Call me...on DNS

DNS has proven incredibly versatile and scalable in resolving email, web, and application services names to IP addresses across the global Internet for over three decades. And its versatility seems to have no limits as DNS can even be used to map telephone numbers into IP addresses too. The means to perform this mapping function is useful for voice applications, not to mention other generic applications requiring resolution with one or more layers of indirection. The ENUM (E.164 telephone number mapping) service has been defined to support telephone number resolution. ENUM supports the mapping of telephone numbers, in ITU E.164 format, into uniform resource identifiers (URIs). A URI is an Internet identifier consisting of a uniform resource name (URN) and a uniform resource locator (URL). A simple example: for URL http://www.ipamworldwide.com with URN file.txt, the corresponding URI would be http://www.ipamworldwide.com/file.txt. 

The mapping of E.164 numbers (or other arbitrary domain names for that matter) to URIs is performed primarily using the Naming Authority Pointer (NAPTR) resource record type in DNS. NAPTR records were initially defined to provide a means to iteratively resolve an arbitrary string into a URI for the Dynamic Delegation Discovery System (DDDS). Some background on DDDS is provided in RFC 3402, but it initially stemmed from the desire to define a resolution process that could enter with a resource name (e.g., a particular application or piece of data) which in itself, contains no network location information, and resolve it to a destination resource identifier by applying a series of iterative rules from a database, DNS in this case. This separation of the specification of the resource name from the process to locate or resolve it facilitates the making of changes and re-delegations of resources without impacting the end user application’s naming convention.

The NAPTR record enables the specification of such rules within DNS, often using multiple record types including A, AAAA, SRV and even iterative NAPTR records to fully complete the resolution process. Each NAPTR record translates a given entry string, i.e., a valid DNS domain name, into another name or regular expression that can be applied to the input string to derive the next name to lookup. This process iterates until a terminal rule is reached and the final result is returned to the requesting application.

The record data portion of the NAPTR record type contains Order and Preference fields to enable prioritization of multiple records for the same name much like SRV records, a Flags field to denote the resource record type to lookup next, a Services field to indicate the translation type, e.g., URI to URL, ENUM service to URI, etc. as well as Regular Expression and Replacement fields. The Regular Expression field enables entry of a sed-style regular expression for evaluation to derive the next lookup name and Replacement denotes the next lookup name explicitly.

For example, when used to lookup an E.164 telephone number the query name comprises a destination telephone number (with digits reversed much like IPv4 addresses in an in-addr.arpa domain name and suffixed with e164.arpa). The Services field would be "E2U" to denote E.164 translation and the regular expression or replacement would resolve a destination, e.g., a Session Initiation Protocol (SIP) server, mailto URL, or other URI-formatted destination. The resolver would then perform a lookup of the resolved destination name for the type defined in the NAPTR Flags field (typically SRV, A or AAAA) to ultimately complete the resolution process. 

The 3G partnership program, which is a standards body for advanced mobile systems, in conjunction with the European Telecommunications Standards Institute (ETSI) defined the use of NAPTR records for mobile services resource location using DNS in its ETSI TS 129 303 / 3GPP TS 29.303 document: Universal Mobile Telecommunications System (UMTS); LTE; Domain Name System Procedures; Stage 3. This standard stipulates use of "Straightforward NAPTR" or S-NAPTR as defined in RFC 3958, which limits the lookup types to SRV, A, or AAAA types and ignores regular expression processing. For 3GPP applications, e.g. 5G, lookups are performed for particular node names of given types not E.164 telephone numbers, though this merely elucidates the versatility of the NAPTR resource record type. 

Management of a multitude of domains, zones, and node names, not to mention direct and indirect resolution methods via various record types could be overwhelming especially given the scalability requirements of most service provider networks. Use of a highly scalable, available, and flexible IP address management (IPAM) system such as IPControl from Diamond IP by BT can vastly simplify administration of these multiple dimensions of complexity with inherent automation to facilitate provisioning accuracy with scale. IPControl helps the largest service providers on Earth manage their IP space and DNS configurations. Please contact me to learn more. 

Comments

Post a Comment

Popular posts from this blog

Handy AAAA filter in BIND 9.8

The ISC introduced a pair of new configuration file options in BIND 9.8 to enable administrators to easily filter who may receive AAAA record type responses even if valid responses exist. For example, clients on subnets that do not have IPv6 network access can be excluded from receiving affirmative answers for AAAA queries. This feature provides simpler administration than the alternative mechanism using views. The first option, filter-aaaa-on-v4,defines whether the server will return AAAA records to certain clients. Such clients are defined by the address match list parameter of the second option, filter-aaaa. Note that BIND must be compiled with the --enable-filter-aaaa option on the configure command line to enable AAAA filtering. The syntax of these options is as follows: filter-aaaa-on-v4 (yes | no | break-dnssec) ; filter-aaaa {addr_match_list;} ; The filter-aaaa option identifies the address match list for which the filter-aaaa-on-v4 option is to be applied as described
Read more

Inglorious DDI

We all know how critical DHCP/DNS/IPAM (DDI) services are. Your network cannot function without them. But like most foundational elements of anything, they are certainly not glamorous...like good luck finding a home designer who specializes in home foundations. I would not be shocked should HGTV pass on my brilliant concept for a foundation building show. I suppose most people would find a show detailing footing depths and concrete pouring techniques rather boring.  Nevertheless, there are countless shows for redesigning and remodeling homes. On most episodes the foundation is out of sight, out of mind. If it's stable, no one wants to pay it attention, they just expect it to keep doing its job, supporting the structure. Once in a while a foundational issue is brought up that unexpectedly threatens to raise the budget to heighten the drama. All work stops until the issue is addressed. And you'll notice that the owner never denies paying the extra amount to fix the issue.
Read more

BIND 9.8.0 Adds DNS64 Support - Part 2 - How is it configured?

BIND 9.8.0 introduced a new dns64 option statement that can be configured within the server named.conf options block or within a view options block. Recall from a prior post that DNS64 configures a recursive DNS server to issue A record queries on behalf of a client requesting AAAA records, then appends the returned IPv4 address to a defined IPv6 prefix. This manufactured IPv6 address enables the querying host to connect to a NAT64 gateway which will terminate the IPv6 connection from the client and map it to an outbound IPv4 connection to the appended IPv4 address, completing the connection! Whew! BIND offers a number of useful parameters within the dns64 statement to control this process. The statement syntax is: dns64 IPv6_prefix { [clients {address_match_list };] [mapped {address_match_list };] [exclude {address_match_list };] [suffix IPv6_addr;] [recursive-only (yes|no);] [break-dnssec (yes|no);] }; The IPv6_prefix parameter is the prefix to which returned
Read more