The Internet’s Directory Service
DNS: Domain Name System
Copyright By PowCoder代写 加微信 powcoder
people: many identifiers:
IRD #, name, passport #
Typical web browser’s task
Internet hosts, routers:
www.google.co.nz
IP address (32 bit) – used for addressing datagrams
“hostname”, e.g., www.yahoo.com – used by humans
Find IP address
Q: map between IP address and name, and vice versa ?
Make TCP connection request
Send HTTP request
Application 2-2
DNS: Domain Name System What is DNS?
1. DNS is a distributed database implemented in hierarchy of many name servers
DNS servers are typically UNIX machines running the BIND software (Berkeley Internet Name Domain Software)
2. application-layer protocol that allows host to query the distributed database.
The DNS protocol runs over UDP and uses port 53.
host, routers, name servers communicate to resolve names (address/name translation)
provides core Internet function, but implemented as application- layer protocol
https://www.isc.org/downloads/bind/
complexity at network’s “edge”
Uses the client-server paradigm
Application 2-3
RFC 1034, 1035, and updated in other RFCs
DNS services
Why not centralize DNS?
1. hostname to IP address translation
single point of failure
2. host aliasing
Canonical, alias names Example:
distant centralized database
• www.ibm.com (alias)
• www.ibm.com.cs186.net
maintenance
(canonical)
Therefore, a centralised database approach doesn’t scale!
3. mail server aliasing • ibm.com
4. load distribution
among replicated Web servers: set of IP addresses for one canonical name
Application 2-4
traffic volume
Distributed, Hierarchical Database
com DNS servers
org DNS servers Intermediate DNS servers
edu DNS servers
yahoo.com DNS servers
umass.edu DNS servers
Root DNS Servers Root DNS servers
Top-level domain servers
Authoritative DNS servers
amazon.com
DNS servers
DNS servers
DNS servers
Local DNS server
Each ISP also has a Local DNS server (default name server)
Application 2-5
Distributed, Hierarchical Database
com DNS servers
Root DNS Servers org DNS servers
edu DNS servers
yahoo.com DNS servers
amazon.com DNS servers
pbs.org DNS servers
poly.edu DNS servers
umass.edu DNS servers
Intermediate DNS servers
Each ISP also has a Local DNS server (default name server)
client wants IP for www.amazon.com (1st approx description):
client queries a root server to find com DNS server (top-level domain)
client queries com DNS server to get authoritative DNS server for amazon.com
client queries amazon.com DNS server to get IP address for www.amazon.com
DNS query and reply messages are sent within UDP datagrams to port 53. Application 2-6
DNS: Root name servers
First to be contacted by local name server that cannot resolve name
root name server answers requests in the root zone and answers requests for the authoritative name server for the appropriate top- level domain (TLD)
e NASA Mt View, CA
f Internet Software C. Palo Alto, CA (and 36 other locations)
m WIDE Tokyo (also Seoul, Paris, SF)
b USC-ISI Marina del Rey, CA l ICANN Los Angeles, CA
(each “server” is actually a network
a Verisign, Dulles, VA
c Cogent, Herndon, VA (also LA) d U Maryland College Park, MD g US DoD Vienna, VA
h ARL Aberdeen, MD
j Verisign, ( 21 locations)
k RIPE London (also 16 other locations)
http://www.iana.org/domains/root/servers
Application 2-7
https://www.apnic.net/get-ip/faqs/rootservers/
i Autonomica, Stockholm (plus 28 other locations)
13 root name servers worldwide
of replicated servers – 750 root server instances around the world)
DNS: Root name servers DNS-Root-Servers
Letters IPv4 address A 198.41.0.4
IPv6 address
13 root server IP addresses:
B 192.228.79.201
C 192.33.4.12
2001:503:ba3e::2:30 2001:478:65::53 2001:500:2::c
Cogent Communications
• 13 root servers can be seen from any single location at any given time.
D 199.7.91.13
E 192.203.230.10
F 192.5.5.241
G 192.112.36.4
H 128.63.2.53
2001:500:2d::d
University of Maryland NASA
U.S. DoD NIC
I 192.36.148.17
J 192.58.128.30
K 193.0.14.129
L 199.7.83.42
2001:7FE::53 2001:503:c27::2:30 2001:7fd::1 2001:500:3::42 2001:dc3::35
Sign RIPE NCC ICANN
WIDE Project
M 202.12.27.33
2001:500:2f::f
2001:500:1::803f:235
US Army Research Lab
• Different servers (using the same IP addresses) will be seen from different locations.
https://www.ionos.com/digitalguide/server/know‐how/what‐is‐a‐root‐server‐definition‐and‐background/
Application 2-8
DNS: Root name servers
Copyaverysmalldatabase,thecontentofwhichiscurrentlydecidedby IANA (Internet Assigned Numbers Authority) and US Dept. of Commerce.
http://www.root-servers.org/
Put that database in the servers.
Make the data available to all Internet users.
https://www.netnod.se/i-root
2: Application Layer 9
Root servers in NZ
https://root-servers.org/
E.root-servers.net (root-servers.org)
2: Application Layer 10
TLD and Authoritative Servers
Top-level domain (TLD) servers:
responsible for com, org, net, edu, aero, jobs, museums, and
all top-level country domains, e.g.: uk, fr, ch, jp, nz
• Network Solutions maintains servers for com TLD • Educause for edu TLD
Authoritative DNS servers:
organization’s DNS servers, providing authoritative hostname to IP mappings for organization’s servers (e.g., Web, mail).
can be maintained by organization or internet service provider
Application 2-11
Local Name Server
does not strictly belong to hierarchy
each ISP (residential ISP, company,
university) has one
also called “default name server”
Located within a LAN, or a few router hops away
when host makes DNS query, query is sent to its local DNS server
acts as proxy, forwards query into hierarchy of DNS servers
You can find your default name server by typing: Ipconfig /all
Application 2-12
DNS in action
What happens when a user wants to view a website (e.g. www.networkutopia.com)?
Let’s trace the sequence of DNS server interaction.
2: Application Layer 13
Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
DNS CLIENT
What is the IP address of www.networkutopia.com?
www.networkutopia.com?
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 14
Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
IP address of www.networkutopia.com?
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 15
Dns2.networkutopia.com Authoritative DNS Server (secondary)
List of IP addresses for TLD COM servers
Requesting host
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
IP address of www.networkutopia.com?
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 16
Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
IP address of www.networkutopia.com?
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 17
Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
5. Resource Records
(networkutopia.com, Dns1.networkutopia.com, NS) (Dns1.networkutopia.com, 212.212.212.1, A)
IP address of www.networkutopia.com?
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 18
Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
– give me a Type A Resource
IP address of www.networkutopia.com?
Destination Record Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
6. What is the IP address of www.networkutopia.com?
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 19
Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
IP address of www.networkutopia.com?
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
7. Type A Resource Record:
(www.networkutopia.com, 212.212.71.4, A)
(TLD) DNS Server
Authoritative DNS Server (primary)
Destination Host
2: Application Layer 20
Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
8. IP address of www.networkutopia.com is 212.212.71.4
IP address of www.networkutopia.com?
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 21
Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
Destination networkutopia.com
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
IP address of www.networkutopia.com?
9. TCP connection with www.networkutopia.com
(212.212.71.4), HTTP request
2: Application Layer 22
(TLD) DNS Server
Authoritative DNS Server (primary)
IP: 212.212.71.4
Recursive queries
Iterative queries
2: Application Layer 23
DNS name resolution example
root DNS server
host at cis.poly.edu wants IP address for gaia.cs.umass.edu
TLD DNS server
recursive query:
puts burden of name resolution on contacted name server
local DNS server
iterative query:
contacted server replies with name of server to contact
What is the IP address of gaia.cs.umass.edu?
authoritative DNS server
“I don’t know this name, but ask this server”
requesting host
dns.cs.umass.edu
Iterative query sent from dns.poly.edu to root DNS server Iterative query sent from dns.poly.edu to TLD DNS server Iterative query sent from dns.poly.edu to authoritative DNS server
gaia.cs.umass.edu
Recursive query sent from cis.poly.edu to local DNS server
Application 2-24
dns.poly.edu
cis.poly.edu
DNS name resolution example
root DNS server
recursive query:
puts burden of name resolution on contacted name server
heavy load?
local DNS server
All queries sent are recursive in this example.
gaia.cs.umass.edu
dns.poly.edu 5
requesting host
dns.cs.umass.edu
cis.poly.edu
authoritative DNS server
TLD DNS server
Application 2-25
DNS: caching and updating records
once (any) name server learns a mapping, it caches that mapping and sends it to any querying host even if it is not authoritative for the hostname.
TLD servers are typically cached in local name servers
• Thus, root name servers not often visited
cache entries timeout (disappear) after some time (often set to 2 days)
update/notify mechanisms have been added in the DNS protocol, in order to add/delete entries in DNS server database by way of DNS messages.
RFC 2136, RFC 3007
Application 2-26
DNS records
DNS: distributed db storing Resource Records (RR) RR format: (name, value, type, ttl)
name is hostname value is IP Address
e.g. (massey.ac.nz,130.123.10.101,A)
name is domain (e.g., foo.com)
value is hostname of authoritative Name Server for this domain
e.g. (massey.ac.nz, tur-net1.massey.ac.nz, NS)
DNS records
DNS: distributed db storing Resource Records (RR) RR format: (name, value, type, ttl)
Type=CNAME
name is alias name for some “Canonical” (the real) Name
value is canonical name
e.g. (ibm.com, asia3.akam.net, CNAME)
value is canonical name of Mail Exchange Server associated with
alias hostname name Additional info. section
e.g. (ibm.com, e11.ny.us.ibm.com,MX) (e11.ny.us.ibm.com, 129.33.205.201,A)
e.g. (www.ibm.com, www.ibm.com.cs186.net,CNAME)
DNS protocol, messages
DNS protocol : query and reply messages, both with same message format
Header section
identification: 16 bit # for query, reply to query uses same #
query or reply
recursion desired
recursion available reply is authoritative
Application 2-29
DNS protocol, messages
Name, type fields for a query
RRs in response to query
Records of other authoritative servers
RR of other authoritative name servers
additional “helpful” info that may be used
Other helpful RRs (e.g. IP address of canonical MX server)
Application 2-30
Inserting records into DNS
Example: Alice has a new startup company, named “Network Utopia”
1. Alice registers the domain name, networkuptopia.com at DNS
(e.g., Network Solutions)
2. Alice provides names, IP addresses of authoritative name servers (both primary and secondary) to the registrar.
3. Registrar inserts RRs into all com TLD servers: (networkutopia.com, dns1.networkutopia.com, NS) (dns1.networkutopia.com, 212.212.212.1, A)
(networkutopia.com, dns2.networkutopia.com, NS) (dns2.networkutopia.com, 212.212.212.2, A)
4. Alice enters the following RRs into her authoritative DNS servers: Type A record for www.networkuptopia.com (web server)
Type MX, TYPE A records for mail.networkutopia.com (e-mail server) How do people get IP address of Alice’s web site?
Public Information Regarding Internet Domain Name Registration Services: http://www.internic.net/
Internet Corporation for Assigned Names and Numbers (ICANN) accredits the various registrars. Application 2-31
Interact with DNS
ipconfig
nslookup
WireShark
dns.cpp – our own C/C++ code
2: Application Layer 32
Useful commands
ipconfig /all
ipconfig /displaydns ipconfig /flushdns
Display DNS server address, adapter type, etc.
nslookup [–option1 –option2] hostname_to_find [dns_server]
If not set, by default, the local DNS is queried
nslookup -debug -type=MX ibm.com
clear DNS cache
Display cached DNS resource records
2: Application Layer 33
C:\>nslookup -query=cname www.ibm.com
Server: UnKnown
Address: fe80::1
Non-authoritative answer:
www.ibm.com canonical name = www.ibm.com.cs186.net
Canonical name
2: Application Layer 34
C:\testFTP>nslookup -query=A google.co.nz
Server: vodafone.station
Address: 192.168.1.1
Non-authoritative answer:
Name: google.co.nz
Addresses: 203.118.143.245
203.118.143.231
203.118.143.238
203.118.143.216
203.118.143.237
203.118.143.244
203.118.143.251
203.118.143.210
203.118.143.230
203.118.143.223
203.118.143.224
203.118.143.217
Cached information is discarded after about 2 days.
2: Application Layer 35
What are the authoritative name servers for the domain google.com?
C:\testFTP>nslookup-query=nsgoogle.com Server: vodafone.station
Address: 192.168.1.1
Non-authoritative answer:
google.com google.com google.com google.com
nameserver = ns1.google.com nameserver = ns2.google.com nameserver = ns4.google.com nameserver = ns3.google.com
ns1.google.com internet address = 216.239.32.10 ns2.google.com internet address = 216.239.34.10 ns3.google.com internet address = 216.239.36.10 ns4.google.com internet address = 216.239.38.10
2: Application Layer 36
What is the authoritative name server for www.google.co.nz?
C:\testFTP>nslookup -query=ns www.google.co.nz
Server: vodafone.station
Address: 192.168.1.1
google.co.nz
primary name server = ns4.google.com
responsible mail addr = dns-admin.google.com
serial = 99671936
refresh = 900 (15 mins)
retry = 900 (15 mins)
expire = 1800 (30 mins)
default TTL = 60 (1 min)
2: Application Layer 37
What is the canonical name for the alias www.gmail.com?
To Query MX (Mail Exchange) record.
C:\Users\nhreyes>nslookup -query=mx www.gmail.com
Server: UnKnown
Address: 192.168.1.1
Non-authoritative answer:
www.gmail.com canonical name = mail.google.com
mail.google.com canonical name = googlemail.l.google.com
l.google.com
primary name server = ns4.google.com
responsible mail addr = dns-admin.google.com
serial = 1549677
refresh = 900 (15 mins)
retry = 900 (15 mins)
expire = 1800 (30 mins)
default TTL = 60 (1 min)
2: Application Layer 38
nslookup -query=mx gmail.com
We can see here that successive DNS translation requests
returned a different ordering of the replicated servers.
C:\Users\nhreyes>nslookup -query=mx gmail.com Server: alb-net1.massey.ac.nz
Address: 130.123.104.53
C:\Users\nhreyes>nslookup -query=mx gmail.com Server: alb-net1.massey.ac.nz
Address: 130.123.104.53
Non-authoritative answer:
Non-authoritative answer:
gmail.com gmail.com gmail.com gmail.com gmail.com
MX preference = 30, mail exchanger = alt3.gmail-smtp-in.l.google.com MX preference = 5, mail exchanger = gmail-smtp-in.l.google.com
MX preference = 40, mail exchanger = alt4.gmail-smtp-in.l.google.com MX preference = 20, mail exchanger = alt2.gmail-smtp-in.l.google.com MX preference = 10, mail exchanger = alt1.gmail-smtp-in.l.google.com
gmail.com gmail.com gmail.com gmail.com gmail.com
MX preference = 5, mail exchanger = gmail-smtp-in.l.google.com
MX preference = 40, mail exchanger = alt4.gmail-smtp-in.l.google.com MX preference = 20, mail exchanger = alt2.gmail-smtp-in.l.google.com MX preference = 10, mail exchanger = alt1.gmail-smtp-in.l.google.com MX preference = 30, mail exchanger = alt3.gmail-smtp-in.l.google.com
nameserver = ns4.google.com nameserver = ns2.google.com nameserver = ns3.google.com nameserver = ns1.google.com
ns2.google.com internet address = 216.239.34.10 ns1.google.com internet address = 216.239.32.10 ns3.google.com internet address = 216.239.36.10 ns4.google.com internet address = 216.239.38.10
ns2.google.com internet address = 216.239.34.10 ns1.google.com internet address = 216.239.32.10 ns3.google.com internet address = 216.239.36.10 ns4.google.com internet address = 216.239.38.10
nameserver = ns2.google.com nameserver = ns4.google.com nameserver = ns3.google.com nameserver = ns1.google.com
2: Application Layer 39
Test DNS using our own C++
Compare the results with the one returned by (nslookup www.google.co.nz)
dns www.google.co.nz 80 ipv4
dns www.google.co.nz 80 ipv6
dns loopback 80 ipv4
dns loopback 80 ipv6
2: Application Layer 40
Test DNS using our own C++ codes
C:\>dns www.google.co.nz 80 ipv6
Translation results: IP: 2404:6800:4006:802::2003, IPv6 at port: 80
DNS CLIENT is shutting down…
C:\>dns www.google.co.nz 80 ipv4
Translation results: IP: 210.7.45.53, IPv4 at port: 80 DNS CLIENT is shutting down…
Test for IPv6 connectivity: http://ipv6-test.com/
2: Application Layer 41
WireShark + Our C codes
Let’s see what can we extract using WireShark when running our C/C++ code (dns.cpp):
dns www.ibm.com 80 ipv4 Results returned by our codes:
Translation results:
IP address: 23.222.88.13, IPv4 at port: 80
Some useful information about the querying host: IP origin host=130.123.249.2
DNS servers
130.123.104.53 130.123.107.2 130.123.128.16
2: Application Layer 42
Exercise using Wireshark
Use ipconfig /flushdns to empty the DNS cache in your mac
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com