8/17/22, 2:28 PM
`
`Domain NameSystem - Wikipedia, the free encyclopedia
`
`The Wayback Machine- https://web.archive.org/web/20090320152858/http://en.wikipedia.org/wiki/DomainNameS...
`
`Domain Name System
`
`From Wikipedia, the free encyclopedia
`
`The Domain Name System (DNS)is a hierarchical naming system for
`computers, services, or any resource participating in the Internet. It
`associates various information with domain namesassigned to such
`participants. Most importantly, it translates domain names meaningful
`to humans into the numerical (binary) identifiers associated with
`networking equipmentfor the purpose oflocating and addressing these
`.
`:
`.
`-
`devices world-wide. An often used analogy to explain the Domain
`NameSystem is thatit serves as the "phone book"for the Internet by
`translating human-friendly computer hostnamesinto IP addresses. For
`example, www.example.comtranslates to 208.77.188.166.
`
`The Domain Name System makesit possible to assign domain namesto
`groupsofInternet users in a meaningful way, independent of each
`user's physical location. Because of this, World-Wide Web (WWW)
`hyperlinks and Internet contact information can remain consistent and
`constant even if the current Internet routing arrangements changeor the
`participant uses a mobile device. Internet domain namesare easier to
`rememberthan IP addresses such as 208.77.188.166 (IPV4) or
`2001: db8:1f70: :999:de8:7648:6e8 (IPv6). People take advantageofthis
`when they recite meaningful URLs and e-mail addresses without
`having to know how the machine will actually locate them.
`
`TheInternet Protocol Suite
`
`Application Layer
`BGP - DHCP: DNS: FTP: GIP: HTTP:
`IMAP- IRC : Megaco - MGCP : NNTP -
`NEP = POP RIP “RPC - REP“ RTSP -
`
`SDP : SIP : SMTP - SNMP - SOAP : SSH -
`STUN - Telnet - TLS/SSL - XMPP- (more)
`
`Transport Layer
`
` TCP-UDP-DCCP-SCTP: RSVP: ECN:
`
`(more)
`
`Internet Layer
`
`IP (IPv4, IPv6) - ICMP - ICMPv6 : IGMP -
`
`IPsec - (more)
`
`Link Layer
`
`ARP - RARP: NDP: OSPF -
`
`The Domain NameSystem distributes the responsibility of assigning
`domain names and mapping those namesto IP addresses by designating
`authoritative name servers for each domain. Authoritative name servers
`are assigned to be responsible for their particular domains, and in turn
`can assign other authoritative nameservers for their sub-domains. This mechanism has made the DNSdistributed, fault
`tolerant, and helped avoid the need for a single central register to be continually consulted and updated.
`
`Tunnels (L2TP) - Media Access
`Control (Ethemet, MPLS, DSL, ISDN,
`FDDI) « Device Drivers « (more)
`
`In general, the Domain NameSystem also stores other types of information, suchas the list of mail servers that accept
`email for a given Internet domain. By providing a world-wide, distributed keyword-based redirection service, the
`Domain NameSystem is an essential componentofthe functionality of the Internet.
`
`Otheridentifiers such as RFID tags, UPC codes, International characters in email addresses and host names, and a
`variety of other identifiers could all potentially utilize DNS (1).
`
`The Domain NameSystem also defines the technical underpinningsof the functionality of this database service. For this
`purposeit defines the DNSprotocol, a detailed specification of the data structures and communication exchanges used in
`DNS,as part of the Internet Protocol Suite (TCP/IP). The context of the DNS within the Internet protocols may be seen
`in the following diagram. The DNSprotocol was developed and defined in the early 1980s and published by the Internet
`Engineering Task Force (cf. History).
`
`Contents
`
`= 1 History
`
`https://web.archive.org/web/20090320152858/https://en.wikipedia.org/wiki/Domain_Name_System
`
`Major Data UAB v. Bright Data Ltd.
`IPR2022-00915, EX. 2063
`1 of 12
`
`1/12
`
`Major Data UAB v. Bright Data Ltd.
`IPR2022-00915, EX. 2063
`1 of 12
`
`

`

`8/17/22, 2:28 PM
`
`Domain NameSystem - Wikipedia, the free encyclopedia
`
`= 2 Structure
`2.1 The domain name space
`2.2 Parts of a domain name
`2.3 DNSservers
`2.4 DNSresolvers
`2.5 Address resolution mechanism
`2.6 Circular dependencies and glue records
`2.7 Wildcard DNSrecords
`= 3 In practice
`= 3.1 Caching and timeto live
`= 3.2 Caching time
`= 3.3 In the real world
`= 3.3.1 Broken resolvers
`= 3.4 Other applications
`= 3.5 Protocol details
`= 3.6 Extensions to DNS
`4 DNSresourcerecords
`5 Internationalized domain names
`6 Security issues
`7 Domain registration
`8 Abuse and regulation
`= 8.1 Truth in Domain Names Act
`9 Internet standards
`10 See also
`11 References
`12 External links
`
`History
`
`The practice of using a name as a more human-legible abstraction of a machine's numerical address on the network
`predates even TCP/IP. This practice dates back to the ARPAnetera. Back then, a different system was used. The DNS
`was invented in 1983, shortly after TCP/IP was deployed. With the older system, each computer on the networkretrieved
`a file called HOSTS. TXT from a computer at SRI (now SRI International)7][5], The HOSTS.TXTfile mapped numerical
`addresses to names.A hostsfile still exists on most modern operating systems,either by default or through
`configuration, and allowsusers to specify an IP address (eg. 208.77.188.166) to use for a hostname(eg.
`www.example.net) without checking DNS. Systems based on a hosts file have inherent limitations, because of the
`obvious requirementthat every time a given computer's address changed, every computer that seeks to communicate
`with it would need an updatetoits hostsfile.
`
`The growth of networking required a more scalable system that recorded a changein a host's address in one place only.
`Other hosts would learn about the change dynamically through a notification system, thus completing a globally
`accessible networkofall hosts' namesand their associated IP Addresses.
`
`Atthe request of Jon Postel, Paul Mockapetris invented the Domain Name System in 1983 and wrote thefirst
`implementation. The original specifications appear in RFC 882 and RFC 883. In November1987, the publication of
`RFC 1034 and RFC 1035 updated the DNSspecification and made RFC 882 and RFC 883 obsolete. Several more-recent
`RFCshave proposed various extensions to the core DNSprotocols.
`
`In 1984, four Berkeley students—Douglas Terry, Mark Painter, David Riggle and Songnian Zhou—wrotethe first UNIX
`implementation, which was maintained by Ralph Campbell thereafter. In 1985, Kevin Dunlap of DECsignificantly re-
`wrote the DNS implementation and renamed it BIND—Berkeley Internet Name Domain. Mike Karels, Phil Almquist
`and Paul Vixie have maintained BIND since then. BIND wasported to the Windows NT platform in the early 1990s.
`
`https://web.archive.org/web/20090320152858/https://en.wikipedia.org/wiki/Domain_Name_System
`
`Major Data UAB v. Bright Data Ltd.
`IPR2022-00915, EX. 2063
`2 of 12
`
`2/12
`
`Major Data UAB v. Bright Data Ltd.
`IPR2022-00915, EX. 2063
`2 of 12
`
`

`

`8/17/22, 2:28 PM
`Domain NameSystem - Wikipedia, the free encyclopedia
`BIND waswidely distributed, especially on Unix systems,and is the dominant DNSsoftwarein use onthe Internet]
`With the heavy use andresulting scrutiny of its open-source code, as well as increasingly more sophisticated attack
`methods, many security flaws were discovered in BIND. This contributed to the development of a numberofalternative
`nameserver and resolver programs. BIND itself was re-written from scratch in version 9, which has a security record
`comparable to other modern Internet software.
`
`Structure
`
`The domain name space
`
`The domain namespaceconsists of a tree of domain
`names. Each nodeorleaf in the tree has zero or more
`resource records, which hold information associated
`with the domain name. The tree sub-divides into
`zones beginning at the root zone. A DNSzone
`consists of a collection of connected nodes
`authoritatively served by an authoritative
`nameserver. (Note that a single nameserver can host
`several zones.)
`
`Administrative responsibility over any zone may be
`divided, thereby creating additional zones. Authority
`is said to be delegated for a portion of the old space,
`usually in form of sub-domains, to another
`nameserverand administrative entity. The old zone
`ceases to be authoritative for the new zone.
`
`Domain Name Space
`
`pat of the zone to ancther
`
`Sires ecdagen
`
`.
`.
`Parts of a domain name
`Domain names, arrangedinatree, cut into zones, each served by a
`.
`.
`nameserver.
`A domain nameusually consists of two or more parts
`(technically labels), which are conventionally written
`separated by dots, such as example. com.
`
`= The rightmost label conveys the top-level domain (for example, the address www. example.com has the top-level
`domain com).
`= Eachlabelto the left specifies a subdivision, or subdomain of the domain aboveit. Note: “subdomain” expresses
`relative dependence, not absolute dependence. For example: example.com is a subdomain of the com domain, and
`www.example.com is a subdomain of the domain example.com. In theory, this subdivision can go down 127levels.
`Eachlabel can contain up to 63 octets. The whole domain name may not exceed a total length of 253 octets. [5] In
`practice, some domain registries may have shorter limits.
`= A hostnamerefers to a domain namethat has one or more associated IP addresses: ie: the 'ww.example.com' and
`‘example.com' domains are both hostnames, however, the 'com' domain is not.
`
`DNSservers
`
`The Domain NameSystem is maintained bya distributed database system, which usesthe client-server model. The
`nodesof this database are the name servers. Each domain or subdomain has one or more authoritative DNSservers that
`publish information about that domain and the nameservers of any domains subordinate to it. The top of the hierarchyis
`served by the root nameservers: the servers to query when looking up (resolving) a top-level domain name (TLD).
`
`DNSresolvers
`
`See also: resolv.conf
`
`https://web.archive.org/web/20090320152858/https://en.wikipedia.org/wiki/Domain_Name_System
`
`Major Data UAB v. Bright Data Ltd.
`IPR2022-00915, EX. 2063
`3 of 12
`
`3/12
`
`Major Data UAB v. Bright Data Ltd.
`IPR2022-00915, EX. 2063
`3 of 12
`
`

`

`8/17/22, 2:28 PM
`
`Domain NameSystem - Wikipedia, the free encyclopedia
`
`The client-side of the DNSis called a DNSresolver. It is responsible for initiating and sequencing the queries that
`ultimately lead to a full resolution (translation) of the resource sought, e.g., translation of a domain nameinto an IP
`address.
`
`A DNSquery maybeeither a recursive query or a non-recursive query:
`
`= A non-recursive query is one in which the DNSserver may provide a partial answerto the query (or give an error).
`= A recursive query is one where the DNSserver will fully answer the query (or give an error). DNSservers are not
`required to support recursive queries.
`
`The resolver (or another DNSserver acting recursively on behalf of the resolver) negotiates use of recursive service
`using bits in the query headers.
`
`Resolving usually entails iterating through several nameserversto find the needed information. However, some
`resolvers function simplistically and can communicate only with a single name server. These simple resolvers rely on a
`recursive query to a recursive nameserver to perform the work offinding information for them.
`
`Address resolution mechanism
`
`(This description deliberately uses thefictional .example TLD in accordance with the DNS guidelines.)
`
`In theory a full host name may have several name segments, (e.g ahost.ofasubnet.ofabiggernet.inadomain.example). In
`practice, full host nameswill frequently consist ofjust three segments (ahost.inadomain.example, and most often
`www.inadomain.example). For querying purposes, software interprets the name segment by segment, from righttoleft.
`Ateach step along the way, the program queries a corresponding DNSserverto provide a pointer to the next server
`whichit should consult.
`
`As originally envisaged, the process wasas simple
`as:
`
`eee arer1. the local system is pre-configured with the
`OSS 198.41.0.4
`known addressesofthe root servers in a file of Barto|
`
`
`root hints, which need to be updated
`Tan
`208741121
`
`
`@)
`—
`‘af
`periodically by the local administrator from a
`Sree Wikipedia.org,
` 207.142.131.234
`reliable source to be kept up to date with the
`changes which occur overtime.
`2. query oneofthe root serversto find the server
`authoritative for the next level down (so in the
`case of our simple hostname, a root server
`would be asked for the address of a server with detailed knowledge of the example top level domain).
`3. querying this second serverfor the address of a DNSserver with detailed knowledge of the second-level domain
`(inadomain.example in our example).
`4. repeating the previous step to progress down the name, until the final step which would, rather than generating the
`address of the next DNSserver, return the final address sought.
`
`A DNSrecursor consults three nameservers to resolve the address
`www.wikipedia.org.
`
`The diagram illustrates this process for the real host www.wikipedia.org.
`
`The mechanism in this simple form hasa difficulty: it places a huge operating burden on the root servers, with every
`search for an address starting by querying one of them. Beingascritical as they are to the overall function of the system,
`such heavy use would create an insurmountable bottleneck for trillions of queries placed every day. In practice caching is
`used to overcome this problem, and in actual fact root nameservers deal with very little of the totaltraffic.
`
`Circular dependencies and glue records
`
`Nameservers in delegations appear listed by name,rather than by IP address. This meansthat a resolving name server
`must issue another DNSrequestto find out the IP addressof the server to which it hasbesnreferred,‘SIRESthiscan
`jO
`https://web.archive.org/web/20090320152858/https://en.wikipedia.org/wiki/Domain_Name_System
`IPR2022-00915, EX. 2063
`4 of 12
`
`4/12
`
`Major Data UAB v. Bright Data Ltd.
`IPR2022-00915, EX. 2063
`4 of 12
`
`

`

`8/17/22, 2:28 PM
`
`Domain Name System - Wikipedia, the free encyclopedia
`
`introduce a circular dependencyif the nameserverreferred to is under the domainthatit is authoritative of, it is
`occasionally necessary for the nameserver providing the delegation to also provide the IP address of the next nameserver.
`This record is called a glue record.
`
`For example, assumethat the sub-domain en.wikipedia.org contains further sub-domains (such as
`something.en.wikipedia.org) and that the authoritative nameserverfor these lives at ns1.something.en.wikipedia.org.
`A computertrying to resolve something.en.wikipedia.org will thusfirst have to resolve
`ns1.something.en.wikipedia.org. Since ns1 is also under the something.en.wikipedia.org subdomain,resolving
`ns1.something.en.wikipedia.org requires resolving something.en.wikipedia.org whichis exactly the circular
`dependency mentioned above. The dependencyis broken bythe glue record in the nameserverof en.wikipedia.org that
`provides the IP address of ns1.something.en.wikipedia.org directly to the requestor, enabling it to bootstrap the process
`by figuring out where ns1.something.en.wikipedia.org is located.
`
`Wildcard DNSrecords
`
`DNSalso supports wildcard DNSrecordsthat will match requests for non-existent domain names. A wildcard DNS
`record is specified by using a '"*" as the left most label (part) of a domain name,e.g. *.example.com. The exact rules for
`whena wild card will match are specified in RFC 1034, but the rules are neither intuitive nor clearly specified. This has
`resulted in incompatible implementations and unexpected results whentheyare used.
`
`In practice
`
`Whenan application (such as a web browser)tries to find the IP address of a domain name,it doesn't necessarily follow
`all of the steps outlined in the Theory section above. We willfirst look at the concept of caching, and then outline the
`operation of DNSin "the real world."
`
`Caching andtimeto live
`
`Becauseof the huge volumeof requests generated by a system like DNS, the designers wished to provide a mechanism
`to reduce the load on individual DNSservers. To this end, the DNSresolution process allows for caching(i.e. the local
`recording and subsequent consultation of the results of a DNS query) for a given period of time after a successful
`answer. How long a resolver caches a DNSresponse(i.e. how long a DNSresponse remains valid) is determined by a
`value called the time to live (TTL). The TTLis set by the administrator of the DNSserver handing out the response. The
`period of validity may vary from just seconds to days or even weeks.
`
`Caching time
`
`As a noteworthy consequenceofthis distributed and caching architecture, changes to DNS do not alwaystake effect
`immediately and globally. This is best explained with an example: If an administrator has set a TTL of 6 hours for the
`host www.wikipedia.org, and then changesthe IP address to which www.wikipedia.org resolves at 12:01pm, the
`administrator must consider that a person whocached a response with the old IP address at 12:00noon will not consult
`the DNSserver again until 6:00pm. The period between 12:01pm and 6:00pm in this example is called caching time,
`whichis best defined as a period of time that begins when you make a change to a DNSrecord and endsafter the
`maximum amountoftime specified by the TTL expires. This essentially leads to an important logistical consideration
`when making changes to DNS: not everyone is necessarily seeing the same thing you're seeing. RFC 1912 helps to
`conveybasic rules for how to set the TTL.
`
`Note that the term "propagation", although very widely used in this context, does not describe the effects of caching well.
`Specifically, it implies that [1] when you make a DNS change,it somehowspreadsto all other DNSservers(instead,
`other DNSservers check in with yours as needed), and [2] that you do not have control over the amountof time the
`record is cached (you control the TTL values for all DNS records in your domain, except your NS records and any
`authoritative DNSservers that use your domain name).
`
`https://web.archive.org/web/20090320152858/https://en.wikipedia.org/wiki/Domain_Name_System
`
`Major Data UAB v. Bright Data Ltd.
`IPR2022-00915, EX. 2063
`5 of 12
`
`5/12
`
`Major Data UAB v. Bright Data Ltd.
`IPR2022-00915, EX. 2063
`5 of 12
`
`

`

`8/17/22, 2:28 PM
`
`Domain NameSystem - Wikipedia, the free encyclopedia
`
`Someresolvers may override TTL values, as the protocol supports caching for up to 68 years or no cachingatall.
`Negative caching (the non-existence of records) is determined by nameservers authoritative for a zone which MUST
`include the Start of Authority (SOA) record whenreporting no data of the requested type exists. The MINIMUM field of
`the SOArecord and the TTL of the SOAitself is used to establish the TTL for the negative answer. RFC 2308
`
`Manypeople incorrectly refer to a mysterious 48 hour or 72 hour propagation time when you make a DNSchange.
`Whenonechanges the NS records for one's domain or the IP addresses for hostnamesof authoritative DNSservers using
`one's domain (if any), there can be a lengthy period of time before all DNSservers use the new information. This is
`becausethose records are handled by the zone parent DNSservers (for example, the .com DNSservers if your domain is
`example.com), which typically cache those records for 48 hours. However, those DNSchangeswill be immediately
`available for any DNSservers that do not have them cached. And any DNSchanges on your domain other than the NS
`records and authoritative DNSserver names can be nearly instantaneous, if you choose for them to be (by lowering the
`TTL onceortwice aheadoftime, and waiting until the old TTL expires before making the change).
`
`In the real world
`
`
`
`Users generally do not communicate directly with a
`DNSresolver. Instead DNS-resolution takes place
`transparently in client-applications such as web-
`browsers, mail-clients, and other Internet
`applications. When an application makes a request
`which requires a DNS lookup, such programs send a
`resolution request to the local DNSresolverin the
`local operating system, which in turn handles the
`communications required.
`.
`.
`.
`The DNSresolverwill almost invariably have a
`cache (see above) containing recent lookups.If the
`cache can provide the answerto the request, the
`resolver will return the value in the cache to the program that made the request. If the cache does not contain the answer,
`the resolver will send the request to one or more designated DNSservers. In the case of most homeusers, the Internet
`service provider to which the machine connects will usually supply this DNSserver: such a user will either have
`configured that server's address manually or allowed DHCPtoset it; however, where systems administrators have
`configured systems to use their own DNSservers, their DNSresolvers point to separately maintained nameserversof the
`organization. In any event, the name server thus queried will follow the process outlined above,until it either
`successfully finds a result or does not. It then returns its results to the DNS resolver; assuming it has founda result, the
`resolverduly cachesthat result for future use, and hands the result back to the software whichinitiated the request.
`
`DNSresolving from program to OS-resolver to ISP-resolver to
`greater system.
`
`Broken resolvers
`
`An additional level of complexity emerges whenresolvers violate the rules of the DNSprotocol. A numberoflarge ISPs
`have configured their DNSservers to violate rules (presumably to allow them to run on less-expensive hardware than a
`fully-compliant resolver), such as by disobeying TTLs, or by indicating that a domain namedoesnotexist just because
`one of its name servers does not respond[1
`
`Asafinal level of complexity, some applications (such as web-browsers) also have their own DNScache,in order to
`reduce the use of the DNSresolverlibrary itself. This practice can add extra difficulty when debugging DNSissues,asit
`obscures the freshness of data, and/or what data comes from which cache. These cachestypically use very short caching
`times — on the order of one minute. Internet Explorer offers a notable exception: recent versions cache DNSrecords for
`half an hour.!7]
`
`Otherapplications
`
`https://web.archive.org/web/20090320152858/https://en.wikipedia.org/wiki/Domain_Name_System
`
`Major Data UAB v. Bright Data Ltd.
`IPR2022-00915, EX. 2063
`6 of 12
`
`6/12
`
`Major Data UAB v. Bright Data Ltd.
`IPR2022-00915, EX. 2063
`6 of 12
`
`

`

`8/17/22, 2:28 PM
`
`Domain Name System - Wikipedia, the free encyclopedia
`
`The system outlined above provides a somewhat simplified scenario. The Domain Name System includes several other
`functions:
`
`= Hostnamesand IP addresses do not necessarily match on a one-to-one basis. Many hostnames maycorrespondto a
`single IP address: combined with virtual hosting, this allows a single machine to serve many websites.
`Alternatively a single hostname may correspond to many IP addresses: this can facilitate fault tolerance and load
`distribution, and also allowsa site to move physical location seamlessly.
`= There are many uses of DNSbesidestranslating names to IP addresses. For instance, Mail transfer agents use DNS
`to find out where to deliver e-mail for a particular address. The domain to mail exchanger mapping provided by
`MXrecords accommodatesanotherlayer of fault tolerance and load distribution on top of the name to IP address
`mapping.
`
`= E-mail Blacklists: The DNS system is used for efficient storage and distribution of IP addresses of blacklisted e-
`mail hosts. The usual methodis putting the IP address of the subject host into the sub-domain ofa higherlevel
`domain name, and resolve that nameto different records to indicate a positive or a negative. A hypothetical
`example using blacklist.com,
`= 102.3.4.5 is blacklisted => Creates 5.4.3.102.blacklist.com and resolves to 127.0.0.1
`= 102.3.4.6 is not => 6.4.3.102.blacklist.com is not found, or default to 127.0.0.2
`= E-mail servers can then query blacklist.com through the DNS mechanism tofind out if a specific host
`connecting to them are in the blacklist. Today many ofsuch blacklists, either free or subscription-based, are
`available mainly for use by email administrators and anti-spam software.
`
`= Software Updates: many anti-virus and commercial software now use the DNS system to store version numbers of
`the latest software updates so client computers do not need to connect to the update servers every time. For these
`type of applications, the cache time of the DNSrecordsare usually shorter.
`
`= Sender Policy Framework and DomainKeys,instead of creating their own record types, were designed to take
`advantage of another DNS record type, the TXT record.
`= To provideresilience in the event of computer failure, multiple DNSservers are usually provided for coverage of
`each domain, andat the top level, thirteen very powerful root servers exist, with additional "copies" of several of
`them distributed worldwide via Anycast.
`
`Protocol details
`
`DNSprimarily uses UDP on port 53 [8] to serve requests. Almost all DNS queries consist of a single UDP request from
`the client followed by a single UDP reply from the server. TCP comesinto play only when the responsedata size
`exceeds 512 bytes, or for such tasks as zone transfer. Some operating systems such as HP-UX are known to have
`resolver implementations that use TCP for all queries, even when UDP would suffice.
`
`Extensions to DNS
`
`EDNSis an extension of the DNSprotocol which allows the transport over UDP of DNSreplies exceeding 512 bytes,
`and adds support for expanding the space of request and response codes. It is described in RFC 2671.
`
`DNSresource records
`
`Further information: List ofDNS record types
`
`A Resource Record (RR)is the basic data element in the domain namesystem. Each record has a type (A, MX,etc.), a
`TTL, a class and some type-specific information. All resource records of the same type define a Resource Record Set
`(RRset). The order that resource records in a RR set are returned by the resolver to an application is undefined (the
`server typically uses round-robin DNS). DNSSEC, however, works on complete RR sets in a canonical order.
`
`Whensent overthe Internet, all records use the common format specified in RFC 1035 shown below.
`
`https://web,archive.org/web/20090320152858/https://en,wikipedia.org/wiki/Domain_Name_System
`
`Major Data UAB v. Bright Data Ltd.
`IPR2022-00915, EX. 2063
`7 of 12
`
`7/12
`
`Major Data UAB v. Bright Data Ltd.
`IPR2022-00915, EX. 2063
`7 of 12
`
`

`

`8/17/22, 2:28 PM
`
`Domain NameSystem - Wikipedia, the free encyclopedia
`
`RR (Resource record) fields
`Description
`Length (octets)
`Field
`‘Nameofthe node to whichthis record pertains. | (variable)
`NAME
`Type of RR. For example, MX is type 15.
`2
`TYPE
`
`CLASS_|Class code. . 7 2
`
`
`
`Signed time in secondsthat RR stays valid.
`Tr.
`RDLENGTH| Length of RDATAfield.
`RDATA
`Additional RR-specific data.
`
`4
`2
`(variable)
`
`The NAME isthe fully qualified domain nameofthe node in the tree. On the wire, the name maybeshortened using
`label compression where ends of domain names mentioned earlier in the packet can be substituted for the end of the
`current domain name.
`
`The TYPEofthe record indicates what the formatofthe data is, and gives a hintof its intended use: for instance, the A
`record is used to translate from a domain nameto an IPv4 address, the NS record lists which name servers can answer
`lookups on a DNS zone, and the MX recordis used to translate from a namein the right-handside of an e-mail address
`to the name of a machine able to handle mail forthat address.
`
`The RDATAis type-specific information, such as the actual IP address for A records, or the mail host for MX records.
`Well known record types may use label compression in the RDATAfield, but "unknown"record types can not (see RFC
`3597).
`
`The CLASSofarecord is almost alwaysset to "IN" or "Internet". There are also the very rarely used "CH" (Chaos) and
`"HS" (Hesiod)classes. In theory, each class can be completely independenttrees with different delegation DNS zones
`and different names, but in practice they all mirrored the Internetclass.
`
`In addition to resource records defined in a zonefile, there are also some pseudo record typesthat are used only on the
`wire, such as to perform zonetransfers (AXFR/IXFR) or for EDNS (OPT).
`
`Internationalized domain names
`
`While domain namestechnically have norestrictions on the characters they use and can include non-ASCII characters,
`the sameis nottrue for host names.!°! Host namesare the names most people see and use for things like e-mail and web
`browsing. Host namesare restricted to a small subset of the ASCII character set known as LDH,the Letters A—Z in
`upper and lowercase, Digits 0-9, Hyphen, and the dot to separate LDH-labels:; see RFC 3696 section 2 for details. This
`prevented the representation of names and words of many languagesnatively. ICANN has approved the Punycode-based
`IDNAsystem, which maps Unicodestrings into the valid DNS character set, as a workaroundto this issue. Some
`registries have adopted IDNA.
`
`Security issues
`
`DNSwasnotoriginally designed with security in mind, and thus has a numberof security issues.
`
`Oneclass of vulnerabilities is DNS cache poisoning, which tricks a DNSserverinto believing it has received authentic
`information when,in reality, it has not.
`
`DNSresponsesare traditionally not cryptographically signed, leading to manyattack possibilities; The Domain Name
`System Security Extensions (DNSSEC) modifies DNS to add support for cryptographically signed responses. There are
`various extensions to support securing zone transfer information as well.
`
`https://web.archive.org/web/20090320152858/https://en.wikipedia.org/wiki/Domain_Name_System
`
`Major Data UAB v. Bright Data Ltd.
`IPR2022-00915, EX. 2063
`8 of 12
`
`8/12
`
`Major Data UAB v. Bright Data Ltd.
`IPR2022-00915, EX. 2063
`8 of 12
`
`

`

`8/17/22, 2:28 PM
`
`Domain Name System - Wikipedia, the free encyclopedia
`
`Even with encryption, a DNSserver could become compromisedbya virus (or for that matter a disgruntled employee)
`that would cause IP addresses ofthat server to be redirected to a malicious address with a long TTL. This could havefar-
`reaching impact to potentially millions of Internet users if busy DNSservers cache the bad IP data. This would require
`manual purging ofall affected DNS cachesas required by the long TTL (upto 68 years).
`
`Some domain namescan spoofother, similar-looking domain names. For example, "paypal.com" and "paypal.com"are
`different names, yet users may be unable totell the difference whenthe user's typeface (font) does not clearly
`differentiate the letter | and the numeral 1. This problem is much moreserious in systems that support internationalized
`domain names, since manycharactersthat are different, from the point of view of ISO 10646, appear identical on typical
`computerscreens. This vulnerability is often exploited in phishing.
`
`Techniques such as Forward Confirmed reverse DNScanalso be usedto help validate DNSresults.
`
`Domainregistration
`
`The right to use a domain nameis delegated by domain nameregistrars which are accredited by the Internet Corporation
`for Assigned Names and Numbers (ICANN), the organization charged with overseeing the name and numbersystems of
`the Internet. In addition to ICANN,each top-level domain (TLD)is maintained and serviced technically by a sponsoring
`organization, the TLD Registry. The registry is responsible for maintaining the database of namesregistered within the
`TLDsthey administer. The registry receives registration information from each domain nameregistrar authorized to
`assign namesin the corresponding TLD andpublishes the information using a special service, the whois protocol.
`
`Registrars usually charge an annualfee for the service of delegating a domain nameto a user and providing a default set
`of nameservers. Often this transaction is termed a sale or lease of the domain name, andthe registrant is called an
`"owner", but no such legal relationship is actually associated with the transaction, only the exclusive right to use the
`domain name. More correctly authorized users are knownas "registrants" or as "domain holders".
`
`ICANN publishes a complete list of TLD registries and domain nameregistrars in the world. One can obtain information
`aboutthe registrant of a domain nameby looking in the WHOISdatabase held by many domainregistries.
`
`For most of the more than 240 country code top-level domains (ccTLDs), the domain registries hold the authoritative
`WHOIS(Registrant, name servers, expiration dates, etc.). For instance, DENIC, Germany NIC,holdsthe authoritative
`WHOISto a .DE domain name.Since about 2001, most gTLD registries (ORG, .BIZ, .INFO) have adoptedthis so-
`called "thick" registry approach,i.e. keeping the authoritative WHOIS in the central registries instead of the registrars.
`
`For .COM and .NET domain names, a "thin" registry is used: the domain registry (e.g. VeriSign) holds a basic WHOIS
`(registrar