4.Application_Part2
Application Layer (DNS, P2P, Video
Streaming and CDN)
Computer Networks and Applications
Week 3
COMP 3331/COMP 9331
Reading Guide: Chapter 2, Sections 2.4 -2.7
2
Application Layer: outline
2.1 principles of network
applications
2.2 Web and HTTP
2.3 electronic mail
• SMTP, POP3, IMAP
2.4 DNS
2.5 P2P applications
2.6 video streaming and
content distribution
networks (CDNs)
2.7 socket programming
with UDP and TCP
Pure P2P architecture
v no always-on server
v arbitrary end systems
directly communicate
v peers are intermittently
connected and change IP
addresses
examples:
§ file distribution
(BitTorrent)
§ Streaming (KanKan)
§ VoIP (Skype)
§ Cryptocurrency
(BitCoin)
3
File distribution: client-server vs P2P
Question: how much time to distribute file (size F) from
one server to N peers?
§ peer upload/download capacity is limited resource
us
uN
dN
server
network (with abundant
bandwidth)
file, size F
us: server upload
capacity
ui: peer i upload
capacity
di: peer i download
capacityu2 d2
u1 d1
di
ui
4
File distribution time: client-server
v server transmission: must
send (upload) N file copies:
§ time to send one copy: F/us
§ time to send N copies: NF/us
increases linearly in N
time to distribute F
to N clients using
client-server approach Dc-s > max{NF/us,,F/dmin}
v client: each client must
download file copy
§ dmin = min client download
rate
§ client download time: F/dmin
us
network
di
ui
F
5
File distribution time: P2P
v server transmission: must
upload at least one copy
§ time to send one copy: F/us
time to distribute F
to N clients using
P2P approach
us
network
di
ui
F
DP2P > max{F/us,,F/dmin,,NF/(us + Sui)}
v client: each client must
download file copy
§ client download time: F/dmin
v clients: as aggregate must download NF bits
§ max upload rate (limiting max download rate) is us + Sui
… but so does this, as each peer brings service capacity
increases linearly in N …
6
N
i=1
0
0.5
1
1.5
2
2.5
3
3.5
0 5 10 15 20 25 30 35
N
M
in
im
um
D
is
tr
ib
ut
io
n
T
im
e P2P
Client-Server
Client-server vs. P2P: example
client upload rate = u, F/u = 1 hour, us = 10u
7
P2P file distribution: BitTorrent
tracker: tracks peers
participating in torrent
torrent: group of peers
exchanging chunks of a file
Alice arrives …
v file divided into 256KB chunks
v peers in torrent send/receive file chunks
… obtains list
of peers from tracker
… and begins exchanging
file chunks with peers in torrent
8
.torrent files
v Contains address of trackers for the file
§ Where can I find other peers?
v Contain a list of file chunks and their
cryptographic hashes
§ This ensures that chunks are not modified
9
Title Trackers
The Boys Season 2 Tracker1-url
Walking Dead Season 10 Tracker2-url
Game of Thrones Season 8 Tracker2-url,Tracker3-url
v peer joining torrent:
§ has no chunks, but will
accumulate them over time
from other peers
§ registers with tracker to get
list of peers, connects to
subset of peers
(“neighbours”)
P2P file distribution: BitTorrent
v while downloading, peer uploads chunks to other peers
v peer may change peers with whom it exchanges chunks
v churn: peers may come and go
v once peer has entire file, it may (selfishly) leave or
(altruistically) remain in torrent
10
BitTorrent: requesting, sending file chunks
requesting chunks:
v at any given time, different
peers have different subsets
of file chunks
v periodically, Alice asks each
peer for list of chunks that
they have
v Alice requests missing
chunks from peers, rarest
first
v Q: Why rarest first?
sending chunks: tit-for-tat
v Alice sends chunks to those
four peers currently sending her
chunks at highest rate
§ other peers are choked by Alice
(do not receive chunks from her)
§ re-evaluate top 4 every10 secs
v every 30 secs: randomly select
another peer, starts sending
chunks
§ “optimistically unchoke” this peer
§ newly chosen peer may join top 4
11
BitTorrent: tit-for-tat
(1) Alice “optimistically unchokes” Bob
(2) Alice becomes one of Bob’s top-four providers; Bob reciprocates
(3) Bob becomes one of Alice’s top-four providers
higher upload rate: find better
trading partners, get file faster !
Original Research Paper on BitTorrent added to lecture notes: NOT MANDATORY READING
12
Distributed Hash Table (DHT)
v DHT: a distributed P2P database
v database has (key, value) pairs; examples:
§ key: TFN number; value: human name
§ key: file name; value: IP addresses of peers (BT Tracker)
v Distribute the (key, value) pairs over many peers
v a peer queries DHT with key
§ DHT returns values that match the key
v peers can also insert (key, value) pairs
13
Content available in 6th Edition of the textbook Section 2.6.2, Added to Lecture Notes
Q: how to assign keys to peers?
v basic idea:
§ convert each key to an integer
§ Assign integer value to each peer
§ put (key, value) pair in the peer that is closest to the
key
14
DHT identifiers: Consistent Hashing
v assign integer identifier to each peer in range [0,2n-1]
for some n-bit hash function
§ E.g., node ID is hash of its IP address
v require each key to be an integer in same range
v to get integer key, hash original key
§ e.g., key = hash(“The Boys Season 2”)
§ therefore, it is referred to as a distributed “hash” table
15
Assign keys to peers
v rule: assign key to the peer that has the closest ID.
v common convention: closest is the immediate
successor of the key.
v e.g., n=4; all peers & key identifiers are in the
range [0-15], peers: 1,3,4,5,8,10,12,14;
§ key = 13, then successor peer = 14
§ key = 15, then successor peer = 1
16
Question: How is the peer-to-peer network organised?
One way could be to require each peer to be aware of every other peer,
but this would not scale.
1
3
4
5
8
10
12
15
Circular DHT (1)
v each peer only aware of immediate successor and
predecessor.
v “overlay network”
17
1
3
4
5
8
10
12
15
Who’s responsible
for key 14?
I am
14?
14?
14?
14?
14?
14?
Define closest
as closest
successor
Circular DHT (2)
18
v Each peer maintains 2 neighbours
v In this example, 6 query messages are sent
v Worst case: N messages, Average: N/2 messages
Circular DHT with shortcuts
v each peer keeps track of IP addresses of predecessor,
successor, short cuts
v reduced from 6 to 2 messages.
v possible to design shortcuts so O(log N) neighbours, O(log N)
messages in query
1
3
4
5
8
10
12
15
Who’s responsible
for key 14?
19
3 has shortcut to 8
8 has shortcut to 15
and so on
Peer churn
example: peer 5 abruptly leaves
vpeer 4 detects peer 5 departure; makes 8 its immediate
successor; asks 8 who its immediate successor is; makes
8’s immediate successor its second successor.
1
3
4
5
8
10
12
15
handling peer churn:
vpeers may come and go (churn)
veach peer knows address of its two
successors
veach peer periodically pings its
two successors to check aliveness
vif immediate successor leaves,
choose next successor as new
immediate successor
20
More DHT info
v How do nodes join?
v How does cryptographic hashing work?
v How much state does each node store?
21
Research Papers (on the webpage):
Chord: A Scalable Peer-to-Peer Lookup Service for Internet Applications
NOT MANDATORY READING
v BitTorrent uses tit-for-tat in each round to
a) Determine which chunks to download
b) Determine from which peers to download
chunks
c) Determine to which peers to upload chunks
d) Determine which peers to report to the tracker
as uncooperative
e) Determine whether or how long it should stay
after completing download
22
Quiz: BitTorrent
www.zeetings.com/salil
Answer: c
v Suppose Todd joins a BitTorrent torrent, but he
does not want to upload any data to any other
peers. Todd claims that he can receive a complete
copy of the file that is shared by the swarm. Is
Todd’s claim possible? Why or Why not (one
short sentences)?
23
Quiz: BitTorent
www.zeetings.com/salil
ANSWER: Yes. Todd may receive chunks through
the optimistic unchoke process. However, it will
take Todd a much longer time to obtain the file.
24
Application Layer: outline
2.1 principles of network
applications
2.2 Web and HTTP
2.3 electronic mail
• SMTP, POP3, IMAP
2.4 DNS
2.5 P2P applications
2.6 video streaming and
content distribution
networks (CDNs)
2.7 socket programming
with UDP and TCP
25
Video Streaming and CDNs: context
• Netflix, YouTube: 37%, 16% of downstream
residential ISP traffic
• ~1.8B YouTube users, ~140M Netflix users
§ challenge: scale – how to reach ~2B
users?
• single mega-video server won’t work (why?)
§ challenge: heterogeneity
§ different users have different capabilities (e.g.,
wired versus mobile; bandwidth rich versus
bandwidth poor)
§ solution: distributed, application-level
infrastructure
§ video traffic: major consumer of Internet bandwidth
v video: sequence of images
displayed at constant rate
§ e.g., 24 images/sec
v digital image: array of pixels
§ each pixel represented
by bits
v coding: use redundancy
within and between images
to decrease # bits used to
encode image
§ spatial (within image)
§ temporal (from one
image to next)
Multimedia: video
……………………..
spatial coding example: instead
of sending N values of same
color (all purple), send only two
values: color value (purple) and
number of repeated values (N)
……………….…….
frame i
frame i+1
temporal coding example:
instead of sending
complete frame at i+1,
send only differences from
frame i
26
Multimedia: video
§ CBR: (constant bit rate):
video encoding rate fixed
§ VBR: (variable bit rate):
video encoding rate changes
as amount of spatial,
temporal coding changes
§ examples:
• MPEG 1 (CD-ROM) 1.5
Mbps
• MPEG2 (DVD) 3-6 Mbps
• MPEG4 (often used in
Internet, < 1 Mbps)
……………………..
spatial coding example: instead
of sending N values of same
color (all purple), send only two
values: color value (purple) and
number of repeated values (N)
……………….…….
frame i
frame i+1
temporal coding example:
instead of sending
complete frame at i+1,
send only differences from
frame i
27
Streaming stored video:
simple scenario:
video server
(stored video)
client
Internet
28
Streaming multimedia: DASH
v DASH: Dynamic, Adaptive Streaming over HTTP
v server:
§ divides video file into multiple chunks
§ each chunk stored, encoded at different rates
§ manifest file: provides URLs for different chunks
v client:
§ periodically measures server-to-client bandwidth
§ consulting manifest, requests one chunk at a time
• chooses maximum coding rate sustainable given current
bandwidth
• can choose different coding rates at different points in
time (depending on available bandwidth at time)
29
Streaming multimedia: DASH
v DASH: Dynamic, Adaptive Streaming over HTTP
v “intelligence” at client: client determines
§ when to request chunk (so that buffer starvation, or overflow
does not occur)
§ what encoding rate to request (higher quality when more
bandwidth available)
§ where to request chunk from (can request from URL server that is
“close” to client or has high available bandwidth)
30
Content Distribution Networks (CDNs)
§ challenge: how to stream content (selected from
millions of videos) to hundreds of thousands of
simultaneous users?
§ option 1: single, large “mega-server”
• single point of failure
• point of network congestion
• long path to distant clients
• multiple copies of video sent over outgoing link
….quite simply: this solution doesn’t scale
31
Content Distribution Networks (CDNs)
v challenge: how to stream content (selected from
millions of videos) to hundreds of thousands of
simultaneous users?
v option 2: store/serve multiple copies of videos at
multiple geographically distributed sites (CDN)
§ enter deep: push CDN servers deep into many access
networks
• close to users
• used by Akamai, thousands of locations
§ bring home: smaller number (10’s) of larger clusters in IXPs
near (but not within) access networks
• used by Limelight
32
An example
33
Many well-known
sites are hosted by
CDNs. A simple
way to check using
dig is shown here.
Content Distribution Networks (CDNs)
…
…
……
…
…
§ subscriber requests content from CDN
§ CDN: stores copies of content at CDN nodes
• e.g., Netflix stores copies of MadMen
where’s Madmen?
manifest file
• directed to nearby copy, retrieves content
• may choose different copy if network path congested
34
CDN content access: a closer look
Bob (client) requests video http://video.netcinema.com/6Y7B23V
§ video stored in CDN at managed by KingCDN.com
www.netcinema.com
KingCDN.com
1
1. Bob gets URL for video
http://video.netcinema.com/6Y7B23V
from www.netcinema.com
2
2. resolve http://video.netcinema.com
via Bob’s local DNS
netcinema’s
authoratative DNS
3
3. netcinema’s DNS returns
http://a1105.KingCDN.com/
4
4&5. Resolve
http://a1105.KingCDN.com
via KingCDN’s authoritative DNS,
which returns IP address of KingCDN
server with video
56. request video
6Y7B23V from
KingCDN server,
streamed via HTTP
KingCDN
authoritative DNS
Bob’s
local DNS
server
35
Case study: Netflix
1
1. Bob manages
Netflix account
Netflix registration,
accounting servers
Amazon cloud
CDN
server
2
2. Bob browses
Netflix video
3
3. Manifest file
returned for
requested video
4. DASH
streaming
upload copies of
multiple versions of
video to CDN servers
CDN
server
CDN
server
36
Uses Push caching (during offpeak)
Preference to “deep inside” followed by “bring home”
NetFlix servers (snap shot from Jan 2018)
37
Researchers from Queen Mary University of London (QMUL) traced
server names that are sent to a user's computer every time they
play content on Netflix to find the location of the 8492 servers (4152 ISP,
4340 IXP).They have been found to be scattered across 578
locations around the world.
v The role of the CDN provider’s authoritative DNS
name server in a content distribution network, simply
described, is:
a) to provide an alias address for each browser
access to the “origin server” of a CDN website
b) to map the query for each CDN object to the
CDN server closest to the requestor (browser)
c) to provide a mechanism for CDN “origin
servers” to provide paths for clients (browsers)
d) none of the above, CDN networks do not use
DNS
38
Quiz: CDN
www.zeetings.com/salil
2. Application Layer: outline
2.1 principles of network
applications
§ app architectures
§ app requirements
2.2 Web and HTTP
2.3 electronic mail
§ SMTP, POP3, IMAP
2.4 DNS
2.5 P2P applications
2.6 video streaming and
content distribution
networks (CDNs)
2.7 socket programming
with UDP and TCP
39
Please see example code (C, Java, Python) on course website
Labs 2 & 3 will include a socket programming exercise
Socket programming
goal: learn how to build client/server applications that
communicate using sockets
socket: door between application process and end-
end-transport protocol
Internet
controlled
by OS
controlled by
app developer
transport
application
physical
link
network
process
transport
application
physical
link
network
process
socket
40
Socket programming with UDP
UDP: no “connection” between client & server
v no handshaking before sending data
v sender explicitly attaches IP destination address and
port # to each packet
v rcvr extracts sender IP address and port# from
received packet
UDP: transmitted data may be lost or received
out-of-order
Application viewpoint:
v UDP provides unreliable transfer of groups of bytes
(“datagrams”) between client and server
41
Pseudo code UDP client
v Create socket
v Loop
§ (Send UDP datagram to known port and IP addr of server)
§ (Receive UDP datagram as a response from server)
v Close socket
42
Pseudo code UDP server
v Create socket
v Bind socket to a specific port where clients can
contact you
v Loop
§ (Receive UDP datagram from client X)
§ (Send UDP datagram as reply to client X)
v Close socket
43
Note: The IP address and port number of the client must be
extracted from the client’s message
Socket programming with TCP
client must contact server
v server process must first be
running
v server must have created
socket (door) that
welcomes client’s contact
client contacts server by:
v Creating TCP socket,
specifying IP address, port
number of server process
v when client creates socket:
client TCP establishes
connection to server TCP
v when contacted by client,
server TCP creates new socket
for server process to
communicate with that
particular client
§ allows server to talk with
multiple clients
§ client-side port numbers
used to distinguish clients
(more later)
TCP provides reliable, in-order
byte-stream transfer (“pipe”)
between client and server
application viewpoint:
44
TCP Sockets
45
Pseudo code TCP client
v Create socket (ConnectionSocket)
v Do an active connect specifying the IP address
and port number of server
v Read and write data into ConnectionSocket to
communicate with client
v Close ConnectionSocket
46
Pseudo code TCP server
v Create socket (WelcomingSocket)
v Bind socket to a specific port where clients can
contact you
v Register with the OS your willingness to listen on
that socket for clients to contact you
v Loop
§ Accept new connection(ConnectionSocket)
§ Read and write data into ConnectionSocket to
communicate with client
§ Close ConnectionSocket
v Close WelcomingSocket
47
Queues
v While the server socket is busy, incoming
connection requests are stored in a queue
v Once the queue fills up, further incoming
connections are refused
v This is clearly a problem
§ Example: HTTP servers
v Solution
§ Concurrency
48
Concurrent TCP Servers
v Benefit comes in ability to hand off interaction
with a client to another process
v Parent process creates the WelcomingSocket and
waits for clients to request connection
v When a connection request is received, fork off a
child process to handle that connection so that
the parent process can return to waiting for
connections as soon as possible
v Multithreaded server: same idea, just spawn off
another thread rather than a process
49
2. Application Layer: outline
2.1 principles of network
applications
§ app architectures
§ app requirements
2.2 Web and HTTP
2.3 electronic mail
§ SMTP, POP3, IMAP
2.4 DNS
2.5 P2P applications
2.6 video streaming and
content distribution
networks (CDNs)
2.7 socket programming
with UDP and TCP
A nice overview https://www.thegeeksearch.com/beginners-guide-to-dns/
50
DNS: domain name system
people: many identifiers:
§ TFN, name, passport #
Internet hosts, routers:
§ IP address (32 bit) -
used for addressing
datagrams
§ “name”, e.g.,
www.yahoo.com -
used by humans
Q: how to map between IP
address and name, and
vice versa ?
Domain Name System:
v distributed database
implemented in hierarchy of
many name servers
v application-layer protocol: hosts,
name servers communicate to
resolve names (address/name
translation)
§ note: core Internet function,
implemented as application-
layer protocol
§ complexity at network’s
“edge”
51
DNS: History
v Initially all host-address mappings were in a hosts.txt file (in
/etc/hosts):
§ Maintained by the Stanford Research Institute (SRI)
§ Changes were submitted to SRI by email
§ New versions of hosts.txt periodically FTP’d from SRI
§ An administrator could pick names at their discretion
v As the Internet grew this system broke down:
§ SRI couldn’t handle the load; names were not unique; hosts had inaccurate
copies of hosts.txt
v The Domain Name System (DNS) was invented to fix this
52
Jon Postel
http://www.wired.com/2012/10/joe-postel/
DNS: services, structure
why not centralize DNS?
v single point of failure
v traffic volume
v distant centralized database
v maintenance
DNS services
v hostname to IP address
translation
v Indirection
v host aliasing
§ canonical, alias names
v mail server aliasing
v load distribution
§ replicated Web servers: many
IP addresses correspond to
one name
§ Content Distribution
Networks: use IP address of
requesting host to find best
suitable server
• Example: closest, least-
loaded, etc.
A: doesn’t scale!
53
Goals
v No naming conflicts (uniqueness)
v Scalable
§ many names
§ (secondary) frequent updates
v Distributed, autonomous administration
§ Ability to update my own (domains’) names
§ Don’t have to track everybody’s updates
v Highly available
v Lookups should be fast
54
Key idea: Hierarchy
Three intertwined hierarchies
§ Hierarchical namespace
• As opposed to original flat namespace
§ Hierarchically administered
• As opposed to centralised
§ (Distributed) hierarchy of servers
• As opposed to centralised storage
55
Hierarchical Namespace
v “Top Level Domains” are at the top
v Domains are sub-trees
§ E.g: .edu., berkeley.edu., eecs.berkeley.edu.
v Name is leaf-to-root path
§ instr.eecs.berkeley.edu.
v Depth of tree is arbitrary (limit 128)
v Name collisions trivially avoided
§ each domain is responsible
root
edu com gov mil org net uk fr
berkeley ucla
eecs sims
instr
…
56
57
Hierarchical Administration
root
edu com gov mil org net uk fr
berkeley ucla
eecs sims
instr
root
edu com gov mil org net uk fr
berkeley
eecs sims
§ A zone corresponds to a distinct contiguous portion of
the DNS name space that is managed by an
administrative authority
§ E.g., UCB controls names: *.berkeley.edu and
*.sims.berkeley.edu
v E.g., EECS controls names: *.eecs.berkeley.edu
Authoritative NS
Server Hierarchy
v Top of hierarchy: Root servers
§ Location hardwired into other servers
v Next Level: Top-level domain (TLD) servers
§ .com, .edu, etc. (several new TLDs introduced recently)
§ Managed professionally
v Bottom Level: Authoritative DNS servers
§ Store the name-to-address mapping
§ Maintained by the corresponding administrative authority
58
Server Hierarchy
v Each server stores a (small!) subset of the total DNS database
v An authoritative DNS server stores “resource records” for all
DNS names in the domain that it has authority for
v Each server can discover the server(s) that are responsible for
the other portions of the hierarchy
§ Every server knows the root server(s)
§ Root server(s) knows about all top-level domains
59
60
DNS: a distributed, hierarchical database
… …
.edu
TLDs = Top Level Domains
NS
Root NS
Authoritative NS
au
edu
unsw
Titanium
washington.edu
Local NS
robot.cs.washington.edu.
cse
Credits: Prof David Wetherall, UoW
pk
DNS Root Servers
B USC-ISI Marina del Rey, CA
L ICANN Los Angeles, CA
E NASA Mt View, CA
F Internet Software
Consortium,
Palo Alto, CA
(and 37 other locations)
I Autonomica, Stockholm
(plus 29 other locations)
K RIPE London (plus 16 other locations)
M WIDE Tokyo
plus Seoul, Paris,
San Francisco
A Verisign, Dulles, VA
C Cogent, Herndon, VA (also Los Angeles, NY, Chicago)
D U Maryland College Park, MD
G US DoD Vienna, VA
H ARL Aberdeen, MD
J Verisign (21 locations)
l 13 root servers (labeled A-M; see http://www.root-servers.org/)
l Replicated via any-casting (network will deliver DNS messages to the closest
replica)
61https://www.iana.org/domains/root/servers
62
DNS: root name servers
www.root-servers.org
TLD, authoritative servers
top-level domain (TLD) servers:
§ responsible for com, org, net, edu, aero, jobs, museums,
and all top-level country domains, e.g.: uk, fr, ca, jp
§ Network Solutions maintains servers for .com TLD
§ Educause for .edu TLD
authoritative DNS servers:
§ organization’s own DNS server(s), providing
authoritative hostname to IP mappings for organization’s
named hosts
§ can be maintained by organization or service provider
63
Local DNS name server
v does not strictly belong to hierarchy
v each ISP (residential ISP, company, university) has one
§ also called “default name server” or “DNS resolver”
v Hosts configured with local DNS server address (e.g.,
/etc/resolv.conf) or learn server via a host configuration
protocol (e.g., DHCP)
v Client application
§ Obtain DNS name (e.g., from URL)
§ Do gethostbyname() to trigger DNS request to its local DNS server
v when host makes DNS query, the query is sent to its
local DNS server
§ has local cache of recent name-to-address translation pairs
(but may be out of date!)
§ acts as proxy, forwards query into hierarchy
64
requesting host
wagner.cse.unsw.edu.au
gaia.cs.umass.edu
root DNS server
local DNS server
cse.unsw.edu.au
1
2
3
4
5
6
authoritative DNS server
dns.umass.edu
7
8
TLD DNS server
DNS name
resolution example
v host at
wagner.cse.unsw.edu.au
wants IP address for
gaia.cs.umass.edu
iterated query:
v contacted server
replies with name of
server to contact
v “I don’t know this
name, but ask this
server”
65
45
6
3
recursive query:
v puts burden of name
resolution on
contacted name
server
requesting host
wagner.cse.unsw.edu.au
gaia.cs.umass.edu
root DNS server
local DNS server
cse.unsw.edu.au
1
2
7
authoritative DNS server
dns.umass.edu
8
DNS name
resolution example
TLD DNS
server
66
DNS: caching, updating records
v once (any) name server learns mapping, it caches mapping
§ cache entries timeout (disappear) after some time (TTL)
§ TLD servers typically cached in local name servers
• thus root name servers not often visited
v Subsequent requests need not burden DNS
v cached entries may be out-of-date (best effort name-to-
address translation!)
§ if name host changes IP address, may not be known Internet-
wide until all TTLs expire
v Negative caching (optional)
§ Remember things that don’t work
§ E.g., misspellings like www.cnn.comm and www.cnnn.com
§ These can take a long time to fail for the first time
§ Good to remember that they don’t work
67
http://www.cnn.comm/
http://www.cnnn.com/
DNS records
DNS: distributed db storing resource records (RR)
type=NS
§ name is domain (e.g.,
foo.com)
§ value is hostname of
authoritative name
server for this domain
RR format: (name, value, type, ttl)
type=A
§ name is hostname
§ value is IP address
type=CNAME
§ name is alias name for some
“canonical” (the real) name
§ www.ibm.com is really
servereast.backup2.ibm.com
§ value is canonical name
type=MX
§ value is name of mailserver
associated with name
68
DNS protocol, messages
v query and reply messages, both with same message
format
msg header
v identification: 16 bit # for
query, reply to query uses
same #
v flags:
§ query or reply
§ recursion desired
§ recursion available
§ reply is authoritative
identification flags
# questions
questions (variable # of questions)
# additional RRs# authority RRs
# answer RRs
answers (variable # of RRs)
authority (variable # of RRs)
additional info (variable # of RRs)
2 bytes 2 bytes
69
name, type fields
for a query
RRs in response
to query
records for
authoritative servers
additional “helpful”
info that may be used
identification flags
# questions
questions (variable # of questions)
# additional RRs# authority RRs
# answer RRs
answers (variable # of RRs)
authority (variable # of RRs)
additional info (variable # of RRs)
DNS protocol, messages
2 bytes 2 bytes
70
71
An Example Try this out
yourself. Part of
Lab 3
Inserting records into DNS
v example: new startup “Network Utopia”
v register name networkutopia.com at DNS registrar
(e.g., Network Solutions)
§ provide names, IP addresses of authoritative name server
(primary and secondary)
§ registrar inserts two RRs into .com TLD server:
(networkutopia.com, dns1.networkutopia.com, NS)
(dns1.networkutopia.com, 212.212.212.1, A)
v create authoritative server type A record for
www.networkuptopia.com; type MX record for
networkutopia.com
v Q: Where do you insert these type A and type MX
records?
A: ?? 72dns1.networkutopia.com
Updating DNS records
v Remember that old records may be cached in other
DNS servers (for up to TTL)
v General guidelines
§ Record the current TTL value of the record
§ Lower the TTL of the record to a low value (e.g., 30
seconds)
§ Wait the length of the previous TTL
§ Update the record
§ Wait for some time (e.g. 1 hour)
§ Change the TTL back to your previous time
73
Reliability
v DNS servers are replicated (primary/secondary)
§ Name service available if at least one replica is up
§ Queries can be load-balanced between replicas
v Usually, UDP used for queries
§ Need reliability: must implement this on top of UDP
§ Spec supports TCP too, but not always implemented
v DNS uses port 53
v Try alternate servers on timeout
§ Exponential backoff when retrying same server
v Same identifier for all queries
§ Don’t care which server responds
74
DNS provides indirection
v Addresses can change underneath
§ Move www.cnn.com to 4.125.91.21
§ Humans/Apps should be unaffected
v Name could map to multiple IP addresses
§ Enables
• Load-balancing
• Reducing latency by picking nearby servers
v Multiple names for the same address
§ E.g., many services (mail, www, ftp) on same machine
§ E.g., aliases like www.cnn.com and cnn.com
v But this flexibility applies only within domain!
75
CDN example
76
Many well-known
sites are hosted by
CDNs. A simple
way to check using
dig is shown here.
REVISTING
CDN content access: a closer look
Bob (client) requests video http://video.netcinema.com/6Y7B23V
§ video stored in CDN at managed by KingCDN.com
www.netcinema.com
KingCDN.com
1
1. Bob gets URL for video
http://video.netcinema.com/6Y7B23V
from www.netcinema.com
2
2. resolve http://video.netcinema.com
via Bob’s local DNS
netcinema’s
authoratative DNS
3
3. netcinema’s DNS returns
http://a1105.KingCDN.com/
4
4&5. Resolve
http://a1105.KingCDN.com
via KingCDN’s authoritative DNS,
which returns IP address of KingCDN
server with video
56. request video
6Y7B23V from
KingCDN server,
streamed via HTTP
KingCDN
authoritative DNS
Bob’s
local DNS
server
77
REVISTING
WWW vs non-WWW domains
78
v E.g., www.metalhead.com or metalhead.com
v Non-www referred to as apex or naked domains (metalhead.com)
v Technically either can serve as primary (for search engines) and the
other is redirected to primary (HTTP 301)
v There are 2 main advantages of using www
§ DNS requires apex domains to always point to type A and that CNAME record
cannot coexist with other RR types
§ With www domains, offloading to a CDN is easy:
• www.metalhead.com CNAME somecdn.com
• metalhead.com A 156.23.34.252
• Note: Some CDN providers have workarounds for the above
§ Cookies of the apex domain are automatically passed down to sub-domains
(metalhead.com to static.metalhead.com and mail.metalhead.com)
• Unnecessary cookies hurt performance
• Also, a security issue (out of scope of our discussion)
More reading at: https://www.bjornjohansen.com/www-or-not
Reverse DNS
v IP address -> domain name
v Special PTR record type to store reverse DNS
entries
v Where is reverse DNS used?
§ Troubleshooting tools such as traceroute and ping
§ “Received” trace header field in SMTP e-mail
§ SMTP servers for validating IP addresses of originating
servers
§ Internet forums tracking users
§ System logging or monitoring tools
§ Used in load balancing servers/content distribution to
determine location of requester
79
Do you trust your DNS server?
v Censorship
v Logging
§ IP address, websites visited, geolocation data and more
§ E.g., Google DNS:
80
https://developers.google.com/speed/public-dns/privacy
https://wikileaks.org/wiki/Alternative_DNS
Attacking DNS
DDoS attacks
v Bombard root servers
with traffic
§ Not successful to date
§ Traffic Filtering
§ Local DNS servers cache
IPs of TLD servers, allowing
root server to be bypassed
v Bombard TLD servers
§ Potentially more dangerous
Redirect attacks
v Man-in-middle
§ Intercept queries
v DNS poisoning
§ Send bogus replies to DNS
server, which caches
Exploit DNS for DDoS
v Send queries with spoofed
source address: target IP
81
Want to dig deeper?
http://www.networkworld.com/article/2886283/security0/top-10-dns-attacks-
likely-to-infiltrate-your-network.html
82
https://www.continuitycentral.com/index.php/news/technology/6340-
dns-attacks-on-the-rise-finds-2021-global-dns-threat-report
DNS Cache Poisoning
v Suppose you are a bad guy and you control the name server
for drevil.com. Your name server receives a request to resolve
www.drevil.com. and it responds as follows:
;; QUESTION SECTION:
;www.drevil.com. IN A
;; ANSWER SECTION:
www.drevil.com 300 IN A 129.45.212.42
;; AUTHORITY SECTION:
drevil.com 86400 IN NS dns1.drevil.com.
drevil.com 86400 IN NS google.com
;; ADDITIONAL SECTION:
google.com 600 IN A 129.45.212.222
v Solution: Do not allow DNS servers to cache IP address mappings
unless they are from authoritative name servers
83
A drevil.com machine, not google.com
DNS Cache Poisoning Test – https://www.grc.com/dns/dns.htm
DNSSEC
v Extension to improve DNS security
v Allows DNS clients to cryptographically
authenticate DNS data and data integrity
v Does not guarantee availability or confidentiality
v Further details: https://www.dnssec.net
v Stats: https://stats.labs.apnic.net/dnssec
84
https://www.dnssec.net/
https://stats.labs.apnic.net/dnssec
DoH (RFC 8484) and DoT (RFC 7858)
v DoT: DNS over Transport Layer Security (TLS)
v DoH: DNS over HTTPS (or HTTP2)
v Increase user privacy and security
v DoT: port 853, DoH: port 443
v DoH traffic masked with other HTTPS traffic
v Cloudflare, Google, etc. have publicly accessible DoT
resolvers and OS support is also available
v Chrome and Mozilla support DoH, OS support coming
soon (or already there)
v DoT: https://developers.google.com/speed/public-
dns/docs/dns-over-tls
v DoH: https://developers.cloudflare.com/1.1.1.1/dns-
over-https 85
NOT ON EXAM
https://developers.google.com/speed/public-dns/docs/dns-over-tls
https://developers.cloudflare.com/1.1.1.1/dns-over-https
Quiz: DNS
v If a local DNS server has no clue about where to
find the address for a hostname then the_____
a) Server starts crying
b) Server asks the root DNS server
c) Server asks its neighbouring DNS server
d) Request is not processed
86
www.zeetings.com/salil
Answer: B
v Which of the following are respectively maintained
by the client-side ISP and the domain name owner?
a) Root DNS server, Top-level domain DNS server
b) Root DNS server, Local DNS server
c) Local DNS server, Authoritative DNS server
d) Top-level domain DNS server, Authoritative
DNS server
e) Authoritative DNS server, Top-level domain
DNS server
87
Quiz: DNS
www.zeetings.com/salil
Answer: C
v Suppose you open your email program and send an
email to .au, your email program will
trigger which type of DNS query?
a) A
b) NS
c) CNAME
d) MX
e) All of the above
88
Quiz: DNS
www.zeetings.com/salil
Answer: D
mailto: .au
v You open your browser and type
www.zeetings.com. The minimum number of
DNS requests sent by your local DNS server to
obtain the corresponding IP address is:
A. 0
B. 1
C. 2
D. 3
E. 42
89
Quiz: DNS
Answer: A
v The role of the CDN provider’s authoritative DNS
name server in a content distribution network, simply
described, is:
a) to provide an alias address for each browser
access to the “origin server” of a CDN website
b) to map the query for each CDN object to the
CDN server closest to the requestor (browser)
c) to provide a mechanism for CDN “origin
servers” to provide paths for clients (browsers)
d) none of the above, CDN networks do not use
DNS
90
Quiz: CDN
www.zeetings.com/salil
Answer: B
Summary
§ application architectures
• client-server
• P2P
§ application service
requirements:
• reliability, bandwidth, delay
§ Internet transport service
model
• connection-oriented,
reliable: TCP
• unreliable, datagrams: UDP
our study of network apps now complete!
91
§ specific protocols:
• HTTP
• SMTP, POP, IMAP
• DNS
• P2P: BitTorrent, DHT
§ video streaming, CDNs
§ socket programming:
TCP, UDP sockets