The RFC Archive
 The RFC Archive   RFC 1788   « Jump to any RFC number directly 
 RFC Home
Full RFC Index
Recent RFCs
RFC Standards
Best Current Practice
RFC Errata
1 April RFC



IETF RFC 1788

ICMP Domain Name Messages

Last modified on Thursday, April 13th, 1995

Permanent link to RFC 1788
Search GitHub Wiki for RFC 1788
Show other RFCs mentioning RFC 1788







Network Working Group                                         W. Simpson
Request for Comments: 1788                                    Daydreamer
Category: Experimental                                      April 1995


                       ICMP Domain Name Messages

 Status of this Memo

   This document defines an Experimental Protocol for the Internet
   community.  This does not specify an Internet standard of any kind.
   Discussion and suggestions for improvement are requested.
   Distribution of this memo is unlimited.

 IESG Note:

   An Internet Engineering Steering Group comment from the co-Area
   Director for IPng:  Please note well that this memo is an individual
   product of the author.  It presents one view of the IN-ADDR
   mechanism, motivated by discussion in the IPNG WG of the difficulty
   of secure, dynamic update of the reverse tree.  Other IETF discussion
   and ongoing standards work on this area will be found in the IP Next
   Generation (ipngwg), DNS IXFR, Notification, and Dynamic Update
   (dnsind), DNS Security (dnssec) working groups.

 Abstract

   This document specifies ICMP messages for learning the Fully
   Qualified Domain Name associated with an IP address.






















Simpson                                                      PAGE 1 top


RFC 1788 ICMP Domain Name April 1995 Table of Contents 1. Introduction .......................................... 2 1.1 Direct Query .................................... 3 1.2 Multicast ....................................... 3 1.3 Domain Names .................................... 3 1.4 Messages ........................................ 4 2. Domain Name Request ................................... 4 3. Domain Name Reply ..................................... 5 SECURITY CONSIDERATIONS ...................................... 6 REFERENCES ................................................... 6 ACKNOWLEDGEMENTS ............................................. 7 AUTHOR'S ADDRESS ............................................. 7 1. Introduction The Domain Name System (DNS) is described in [RFC 1034]. The IN-ADDR domain of the DNS is specified [RFC 1035] to perform address to domain name resolution, and to facilitate queries to locate all gateways (routers) on a particular network in the Internet. Neither function has been remarkably successful. The IN-ADDR domain is not reliably populated. As multiple routers were used at boundaries and within networks, the IN-ADDR mechanism was found to be inadequate. The location of routers by hosts is now performed using "ICMP Router Discovery Messages" [RFC 1256]. As network numbers migrated to "classless" routing and aggregation, the IN-ADDR delegation granularity has fragmented, and requires overlapping administration. The "reverse" IN-ADDR administration frequently does not follow the same delegation as the "forward" domain name tree. This structure is not amenable to cooperative secure updating of the DNS. As application servers have appeared which require the Domain Name for user interaction and security logging, the IN-ADDR servers have been inundated with queries. This produces long user visible pauses at the initiation of sessions. Simpson PAGE 2 top

RFC 1788 ICMP Domain Name April 1995 1.1. Direct Query This document proposes that each unicast address be queried directly for its corresponding Domain Name. This has the advantages that the naming is under the same administration as the address assignment, and the queries are distributed in the same fashion as IP routing. In effect, the routing is used to index the database. 1.2. Multicast Only a few well-known multicast addresses are populated in the IN- ADDR domain. The ephemeral nature of most multicast addresses is not conducive to cooperative secure updating of the DNS. However, the technique described here is not useful for multicast addresses. A query to a multicast address could result in a storm of replies. Most multicast groups are not named, or the member nodes are not configured with the name. The IN-ADDR method SHOULD continue to be used for reverse lookup of well-known multicast addresses in the range 224.0.0.0 to 224.0.255.255. Other multicast addresses are an issue for futher study. 1.3. Domain Names Each Domain Name is expressed as a sequence of labels. Each label is represented as a one octet length field, followed by that number of octets. Since every Domain Name ends with the null label of the root, a Domain Name is terminated by a length byte of zero. The most significant two bits of every length octet must be '00', and the remaining six bits of the length field limit the label to 63 octets or less. When the most significant two bits of the length octet are '11', the length is interpreted as a 2 octet sequence, indicating an offset from the beginning of the message (Type field). Further details are described in [RFC 1035] "Message Compression". To simplify implementations, the total length of a Domain Name (including label octets and label length octets) is restricted to 255 octets or less. Simpson PAGE 3 top

RFC 1788 ICMP Domain Name April 1995 1.4. Messages The datagram format and basic facilities are already defined for ICMP [RFC 792]. Up-to-date values of the ICMP Type field are specified in the most recent "Assigned Numbers" [RFC 1700]. This document concerns the following values: 37 Domain Name Request 38 Domain Name Reply 2. Domain Name Request +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identifier | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Type 37 Code 0 Checksum The ICMP Checksum. Identifier If Code is zero, a value to aid in matching requests and replies. For example, it might be used like a port in TCP or UDP to identify a session. May be zero. Sequence Number If Code is zero, a value to aid in matching requests and replies. For example, the number might be incremented on each request sent. May be zero. A separate Domain Name Request is used for each IP Destination queried. An ICMP Domain Name Request received with a broadcast or multicast Destination MUST be silently discarded. On receipt of an ICMP error message, the implementations MAY attempt to resolve the Domain Name using the IN-ADDR method. Simpson PAGE 4 top

RFC 1788 ICMP Domain Name April 1995 3. Domain Name Reply +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identifier | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Time-To-Live | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Names ... +-+-+-+-+-+-+-+- Type 38 Code 0 Checksum The ICMP Checksum. Identifier Copied from the request. Sequence Number Copied from the request. Time-To-Live The number of seconds that the name may be cached. For historic reasons, this value is a signed 2s- complement number. Names zero or more Fully Qualified Domain Names. The length of this field is determined from the total length of the datagram. When no names are known, the field is eliminated (zero length), but the Reply is sent as an authoritative indication that no name is known. When more than one name is known, all such names SHOULD be listed. Any name which cannot entirely fit within the Reply MTU is not sent. The IP Source in a Reply MUST be the same as the IP Destination of the corresponding Request message. Every host and router MUST implement an ICMP Domain Name server function that receives Domain Name Requests and sends corresponding Domain Name Replies. Simpson PAGE 5 top

RFC 1788 ICMP Domain Name April 1995 A host SHOULD also implement an application- layer interface for sending a Domain Name Request and receiving a Domain Name Reply, for diagnostic purposes. Security Considerations A primary purpose of this specification is to provide a mechanism for address to name resolution which is more secure than the IN-ADDR reverse tree. This mechanism is amenable to use of the IP Security Protocols for authentication and privacy. Although the routing infrastructure to the Destination does not provide security in and of itself, it is as least as reliable as delivery of correspondence for the other sessions with the same peer. A DNS cryptographic signature, located by using the reply in the forward DNS direction, can be used to verify the reply itself. References [RFC 792] Postel, J., "Internet Control Message Protocol", STD 5, RFC 792, USC/Information Sciences Institute, September 1981. [RFC 1034] Mockapetris, P., "Domain Names - Concepts and Facilities", STD 13, RFC 1034, USC/Information Sciences Institute, November 1987. [RFC 1035] Mockapetris, P., "Domain Names - Implementation and Specification", STD 13, RFC 1035, USC/Information Sciences Institute, November 1987. [RFC 1256] Deering, S., Editor, "ICMP Router Discovery Messages", RFC 1256, Xerox PARC, September 1991. [RFC 1700] Reynolds, J., and J. Postel, "ASSIGNED NUMBERS", STD 2, RFC 1700, USC/Information Sciences Institute, October 1994. Simpson PAGE 6 top

RFC 1788 ICMP Domain Name April 1995 Acknowledgements The DNSIND and IPng Working Groups contributed substantial amounts of discussion. Additional comments should be submitted to the namedroppers@internic.net mailing list. Author's Address Questions about this memo can also be directed to: William Allen Simpson Daydreamer Computer Systems Consulting Services 1384 Fontaine Madison Heights, Michigan 48071 Bill.Simpson@um.cc.umich.edu bsimpson@MorningStar.com Simpson PAGE 7 top

ICMP Domain Name Messages RFC TOTAL SIZE: 11722 bytes PUBLICATION DATE: Thursday, April 13th, 1995 LEGAL RIGHTS: The IETF Trust (see BCP 78)


RFC-ARCHIVE.ORG

© RFC 1788: The IETF Trust, Thursday, April 13th, 1995
© the RFC Archive, 2024, RFC-Archive.org
Maintainer: J. Tunnissen

Privacy Statement