Novell Documentation: DNS/DHCP

DNS Hierarchy

DNS uses a hierarchy to manage its distributed database system. The DNS hierarchy, also called the domain name space, is an inverted tree structure, much like eDirectory.

The DNS tree has a single domain at the top of the structure called the root domain. A period or dot (.) is the designation for the root domain. Below the root domain are the top-level domains that divide the DNS hierarchy into segments.

Listed below are the top-level DNS domains and the types of organizations that use them. Below the top-level domains, the domain name space is further divided into subdomains representing individual organizations.

Table . Top-Level DNS Domains

Domain	Used by
.com	Commercial organizations, as in novell.com
.edu	Educational organizations, as in ucla.edu
.gov	Governmental agencies, as in whitehouse.gov
.mil	Military organizations, as in army.mil
.org	Nonprofit organizations, as in redcross.org
.net	Networking entities, as in nsf.net
.int	International organizations, as in nato.int

Additional top-level domains organize domain name space geographically. For example, the top-level domain for France is fr. DNS Hierarchy illustrates the DNS hierarchy.

Figure 1
DNS Hierarchy

Domains and Subdomains

A domain is a label of the DNS tree. Each node on the DNS tree represents a domain. Domains under the top-level domains represent individual organizations or entities. These domains can be further divided into subdomains to ease administration of an organization's host computers.

For example, Company A creates a domain called companya.com under the .com top-level domain. Company A has separate LANs for its locations in Chicago, Washington, and Providence. Therefore, the network administrator for Company A decides to create a separate subdomain for each division, as shown in Domains and Subdomains .

Any domain in a subtree is considered part of all domains above it. Therefore, chicago.companya.com is part of the companya.com domain, and both are part of the .com domain.

Figure 2
Domains and Subdomains

Domain Names

The domain name represents an entity's position within the structure of the DNS hierarchy. A domain name is simply a list of all domains in the path from the local domain to the root. Each label in the domain name is delimited by a period. For example, the domain name for the Providence domain within Company A is providence.companya.com, as shown in Domains and Subdomains and the list below.

Note that the domain names in the figure end in a period, representing the root domain. Domain names that end in a period for root are called fully qualified domain names (FQDNs).

Each computer that uses DNS is given a DNS hostname that represents the computer's position within the DNS hierarchy. Therefore, the hostname for host1 in Figure 2 is host1.washington.companya.com.

Domain Delegation

Domain delegation gives an organization authority for a domain. Having authority for a domain means that the organization's network administrator is responsible for maintaining the DNS database of hostname and address information for that domain.

A group of domains and subdomains for which an organization has authority is called a zone. All host information for a zone is maintained in a single, authoritative database.

For example, the companya.com. domain is delegated to Company A, creating the companya.com. zone. There are three subdomains within the companya.com. domain:

chicago.companya.com.
washington.companya.com.
providence.companya.com.

The Company A administrator maintains all host information for the zone in a single database and also has authority to create and delegate subdomains.

For example, Company A's Chicago location has its own network administrator. The companya.com administrator delegates the chicago.companya.com zone to the Chicago location and no longer has authority over it. Company A now has two zones: companya.com and chicago.companya.com.

companya.com, which has authority over companya.com, washington.companya.com, and providence.companya.com zones
chicago.companya.com, which has authority over the chicago.companya.com zone

IN-ADDR.ARPA Domain

The IN-ADDR.ARPA domain (or zone) provides mapping of IP addresses to names within a zone, enabling a client (or resolver) to request a hostname by providing an IP address. Some security-based applications require this function, also known as reverse-lookup.

The file that stores the IN-ADDR.ARPA data is made up of Pointer records and additional name server records, including Start of Authority (SOA) records, similar to other DNS zone files. Within the IN-ADDR.ARPA zone file, IP addresses are listed in reverse order, and 'in-addr.arpa' is appended to the address. A query for a host with an IP address of 1.2.3.4 would require a PTR query with the target address of 4.3.2.1.in-addr.arpa.