Name Resolution - DNS & UDP

Overview of DNS and Transport Protocols
  • DNS (Domain Name System) is an application layer service utilized primarily for translating domain names into IP addresses.
  • It utilizes UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol) because:
    • Connectionless: UDP does not require the setup or teardown of a connection, resulting in less traffic.
    • Single Datagram Fit: DNS requests and their responses usually fit within a single UDP datagram, making it efficient and suitable as a connectionless protocol.
Traffic Generation by DNS
  • DNS can generate considerable traffic due to:
    • Caches of DNS entries on local machines and caching name servers.
    • Full resolution processing requiring more data to be transferred.
DNS Lookup Process via TCP
  1. TCP Connection Establishment
    • Host sends a SYN packet to the local name server on port 53 (DNS port).
    • Name server responds with a SYN ACK packet.
    • Host completes three-way handshake by sending an ACK packet.
    • Total packets so far: 3
  2. DNS Request Submission
    • Host sends a request for the IP address of foo.com.
    • Name server sends an ACK confirming the request:
    • Total packets so far: 5
  3. Cache Miss and Further Lookup
    • Name server queries a root name server to identify the TLD (Top-Level Domain) server:
      • This involves another three-way handshake, sending the original request, the response, and an acknowledgment.
    • Total packets required for TLD lookup: 11
    • Running total: 16 packets
  4. Discovery of Authoritative Name Server
    • The process is repeated for the authoritative name server, again requiring another 11 packets.
    • Running total: 27 packets
  5. Final Request for IP Address
    • Recursive name server sends a final request to the authoritative server to get the actual IP address, adding another 11 packets.
    • Running total: 38 packets
  6. Final Response
    • Local name server responds to the initial request and the resolver sends an ACK back to confirm receipt.
    • Total packets: 40 packets
  7. Connection Teardown
    • The TCP connection terminates through a four-way handshake.
    • Final packet total: 44 packets
Efficiency of DNS Lookups via UDP
  • UDP drastically reduces packet count in comparison:
  1. Host sends a packet to local name server asking for foo.com: 1 packet.
  2. Local name server sends a UDP packet to the root and gets TLD server: 3 packets total.
  3. Recursive name server queries TLD server and receives authoritative server details: 5 packets total.
  4. Final request to the authoritative server and response with IP address: 7 packets total.
  5. Local name server responds to the original resolver: 8 packets total.
Advantages of UDP over TCP for DNS
  • Less Overhead: UDP requires significantly fewer packets, demonstrating TCP's excessive overhead for the simplicity of DNS lookups.
  • Error Recovery: DNS resolvers handle errors by simply resending requests if no response is received -- similar outcomes to TCP, but with reduced complexity at the transport layer.
Consideration of DNS over TCP
  • DNS over TCP is utilized when responses exceed the size of a single UDP datagram.
  • In such cases, DNS name servers indicate that the response is too large and the client establishes a TCP connection to retrieve the information.