Domain Name System (DNS) - Domain Registration and Website Hosting BasicsAsif Shahzad
I teach Web Technologies course at COMSATS University to undergrad students. These are lectures slides prepared for students. I thought to share it with all. Hope you would like it. It contains good enough details about how DNS, Hosting and Domain Registration works.
Overview of the Domain Name System (DNS).
In the early days of the Internet, hosts had a fixed IP address.
Reaching a host required to know its numeric IP address.
With the growing number of hosts this scheme became quickly awkward and difficult to use.
DNS was introduced to give hosts human readable names that would be translated into a numeric IP addresses on the fly when a requesting host tried to reach another host.
To facilitate a distributed administration of the domain names, a hierarchic scheme was introduced where responsibility to manage domain names is delegated to organizations which can further delegate management of sub-domains.
Due to its importance in the operation of the Internet, domain name servers are usually operated redundantly. The databases of both servers are periodically synchronized.
Hadoop World 2011: HDFS Federation - Suresh Srinivas, HortonworksCloudera, Inc.
Scalability of the NameNode has been a key issue for HDFS clusters. Because the entire file system metadata is stored in memory on a single NameNode, and all metadata operations are processed on this single system, the NameNode both limits the growth in size of the cluster and makes the NameService a bottleneck for the MapReduce framework as demand increases. This presentation will describe the features and implementation of HDFS Federation scheduled for release with Hadoop-0.23.
Please note that you may not find detailed description on many things since the seminar was meant to be delivered orally and the slides were just meant to be a visual device. Enjoy!
Domain Name System (DNS) - Domain Registration and Website Hosting BasicsAsif Shahzad
I teach Web Technologies course at COMSATS University to undergrad students. These are lectures slides prepared for students. I thought to share it with all. Hope you would like it. It contains good enough details about how DNS, Hosting and Domain Registration works.
Overview of the Domain Name System (DNS).
In the early days of the Internet, hosts had a fixed IP address.
Reaching a host required to know its numeric IP address.
With the growing number of hosts this scheme became quickly awkward and difficult to use.
DNS was introduced to give hosts human readable names that would be translated into a numeric IP addresses on the fly when a requesting host tried to reach another host.
To facilitate a distributed administration of the domain names, a hierarchic scheme was introduced where responsibility to manage domain names is delegated to organizations which can further delegate management of sub-domains.
Due to its importance in the operation of the Internet, domain name servers are usually operated redundantly. The databases of both servers are periodically synchronized.
Hadoop World 2011: HDFS Federation - Suresh Srinivas, HortonworksCloudera, Inc.
Scalability of the NameNode has been a key issue for HDFS clusters. Because the entire file system metadata is stored in memory on a single NameNode, and all metadata operations are processed on this single system, the NameNode both limits the growth in size of the cluster and makes the NameService a bottleneck for the MapReduce framework as demand increases. This presentation will describe the features and implementation of HDFS Federation scheduled for release with Hadoop-0.23.
Please note that you may not find detailed description on many things since the seminar was meant to be delivered orally and the slides were just meant to be a visual device. Enjoy!
The Domain Name System (DNS) is a critical part of Internet infrastructure and the largest distributed Internet directory service. DNS translates names to IP addresses, a required process for web navigation, email delivery, and other Internet functions. However, the DNS infrastructure is not secure enough unless the security mechanisms such as Transaction Signatures (TSIG) and DNS Security Extensions (DNSSEC) are implemented. To guarantee the availability and the secure Internet services, it is important for networking professionals to understand DNS concepts, DNS Security, configurations, and operations.
This course will discuss the concept of DNS Operations in detail, mechanisms to authenticate the communication between DNS Servers, mechanisms to establish authenticity, and integrity of DNS data and mechanisms to delegate trust to public keys of third parties. Participant will be involved in Lab exercises and do configurations based on number of scenarios.
The application layer sits at Layer 7, the top of the Open Systems Interconnection (OSI) communications model. It ensures an application can effectively communicate with other applications on different computer systems and networks. The application layer is not an application.
Module 3: Configuring and Troubleshooting DNS
This module introduces you to Domain Name System (DNS), which is the foundation name service in Windows Server 2008 R2. It is vital that you understand how to deploy, configure, manage, and troubleshoot this critical service.
Lessons
Installing the DNS Server Role
Configuring the DNS Server Role
Configuring DNS Zones
Configuring DNS Zone Transfers
Managing and Troubleshooting DNS
Lab : Configuring and Troubleshooting DNS
Selecting a DNS Configuration
Deploying and Configuring DNS
Troubleshooting DNS
After completing this module, students will be able to:
Install the DNS server role.
Configure the DNS server role.
Create and configure DNS zones.
Configure zone transfers.
Manage and troubleshoot DNS.
The Domain Name System (DNS) provides a way to map or translate an unfriendly numerical IP address into a people-friendly format. Although this translation isn’t mandatory, it does make the network much more useful and easy to work with for humans.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
3. Lecture 13: 02-22-
2005 3
Naming
• How do we efficiently locate resources?
• DNS: name IP address
• Challenge
• How do we scale these to the wide area?
4. Lecture 13: 02-22-
2005 4
Obvious Solutions (1)
Why not centralize DNS?
• Single point of failure
• Traffic volume
• Distant centralized database
• Single point of update
• Doesn’t scale!
5. Lecture 13: 02-22-
2005 5
Obvious Solutions (2)
Why not use /etc/hosts?
• Original Name to Address Mapping
• Flat namespace
• /etc/hosts
• SRI kept main copy
• Downloaded regularly
• Count of hosts was increasing: machine per
domain machine per user
• Many more downloads
• Many more updates
6. Lecture 13: 02-22-
2005 6
Domain Name System Goals
• Basically a wide-area distributed database
• Scalability
• Decentralized maintenance
• Robustness
• Global scope
• Names mean the same thing everywhere
• Don’t need
• Atomicity
• Strong consistency
7. Lecture 13: 02-22-
2005 7
Programmer’s View of DNS
• Conceptually, programmers can view the DNS
database as a collection of millions of host entry
structures:
• in_addr is a struct consisting of 4-byte IP address
• Functions for retrieving host entries from DNS:
• gethostbyname: query key is a DNS host name.
• gethostbyaddr: query key is an IP address.
/* DNS host entry structure */
struct hostent {
char *h_name; /* official domain name of host */
char **h_aliases; /* null-terminated array of domain names */
int h_addrtype; /* host address type (AF_INET) */
int h_length; /* length of an address, in bytes */
char **h_addr_list; /* null-terminated array of in_addr structs */
};
8. Lecture 13: 02-22-
2005 8
DNS Message Format
Identification
No. of Questions
No. of Authority RRs
Questions (variable number of answers)
Answers (variable number of resource records)
Authority (variable number of resource records)
Additional Info (variable number of resource records)
Flags
No. of Answer RRs
No. of Additional RRs
Name, type fields
for a query
RRs in response
to query
Records for
authoritative
servers
Additional
“helpful info that
may be used
12 bytes
9. Lecture 13: 02-22-
2005 9
DNS Header Fields
• Identification
• Used to match up request/response
• Flags
• 1-bit to mark query or response
• 1-bit to mark authoritative or not
• 1-bit to request recursive resolution
• 1-bit to indicate support for recursive resolution
10. Lecture 13: 02-22-
2005 10
DNS Records
RR format: (class, name, value, type, ttl)
• DB contains tuples called resource records (RRs)
• Classes = Internet (IN), Chaosnet (CH), etc.
• Each class defines value associated with type
FOR IN class:
• Type=A
• name is hostname
• value is IP address
• Type=NS
• name is domain (e.g. foo.com)
• value is name of authoritative name
server for this domain
• Type=CNAME
• name is an alias name for some
“canonical” (the real) name
• value is canonical name
• Type=MX
• value is hostname of mailserver
associated with name
11. Lecture 13: 02-22-
2005 11
Properties of DNS Host Entries
• Different kinds of mappings are possible:
• Simple case: 1-1 mapping between domain name and
IP addr:
• kittyhawk.cmcl.cs.cmu.edu maps to 128.2.194.242
• Multiple domain names maps to the same IP address:
• eecs.mit.edu and cs.mit.edu both map to 18.62.1.6
• Single domain name maps to multiple IP addresses:
• aol.com and www.aol.com map to multiple IP addrs.
• Some valid domain names don’t map to any IP
address:
• for example: cmcl.cs.cmu.edu
12. Lecture 13: 02-22-
2005 12
DNS Design: Hierarchy Definitions
root
edunet
org
ukcom
gwu ucb cmu bu mit
cs ece
cmcl
• Each node in hierarchy
stores a list of names that
end with same suffix
• Suffix = path up tree
• E.g., given this tree, where
would following be stored:
• Fred.com
• Fred.edu
• Fred.cmu.edu
• Fred.cmcl.cs.cmu.edu
• Fred.cs.mit.edu
13. Lecture 13: 02-22-
2005 13
DNS Design: Zone Definitions
root
edunet
org
ukcom
ca
gwu ucb cmu bu mit
cs ece
cmcl Single node
Subtree
Complete
Tree
• Zone = contiguous section
of name space
• E.g., Complete tree, single
node or subtree
• A zone has an associated
set of name servers
• Must store list of names and
tree links
14. Lecture 13: 02-22-
2005 14
DNS Design: Cont.
• Zones are created by convincing owner node to
create/delegate a subzone
• Records within zone stored multiple redundant name
servers
• Primary/master name server updated manually
• Secondary/redundant servers updated by zone transfer
of name space
• Zone transfer is a bulk transfer of the “configuration” of a DNS
server – uses TCP to ensure reliability
• Example:
• CS.CMU.EDU created by CMU.EDU administrators
• Who creates CMU.EDU or .EDU?
15. Lecture 13: 02-22-
2005 15
DNS: Root Name Servers
• Responsible for
“root” zone
• Approx. 13 root
name servers
worldwide
• Currently {a-
m}.root-servers.net
• Local name servers
contact root servers
when they cannot
resolve a name
• Configured with
well-known root
servers
16. Lecture 13: 02-22-
2005 16
Servers/Resolvers
• Each host has a resolver
• Typically a library that applications can link to
• Local name servers hand-configured (e.g.
/etc/resolv.conf)
• Name servers
• Either responsible for some zone or…
• Local servers
• Do lookup of distant host names for local hosts
• Typically answer queries about local zone
17. Lecture 13: 02-22-
2005 17
Typical Resolution
Client
Local
DNS server
root & edu
DNS server
ns1.cmu.edu
DNS server
www.cs.cmu.edu
NS ns1.cmu.eduwww.cs.cmu.edu
NS ns1.cs.cmu.edu
A www=IPaddr
ns1.cs.cmu.edu
DNS
server
18. Lecture 13: 02-22-
2005 18
Typical Resolution
• Steps for resolving www.cmu.edu
• Application calls gethostbyname() (RESOLVER)
• Resolver contacts local name server (S1)
• S1 queries root server (S2) for (www.cmu.edu)
• S2 returns NS record for cmu.edu (S3)
• What about A record for S3?
• This is what the additional information section is for (PREFETCHING)
• S1 queries S3 for www.cmu.edu
• S3 returns A record for www.cmu.edu
• Can return multiple A records what does this mean?
19. Lecture 13: 02-22-
2005 19
Lookup Methods
Recursive query:
• Server goes out and
searches for more info
(recursive)
• Only returns final answer
or “not found”
Iterative query:
• Server responds with as
much as it knows
(iterative)
• “I don’t know this name,
but ask this server”
Workload impact on choice?
• Local server typically does
recursive
• Root/distant server does
iterative
requesting host
surf.eurecom.fr
gaia.cs.umass.ed
u
root name server
local name server
dns.eurecom.fr
1
2
3
4
5 6authoritative name
server
dns.cs.umass.edu
intermediate name server
dns.umass.edu
7
8
iterated query
20. Lecture 13: 02-22-
2005 20
Workload and Caching
• Are all servers/names likely to be equally popular?
• Why might this be a problem? How can we solve this problem?
• DNS responses are cached
• Quick response for repeated translations
• Other queries may reuse some parts of lookup
• NS records for domains
• DNS negative queries are cached
• Don’t have to repeat past mistakes
• E.g. misspellings, search strings in resolv.conf
• Cached data periodically times out
• Lifetime (TTL) of data controlled by owner of data
• TTL passed with every record
21. Lecture 13: 02-22-
2005 21
Typical Resolution
Client
Local
DNS server
root & edu
DNS server
ns1.cmu.edu
DNS server
www.cs.cmu.edu
NS ns1.cmu.eduwww.cs.cmu.edu
NS ns1.cs.cmu.edu
A www=IPaddr
ns1.cs.cmu.edu
DNS
server
22. Lecture 13: 02-22-
2005 22
Subsequent Lookup Example
Client
Local
DNS server
root & edu
DNS server
cmu.edu
DNS server
cs.cmu.edu
DNS
server
ftp.cs.cmu.edu
ftp=IPaddr
ftp.cs.cmu.edu
23. Lecture 13: 02-22-
2005 23
Reliability
• DNS servers are replicated
• Name service available if ≥ one replica is up
• Queries can be load balanced between replicas
• UDP used for queries
• Need reliability must implement this on top of UDP!
• Why not just use TCP?
• Try alternate servers on timeout
• Exponential backoff when retrying same server
• Same identifier for all queries
• Don’t care which server responds
24. Lecture 13: 02-22-
2005 24
Reverse DNS
• Task
• Given IP address, find its name
• Method
• Maintain separate hierarchy based
on IP names
• Write 128.2.194.242 as
242.194.128.2.in-addr.arpa
• Why is the address reversed?
• Managing
• Authority manages IP addresses
assigned to it
• E.g., CMU manages name space
128.2.in-addr.arpa
edu
cmu
cs
kittyhawk
128.2.194.242
cmcl
unnamed root
arpa
in-addr
128
2
194
242
25. Lecture 13: 02-22-
2005 25
.arpa Name Server Hierarchy
• At each level of hierarchy, have group
of servers that are authorized to
handle that region of hierarchy
128
2
194
kittyhawk
128.2.194.242
in-addr.arpa a.root-servers.net • • • m.root-servers.net
chia.arin.net
(dill, henna, indigo, epazote, figwort, ginseng)
cucumber.srv.cs.cmu.edu,
t-ns1.net.cmu.edu
t-ns2.net.cmu.edu
mango.srv.cs.cmu.edu
(peach, banana, blueberry)
26. Lecture 13: 02-22-
2005 26
Prefetching
• Name servers can add additional data to
response
• Typically used for prefetching
• CNAME/MX/NS typically point to another host name
• Responses include address of host referred to in
“additional section”
27. Lecture 13: 02-22-
2005 27
Mail Addresses
• MX records point to mail exchanger for a name
• E.g. mail.acm.org is MX for acm.org
• Addition of MX record type proved to be a
challenge
• How to get mail programs to lookup MX record for mail
delivery?
• Needed critical mass of such mailers
29. Lecture 13: 02-22-
2005 29
Root Zone
• Generic Top Level Domains (gTLD) = .com,
.net, .org, etc…
• Country Code Top Level Domain (ccTLD) = .us,
.ca, .fi, .uk, etc…
• Root server ({a-m}.root-servers.net) also used to
cover gTLD domains
• Load on root servers was growing quickly!
• Moving .com, .net, .org off root servers was clearly
necessary to reduce load done Aug 2000
30. Lecture 13: 02-22-
2005 30
New gTLDs
• .info general info
• .biz businesses
• .aero air-transport industry
• .coop business cooperatives
• .name individuals
• .pro accountants, lawyers, and physicians
• .museum museums
• Only new one actives so far = .info, .biz, .name
31. Lecture 13: 02-22-
2005 31
New Registrars
• Network Solutions (NSI) used to handle all
registrations, root servers, etc…
• Clearly not the democratic (Internet) way
• Large number of registrars that can create new
domains However NSI still handles A root server
32. Lecture 13: 02-22-
2005 32
Recent Measurements
• No centralized caching per site
• Each machine runs own caching local server
• Why is this a problem?
• How many hosts do we need to share cache? recent studies
suggest 10-20 hosts
• “Hit rate for DNS = 80% 1 - (#DNS/#connections)
• Is this good or bad?
• Most Internet traffic is Web
• What does a typical page look like? average of 4-5 imbedded
objects needs 4-5 transfers
• This alone accounts for 80% hit rate!
• Lower TTLs for A records does not affect performance
• DNS performance really relies more on NS-record caching
33. Lecture 13: 02-22-
2005 33
Tracing Hierarchy (1)
• Dig Program
• Allows querying of DNS system
• Use flags to find name server (NS)
• Disable recursion so that operates one step at a time
• All .edu names handled by set of servers
unix> dig +norecurse @a.root-servers.net NS kittyhawk.cmcl.cs.cmu.edu
;; AUTHORITY SECTION:
edu. 172800 IN NS L3.NSTLD.COM.
edu. 172800 IN NS D3.NSTLD.COM.
edu. 172800 IN NS A3.NSTLD.COM.
edu. 172800 IN NS E3.NSTLD.COM.
edu. 172800 IN NS C3.NSTLD.COM.
edu. 172800 IN NS F3.NSTLD.COM.
edu. 172800 IN NS G3.NSTLD.COM.
edu. 172800 IN NS B3.NSTLD.COM.
edu. 172800 IN NS M3.NSTLD.COM.
35. Lecture 13: 02-22-
2005 35
Tracing Hierarchy (3 & 4)
• 4 servers handle CMU CS names
• Quasar is master NS for this zone
unix> dig +norecurse @t-ns1.net.cmu.edu NS kittyhawk.cmcl.cs.cmu.edu
;; AUTHORITY SECTION:
cs.cmu.edu. 86400 IN NS MANGO.SRV.cs.cmu.edu.
cs.cmu.edu. 86400 IN NS PEACH.SRV.cs.cmu.edu.
cs.cmu.edu. 86400 IN NS BANANA.SRV.cs.cmu.edu.
cs.cmu.edu. 86400 IN NS BLUEBERRY.SRV.cs.cmu.edu.
unix>dig +norecurse @blueberry.srv.cs.cmu.edu NS
kittyhawk.cmcl.cs.cmu.edu
;; AUTHORITY SECTION:
cs.cmu.edu. 300 IN SOA QUASAR.FAC.cs.cmu.edu.
36. Lecture 13: 02-22-
2005 36
DNS (Summary)
• Motivations large distributed database
• Scalability
• Independent update
• Robustness
• Hierarchical database structure
• Zones
• How is a lookup done
• Caching/prefetching and TTLs
• Reverse name lookup
• What are the steps to creating your own domain?
37. Lecture 13: 02-22-
2005 37
Announcements
• Summer research positions
• Srini wireless networking
• Dave overlay networking
• Talk to us for details
• Email us resume
Editor's Notes
ACID Atomic Consistent Isolated Durable
Full SOA record… cs.cmu.edu. 300 IN SOA QUASAR.FAC.cs.cmu.edu. GRIPE.cs.cmu.edu. 2004021352 3600 1800 604800 300