises when the server receives a request for which it cannot supply a complete answer by itself. A recursive query requests that the server should issue a query itself to determine the requested information and return the complete answer to the client. An iterative query means that the name server should return what information it has available and also a list of additional servers for the client to contact to complete the query.

Domain name responses can be one of two types: authoritative and non-authoritative. A flag bit in the response indicates which type a response is. When a name server receives a query for a domain in a zone over which it has authority, it returns all of the requested information in a response with the authoritative answer flag set. When it receives a query for a domain over which it does not have authority, its actions depend upon the setting of the recursion desired flag in the query.

4.5.2.2 Domain Name Server Operation

Each name server has authority for zero or more zones. There are three types of name server:

primary

A primary name server loads a zone's information from disk, and has authority over the zone.

secondary

A secondary name server has authority for a zone, but obtains its zone information from a primary server using a process called zone transfer. To remain synchronized, the secondary name servers query the primary on a regular basis (typically every three hours) and re-execute the zone transfer if the primary has been updated. A name server can operate as a primary or a secondary name server for multiple domains, or a primary for some domains and as a secondary for others. A primary or secondary name server performs all of the functions of a caching only name server.

caching-only

A name server that does not have authority for any zone is called a caching-only name server. A caching-only name server obtains all of its data from primary or secondary name servers as required. It requires at least one NS record to point to a name server from which it can initially obtain information.

When a domain is registered with the root and a separate zone of authority established, the following rules apply:

• The domain must be registered with the root administrator.
• There must be an identified administrator for the domain.
• There must be at least two name servers with authority for the zone which are accessible from outside and inside the domain to ensure no single point of failure).

It is also recommended that name servers which delegate authority also apply these rules, since the delegating name servers are responsible for the behavior of name servers under their authority.

4.5.3 Domain System Resource Records

The Domain Name System's distributed database is composed of resource records (RRs). They provide a mapping between domain names and network objects. The most common network objects are the addresses of Internet hosts, but the Domain Name System is designed to accommodate a wide range of different objects. The general format of a resource record is:

 name ttl class type rdata

where:

name

Is the domain name to be defined. The domain name system is very general in its rules for the composition of domain names. However, it recommends a syntax for domain names which will minimize the likelihood of applications which use a DNS resolver (that is, nearly all TCP/IP applications) from misinterpreting a domain name. A domain name adhering to this recommended syntax will consist of a series of labels consisting of alphanumeric characters or hyphens, each label having a length of between 1 and 63 characters, starting with an alphabetic character. Each pair of labels is separated by a dot (period) in human readable form, but not in the form used within DNS messages. Domain names are not case-sensitive.

ttl

Is the time-to-live (TTL) time in seconds that this resource record will be valid in a name server cache. This is stored in the DNS as an unsigned 32-bit value. 86400 (one day) is a typical value for records pointing to IP addresses.

class

Identifies the protocol family. Commonly used values are:

IN

The Internet system

CH

The Chaos system

type

Identifies the type of the resource in this resource record.

The different types are described in detail in RFCs 1034, 1035 and 1706. Each type has a name and a value. Commonly used types include:

Rdata

The value depends on the type, for example:

A

A 32-bit IP address (if the class is IN)

CNAME

A domain name

MX

A 16-bit preference value (low values being preferred) followed by a domain name.

NS

A host name

PTR

A domain name

4.5.4 Domain Name System Messages

All messages in the Domain Name System protocol use a single format. This format is shown in Figure - DNS Message Format. This frame is sent by the resolver to the name server. Only the header and the question section are used to form the query. Replies and/or forwarding of the query use the same frame, but with more sections filled in (the answer/authority/additional sections).


Figure: DNS Message Format

4.5.4.1 Header Format

The header section is always present and has a fixed length of 12 bytes. The other sections are of variable length.

ID

A 16-bit identifier assigned by the program. This identifier is copied in the corresponding reply from the name server and can be used for differentiation of responses when multiple queries are outstanding at the same time.

Parameters

A 16-bit value in the following format:

QR

Flag identifying a query (0) or a response(1)

Op code

4-bit field specifying the kind of query:

0

standard query (QUERY)

1

inverse query (IQUERY)

2

server status request (STATUS) Other values are reserved for future use

AA

Authoritative answer flag. If set in a response, this flag specifies that the responding name server is an authority for the domain name sent in the query.

TC

Truncation flag. Set if message was longer than permitted on the physical channel.

RD

Recursion desired flag. This bit signals to the name server that recursive resolution is asked for. The bit is copied to the response.

RA

Recursion available flag. Indicates whether the name server supports recursive resolution.

zero

3 bits reserved for future use. Must be zero.

Rcode

4-bit response code. Possible values are:

0

No error.

1

Format error. The server was unable to interpret the message.

2

Server failure. The message was not processed because of a problem with the server.

3

Name error. The domain name in the query does not exist. This is only valid if the AA bit is set in the response.

4

Not implemented. The requested type of query is not implemented by name server

5

Refused. The server refuses to respond for policy reasons. Other values are reserved for future use.

QDcount

An unsigned 16-bit integer specifying the number of entries in the question section.

ANcount

An unsigned 16-bit integer specifying the number of RRs in the answer section.

NScount

An unsigned 16-bit integer specifying the number of name server RRs in the authority section.

ARcount

An unsigned 16-bit integer specifying the number of RRs in the additional records section.

4.5.4.2

The next section contains the queries for the name server. It contains QDcount (usually 1) entries, each in the format shown in Figure - DNS Question Format.


Figure: DNS Question Format - All of the fields are byte-aligned. The alignment of the Type field on a 4-byte boundary is for example purposes and is not required by the format.

length

A single byte giving the length of the next label.

label

One element of the domain name (for example ``ibm'' from ral.ibm.com) characters. The domain name referred to by the question is stored as a series of these variable length labels, each preceded by a 1-byte length.

00

X'00' indicates the end of the domain name and represents the null label of the root domain.

Type

2 bytes specifying the type of query. It may have any value from the Type field in a resource record.

Class

2 bytes specifying the class of the query. For Internet queries, this will be "IN".

       X'07'
       "raleigh"
       X'03'
       "ibm"
       X'03'
       "com"
       X'00'

4.5.4.3 Answer, Authority and Additional Resource Sections

These three sections contain a variable number of resource records. The number is specified in the corresponding field of the header. The resource records are in the format shown in Figure - DNS Answer Record Entry Format.


Figure: DNS Answer Record Entry Format - All of the fields are byte-aligned. The alignment of the Type field on a 4-byte boundary is for example purposes and is not required by the format.

Where the fields before the TTL field have the same meanings as for a question entry and:

TTL

A 32-bit time-to-live value in seconds for the record. This defines how long it may be regarded as valid.

RDlength

A 16-bit length for the Rdata field.

Rdata

A variable length string whose interpretation depends on the Type field.

4.5.4.4 Message Compression

In order to reduce the message size, a compression scheme is used to eliminate the repetition of domain names in the various RRs. Any duplicate domain name or list of labels is replaced with a pointer to the previous occurrence. The pointer has the form of a 2-byte field:

• The first 2 bits distinguish the pointer from a normal label, which is restricted to a 63-byte length plus the length byte ahead of it (which has a value of <64).
• The offset field specifies an offset from the start of the message. A zero offset specifies the first byte of the ID field in the header.
• If compression is used in an Rdata field of an answer, authority or additional section of the message, the preceding RDlength field contains the real length after compression is done.

4.5.5 A Simple Scenario

Consider a stand-alone network (no outside connections), consisting of two physical networks: one has an internet network address 129.112, the other has a network address 194.33.7, interconnected by an IP gateway (VM2).


Figure: A Simple Configuration - Two networks connected through an IP gateway.

Let us assign the name server function to VM1. Remember that the domain hierarchical tree forms a logical tree, completely independent of the physical configuration. In this simple scenario, there is only one level in the domain tree. Let's give this configuration the domain name test.example.

The zone data for the name server will then be as shown in Figure - Zone Data for the Name Server.

;note: an SOA record has no TTL field
;
$origin test.example.                                         ;note 1
;
@             IN SOA VM1.test.example. ADM.VM1.test.example.
                    (870611            ;serial number for data
                     1800              ;secondary refreshes every 30 mn
                     300               ;secondary reties every 5 mn
                     604800            ;data expire after 1 week
                     86400)            ;minimum TTL for data is 1 week
;
@       99999 IN NS  VM1.test.example.                        ;note 2
;
VM1     99999 IN A   129.112.1.1                              ;note 3
        99999 IN WKS 129.112.1.1 TCP (SMTP                    ;note 4
                                      FTP
                                      TELNET
                                      NAMESRV)
;
RT1     99999 IN A     129.112.1.2
              IN HINFO IBM RT/PC-AIX                       ;note 5
RT2     99999 IN A     129.112.1.3
              IN HINFO IBM RT/PC-AIX
PC1     99999 IN A     129.112.1.11
PC2     99999 IN A     194.33.7.2
PC3     99999 IN A     194.33.7.3
;
;VM2 is an IP gateway and has 2 different IP addresses
;
VM2     99999 IN A     129.112.1.4
        99999 IN A     194.33.7.1
        99999 IN WKS   129.112.1.4 TCP (SMTP FTP)
              IN HINFO IBM-3090-VM/CMS
;
4.1.112.129.in-addr.arpa.  IN  PTR  VM2                    ;note 6
;
;Some mailboxes
;
central 10    IN MX  VM2.test.example.                     ;note 7 and 8
;
;a second definition for the same mailbox, in case VM2 is down
;
central 20    IN MX  VM1.test.example.
waste   10    IN MX  VM2.test.example.

1

The $origin statement sets the @ variable to the zone name (test.example.). Domain names which do not end with a period are suffixed with the zone name. Fully qualified domain names (those ending with a period) are unaffected by the zone name.

2

Defines the name server for this zone.

3

Defines the Internet address of the name server for this zone.

4

Specifies well-known services for this host. These are expected to be always available.

5

Gives information about the host.

6

Used for inverse mapping queries (see Mapping IP Addresses to Domain Names - Pointer Queries).

7

Will allow mail to be addressed to user@central.test.example.

8

See SMTP and the Domain Name System for the use of these definitions.

4.5.6 Extended Scenario

Consider the case where a connection is made to a third network (129.113) which has an existing name server with authority for that zone.


Figure: Extended Configuration - A third network is connected to the existing configuration.

Let us suppose that the domain name of the other network is tt.ibm.com and that its name server is located in VM9.

All we have to do is add the address of this name server to our own name server database, and to reference the other network by its own name server. The following two lines are all that is needed to do that:

tt.ibm.com.        99999  IN NS       VM9.tt.ibm.com.
VM9.tt.ibm.com.    99999  IN A        129.113.1.9

4.5.7 Transport

Domain Name System Messages are transmitted either as datagrams (UDP) or via stream connection (TCP).

UDP usage

Server port 53 (decimal).

Messages carried by UDP are restricted to 512 bytes. Longer messages are truncated and the TC bit is set in the header. Since UDP frames can be lost, a retransmission strategy is required.

TCP usage

Server port 53 (decimal).

In this case, the message is preceded by a 2-byte field indicating the total message frame length.

STD 3 - Host Requirements requires that:

• A Domain Name System resolver or server that is sending a non-zone-transfer query must send a UDP query first. If the answer section of the response is truncated and if the requester supports TCP, it should try the query again using TCP. UDP is preferred over TCP for queries because UDP queries have much lower overhead, and the use of UDP is essential for a heavily loaded server. Truncation of messages is rarely a problem given the current contents of the Domain Name System database, since typically 15 response records can be accommodated in the datagram, but this may change as new record types are added to the Domain Name System.
• TCP must be used for zone transfer activities because the 512-byte limit for a UDP datagram will always be inadequate for a zone transfer.
• Name servers must support both types of transport.

4.5.8 References

The following RFCs define the Domain Name System standard and the information kept in the system:

• RFC 1032 - Domain Administrator's Guide
• RFC 1033 - Domain Administrator Operations Guide
• RFC 1034 - Domain Names - Concepts and Facilities
• RFC 1035 - Domain Names - Implementation and Specification
• RFC 1101 - DNS Encoding of Networks Names and Other Types
• RFC 1183 - New DNS RR Definitions
• RFC 1706 - DNS NSAP Resource Records

4.5.9 DNS Applications

Three common utilities for querying name servers are provided with many DNS implementations:

host

Obtains an IP address associated with a host name or a host name associated with an IP address.

nslookup

Allows you to locate information about network nodes, examine the contents of a name server database and establish the accessibility of name servers.

dig

Allows you to exercise name servers, gather large volumes of domain name information and execute simple domain name queries. DIG stands for Domain Internet Groper.

4.5.10 Implementations

All of the IBM TCP/IP platforms use stub resolvers in each client application. All except OS/400 and DOS include a name server implementation, which we will discuss in detail in the following sections.

4.5.10.1 VM

TCP/IP for VM allows for the use of a local site tables or the use of the Domain Name System.

The use of local site tables or the use of the Domain Name System is specified in the TCPIP DATA file using the NSINTERADDR statement. If this statement is omitted, then TCP/IP will use a local site table. If this statement exists, TCP/IP will use the Domain Name System. If the parameter on the NSINTERADDR statement is the loopback address (127.0.0.1) (12)then the local name server will be used. Otherwise one (or more) more remote name servers specified on the NSINTERADDR statements will be used. This provides a total of five possible configurations.

Using a local site table

To use a local site table, omit the NSINTERADDR statement from the TCPIP DATA file. Name resolvers need access to a site table to resolve symbolic names. The source for this is the HOSTS LOCAL file which must be converted into a machine-readable form by running the MAKESITE utility. MAKESITE generates two files, HOSTS ADDRINFO and HOSTS SITEINFO, which comprise the site table. The site table is used if no name server is available, that is, if no name server is specified or if the specified name server(s) are unavailable. The only exception is SMTP, which never uses the site tables if it is configured to use a name server.

Using a remote name server

The resolver program obtains the IP addresses of the remote name server(s) from the NSINTERADRR statement(s) in the TCPIP DATA file. If multiple NSINTERADDR statements are found, then connections to the remote name servers are attempted in the order they appear in this configuration file. The number of times that each connection is tried and the timeout interval for the server to respond to the UDP datagram containing the query are specified on the RESOLVERUDPRETRIES and RESOLVERTIMEOUT statements.

Caching-only name server

The name server software is run in a service virtual machine, normally called NAMESRV. Resolver programs use the loopback address specified on the NSINTERADDR statement in the TCPIP DATA file. The server does not have any data available locally, other than a set of resource records specifying the IP addresses name servers to query for particular domains (and possibly an initial set of other resource records). However, the server caches data locally so that subsequent queries for the same domain name can be quickly answered, and it also provides for recursion if recursive resolution is asked by the client resolver. The only data required are the IP addresses of the remote server(s).

The name server configuration file name is specified in the PROFILE EXEC on the NAMESRV 191 minidisk as an argument to the NSMAIN command which starts the name server. The default is NSMAIN DATA. In this configuration file, the entry:

CACHINGONLY fn ft fm

PARIS.IBM.COM                        IN NS     VMA.PARIS.IBM.COM
LAHULPE.IBM.COM                      IN NS     MIDVMB.LAHULPE.IBM.COM
 ..                                  IN NS     SRI-NIC.ARPA
SRI-NIC.ARPA                         IN A      10.0.0.51
                                     IN A      26.0.0.73
VMA.PARIS.IBM.COM                    IN A      9.37.17.2
MIDVMB.LAHULPE.IBM.COM               IN A      9.36.1.4

Full-function name server

The name server software is run in the NAMESRV service virtual machine and resolver programs use the loopback address. The name server can operate as a primary and/or a secondary name server. The domain data is stored in an SQL/DS table.

Mail eXchanger (MX) records are supported. They are only used by SMTP ( see SMTP and the Domain Name System for more details about the use of MX records).

The NSMAIN DATA contains PRIMARY and/or SECONDARY statements instead of a CACHINGONLY statement. An example is shown in Figure - Sample NSMAIN DATA File for VM.

;***********************************************************
; This file is read by the name server upon initialization.
; The default name of this file is NSMAIN DATA *.
; A different file may be read by suppling a parameter when
; the name server is started... NSMAIN MY FILE B for example.
;
; This file contains the startup parameter values which define
; the name server as authoritative for stn.mlv.fr and
; tst.mlv.fr.   The data for stn.mlv.fr is defined locally,
; whereas the data for  tst.mlv.fr is defined remotely and zone
; transferred to the local name server.
;
; If you are not using SQL, remove all PRIMARY and SECONDARY
; statements and use the CACHINGONLY statement to define a
; database of remote name servers.
;***********************************************************
;
; The PRIMARY and SECONDARY statements are used if you are using an
; SQL database.
;
PRIMARY stn.mlv.fr STN  ; Use authoritative tables STN0 & STN1
SECONDARY tst.mlv.fr TST 152.9.271.2
;                    ; Use authoritative tables TST0 & TST1
;                    ; Transfer domain data for tst.mlv.fr into tables
;                    ; TST0 and TST1 from 152.9.271.2
;
; The CACHINGONLY statement is used to define a caching only name server
; that obtains all records from remote name servers.
;
; CACHINGONLY  NSMAIN CACHE A     ; Sample CACHINGONLY data file
;
;
NEGATIVECACHING                 ; The NS will store negative query answers
STANDARDQUERYCACHE     100      ; The number of Standard queries to cache
INTERMEDIARYQUERYCACHE  50      ; The number of Intermediary queries to cache
INVERSEQUERYCACHE        5      ; The number of Inverse queries to cache
DATABASEQUERYCACHE       5      ; The number of Data Base queries to cache
;
;
LRUTIME                300      ; Time an entry must be in the cache before it
                                ; can be replaced by the LRU algorithm
HOSTNAMECASE         LOWER      ; Host names in the SQL tables are in lower case
DOMAINNAMEPORT          53      ; Listen on port N, default is 53
; UDPONLY                       ; Use UDP only when contacting a remove NS
UDPRETRYINTERVAL         5      ; After N seconds, try next remote NS
; NORECURSION                   ; Prevents NS from performing recursion
MSGNOH                          ; Specifies the NS use CP MSGNOH, not CP MSG
SMSGUSERFILE    VALIDUSR EXEC A ; SMSG userid authorization file
TRACE              QUEUE        ; Display query origination and query name

User Applications

VM provides the NSLOOKUP and DIG programs to query name servers. For more information on these programs, please refer to IBM TCP/IP Version 2 Release 3 for VM: User's Guide.

4.5.10.2 MVS

Note: Consult IBM TCP/IP Version 3 Release 1 for MVS: Customization and Administration Guide for information on the search order used for TCP/IP data sets.

TCP/IP for MVS supports both local site tables and the Domain Name System.

The use of local site tables or the use of the Domain Name System is specified in the TCPIP.DATA data set using the NSINTERADDR statement. If this statement is omitted, TCP/IP will use a local site table. If this statement exists TCP/IP will use the Domain Name System. If the parameter on the NSINTERADDR statement is the loopback address (127.0.0.1) (13)then the local name server will be used, otherwise one (or more) more remote name servers specified on the NSINTERADDR statements will be used. This provides a total of five possible configurations.

Using a local site table

To use a local site table, omit the NSINTERADDR statement from the TCPIP.DATA data set. Name resolvers need access to a site table to resolve symbolic names. The source for this is the HOSTS.LOCAL data set, which must be converted into a machine-readable form by running the MAKESITE utility. MAKESITE generates two data sets, HOSTS.ADDRINFO and HOSTS.SITEINFO, which comprise the site table. The site table is used if no name server is available, that is, if no name server is specified or if the specified name server(s) are unavailable. The only exception is SMTP, which never uses the site tables if it is configured to use a name server.

Using a Remote Name Server

The resolver program obtains the IP addresses of the remote name server(s) from the NSINTERADRR statement(s) in the TCPIP.DATA data set. If multiple NSINTERADDR statements are found then connections to the remote name servers are attempted in the order they appear in this configuration file. The number of times that each connection is tried and the timeout interval for the server to respond to the UDP datagram containing the query are specified on the RESOLVERUDPRETRIES and RESOLVERTIMEOUT statements.

Caching-only name server

The name server software is run in a separate address space. Resolver programs use the loopback address specified on the NSINTERADDR statement in the TCPIP DATA file. The server does not have any data available locally, other than a set of resource records specifying the IP addresses name servers to query for particular domains (and possibly an initial set of other resource records). However, the server caches data locally so that subsequent queries for the same domain name can be quickly answered, and it also provides for recursion if recursive resolution is asked by the client resolver. The only data required are the IP addresses of the remote server(s).

The NSMAIN.DATA configuration data set contains the entry:

CACHINGONLY data_set_name

PARIS.IBM.COM                        IN NS     MVSA.PARIS.IBM.COM
LAHULPE.IBM.COM                      IN NS     MIDVMB.LAHULPE.IBM.COM
 ..                                  IN NS     SRI-NIC.ARPA
SRI-NIC.ARPA                         IN A      10.0.0.51
                                     IN A      26.0.0.73
MVSA.PARIS.IBM.COM                   IN A      9.37.17.2
MIDVMB.LAHULPE.IBM.COM               IN A      9.36.1.4

Full-function name server

The name server software is run in a separate address space and resolver programs use the loopback address. The name server can operate as a primary and/or a secondary name server. The domain data is stored in a DB2 SQL table.

The name server software is run in the NAMESRV service virtual machine and resolver programs use the loopback address. The name server can operate as a primary and/or a secondary name server. The domain data is stored in an SQL/DS database.

Mail eXchanger (MX) records are supported. They are only used by SMTP (see SMTP and the Domain Name System for more details about the use of MX records).

The NSMAIN DATA contains PRIMARY and/or SECONDARY statements instead of a CACHINGONLY statement. An example is shown in Figure - Sample NSMAIN DATA File for MVS.

;
DB2SYSNAME SYS1      ; Define Local DB2 subsystem
PRIMARY watson.ibm.com WATSON  ; Use authoritative tables WATSON0, WATSON1
SECONDARY ibm.com IBM 129.34.128.245
;                    ; Transfer domain data for ibm.com into tables
;                    ; IBM0 and IBM1 from 129.34.128.245
;
NEGATIVECACHING                 ; The NS will store negative query answers
STANDARDQUERYCACHE     100      ; The number of Standard queries to cache
INTERMEDIARYQUERYCACHE  50      ; The number of Intermediary queries to cache
INVERSEQUERYCACHE        5      ; The number of Inverse queries to cache
;
;
LRUTIME                300      ; Time an entry must be in the cache before it
                                ; can be replaced by the LRU algorithm
HOSTNAMECASE         UPPER      ; Host names in the DB2 tables are in upper case
DOMAINNAMEPORT          53      ; Listen on port N, default is 53
UDPONLY                       ; Use UDP only when contacting a remove NS
UDPRETRYINTERVAL         5      ; After N seconds, try next remote NS
; NORECURSION                   ; Prevents NS from performing recursion
TRACE               QUEUE       ; Display query origination and query name

A sample DB2 configuration is shown schematically in Figure - DB2 Storage Group, Tablespace, and Table Definition.


Figure: DB2 Storage Group, Tablespace, and Table Definition

User Applications

MVS provides the NSLOOKUP and DIG programs to query name servers. For more information on these programs, please refer to IBM TCP/IP Version 3 Release 1 for MVS: User's Guide.

For more information on their installation, please refer to the IBM TCP/IP Version 3 Release 1 for MVS: Customization and Administration Guide.

4.5.10.3 OS/400

TCP/IP on OS/400 systems does not support the name server function but can use a remote name server (that is, the user applications include a stub resolver). A flat name space is supported and the local host table is configured using the OS/400 TCP/IP configuration panels.

4.5.10.4 AIX

Domain name services are fully implemented in AIX/6000. AIX/ESA provides similar services. We shall concentrate on the AIX/6000 implementation here. The following types of name server are supported:

1. Primary name server
2. Secondary name server
3. Caching-only server
4. Forwarder or client server (not on AIX/ESA)
5. Remote server

The AIX resolver routines, gethostbyaddr() and gethostbyname(), attempt to resolve names using the following procedure:

• If the file /etc/resolv.conf does not exist, then the resolver routines assume that the local network is a flat network. They then use the /etc/hosts file to map the name to an address.
• Otherwise, they assume the local network is a domain network and attempt to use the following sources in the order listed:
  1. The domain name server
  2. The local /etc/hosts file

The named daemon provides the name server function. It is controlled by the AIX SRC (system resource control). It can be started automatically with each system restart by either using the smit stnamed fastpath command or by editing the rc.tcpip file to uncomment the line:

#start /etc/named "$src_running"

An AIX host can be configured to use a name server by using the following steps:

• Create the /etc/resolv.conf file to include the domain name and up to 16 name server entries. For example:

  domain itsc.raleigh.ibm.com
  nameserver 9.67.38.101
  nameserver 9.67.38.96
  

• Create the /etc/named.boot file to specify the name and the type of the local named daemon.
• Create the /etc/named.* files to define further data for the daemon. The format of the files follows the standard Resource Record format.

The daemon also supports resource records for mail of types MB (mailbox domain name), MR (mail rename domain name), MG (mail group member), MINFO (mailbox or mail list information) and MX (mail exchange).

User Applications

AIX/6000 includes the host and nslookup programs. AIX/6000 also provides the dig program to query name servers.

4.5.10.5 OS/2

TCP/IP for OS/2 provides a similar implementation to that in AIX. The following types of name server are supported:

1. Primary name server
2. Secondary name server
3. Caching-only server
4. Remote server
5. Flat name space

In order to use any of the first three, the named server which is included in the Domain Name Server kit is required.

The OS/2 resolver routines, gethostbyaddr() and gethostbyname() attempt to resolve names using the following procedure:

• If the file \TCPIP\ETC\RESOLV does not exist, then the resolver routines assume that the local network is a flat network. They then use TCPIP\ETC\HOSTS file to map the name to an address.
• Otherwise, they assume the local network is a domain network and attempt to use the following sources in the order listed:
  1. The domain name server.
  2. The local \TCPIP\ETC\HOSTS file.

The named daemon provides the name server function. It is configured using the \TCPIP\ETC\NAMEDB\NAMED.BT file.

User Applications

The HOST and NSLOOKUP programs are included in TCP/IP for OS/2.

Please refer to IBM TCP/IP Version 2.0 for OS/2: User's Guide for more details about the HOST and NSLOOKUP commands.

4.5.10.6 DOS

TCP/IP for DOS system does not support the name server function but can use a remote name server (that is, the user applications include a stub resolver). A flat name space is supported and the local host table is found in the \TCPDOS\ETC\HOSTS file.

User Applications

The HOST program is included with TCP/IP for DOS.

Please refer to IBM TCP/IP Version 2.1.1 for DOS: User's Guide for more details about the HOST command.

Table of Contents Simple Mail Transfer Protocol (SMTP)