Uploaded byKhadijaTahir29
PDF, PPTX12 views

dns-approximately.pdf

The document discusses DNS (Domain Name System) design and operation. It describes how DNS works as a distributed database to map human-readable domain names to machine-readable IP addresses. DNS has a hierarchical design where domains are divided into zones with authoritative name servers. When resolving a domain name, the local DNS server will iteratively query root servers, top-level domain servers, and authoritative name servers until it receives the IP address record. Caching is used to improve performance and distribute workload.

Embed presentation

Download as PDF, PPTX
15-441 Lecture 7 15-441 Lecture 7 DNS C i ht © S th G ld t i 2008 Lecture 13 15-441 © 2008 Copyright © Seth Goldstein, 2008 Based on slides from previous 441 lectures 1 Outline •DNS Design DNS Design DN d •DNS Today (Extra credit, remind me at end) 15-441 © 2008 2 Lecture 13 What is DNS? • DNS (Domain Name Service) is primarily used to translate human readable names into machine translate human readable names nto mach ne usable addresses, e.g., IP addresses. •DNS goal: – Efficiently locate resources. Efficiently locate resources. E.g., Map name Æ IP address – Scale to many users over a large area y g – Scale to many updates 15-441 © 2008 3 Lecture 13 How resolve name Æ IP addr? Lecture 13 15-441 © 2008 4
Obvious Solutions (1) Why not centralize DNS? •Single point of failure Single point of failure •Traffic volume •Distant centralized database •Distant centralized database •Single point of update •Doesn’t scale! 15-441 © 2008 5 Lecture 13 Obvious Solutions (2) Why not use /etc/hosts? •Original Name to Address Mapping Or g nal Name to ddress Mapp ng – Flat namespace – /etc/hosts – SRI kept main copy – Downloaded regularly g y •Mid 80’s this became untenable. Why? •Count of hosts was increasing: machine per d i hi domain Æ machine per user – Many more downloads M d t /etc/hosts still exists 15-441 © 2008 6 – Many more updates /etc/hosts still exists. Lecture 13 Domain Name System Goals y •Basically a wide-area distributed database (The biggest in the world!) ( he b ggest n the world!) •Scalability •Decentralized maintenance Decentralized maintenance •Robustness •Global scope Global scope – Names mean the same thing everywhere •Don’t need all of ACID •Don t need all of ACID – Atomicity Strong consistency 15-441 © 2008 7 – Strong consistency •Do need: distributed update/query & Performance Lecture 13 Programmer’s View of DNS • Conceptually, programmers can view the DNS database as a collection of millions of host entry structures: structures: /* DNS host entry structure */ struct hostent { char *h name; /* official domain name of host */ _ ; / / char **h_aliases; /* null-terminated array of domain names */ int h_addrtype; /* host address type (AF_INET) */ int h_length; /* length of an address, in bytes */ char **h addr list; /* null-termed array of in addr structs */ – in_addr is a struct consisting of 4-byte IP addr _ _ y _ }; • Functions for retrieving host entries from DNS: –gethostbyname: query key is a DNS host name. k dd 15-441 © 2008 8 –gethostbyaddr: query key is an IP address. Lecture 13
DNS Message Format Identification Flags Identification No. of Questions No of Authority RRs Flags No. of Answer RRs No of Additional RRs 12 bytes No. of Authority RRs Questions (variable number of answers) No. of Additional RRs Name, type fields for a query Answers (variable number of resource records) RRs in response to query Authority (variable number of resource records) Additional Info (variable number of resource records) Records for authoritative servers Additional 15-441 © 2008 9 Additional Info (variable number of resource records) Additional “helpful info that may be used Lecture 13 DNS Header Fields •Identification – Used to match up request/response Used to match up request/response •Flags – 1 bit to mark query or response – 1-bit to mark query or response – 1-bit to mark authoritative or not 1 bit to request recursive resolution – 1-bit to request recursive resolution – 1-bit to indicate support for recursive resolution resolution 15-441 © 2008 10 Lecture 13 DNS Records RR format: (class, name, value, type, ttl) • DB contains tuples called resource records (RRs) • Classes = Internet (IN), Chaosnet (CH), etc. • Each class defines value associated with type Each class defines value associated with type For “IN” class: • Type=A • Type=CNAME Type A – name is hostname – value is IP address T NS Type CNAME • name is an alias name for some “canonical” name • value is canonical name • Type=NS – name is domain (e.g. foo.com) – value is name of authoritative • value is canonical name • Type=MX • value is hostname of 15-441 © 2008 11 name server for this domain mailserver associated with name Lecture 13 Properties of DNS Host Entries Different kinds of mappings are possible: •1 1 mapping between domain name and IP addr: •1-1 mapping between domain name and IP addr: provolone.crcl.cs.cmu.edu maps to 128.2.218.81 •Multiple domain names maps to the same IP addr: •Multiple domain names maps to the same IP addr: www.scs.cmu.edu and www.cs.cmu.edu both map to 128.2.203.164 •Single domain name maps to multiple IP addresses: aol.com and www.aol.com map to multiple IP addrs. •Some valid domain names don’t map to any IP addr: crcl.cs.cmu.edu doesn’t have a host 15-441 © 2008 12 Lecture 13
DNS Design: Hierarchy Definitions root • Each node in hierarchy stores a list of names that end with same suffix • Suffix = path up tree edu net org uk com Suffix path up tree • E.g., given this tree, where would following be stored: • Fred com gwu ucb cmu bu mit cs ece • Fred.com • Fred.edu • Fred.cmu.edu crcl • Fred.crcl.cs.cmu.edu • Fred.cs.mit.edu 15-441 © 2008 13 Lecture 13 DNS Design: Zone Definitions • Zone = contiguous section of name space root p • E.g., Complete tree, single node or subtree • A zone has an associated A zone has an associated set of name servers • Must store list of d t li k edu net org uk com l d Subtree names and tree links gwu ucb cmu bu mit cs ece Single node Complete Tree crcl 15-441 © 2008 14 Tree Lecture 13 DNS Design: Cont. •Zones are created by convincing owner node to create/delegate a subzone g – Records within zone stored in multiple redundant name servers P i / d d ll – Primary/master name server updated manually – Secondary/redundant servers updated by zone transfer of name space transfer of name space • Zone transfer is a bulk transfer of the “configuration” of a DNS server – uses TCP to ensure reliability •Example: – CS.CMU.EDU created by CMU.EDU admins 15-441 © 2008 15 – Who creates CMU.EDU or .EDU? Lecture 13 DNS: Root Name Servers • Responsible for “root” zone p • 13 root name servers – Currently y {a-m}.root-servers.net • Local name servers contact h h root servers when they cannot resolve a name Wh 13? • Why 13? 15-441 © 2008 16 Lecture 13
Not really 13! Lecture 13 15-441 © 2008 17 10/08, from www.root-servers.org Check out anycast) So Far •Database structure – Hierarchy of labels x y z Hierarchy of labels x.y.z – Organized into zones – Zones have nameservers (notice plural!) – Zones have nameservers (notice plural!) •Database layout Records which map – Records which map namesÆnames, namesÆip namesÆip, etc. •Programmer API: gethostbyname, … Programmer API gethostbyname, … Lecture 13 15-441 © 2008 18 Servers/Resolvers •Each host has a resolver – Typically a library that applications can link to Typically a library that applications can link to – Local name servers hand-configured (or DHCP) (e g /etc/resolv conf) (e.g. /etc/resolv.conf) •Name servers – Either responsible for some zone or Either responsible for some zone or… – Local servers • Do lookup of distant host names for local hosts Do lookup of distant host names for local hosts • Typically answer queries about local zone 15-441 © 2008 19 Lecture 13 Typical Resolution root & edu DNS server DNS server ns1 cmu edu www.cs.cmu.edu Client Local DNS server ns1.cmu.edu DNS server ns1 cs cmu edu ns1.cs.cmu.edu DNS server 15-441 © 2008 20 Hmm: Notice root server returned NS ns1.cmu.edu Lecture 13
Typical Resolution •Steps for resolving www.cmu.edu – Application calls gethostbyname() (RESOLVER) Application calls gethostbyname() (RESOLVER) – Resolver contacts local name server (S1) – S1 queries root server (S2) for (www.cmu.edu) q – S2 returns NS record for cmu.edu (S3) – What about A record for S3? h h h dd l f f ( E E ) • This is what the additional info section is for (PREFETCHING) – S1 queries S3 for www.cmu.edu – S returns A record for www cmu edu – S3 returns A record for www.cmu.edu •Can return multiple A records Æ 15-441 © 2008 21 Can return multiple A records Æ What does this mean? Lecture 13 Lookup Methods R i Recursive query: • Server goes out and searches for more info root name server 2 iterated query • Only returns final answer or “not found” Iterative query: 3 4 7 Iterative query: • Server responds with as much as it knows. “I d ’t k thi local name server dns.eurecom.fr 5 6 intermediate name server dns.umass.edu 7 • “I don’t know this name, but ask this server” 1 5 6authoritative name server dns.cs.umass.edu 8 Workload impact on choice? requesting host surf.eurecom.fr gaia.cs.umass.edu 15-441 © 2008 22 Workload impact on choice? • Root/distant server does iterative • Local server typically does recursive Lecture 13 How to manage workload? •Does root nameserver do recursive lookups? •What about other zones? What about other zones? •What about imbalance in popularity? – com versus dj – .com versus .dj – google.com versus bleu.crcl.cs.cmu.edu? How do we scale query workload? •How do we scale query workload? Lecture 13 15-441 © 2008 23 Workload and Caching •DNS responses are cached – Quick response for repeated translations Quick response for repeated translations – Other queries may reuse some parts of lookup • E.g., NS records for domains g •DNS negative queries are cached – Don’t have to repeat past mistakes – E.g., misspellings, search strings in resolv.conf •How do you handle updates? 15-441 © 2008 24 Lecture 13
Workload and Caching •DNS responses are cached – Quick response for repeated translations Quick response for repeated translations – Other queries may reuse some parts of lookup • E.g., NS records for domains g •DNS negative queries are cached – Don’t have to repeat past mistakes – E.g., misspellings, search strings in resolv.conf •Cached data periodically times out – Lifetime (TTL) of data controlled by owner of data – TTL passed with every record 15-441 © 2008 25 Lecture 13 Typical Resolution root & edu DNS server DNS server ns1 cmu edu www.cs.cmu.edu Client Local DNS server ns1.cmu.edu DNS server ns1 cs cmu edu ns1.cs.cmu.edu DNS server 15-441 © 2008 26 Lecture 13 Subsequent Lookup Example root & edu DNS server DNS server cmu edu ftp.cs.cmu.edu Client Local DNS server cmu.edu DNS server cs cmu edu cs.cmu.edu DNS server 15-441 © 2008 27 Lecture 13 Reliability •DNS servers are replicated – Name service available if ≥ one replica is up Name service available if ≥ one replica is up – Queries can be load balanced between replicas •UDP used for queries f q – Need reliability Æ must implement this on top of UDP! – Why not just use TCP? •Try alternate servers on timeout – Exponential backoff when retrying same server •Same identifier for all queries – Don’t care which server responds 15-441 © 2008 28 Lecture 13
So far •Hierarchial name space Lecture 13 15-441 © 2008 29 Reverse DNS A b k Æ Add d R ti P t A •Task – Given IP address, find its unnamed root Arpa: backronym Æ Address and Routing Parameter Area Given IP address, find its name •Method edu arpa – Maintain separate hierarchy based on IP names – Write 128.2.204.27 as cmu in-addr Wr t . . . 7 a 27.204.2.128.in-addr.arpa • Why is the address reversed? •Managing cs 128 •Managing – Authority manages IP addresses assigned to it crcl 2 204 15-441 © 2008 30 – E.g., CMU manages name space 2.128.in-addr.arpa bleu 128.2.204.27 27 Lecture 13 .arpa Name Server Hierarchy in-addr.arpa a root-servers net • • • m root-servers net 128 in addr.arpa a.root servers.net m.root servers.net chia.arin.net (dill henna indigo epazote figwort ginseng) 2 (dill, henna, indigo, epazote, figwort, ginseng) cucumber.srv.cs.cmu.edu, t-ns1.net.cmu.edu 204 t-ns2.net.cmu.edu mango.srv.cs.cmu.edu (peach, banana, blueberry) • At each level of hierarchy, have group of servers that are authorized to bleu 128 2 204 27 (p , , y) 15-441 © 2008 31 of servers that are authorized to handle that region of hierarchy 128.2.204.27 Lecture 13 Prefetching •Name servers can add additional data to response •Why would they? Why would they? 15-441 © 2008 32 Lecture 13
Prefetching •Name servers can add additional data to response •Why would they? Why would they? •Typically used for prefetching – CNAME/MX/NS typically point to another host – CNAME/MX/NS typically point to another host name – Responses include address of host referred to Responses include address of host referred to in “additional section” 15-441 © 2008 33 Lecture 13 Mail Addresses •MX records point to mail exchanger for a name – E g E.g. cmu.edu. 2590 IN MX 10 CMU-MX4.ANDREW.cmu.edu. cmu.edu. 2590 IN MX 10 CMU-MX5.ANDREW.cmu.edu. •Addition of MX record type proved to be a challenge challenge – How to get mail programs to lookup MX record for mail delivery? for mail delivery? – Needed critical mass of such mailers Could we add a new one now? 15-441 © 2008 34 – Could we add a new one now? Lecture 13 Outline •DNS Design DNS Today •DNS Today 15-441 © 2008 35 Lecture 13 Root Zone •Generic Top Level Domains (gTLD) = .com, .net, .org, etc… g •Country Code Top Level Domain (ccTLD) = .us, .ca, .fi, .uk, etc… R ({ } ) l d •Root server ({a-m}.root-servers.net) also used to cover gTLD domains – Load on root servers was growing quickly! – Load on root servers was growing quickly! – Moving .com, .net, .org off root servers was clearly necessary to reduce load clearly necessary to reduce load Æ done Aug 2000 – How significant an effect would this have? 15-441 © 2008 36 • On load? • On performance? Lecture 13
gTLDs • Unsponsored – .com, .edu, .gov, .mil, .net, .org – .biz Æ businesses i f l i f – .info Æ general info – .name Æ individuals • Sponsored (controlled by a particular association) – aero Æ air-transport industry .aero Æ air transport industry – .cat Æ catalan related – .coop Æ business cooperatives – .jobs Æ job announcements Æ Is there anything special about .com? What about adding goldstein as a gTLD? – .museum Æ museums – .pro Æ accountants, lawyers, and physicians – .travel Æ travel industry • Starting up What about adding .goldstein as a gTLD? Starting up – .mobi Æ mobile phone targeted domains – .post Æ postal – .tel Æ telephone related P d 15-441 © 2008 37 • Proposed – .asia, .cym, .geo, .kid, .mail, .sco, .web, .xxx – Whatever you want! Lecture 13 New Registrars •Network Solutions (NSI) used to handle all registrations, root servers, etc… reg strat ons, root servers, etc… – Clearly not the democratic (Internet) way – Large number of registrars that can create Large number of registrars that can create new domains Æ However NSI still handles A root server 15-441 © 2008 38 Lecture 13 Measurements of DNS •No centralized caching per site •No centralized caching per site – Each machine runs own caching local server – Why is this a problem? y p – How many hosts do we need to share cache? Æ recent studies suggest 10-20 hosts “Hit rate for DNS:1 (#DNS/#connections)Æ80% • Hit rate for DNS:1 - (#DNS/#connections)Æ80% – Is this good or bad? – Most Internet traffic was Web with HTTP 1.0 Most Internet traffic was Web with HTTP 1.0 • What does a typical page look like? Æ average of 4-5 imbedded objects Æ needs 4-5 transfers • This alone accounts for 80% hit rate! f •Lower TTLs for A records does not affect performance 15-441 © 2008 39 •DNS performance really relies more on NS-record caching Lecture 13 Measurements of DNS •No centralized caching per site •No centralized caching per site – Each machine runs own caching local server – Why is this a problem? y p – How many hosts do we need to share cache? Æ recent studies suggest 10-20 hosts “Hit rate for DNS:1 (#DNS/#connections)Æ80% • Hit rate for DNS:1 - (#DNS/#connections)Æ80% – Is this good or bad? – Most Internet traffic was Web with HTTP 1.0 Most Internet traffic was Web with HTTP 1.0 • What does a typical page look like? Æ average of 4-5 imbedded objects Æ needs 4-5 transfers • This alone accounts for 80% hit rate! f •Lower TTLs for A records does not affect performance 15-441 © 2008 40 •DNS performance really relies more on NS-record caching Lecture 13
Tracing Hierarchy (1) •Dig Program – Allows querying of DNS system fl f d (N ) – Use flags to find name server (NS) – Disable recursion so that operates one step at a time unix> dig +norecurse @a.root-servers.net NS kittyhawk.cmcl.cs.cmu.edu ;; AUTHORITY SECTION: edu 172800 IN NS L3 NSTLD COM Zone TTL edu. 172800 IN NS L3.NSTLD.COM. edu. 172800 IN NS D3.NSTLD.COM. edu. 172800 IN NS A3.NSTLD.COM. edu. 172800 IN NS E3.NSTLD.COM. edu. 172800 IN NS C3.NSTLD.COM. Type edu. 172800 IN NS C3.NSTLD.COM. edu. 172800 IN NS F3.NSTLD.COM. edu. 172800 IN NS G3.NSTLD.COM. edu. 172800 IN NS B3.NSTLD.COM. edu. 172800 IN NS M3.NSTLD.COM. Class Value 15-441 © 2008 41 – All .edu names handled by set of servers edu. 172800 IN NS M3.NSTLD.COM. Lecture 13 Tracing Hierarchy (2) •3 servers handle CMU names unix> dig +norecurse @e3.nstld.com NS kittyhawk.cmcl.cs.cmu.edu ;; AUTHORITY SECTION: ;; AUTHORITY SECTION: cmu.edu. 172800 IN NS CUCUMBER.SRV.cs.cmu.edu. cmu.edu. 172800 IN NS T-NS1.NET.cmu.edu. cmu.edu. 172800 IN NS T-NS2.NET.cmu.edu. 15-441 © 2008 42 Lecture 13 Tracing Hierarchy (3 & 4) •4 servers handle CMU CS names unix> dig +norecurse @t-ns1.net.cmu.edu NS kittyhawk.cmcl.cs.cmu.edu ;; AUTHORITY SECTION: ;; AUTHORITY SECTION: cs.cmu.edu. 86400 IN NS MANGO.SRV.cs.cmu.edu. cs.cmu.edu. 86400 IN NS PEACH.SRV.cs.cmu.edu. cs.cmu.edu. 86400 IN NS BANANA.SRV.cs.cmu.edu. cs.cmu.edu. 86400 IN NS BLUEBERRY.SRV.cs.cmu.edu. •Quasar is master NS for this zone cs.cmu.edu. 86400 IN NS BLUEBERRY.SRV.cs.cmu.edu. Quasar is master NS for this zone unix>dig +norecurse @blueberry.srv.cs.cmu.edu NS kittyhawk.cmcl.cs.cmu.edu 15-441 © 2008 43 ;; AUTHORITY SECTION: cs.cmu.edu. 300 IN SOA QUASAR.FAC.cs.cmu.edu. Lecture 13 DNS (Summary) •Motivations Æ large distributed database – Scalability Scalab l ty – Independent update – Robustness •Hierarchical database structure – Zones – How lookups are done •Caching/prefetching and TTLs •Reverse name lookup •What are the steps to creating your own domain? 15-441 © 2008 44 Lecture 13

More Related Content

PPT
13-DNSksjsjsjndndndjsjjsjsjsjsjsjsjsjsjjs.ppt
bymjayarmn158
 
PPT
13 dns
byIssam Jamal
 
PPT
08Mapping.ppt
byMalikNuman8
 
PPTX
Domain name system
bySiddharth Chandel
 
PPTX
c5c1db8d-8375-4f17-bf6a-56ea5342e58d.pptx
bychakravardhannani123
 
PDF
System and Network Administration Chapter 2
byjaramharo
 
PDF
Domain Name System (DNS) Fundamentals
byWebSniffer
 
PPTX
The Application Layer
byMSharmilaDeviITDEPT
 
13-DNSksjsjsjndndndjsjjsjsjsjsjsjsjsjsjjs.ppt
bymjayarmn158
 
13 dns
byIssam Jamal
 
08Mapping.ppt
byMalikNuman8
 
Domain name system
bySiddharth Chandel
 
c5c1db8d-8375-4f17-bf6a-56ea5342e58d.pptx
bychakravardhannani123
 
System and Network Administration Chapter 2
byjaramharo
 
Domain Name System (DNS) Fundamentals
byWebSniffer
 
The Application Layer
byMSharmilaDeviITDEPT
 

Similar to dns-approximately.pdf

PPT
Dns
bySanoj Kumar
 
PDF
DNS Principles and Operations - Lecture 02
byInternet Systems Consortium and University of Ostrava
 
PPT
6065165.ppt
byssuseraf60311
 
PDF
Presentation on Domain Name System
byChinmay Joshi
 
PPS
Dns And Snmp
bySeyed Ali Marjaie
 
PPTX
2_Chapter 2_DNS.pptx
byhoangdinhhanh88
 
PPTX
Dns
byhoangdinhhanh88
 
PPTX
DNS.pptx
byEidTahir
 
PPT
Domain Name System(ppt)
bychovatiyabhautik
 
PPTX
DNS AND DDNS
byVirendra thakur
 
PDF
Dns
byjulien pauli
 
PDF
DNS-The Internet's Directory Service-Computer_Networks
byabhirudh456
 
PPTX
DNS ( Domain Name System)
byPrakhar Rastogi
 
PDF
Lets talk dns
byAbhinav Mehta
 
PPTX
Domain name system
bylehri_rasheeda
 
PPT
D.N.S
byNirbhay Upadhyay
 
PPTX
Exploring the Application Layer: DNS, FQDN, SMTP, Web-Based Email, and FTP Ex...
bySisodetrupti
 
PPTX
Domain Name System and Dynamic Host Configuration Protocol.pptx
byUsmanAhmed269749
 
PPTX
DNS Configuration
byVinod Gour
 
PDF
Computer network (15)
byNYversity
 
Dns
bySanoj Kumar
 
DNS Principles and Operations - Lecture 02
byInternet Systems Consortium and University of Ostrava
 
6065165.ppt
byssuseraf60311
 
Presentation on Domain Name System
byChinmay Joshi
 
Dns And Snmp
bySeyed Ali Marjaie
 
2_Chapter 2_DNS.pptx
byhoangdinhhanh88
 
Dns
byhoangdinhhanh88
 
DNS.pptx
byEidTahir
 
Domain Name System(ppt)
bychovatiyabhautik
 
DNS AND DDNS
byVirendra thakur
 
Dns
byjulien pauli
 
DNS-The Internet's Directory Service-Computer_Networks
byabhirudh456
 
DNS ( Domain Name System)
byPrakhar Rastogi
 
Lets talk dns
byAbhinav Mehta
 
Domain name system
bylehri_rasheeda
 
D.N.S
byNirbhay Upadhyay
 
Exploring the Application Layer: DNS, FQDN, SMTP, Web-Based Email, and FTP Ex...
bySisodetrupti
 
Domain Name System and Dynamic Host Configuration Protocol.pptx
byUsmanAhmed269749
 
DNS Configuration
byVinod Gour
 
Computer network (15)
byNYversity
 

More from KhadijaTahir29

PDF
009911554.pdf
byKhadijaTahir29
 
PDF
008094493.pdf
byKhadijaTahir29
 
PDF
009978776.pdf
byKhadijaTahir29
 
PDF
chapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdf
byKhadijaTahir29
 
PDF
005272686.pdf
byKhadijaTahir29
 
PDF
009693652.pdf
byKhadijaTahir29
 
PDF
lt-theoriesofintelligence-201117093932 (1).pdf
byKhadijaTahir29
 
PPT
10658353.ppt
byKhadijaTahir29
 
009911554.pdf
byKhadijaTahir29
 
008094493.pdf
byKhadijaTahir29
 
009978776.pdf
byKhadijaTahir29
 
chapter01-introductiontowindowsserver2003-090505014519-phpapp02.pdf
byKhadijaTahir29
 
005272686.pdf
byKhadijaTahir29
 
009693652.pdf
byKhadijaTahir29
 
lt-theoriesofintelligence-201117093932 (1).pdf
byKhadijaTahir29
 
10658353.ppt
byKhadijaTahir29
 

Recently uploaded

PPTX
Methods & Applications of Enzyme Immobilization Technique.pptx
byAnupkumar Sharma
 
PPTX
Renal Physiology- Juxtaglomerular Apparatus.pptx
byDisha Soriya
 
PDF
The Sheep and the Goat: Beckett’s Subversion of Divine Justice in Waiting for...
bysejadchokiya
 
PPTX
Greengnorance Toolkit Module 5 Waste Management
byKarl Donert
 
PDF
AI Is a Tool, Not a Voice: Radio, Trust, and the Human Factor
byN.A. Shah Ansari
 
PDF
Bones by Sadu Kassam (play) story ppt pdf
byRonnieMaeBorres
 
PDF
Orlando by Virginia Woolf: The Granite and The Rainbow
byAdityarajsinh Gohil
 
PPTX
WEEK 2 (2).pptx TLE COOKERY 10 QUARTER 4
byResynFayeCortez2
 
PDF
PHARMACOLOGY 1 ( BP 404 T) Unit 1 (Cology 1)
byChetan Mali
 
PPTX
Math 8 Quarter 4 Week 3 PRIMARY DATA.pptx
byshahanieabbat3
 
PDF
Pharmaceutical Quality Assurance Unit 1 (BP606T)
byChetan Mali
 
PDF
Artificial Intelligence in Research and Academic Writing, Workshop on Researc...
byProf. Vinod Kumar Kanvaria
 
PDF
How "Raiders of the Lost Ark" and "Ordinary People" Employ Non-Verbal Acting
by6x5csns4pn
 
PPTX
How to Create_Generate Engineering Change Orders ECOs in Odoo 18
byCeline George
 
PDF
Family and Marriage __ Sociology __ Jhasketan Kuanar __ NURSING VIBE ONLY .pdf
byJK NURSING VIBES ONLY JHASKETAN KUANAR
 
PPTX
Greengnorance Toolkit Module 2 Energy saving
byKarl Donert
 
PDF
Beyond the Absurd: A Comparative Reading of Waiting for Godot and the Bhagava...
byKruti Vyas
 
PDF
BP502T Industrial Pharmacy I (Theory) UNIT– I (Part 1)
byRushi Mandali
 
PPTX
Greengnorance Toolkit Module 6 Water Resources
byKarl Donert
 
PDF
Judgement Regarding Land Acquisition Act not Applicable to Encroachers.pdf
byssuser9d8e4e
 
Methods & Applications of Enzyme Immobilization Technique.pptx
byAnupkumar Sharma
 
Renal Physiology- Juxtaglomerular Apparatus.pptx
byDisha Soriya
 
The Sheep and the Goat: Beckett’s Subversion of Divine Justice in Waiting for...
bysejadchokiya
 
Greengnorance Toolkit Module 5 Waste Management
byKarl Donert
 
AI Is a Tool, Not a Voice: Radio, Trust, and the Human Factor
byN.A. Shah Ansari
 
Bones by Sadu Kassam (play) story ppt pdf
byRonnieMaeBorres
 
Orlando by Virginia Woolf: The Granite and The Rainbow
byAdityarajsinh Gohil
 
WEEK 2 (2).pptx TLE COOKERY 10 QUARTER 4
byResynFayeCortez2
 
PHARMACOLOGY 1 ( BP 404 T) Unit 1 (Cology 1)
byChetan Mali
 
Math 8 Quarter 4 Week 3 PRIMARY DATA.pptx
byshahanieabbat3
 
Pharmaceutical Quality Assurance Unit 1 (BP606T)
byChetan Mali
 
Artificial Intelligence in Research and Academic Writing, Workshop on Researc...
byProf. Vinod Kumar Kanvaria
 
How "Raiders of the Lost Ark" and "Ordinary People" Employ Non-Verbal Acting
by6x5csns4pn
 
How to Create_Generate Engineering Change Orders ECOs in Odoo 18
byCeline George
 
Family and Marriage __ Sociology __ Jhasketan Kuanar __ NURSING VIBE ONLY .pdf
byJK NURSING VIBES ONLY JHASKETAN KUANAR
 
Greengnorance Toolkit Module 2 Energy saving
byKarl Donert
 
Beyond the Absurd: A Comparative Reading of Waiting for Godot and the Bhagava...
byKruti Vyas
 
BP502T Industrial Pharmacy I (Theory) UNIT– I (Part 1)
byRushi Mandali
 
Greengnorance Toolkit Module 6 Water Resources
byKarl Donert
 
Judgement Regarding Land Acquisition Act not Applicable to Encroachers.pdf
byssuser9d8e4e
 

dns-approximately.pdf

  • 1.
    15-441 Lecture 7 15-441Lecture 7 DNS C i ht © S th G ld t i 2008 Lecture 13 15-441 © 2008 Copyright © Seth Goldstein, 2008 Based on slides from previous 441 lectures 1 Outline •DNS Design DNS Design DN d •DNS Today (Extra credit, remind me at end) 15-441 © 2008 2 Lecture 13 What is DNS? • DNS (Domain Name Service) is primarily used to translate human readable names into machine translate human readable names nto mach ne usable addresses, e.g., IP addresses. •DNS goal: – Efficiently locate resources. Efficiently locate resources. E.g., Map name Æ IP address – Scale to many users over a large area y g – Scale to many updates 15-441 © 2008 3 Lecture 13 How resolve name Æ IP addr? Lecture 13 15-441 © 2008 4
  • 2.
    Obvious Solutions (1) Whynot centralize DNS? •Single point of failure Single point of failure •Traffic volume •Distant centralized database •Distant centralized database •Single point of update •Doesn’t scale! 15-441 © 2008 5 Lecture 13 Obvious Solutions (2) Why not use /etc/hosts? •Original Name to Address Mapping Or g nal Name to ddress Mapp ng – Flat namespace – /etc/hosts – SRI kept main copy – Downloaded regularly g y •Mid 80’s this became untenable. Why? •Count of hosts was increasing: machine per d i hi domain Æ machine per user – Many more downloads M d t /etc/hosts still exists 15-441 © 2008 6 – Many more updates /etc/hosts still exists. Lecture 13 Domain Name System Goals y •Basically a wide-area distributed database (The biggest in the world!) ( he b ggest n the world!) •Scalability •Decentralized maintenance Decentralized maintenance •Robustness •Global scope Global scope – Names mean the same thing everywhere •Don’t need all of ACID •Don t need all of ACID – Atomicity Strong consistency 15-441 © 2008 7 – Strong consistency •Do need: distributed update/query & Performance Lecture 13 Programmer’s View of DNS • Conceptually, programmers can view the DNS database as a collection of millions of host entry structures: structures: /* DNS host entry structure */ struct hostent { char *h name; /* official domain name of host */ _ ; / / char **h_aliases; /* null-terminated array of domain names */ int h_addrtype; /* host address type (AF_INET) */ int h_length; /* length of an address, in bytes */ char **h addr list; /* null-termed array of in addr structs */ – in_addr is a struct consisting of 4-byte IP addr _ _ y _ }; • Functions for retrieving host entries from DNS: –gethostbyname: query key is a DNS host name. k dd 15-441 © 2008 8 –gethostbyaddr: query key is an IP address. Lecture 13
  • 3.
    DNS Message Format IdentificationFlags Identification No. of Questions No of Authority RRs Flags No. of Answer RRs No of Additional RRs 12 bytes No. of Authority RRs Questions (variable number of answers) No. of Additional RRs Name, type fields for a query Answers (variable number of resource records) RRs in response to query Authority (variable number of resource records) Additional Info (variable number of resource records) Records for authoritative servers Additional 15-441 © 2008 9 Additional Info (variable number of resource records) Additional “helpful info that may be used Lecture 13 DNS Header Fields •Identification – Used to match up request/response Used to match up request/response •Flags – 1 bit to mark query or response – 1-bit to mark query or response – 1-bit to mark authoritative or not 1 bit to request recursive resolution – 1-bit to request recursive resolution – 1-bit to indicate support for recursive resolution resolution 15-441 © 2008 10 Lecture 13 DNS Records RR format: (class, name, value, type, ttl) • DB contains tuples called resource records (RRs) • Classes = Internet (IN), Chaosnet (CH), etc. • Each class defines value associated with type Each class defines value associated with type For “IN” class: • Type=A • Type=CNAME Type A – name is hostname – value is IP address T NS Type CNAME • name is an alias name for some “canonical” name • value is canonical name • Type=NS – name is domain (e.g. foo.com) – value is name of authoritative • value is canonical name • Type=MX • value is hostname of 15-441 © 2008 11 name server for this domain mailserver associated with name Lecture 13 Properties of DNS Host Entries Different kinds of mappings are possible: •1 1 mapping between domain name and IP addr: •1-1 mapping between domain name and IP addr: provolone.crcl.cs.cmu.edu maps to 128.2.218.81 •Multiple domain names maps to the same IP addr: •Multiple domain names maps to the same IP addr: www.scs.cmu.edu and www.cs.cmu.edu both map to 128.2.203.164 •Single domain name maps to multiple IP addresses: aol.com and www.aol.com map to multiple IP addrs. •Some valid domain names don’t map to any IP addr: crcl.cs.cmu.edu doesn’t have a host 15-441 © 2008 12 Lecture 13
  • 4.
    DNS Design: HierarchyDefinitions root • Each node in hierarchy stores a list of names that end with same suffix • Suffix = path up tree edu net org uk com Suffix path up tree • E.g., given this tree, where would following be stored: • Fred com gwu ucb cmu bu mit cs ece • Fred.com • Fred.edu • Fred.cmu.edu crcl • Fred.crcl.cs.cmu.edu • Fred.cs.mit.edu 15-441 © 2008 13 Lecture 13 DNS Design: Zone Definitions • Zone = contiguous section of name space root p • E.g., Complete tree, single node or subtree • A zone has an associated A zone has an associated set of name servers • Must store list of d t li k edu net org uk com l d Subtree names and tree links gwu ucb cmu bu mit cs ece Single node Complete Tree crcl 15-441 © 2008 14 Tree Lecture 13 DNS Design: Cont. •Zones are created by convincing owner node to create/delegate a subzone g – Records within zone stored in multiple redundant name servers P i / d d ll – Primary/master name server updated manually – Secondary/redundant servers updated by zone transfer of name space transfer of name space • Zone transfer is a bulk transfer of the “configuration” of a DNS server – uses TCP to ensure reliability •Example: – CS.CMU.EDU created by CMU.EDU admins 15-441 © 2008 15 – Who creates CMU.EDU or .EDU? Lecture 13 DNS: Root Name Servers • Responsible for “root” zone p • 13 root name servers – Currently y {a-m}.root-servers.net • Local name servers contact h h root servers when they cannot resolve a name Wh 13? • Why 13? 15-441 © 2008 16 Lecture 13
  • 5.
    Not really 13! Lecture13 15-441 © 2008 17 10/08, from www.root-servers.org Check out anycast) So Far •Database structure – Hierarchy of labels x y z Hierarchy of labels x.y.z – Organized into zones – Zones have nameservers (notice plural!) – Zones have nameservers (notice plural!) •Database layout Records which map – Records which map namesÆnames, namesÆip namesÆip, etc. •Programmer API: gethostbyname, … Programmer API gethostbyname, … Lecture 13 15-441 © 2008 18 Servers/Resolvers •Each host has a resolver – Typically a library that applications can link to Typically a library that applications can link to – Local name servers hand-configured (or DHCP) (e g /etc/resolv conf) (e.g. /etc/resolv.conf) •Name servers – Either responsible for some zone or Either responsible for some zone or… – Local servers • Do lookup of distant host names for local hosts Do lookup of distant host names for local hosts • Typically answer queries about local zone 15-441 © 2008 19 Lecture 13 Typical Resolution root & edu DNS server DNS server ns1 cmu edu www.cs.cmu.edu Client Local DNS server ns1.cmu.edu DNS server ns1 cs cmu edu ns1.cs.cmu.edu DNS server 15-441 © 2008 20 Hmm: Notice root server returned NS ns1.cmu.edu Lecture 13
  • 6.
    Typical Resolution •Steps forresolving www.cmu.edu – Application calls gethostbyname() (RESOLVER) Application calls gethostbyname() (RESOLVER) – Resolver contacts local name server (S1) – S1 queries root server (S2) for (www.cmu.edu) q – S2 returns NS record for cmu.edu (S3) – What about A record for S3? h h h dd l f f ( E E ) • This is what the additional info section is for (PREFETCHING) – S1 queries S3 for www.cmu.edu – S returns A record for www cmu edu – S3 returns A record for www.cmu.edu •Can return multiple A records Æ 15-441 © 2008 21 Can return multiple A records Æ What does this mean? Lecture 13 Lookup Methods R i Recursive query: • Server goes out and searches for more info root name server 2 iterated query • Only returns final answer or “not found” Iterative query: 3 4 7 Iterative query: • Server responds with as much as it knows. “I d ’t k thi local name server dns.eurecom.fr 5 6 intermediate name server dns.umass.edu 7 • “I don’t know this name, but ask this server” 1 5 6authoritative name server dns.cs.umass.edu 8 Workload impact on choice? requesting host surf.eurecom.fr gaia.cs.umass.edu 15-441 © 2008 22 Workload impact on choice? • Root/distant server does iterative • Local server typically does recursive Lecture 13 How to manage workload? •Does root nameserver do recursive lookups? •What about other zones? What about other zones? •What about imbalance in popularity? – com versus dj – .com versus .dj – google.com versus bleu.crcl.cs.cmu.edu? How do we scale query workload? •How do we scale query workload? Lecture 13 15-441 © 2008 23 Workload and Caching •DNS responses are cached – Quick response for repeated translations Quick response for repeated translations – Other queries may reuse some parts of lookup • E.g., NS records for domains g •DNS negative queries are cached – Don’t have to repeat past mistakes – E.g., misspellings, search strings in resolv.conf •How do you handle updates? 15-441 © 2008 24 Lecture 13
  • 7.
    Workload and Caching •DNSresponses are cached – Quick response for repeated translations Quick response for repeated translations – Other queries may reuse some parts of lookup • E.g., NS records for domains g •DNS negative queries are cached – Don’t have to repeat past mistakes – E.g., misspellings, search strings in resolv.conf •Cached data periodically times out – Lifetime (TTL) of data controlled by owner of data – TTL passed with every record 15-441 © 2008 25 Lecture 13 Typical Resolution root & edu DNS server DNS server ns1 cmu edu www.cs.cmu.edu Client Local DNS server ns1.cmu.edu DNS server ns1 cs cmu edu ns1.cs.cmu.edu DNS server 15-441 © 2008 26 Lecture 13 Subsequent Lookup Example root & edu DNS server DNS server cmu edu ftp.cs.cmu.edu Client Local DNS server cmu.edu DNS server cs cmu edu cs.cmu.edu DNS server 15-441 © 2008 27 Lecture 13 Reliability •DNS servers are replicated – Name service available if ≥ one replica is up Name service available if ≥ one replica is up – Queries can be load balanced between replicas •UDP used for queries f q – Need reliability Æ must implement this on top of UDP! – Why not just use TCP? •Try alternate servers on timeout – Exponential backoff when retrying same server •Same identifier for all queries – Don’t care which server responds 15-441 © 2008 28 Lecture 13
  • 8.
    So far •Hierarchial namespace Lecture 13 15-441 © 2008 29 Reverse DNS A b k Æ Add d R ti P t A •Task – Given IP address, find its unnamed root Arpa: backronym Æ Address and Routing Parameter Area Given IP address, find its name •Method edu arpa – Maintain separate hierarchy based on IP names – Write 128.2.204.27 as cmu in-addr Wr t . . . 7 a 27.204.2.128.in-addr.arpa • Why is the address reversed? •Managing cs 128 •Managing – Authority manages IP addresses assigned to it crcl 2 204 15-441 © 2008 30 – E.g., CMU manages name space 2.128.in-addr.arpa bleu 128.2.204.27 27 Lecture 13 .arpa Name Server Hierarchy in-addr.arpa a root-servers net • • • m root-servers net 128 in addr.arpa a.root servers.net m.root servers.net chia.arin.net (dill henna indigo epazote figwort ginseng) 2 (dill, henna, indigo, epazote, figwort, ginseng) cucumber.srv.cs.cmu.edu, t-ns1.net.cmu.edu 204 t-ns2.net.cmu.edu mango.srv.cs.cmu.edu (peach, banana, blueberry) • At each level of hierarchy, have group of servers that are authorized to bleu 128 2 204 27 (p , , y) 15-441 © 2008 31 of servers that are authorized to handle that region of hierarchy 128.2.204.27 Lecture 13 Prefetching •Name servers can add additional data to response •Why would they? Why would they? 15-441 © 2008 32 Lecture 13
  • 9.
    Prefetching •Name servers canadd additional data to response •Why would they? Why would they? •Typically used for prefetching – CNAME/MX/NS typically point to another host – CNAME/MX/NS typically point to another host name – Responses include address of host referred to Responses include address of host referred to in “additional section” 15-441 © 2008 33 Lecture 13 Mail Addresses •MX records point to mail exchanger for a name – E g E.g. cmu.edu. 2590 IN MX 10 CMU-MX4.ANDREW.cmu.edu. cmu.edu. 2590 IN MX 10 CMU-MX5.ANDREW.cmu.edu. •Addition of MX record type proved to be a challenge challenge – How to get mail programs to lookup MX record for mail delivery? for mail delivery? – Needed critical mass of such mailers Could we add a new one now? 15-441 © 2008 34 – Could we add a new one now? Lecture 13 Outline •DNS Design DNS Today •DNS Today 15-441 © 2008 35 Lecture 13 Root Zone •Generic Top Level Domains (gTLD) = .com, .net, .org, etc… g •Country Code Top Level Domain (ccTLD) = .us, .ca, .fi, .uk, etc… R ({ } ) l d •Root server ({a-m}.root-servers.net) also used to cover gTLD domains – Load on root servers was growing quickly! – Load on root servers was growing quickly! – Moving .com, .net, .org off root servers was clearly necessary to reduce load clearly necessary to reduce load Æ done Aug 2000 – How significant an effect would this have? 15-441 © 2008 36 • On load? • On performance? Lecture 13
  • 10.
    gTLDs • Unsponsored – .com,.edu, .gov, .mil, .net, .org – .biz Æ businesses i f l i f – .info Æ general info – .name Æ individuals • Sponsored (controlled by a particular association) – aero Æ air-transport industry .aero Æ air transport industry – .cat Æ catalan related – .coop Æ business cooperatives – .jobs Æ job announcements Æ Is there anything special about .com? What about adding goldstein as a gTLD? – .museum Æ museums – .pro Æ accountants, lawyers, and physicians – .travel Æ travel industry • Starting up What about adding .goldstein as a gTLD? Starting up – .mobi Æ mobile phone targeted domains – .post Æ postal – .tel Æ telephone related P d 15-441 © 2008 37 • Proposed – .asia, .cym, .geo, .kid, .mail, .sco, .web, .xxx – Whatever you want! Lecture 13 New Registrars •Network Solutions (NSI) used to handle all registrations, root servers, etc… reg strat ons, root servers, etc… – Clearly not the democratic (Internet) way – Large number of registrars that can create Large number of registrars that can create new domains Æ However NSI still handles A root server 15-441 © 2008 38 Lecture 13 Measurements of DNS •No centralized caching per site •No centralized caching per site – Each machine runs own caching local server – Why is this a problem? y p – How many hosts do we need to share cache? Æ recent studies suggest 10-20 hosts “Hit rate for DNS:1 (#DNS/#connections)Æ80% • Hit rate for DNS:1 - (#DNS/#connections)Æ80% – Is this good or bad? – Most Internet traffic was Web with HTTP 1.0 Most Internet traffic was Web with HTTP 1.0 • What does a typical page look like? Æ average of 4-5 imbedded objects Æ needs 4-5 transfers • This alone accounts for 80% hit rate! f •Lower TTLs for A records does not affect performance 15-441 © 2008 39 •DNS performance really relies more on NS-record caching Lecture 13 Measurements of DNS •No centralized caching per site •No centralized caching per site – Each machine runs own caching local server – Why is this a problem? y p – How many hosts do we need to share cache? Æ recent studies suggest 10-20 hosts “Hit rate for DNS:1 (#DNS/#connections)Æ80% • Hit rate for DNS:1 - (#DNS/#connections)Æ80% – Is this good or bad? – Most Internet traffic was Web with HTTP 1.0 Most Internet traffic was Web with HTTP 1.0 • What does a typical page look like? Æ average of 4-5 imbedded objects Æ needs 4-5 transfers • This alone accounts for 80% hit rate! f •Lower TTLs for A records does not affect performance 15-441 © 2008 40 •DNS performance really relies more on NS-record caching Lecture 13
  • 11.
    Tracing Hierarchy (1) •DigProgram – Allows querying of DNS system fl f d (N ) – Use flags to find name server (NS) – Disable recursion so that operates one step at a time unix> dig +norecurse @a.root-servers.net NS kittyhawk.cmcl.cs.cmu.edu ;; AUTHORITY SECTION: edu 172800 IN NS L3 NSTLD COM Zone TTL edu. 172800 IN NS L3.NSTLD.COM. edu. 172800 IN NS D3.NSTLD.COM. edu. 172800 IN NS A3.NSTLD.COM. edu. 172800 IN NS E3.NSTLD.COM. edu. 172800 IN NS C3.NSTLD.COM. Type edu. 172800 IN NS C3.NSTLD.COM. edu. 172800 IN NS F3.NSTLD.COM. edu. 172800 IN NS G3.NSTLD.COM. edu. 172800 IN NS B3.NSTLD.COM. edu. 172800 IN NS M3.NSTLD.COM. Class Value 15-441 © 2008 41 – All .edu names handled by set of servers edu. 172800 IN NS M3.NSTLD.COM. Lecture 13 Tracing Hierarchy (2) •3 servers handle CMU names unix> dig +norecurse @e3.nstld.com NS kittyhawk.cmcl.cs.cmu.edu ;; AUTHORITY SECTION: ;; AUTHORITY SECTION: cmu.edu. 172800 IN NS CUCUMBER.SRV.cs.cmu.edu. cmu.edu. 172800 IN NS T-NS1.NET.cmu.edu. cmu.edu. 172800 IN NS T-NS2.NET.cmu.edu. 15-441 © 2008 42 Lecture 13 Tracing Hierarchy (3 & 4) •4 servers handle CMU CS names unix> dig +norecurse @t-ns1.net.cmu.edu NS kittyhawk.cmcl.cs.cmu.edu ;; AUTHORITY SECTION: ;; AUTHORITY SECTION: cs.cmu.edu. 86400 IN NS MANGO.SRV.cs.cmu.edu. cs.cmu.edu. 86400 IN NS PEACH.SRV.cs.cmu.edu. cs.cmu.edu. 86400 IN NS BANANA.SRV.cs.cmu.edu. cs.cmu.edu. 86400 IN NS BLUEBERRY.SRV.cs.cmu.edu. •Quasar is master NS for this zone cs.cmu.edu. 86400 IN NS BLUEBERRY.SRV.cs.cmu.edu. Quasar is master NS for this zone unix>dig +norecurse @blueberry.srv.cs.cmu.edu NS kittyhawk.cmcl.cs.cmu.edu 15-441 © 2008 43 ;; AUTHORITY SECTION: cs.cmu.edu. 300 IN SOA QUASAR.FAC.cs.cmu.edu. Lecture 13 DNS (Summary) •Motivations Æ large distributed database – Scalability Scalab l ty – Independent update – Robustness •Hierarchical database structure – Zones – How lookups are done •Caching/prefetching and TTLs •Reverse name lookup •What are the steps to creating your own domain? 15-441 © 2008 44 Lecture 13