6.033 Spring 2019 Calendar Information
Design Project System Critiques Hands-ons Submit Site
Office Hours Piazza

Hands-on 1: DNS

Due: 11:59pm February 15, 2019

Preparation

The 6.033 hands-ons are small weekly assignments meant to give you a taste of how we interact with the systems that you're studying. This hands-on exercise is designed to introduce you to the Internet's Domain Name System (DNS). You probably use DNS every day—you used it to get to this page. To prepare for this assignment, please read Section 4.4 of the class textbook, titled "Case study: The Internet Domain Name System (DNS)", which is also assigned for recitation.

You will first read a quick introduction on the tools we use to work with DNS. After that, you will answer some short questions and submit your answers via Gradescope. The questions, and instructions for submission, are at the end of this page.

Introduction

A good tool for exploring DNS is dig, short for Domain Information Groper. dig should be available on all recent Athena workstations. (If you want to do the hands-on on your own laptop, you can use ssh to access an Athena machine.)

Here is an example use of dig: 

adehnert@mint-square:~$ dig wikipedia.org

; <<>> DiG 9.7.0-P1 <<>> wikipedia.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42867
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

;; QUESTION SECTION:
;wikipedia.org.                 IN      A

;; ANSWER SECTION:
wikipedia.org.          572     IN      A       208.80.152.201      (*)

;; AUTHORITY SECTION:
wikipedia.org.          572     IN      NS      ns2.wikimedia.org.
wikipedia.org.          572     IN      NS      ns1.wikimedia.org.
wikipedia.org.          572     IN      NS      ns0.wikimedia.org.

;; ADDITIONAL SECTION:
ns0.wikimedia.org.      572     IN      A       208.80.152.130
ns1.wikimedia.org.      572     IN      A       208.80.152.142
ns2.wikimedia.org.      572     IN      A       91.198.174.4

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Feb  5 03:08:21 2013
;; MSG SIZE  rcvd: 159

dig performs a DNS lookup and prints information about the request and the response it received. If you run dig, you may see results that differ from those presented here. At the bottom, we can see that the query was sent to our default server (127.0.0.1), and that it took roughly 0 milliseconds to respond. Most of the information we are interested in is in the ANSWER section, marked with a (*) above. Let's examine that section more closely: 

        ;; ANSWER SECTION:
        wikipedia.org.          572     IN      A       208.80.152.201      (*)
          name                 expire  class   type     data (IP)
We can see that this result is of type A, an address record: it is telling us that the IP address for the name "wikipedia.org" is 208.80.152.201. The expiry time field "572" indicates that this record/entry is valid for 572 seconds (about ten minutes). You can ignore the "class" field; this is nearly always IN for Internet.

The AUTHORITY section contains records of type NS, indicating the names of DNS servers that have name records for a particular domain. Here, we can see that three DNS servers (ns0.wikimedia.org., ns1.wikimedia.org. and ns2.wikimedia.org.) are responsible for answering requests for names in the wikipedia.org domain.

We can ask a specific server (instead of the default) for information about a host by using the following syntax: 

adehnert@mint-square:~$ dig @bitsy.mit.edu wikipedia.org

; <<>> DiG 9.7.0-P1 <<>> @bitsy.mit.edu wikipedia.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24050
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

;; QUESTION SECTION:
;wikipedia.org.                 IN      A

;; ANSWER SECTION:
wikipedia.org.          2853    IN      A       208.80.152.201

[output truncated]

The rd (recursion desired) flag indicates that dig requested a recursive lookup, and the ra (recursion available) flag indicates that the server permits recursive lookups (some do not).

dig only prints the final result of the recursive search. You can mimic the individual steps of a recursive search by sending a request to a particular DNS server and asking for no recursion, using the +norecurs flag. For example, to send a non-recursive query to one of the root servers: 

adehnert@mint-square:~$ dig @a.ROOT-SERVERS.NET www.wikipedia.org +norecurs

; <<>> DiG 9.7.0-P1 <<>> @a.ROOT-SERVERS.NET www.wikipedia.org +norecurs
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51557
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 6, ADDITIONAL: 12

;; QUESTION SECTION:
;www.wikipedia.org.             IN      A

;; AUTHORITY SECTION:
org.                    172800  IN      NS      a0.org.afilias-nst.info.
org.                    172800  IN      NS      a2.org.afilias-nst.info.
org.                    172800  IN      NS      c0.org.afilias-nst.info.
org.                    172800  IN      NS      b0.org.afilias-nst.org.
org.                    172800  IN      NS      b2.org.afilias-nst.org.
org.                    172800  IN      NS      d0.org.afilias-nst.org.

;; ADDITIONAL SECTION:
a0.org.afilias-nst.info. 172800 IN      AAAA    2001:500:e::1
a0.org.afilias-nst.info. 172800 IN      A       199.19.56.1
a2.org.afilias-nst.info. 172800 IN      AAAA    2001:500:40::1
a2.org.afilias-nst.info. 172800 IN      A       199.249.112.1
c0.org.afilias-nst.info. 172800 IN      AAAA    2001:500:b::1
c0.org.afilias-nst.info. 172800 IN      A       199.19.53.1
b0.org.afilias-nst.org. 172800  IN      AAAA    2001:500:c::1
b0.org.afilias-nst.org. 172800  IN      A       199.19.54.1
b2.org.afilias-nst.org. 172800  IN      AAAA    2001:500:48::1
b2.org.afilias-nst.org. 172800  IN      A       199.249.120.1
d0.org.afilias-nst.org. 172800  IN      AAAA    2001:500:f::1
d0.org.afilias-nst.org. 172800  IN      A       199.19.57.1

;; Query time: 226 msec
;; SERVER: 198.41.0.4#53(198.41.0.4)
;; WHEN: Tue Feb  5 03:23:19 2013
;; MSG SIZE  rcvd: 437
As you can see, the server does not know the answer and instead provides information about the servers most likely to be able to provide authoritative information. In this case, the best the root server knows is the identities of the servers for the org. domain.

Questions

Now that you've read the introduction, complete the accompanying questions. Read what's below first.

You'll notice that those questions are given as a read-only Google Doc. You'll download the assignment, type up your answers, and then upload your solution to Gradescope, an online grading tool. Using Gradescope allows us to give you better, more timely feedback on your solutions.

You can download that assignment in whatever format you'd like: a new Google doc, a Word document, etc. We don't care. We do care about the following:

  • The assignment has page breaks built in (the places where one page ends and a new one begins). Because of how Gradescope works, those pagebreaks cannot change. For instance, your answer to Question 1 must go on the first page of the assignment, along with the text for that question. Here is a sample of how your final solution should be formatted.
  • When you've finished, convert your solution write-up to a PDF and upload it to Gradescope, under the "Hands-on 1 - DNS" assignment. You can resubmit as many times as you'd like before the deadline.

You may need a "course code" to affiliate yourselves with 6.033 Spring 2019 on Gradescope. That code is 9NY58Z.

If you have any questions about how to format your solutions, or how to upload to Gradescope, please post a question on Piazza.

If Gradescope is down or otherwise unavailable to you near the deadline, that is not a reason to not submit your answers. Should this happen, email your solution to your TA before the deadline and we'll sort it out.