The Internet’s Directory Service
DNS: Domain Name System
Copyright By PowCoder代写 加微信 powcoder
people: many identifiers:
IRD #, name, passport #
Typical web browser’s task
Internet hosts, routers:
www.google.co.nz
IP address (32 bit) – used for addressing datagrams
“hostname”, e.g., www.yahoo.com – used by humans
Find IP address
Q: map between IP address and name, and vice versa ?
Make TCP connection request
Send HTTP request
Application 2-2
DNS: Domain Name System What is DNS?
1. DNS is a distributed database implemented in hierarchy of many name servers
DNS servers are typically UNIX machines running the BIND software (Berkeley Internet Name Domain Software)
2. application-layer protocol that allows host to query the distributed database.
The DNS protocol runs over UDP and uses port 53.
host, routers, name servers communicate to resolve names (address/name translation)
provides core Internet function, but implemented as application- layer protocol
https://www.isc.org/downloads/bind/
complexity at network’s “edge”
Uses the client-server paradigm
Application 2-3
RFC 1034, 1035, and updated in other RFCs
DNS services
Why not centralize DNS?
1. hostname to IP address translation
single point of failure
2. host aliasing
Canonical, alias names Example:
distant centralized database
• www.ibm.com (alias)
• www.ibm.com.cs186.net
maintenance
(canonical)
Therefore, a centralised database approach doesn’t scale!
3. mail server aliasing • ibm.com
4. load distribution
among replicated Web servers: set of IP addresses for one canonical name
Application 2-4
traffic volume
Distributed, Hierarchical Database
com DNS servers
org DNS servers Intermediate DNS servers
edu DNS servers
yahoo.com DNS servers
umass.edu DNS servers
Root DNS Servers Root DNS servers
Top-level domain servers
Authoritative DNS servers
amazon.com
DNS servers
DNS servers
DNS servers
Local DNS server
Each ISP also has a Local DNS server (default name server)
Application 2-5
Distributed, Hierarchical Database
com DNS servers
Root DNS Servers org DNS servers
edu DNS servers
yahoo.com DNS servers
amazon.com DNS servers
pbs.org DNS servers
poly.edu DNS servers
umass.edu DNS servers
Intermediate DNS servers
Each ISP also has a Local DNS server (default name server)
client wants IP for www.amazon.com (1st approx description):
client queries a root server to find com DNS server (top-level domain)
client queries com DNS server to get authoritative DNS server for amazon.com
client queries amazon.com DNS server to get IP address for www.amazon.com
DNS query and reply messages are sent within UDP datagrams to port 53. Application 2-6
DNS: Root name servers
First to be contacted by local name server that cannot resolve name
root name server answers requests in the root zone and answers requests for the authoritative name server for the appropriate top- level domain (TLD)
e NASA Mt View, CA
f Internet Software C. Palo Alto, CA (and 36 other locations)
m WIDE Tokyo (also Seoul, Paris, SF)
b USC-ISI Marina del Rey, CA l ICANN Los Angeles, CA
(each “server” is actually a network
a Verisign, Dulles, VA
c Cogent, Herndon, VA (also LA) d U Maryland College Park, MD g US DoD Vienna, VA
h ARL Aberdeen, MD
j Verisign, ( 21 locations)
k RIPE London (also 16 other locations)
http://www.iana.org/domains/root/servers
Application 2-7
https://www.apnic.net/get-ip/faqs/rootservers/
i Autonomica, Stockholm (plus 28 other locations)
13 root name servers worldwide
of replicated servers – 750 root server instances around the world)
IP Anycast
For a DNS root nameserver, anycast provides a service whereby clients send requests to a single address and the network delivers that request to at least one, preferably the closest, server in the root nameserver’s anycast group.
An anycast group is a set of instances that are run by the same organisation and use the same IP address, namely the service address, but are physically different nodes.
2: Application Layer 8
DNS: Root name servers DNS-Root-Servers
Letters IPv4 address A 198.41.0.4
IPv6 address
13 root server IP addresses:
B 192.228.79.201
C 192.33.4.12
2001:503:ba3e::2:30 2001:478:65::53 2001:500:2::c
Cogent Communications
• 13 root servers can be seen from any single location at any given time.
D 199.7.91.13
E 192.203.230.10
F 192.5.5.241
G 192.112.36.4
H 128.63.2.53
2001:500:2d::d
University of Maryland NASA
U.S. DoD NIC
I 192.36.148.17
J 192.58.128.30
K 193.0.14.129
L 199.7.83.42
2001:7FE::53 2001:503:c27::2:30 2001:7fd::1 2001:500:3::42 2001:dc3::35
Sign RIPE NCC ICANN
WIDE Project
M 202.12.27.33
2001:500:2f::f
2001:500:1::803f:235
US Army Research Lab
• Different servers (using the same IP addresses) will be seen from different locations.
https://www.ionos.com/digitalguide/server/know‐how/what‐is‐a‐root‐server‐definition‐and‐background/
Application 2-9
DNS: Root name servers
Copyaverysmalldatabase,thecontentofwhichiscurrentlydecidedby IANA (Internet Assigned Numbers Authority) and US Dept. of Commerce.
http://www.root-servers.org/
Put that database in the servers.
Make the data available to all Internet users.
https://www.netnod.se/i-root
2: Application Layer 10
Report of attempted large-scale
attack on DNS root servers
(occurred in Nov. 2015)
https://root-servers.org/media/news/events-of-20151130.txt
Observations: The DNS root name server system functioned as designed, demonstrating overall robustness in the face of large-scale traffic floods observed at numerous DNS root name servers.
Root servers in NZ
https://root-servers.org/
E.root-servers.net (root-servers.org)
TLD and Authoritative Servers
Top-level domain (TLD) servers:
responsible for com, org, net, edu, aero, jobs, museums, and
all top-level country domains, e.g.: uk, fr, ch, jp, nz
• Network Solutions maintains servers for com TLD • Educause for edu TLD
Authoritative DNS servers:
organization’s DNS servers, providing authoritative hostname to IP mappings for organization’s servers (e.g., Web, mail).
can be maintained by organization or internet service provider
Application 2-13
Local Name Server
does not strictly belong to hierarchy
each ISP (residential ISP, company,
university) has one
also called “default name server”
Located within a LAN, or a few router hops away
when host makes DNS query, query is sent to its local DNS server
acts as proxy, forwards query into hierarchy of DNS servers
You can find your default name server by typing: Ipconfig /all
Application 2-14
DNS in action
What happens when a user wants to view a website (e.g. www.networkutopia.com)?
Let’s trace the sequence of DNS server interaction.
2: Application Layer 15
Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
DNS CLIENT
What is the IP address of www.networkutopia.com?
www.networkutopia.com?
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 16
Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
IP address of www.networkutopia.com?
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 17
Dns2.networkutopia.com Authoritative DNS Server (secondary)
List of IP addresses for TLD COM servers
Requesting host
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
IP address of www.networkutopia.com?
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 18
Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
IP address of www.networkutopia.com?
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 19
Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
5. Resource Records
(networkutopia.com, Dns1.networkutopia.com, NS) (Dns1.networkutopia.com, 212.212.212.1, A)
IP address of www.networkutopia.com?
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 20
Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
– give me a Type A Resource
IP address of www.networkutopia.com?
Destination Record Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
6. What is the IP address of www.networkutopia.com?
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 21
Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
IP address of www.networkutopia.com?
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
7. Type A Resource Record: (www.networkutopia.com, 212.212.71.4, A)
(TLD) DNS Server
Authoritative DNS Server (primary)
Destination Host
Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
8. IP address of www.networkutopia.com is 212.212.71.4
IP address of www.networkutopia.com?
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
(TLD) DNS Server
Authoritative DNS Server (primary)
Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
Destination networkutopia.com
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
IP address of www.networkutopia.com?
9. TCP connection with www.networkutopia.com
(212.212.71.4), HTTP request
2: Application Layer 24
(TLD) DNS Server
Authoritative DNS Server (primary)
IP: 212.212.71.4
Recursive queries
Iterative queries
2: Application Layer 25
DNS name resolution example
root DNS server
host at cis.poly.edu wants IP address for gaia.cs.umass.edu
TLD DNS server
recursive query:
puts burden of name resolution on contacted name server
local DNS server
iterative query:
contacted server replies with name of server to contact
What is the IP address of gaia.cs.umass.edu?
authoritative DNS server
“I don’t know this name, but ask this server”
requesting host
dns.cs.umass.edu
Iterative query sent from dns.poly.edu to root DNS server Iterative query sent from dns.poly.edu to TLD DNS server Iterative query sent from dns.poly.edu to authoritative DNS server
gaia.cs.umass.edu
Recursive query sent from cis.poly.edu to local DNS server
Application 2-26
dns.poly.edu
cis.poly.edu
DNS name resolution example
root DNS server
recursive query:
puts burden of name resolution on contacted name server
heavy load?
local DNS server
All queries sent are recursive in this example.
gaia.cs.umass.edu
dns.poly.edu 5
requesting host
dns.cs.umass.edu
cis.poly.edu
authoritative DNS server
TLD DNS server
Application 2-27
DNS: caching and updating records
once (any) name server learns a mapping, it caches that mapping and sends it to any querying host even if it is not authoritative for the hostname.
TLD servers are typically cached in local name servers
• Thus, root name servers not often visited
cache entries timeout (disappear) after some time (often set to 2 days)
update/notify mechanisms have been added in the DNS protocol, in order to add/delete entries in DNS server database by way of DNS messages.
RFC 2136, RFC 3007
Application 2-28
DNS records
DNS: distributed db storing Resource Records (RR) RR format: (name, value, type, ttl)
name is hostname value is IP Address
e.g. (massey.ac.nz,130.123.10.101,A)
name is domain (e.g., foo.com)
value is hostname of authoritative Name Server for this domain
e.g. (massey.ac.nz, tur-net1.massey.ac.nz, NS)
DNS records
DNS: distributed db storing Resource Records (RR) RR format: (name, value, type, ttl)
Type=CNAME
name is alias name for some “Canonical” (the real) Name
value is canonical name
e.g. (ibm.com, asia3.akam.net, CNAME)
value is canonical name of Mail Exchange Server associated with
alias hostname name Additional info. section
e.g. (ibm.com, e11.ny.us.ibm.com,MX) (e11.ny.us.ibm.com, 129.33.205.201,A)
e.g. (www.ibm.com, www.ibm.com.cs186.net,CNAME)
DNS protocol, messages
DNS protocol : query and reply messages, both with same message format
Header section
identification: 16 bit # for query, reply to query uses same #
query or reply
recursion desired
recursion available reply is authoritative
Application 2-31
DNS protocol, messages
Name, type fields for a query
RRs in response to query
Records of other authoritative servers
RR of other authoritative name servers
additional “helpful” info that may be used
Other helpful RRs (e.g. IP address of canonical MX server)
Application 2-32
Inserting records into DNS
Example: Alice has a new startup company, named “Network Utopia”
1. Alice registers the domain name, networkuptopia.com at DNS
(e.g., Network Solutions)
2. Alice provides names, IP addresses of authoritative name servers (both primary and secondary) to the registrar.
3. Registrar inserts RRs into all com TLD servers: (networkutopia.com, dns1.networkutopia.com, NS) (dns1.networkutopia.com, 212.212.212.1, A)
(networkutopia.com, dns2.networkutopia.com, NS) (dns2.networkutopia.com, 212.212.212.2, A)
4. Alice enters the following RRs into her authoritative DNS servers: Type A record for www.networkuptopia.com (web server)
Type MX, TYPE A records for mail.networkutopia.com (e-mail server) How do people get IP address of Alice’s web site?
Public Information Regarding Internet Domain Name Registration Services: http://www.internic.net/
Internet Corporation for Assigned Names and Numbers (ICANN) accredits the various registrars. Application 2-33
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com