Networking / Beginners

Distributed Architecture

No single server or network can handle all of the DNS queries generated by the Internet. Instead, DNS uses a distributed architecture. Domains and network providers divide the hostname management workload. By dividing the workload between different layers of DNS servers, no single system becomes overwhelmed. There are five main types of DNS servers: root, TLD, primary, secondary, and caching. Each type plays a critical role in dividing the workload and managing hostnames.

Root Servers

The root level DNS servers are the primary source for performing name resolution. The root servers do not store hostnames. Instead, these systems contain pointers to other name servers. For example, if a user wants to look up the hostname hen.chicken.coop then the root server will redirect the query to the top level domain (TLD)servers that manage the coop domain. For reverse lookups, the root servers maintain lists of subnets and servers that manage the subnets.

The number of root-level DNS servers has expanded over time. In September 2005, there were 13 root servers. The official list of servers is maintained at http://www.root-servers.org/. Each of the root servers represents a cluster of systems and not a single host. For example, F.root-servers.org has servers operating in 30 different locations around the world. The distribution and redundancy permits load balancing and mitigates the impact from a DoS attack.

[Previous] [Contents] [Next]

In this tutorial:

  1. Domain Name System (DNS)
  2. DNS Common Uses
  3. Hostname-to-Address Mapping
  4. Common Lookup Tools
  5. Naming Confusion Attack Vectors
  6. Dotted Names
  7. Name Formatting
  8. Exploited Anonymity
  9. Mail Servers
  10. Sender Policy Framework Overloading
  11. Domain Keys Overloading
  12. DNS Protocol
  13. Packet Information
  14. Simple DNS Server
  15. Distributed Architecture
  16. Top Level Domain Servers
  17. Generic Top Level Domain (gTLD)
  18. Secondary Level Domain (SLD)
  19. Primary and Secondary Servers
  20. Caching Servers
  21. DNS Management
  22. DNS Direct Risks
  23. DNS Performance versus Security
  24. DNS Cache Poisoning
  25. Corrupt DNS Packets
  26. DNS Domain Hijacking
  27. DNS Server Hijacking
  28. Dynamic DNS
  29. Similar Hostnames
  30. Domain Renewals
  31. Hostnames
  32. Zone Transfers
  33. Host Listing
  34. DNS Fields
  35. Mitgation Option
  36. Technical Threat Mitigation
  37. Social Threat Mitigation
  38. Defining Trusted Replies