程序代做 RFC 1034, 1035, and updated in other RFCs

The Internet’s Directory Service

DNS: Domain Name System

Copyright By PowCoder代写 加微信 powcoder

people: many identifiers:
 IRD #, name, passport #
Typical web browser’s task
Internet hosts, routers:
www.google.co.nz
 IP address (32 bit) – used for addressing datagrams
 “hostname”, e.g., www.yahoo.com – used by humans
Find IP address
Q: map between IP address and name, and vice versa ?
Make TCP connection request
Send HTTP request
Application 2-2

DNS: Domain Name System What is DNS?
1. DNS is a distributed database implemented in hierarchy of many name servers
 DNS servers are typically UNIX machines running the BIND software (Berkeley Internet Name Domain Software)
2. application-layer protocol that allows host to query the distributed database.
 The DNS protocol runs over UDP and uses port 53.
 host, routers, name servers communicate to resolve names (address/name translation)
 provides core Internet function, but implemented as application- layer protocol
https://www.isc.org/downloads/bind/
 complexity at network’s “edge”
 Uses the client-server paradigm
Application 2-3

RFC 1034, 1035, and updated in other RFCs
DNS services
Why not centralize DNS?
1. hostname to IP address translation
 single point of failure
2. host aliasing
 Canonical, alias names  Example:
 distant centralized database
• www.ibm.com (alias)
• www.ibm.com.cs186.net
 maintenance
(canonical)
 Therefore, a centralised database approach doesn’t scale!
3. mail server aliasing • ibm.com
4. load distribution
 among replicated Web servers: set of IP addresses for one canonical name
Application 2-4
 traffic volume

Distributed, Hierarchical Database
com DNS servers
org DNS servers Intermediate DNS servers
edu DNS servers
yahoo.com DNS servers
umass.edu DNS servers
Root DNS Servers Root DNS servers
Top-level domain servers
Authoritative DNS servers
amazon.com
DNS servers
DNS servers
DNS servers
Local DNS server
Each ISP also has a Local DNS server (default name server)
Application 2-5

Distributed, Hierarchical Database
com DNS servers
Root DNS Servers org DNS servers
edu DNS servers
yahoo.com DNS servers
amazon.com DNS servers
pbs.org DNS servers
poly.edu DNS servers
umass.edu DNS servers
Intermediate DNS servers
Each ISP also has a Local DNS server (default name server)
client wants IP for www.amazon.com (1st approx description):
 client queries a root server to find com DNS server (top-level domain)
 client queries com DNS server to get authoritative DNS server for amazon.com
 client queries amazon.com DNS server to get IP address for www.amazon.com
DNS query and reply messages are sent within UDP datagrams to port 53. Application 2-6

DNS: Root name servers
 First to be contacted by local name server that cannot resolve name
 root name server answers requests in the root zone and answers requests for the authoritative name server for the appropriate top- level domain (TLD)
e NASA Mt View, CA
f Internet Software C. Palo Alto, CA (and 36 other locations)
m WIDE Tokyo (also Seoul, Paris, SF)
b USC-ISI Marina del Rey, CA l ICANN Los Angeles, CA
(each “server” is actually a network
a Verisign, Dulles, VA
c Cogent, Herndon, VA (also LA) d U Maryland College Park, MD g US DoD Vienna, VA
h ARL Aberdeen, MD
j Verisign, ( 21 locations)
k RIPE London (also 16 other locations)
http://www.iana.org/domains/root/servers
Application 2-7
https://www.apnic.net/get-ip/faqs/rootservers/
i Autonomica, Stockholm (plus 28 other locations)
13 root name servers worldwide
of replicated servers – 750 root server instances around the world)

DNS: Root name servers DNS-Root-Servers
Letters IPv4 address A 198.41.0.4
IPv6 address
13 root server IP addresses:
B 192.228.79.201
C 192.33.4.12
2001:503:ba3e::2:30 2001:478:65::53 2001:500:2::c
Cogent Communications
• 13 root servers can be seen from any single location at any given time.
D 199.7.91.13
E 192.203.230.10
F 192.5.5.241
G 192.112.36.4
H 128.63.2.53
2001:500:2d::d
University of Maryland NASA
U.S. DoD NIC
I 192.36.148.17
J 192.58.128.30
K 193.0.14.129
L 199.7.83.42
2001:7FE::53 2001:503:c27::2:30 2001:7fd::1 2001:500:3::42 2001:dc3::35
Sign RIPE NCC ICANN
WIDE Project
M 202.12.27.33
2001:500:2f::f
2001:500:1::803f:235
US Army Research Lab
• Different servers (using the same IP addresses) will be seen from different locations.
https://www.ionos.com/digitalguide/server/know‐how/what‐is‐a‐root‐server‐definition‐and‐background/
Application 2-8

DNS: Root name servers
 Copyaverysmalldatabase,thecontentofwhichiscurrentlydecidedby IANA (Internet Assigned Numbers Authority) and US Dept. of Commerce.
http://www.root-servers.org/
 Put that database in the servers.
 Make the data available to all Internet users.
https://www.netnod.se/i-root
2: Application Layer 9

Root servers in NZ
https://root-servers.org/
E.root-servers.net (root-servers.org)
2: Application Layer 10

TLD and Authoritative Servers
Top-level domain (TLD) servers:
 responsible for com, org, net, edu, aero, jobs, museums, and
 all top-level country domains, e.g.: uk, fr, ch, jp, nz
• Network Solutions maintains servers for com TLD • Educause for edu TLD
Authoritative DNS servers:
 organization’s DNS servers, providing authoritative hostname to IP mappings for organization’s servers (e.g., Web, mail).
 can be maintained by organization or internet service provider
Application 2-11

Local Name Server
 does not strictly belong to hierarchy
 each ISP (residential ISP, company,
university) has one
 also called “default name server”
 Located within a LAN, or a few router hops away
 when host makes DNS query, query is sent to its local DNS server
 acts as proxy, forwards query into hierarchy of DNS servers
You can find your default name server by typing: Ipconfig /all
Application 2-12

DNS in action
 What happens when a user wants to view a website (e.g. www.networkutopia.com)?
 Let’s trace the sequence of DNS server interaction.
2: Application Layer 13

Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
DNS CLIENT
What is the IP address of www.networkutopia.com?
www.networkutopia.com?
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 14

Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
IP address of www.networkutopia.com?
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 15

Dns2.networkutopia.com Authoritative DNS Server (secondary)
List of IP addresses for TLD COM servers
Requesting host
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
IP address of www.networkutopia.com?
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 16

Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
IP address of www.networkutopia.com?
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 17

Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
5. Resource Records
(networkutopia.com, Dns1.networkutopia.com, NS) (Dns1.networkutopia.com, 212.212.212.1, A)
IP address of www.networkutopia.com?
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 18

Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
– give me a Type A Resource
IP address of www.networkutopia.com?
Destination Record Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
6. What is the IP address of www.networkutopia.com?
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 19

Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
IP address of www.networkutopia.com?
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
7. Type A Resource Record:
(www.networkutopia.com, 212.212.71.4, A)
(TLD) DNS Server
Authoritative DNS Server (primary)
Destination Host
2: Application Layer 20

Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
8. IP address of www.networkutopia.com is 212.212.71.4
IP address of www.networkutopia.com?
Destination Host
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
(TLD) DNS Server
Authoritative DNS Server (primary)
2: Application Layer 21

Dns2.networkutopia.com Authoritative DNS Server (secondary)
Requesting host
Destination networkutopia.com
Root DNS Server
i.e. Name Server responsible for COM Top-Level Domain
Local DNS Server
Dns1.networkutopia.com IP: 212.212.212.1
IP address of www.networkutopia.com?
9. TCP connection with www.networkutopia.com
(212.212.71.4), HTTP request
2: Application Layer 22
(TLD) DNS Server
Authoritative DNS Server (primary)
IP: 212.212.71.4

Recursive queries
Iterative queries
2: Application Layer 23

DNS name resolution example
root DNS server
 host at cis.poly.edu wants IP address for gaia.cs.umass.edu
TLD DNS server
recursive query:
 puts burden of name resolution on contacted name server
local DNS server
iterative query:
 contacted server replies with name of server to contact
What is the IP address of gaia.cs.umass.edu?
authoritative DNS server
 “I don’t know this name, but ask this server”
requesting host
dns.cs.umass.edu
Iterative query sent from dns.poly.edu to root DNS server Iterative query sent from dns.poly.edu to TLD DNS server Iterative query sent from dns.poly.edu to authoritative DNS server
gaia.cs.umass.edu
Recursive query sent from cis.poly.edu to local DNS server
Application 2-24
dns.poly.edu
cis.poly.edu

DNS name resolution example
root DNS server
recursive query:
 puts burden of name resolution on contacted name server
 heavy load?
local DNS server
All queries sent are recursive in this example.
gaia.cs.umass.edu
dns.poly.edu 5
requesting host
dns.cs.umass.edu
cis.poly.edu
authoritative DNS server
TLD DNS server
Application 2-25

DNS: caching and updating records
 once (any) name server learns a mapping, it caches that mapping and sends it to any querying host even if it is not authoritative for the hostname.
 TLD servers are typically cached in local name servers
• Thus, root name servers not often visited
 cache entries timeout (disappear) after some time (often set to 2 days)
 update/notify mechanisms have been added in the DNS protocol, in order to add/delete entries in DNS server database by way of DNS messages.
 RFC 2136, RFC 3007
Application 2-26

DNS records
DNS: distributed db storing Resource Records (RR) RR format: (name, value, type, ttl)
 name is hostname  value is IP Address
e.g. (massey.ac.nz,130.123.10.101,A)
 name is domain (e.g., foo.com)
 value is hostname of authoritative Name Server for this domain
e.g. (massey.ac.nz, tur-net1.massey.ac.nz, NS)

DNS records
DNS: distributed db storing Resource Records (RR) RR format: (name, value, type, ttl)
Type=CNAME
 name is alias name for some “Canonical” (the real) Name
 value is canonical name
e.g. (ibm.com, asia3.akam.net, CNAME)
 value is canonical name of Mail Exchange Server associated with
alias hostname name Additional info. section
e.g. (ibm.com, e11.ny.us.ibm.com,MX) (e11.ny.us.ibm.com, 129.33.205.201,A)
e.g. (www.ibm.com, www.ibm.com.cs186.net,CNAME)

DNS protocol, messages
DNS protocol : query and reply messages, both with same message format
Header section
 identification: 16 bit # for query, reply to query uses same #
 query or reply
 recursion desired
 recursion available  reply is authoritative
Application 2-29

DNS protocol, messages
Name, type fields for a query
RRs in response to query
Records of other authoritative servers
RR of other authoritative name servers
additional “helpful” info that may be used
Other helpful RRs (e.g. IP address of canonical MX server)
Application 2-30

Inserting records into DNS
Example: Alice has a new startup company, named “Network Utopia”
1. Alice registers the domain name, networkuptopia.com at DNS
(e.g., Network Solutions)
2. Alice provides names, IP addresses of authoritative name servers (both primary and secondary) to the registrar.
3. Registrar inserts RRs into all com TLD servers: (networkutopia.com, dns1.networkutopia.com, NS) (dns1.networkutopia.com, 212.212.212.1, A)
(networkutopia.com, dns2.networkutopia.com, NS) (dns2.networkutopia.com, 212.212.212.2, A)
4. Alice enters the following RRs into her authoritative DNS servers: Type A record for www.networkuptopia.com (web server)
Type MX, TYPE A records for mail.networkutopia.com (e-mail server)  How do people get IP address of Alice’s web site?
Public Information Regarding Internet Domain Name Registration Services: http://www.internic.net/
Internet Corporation for Assigned Names and Numbers (ICANN) accredits the various registrars. Application 2-31

Interact with DNS
 ipconfig
 nslookup
 WireShark
 dns.cpp – our own C/C++ code
2: Application Layer 32

Useful commands
 ipconfig /all
 ipconfig /displaydns  ipconfig /flushdns
Display DNS server address, adapter type, etc.
 nslookup [–option1 –option2] hostname_to_find [dns_server]
If not set, by default, the local DNS is queried
nslookup -debug -type=MX ibm.com
clear DNS cache
Display cached DNS resource records
2: Application Layer 33

 C:\>nslookup -query=cname www.ibm.com
 Server: UnKnown
 Address: fe80::1
 Non-authoritative answer:
 www.ibm.com canonical name = www.ibm.com.cs186.net
Canonical name
2: Application Layer 34

 C:\testFTP>nslookup -query=A google.co.nz
 Server: vodafone.station
 Address: 192.168.1.1
 Non-authoritative answer:
 Name: google.co.nz
 Addresses: 203.118.143.245
 203.118.143.231
 203.118.143.238
 203.118.143.216
 203.118.143.237
 203.118.143.244
 203.118.143.251
 203.118.143.210
 203.118.143.230
 203.118.143.223
 203.118.143.224
 203.118.143.217
Cached information is discarded after about 2 days.
2: Application Layer 35

What are the authoritative name servers for the domain google.com?
 C:\testFTP>nslookup-query=nsgoogle.com  Server: vodafone.station
 Address: 192.168.1.1
 Non-authoritative answer:
 google.com  google.com  google.com  google.com
nameserver = ns1.google.com nameserver = ns2.google.com nameserver = ns4.google.com nameserver = ns3.google.com
 ns1.google.com internet address = 216.239.32.10  ns2.google.com internet address = 216.239.34.10  ns3.google.com internet address = 216.239.36.10  ns4.google.com internet address = 216.239.38.10
2: Application Layer 36

What is the authoritative name server for www.google.co.nz?
 C:\testFTP>nslookup -query=ns www.google.co.nz
 Server: vodafone.station
 Address: 192.168.1.1
 google.co.nz
 primary name server = ns4.google.com
 responsible mail addr = dns-admin.google.com
 serial = 99671936
 refresh = 900 (15 mins)
 retry = 900 (15 mins)
 expire = 1800 (30 mins)
 default TTL = 60 (1 min)
2: Application Layer 37

What is the canonical name for the alias www.gmail.com?
 To Query MX (Mail Exchange) record.
 C:\Users\nhreyes>nslookup -query=mx www.gmail.com
 Server: UnKnown
 Address: 192.168.1.1
 Non-authoritative answer:
 www.gmail.com canonical name = mail.google.com
 mail.google.com canonical name = googlemail.l.google.com
 l.google.com
 primary name server = ns4.google.com
 responsible mail addr = dns-admin.google.com
 serial = 1549677
 refresh = 900 (15 mins)
 retry = 900 (15 mins)
 expire = 1800 (30 mins)
 default TTL = 60 (1 min)
2: Application Layer 38

nslookup -query=mx gmail.com
We can see here that successive DNS translation requests
returned a different ordering of the replicated servers.
C:\Users\nhreyes>nslookup -query=mx gmail.com Server: alb-net1.massey.ac.nz
Address: 130.123.104.53
C:\Users\nhreyes>nslookup -query=mx gmail.com Server: alb-net1.massey.ac.nz
Address: 130.123.104.53
Non-authoritative answer:
Non-authoritative answer:
gmail.com gmail.com gmail.com gmail.com gmail.com
MX preference = 30, mail exchanger = alt3.gmail-smtp-in.l.google.com MX preference = 5, mail exchanger = gmail-smtp-in.l.google.com
MX preference = 40, mail exchanger = alt4.gmail-smtp-in.l.google.com MX preference = 20, mail exchanger = alt2.gmail-smtp-in.l.google.com MX preference = 10, mail exchanger = alt1.gmail-smtp-in.l.google.com
gmail.com gmail.com gmail.com gmail.com gmail.com
MX preference = 5, mail exchanger = gmail-smtp-in.l.google.com
MX preference = 40, mail exchanger = alt4.gmail-smtp-in.l.google.com MX preference = 20, mail exchanger = alt2.gmail-smtp-in.l.google.com MX preference = 10, mail exchanger = alt1.gmail-smtp-in.l.google.com MX preference = 30, mail exchanger = alt3.gmail-smtp-in.l.google.com
nameserver = ns4.google.com nameserver = ns2.google.com nameserver = ns3.google.com nameserver = ns1.google.com
ns2.google.com internet address = 216.239.34.10 ns1.google.com internet address = 216.239.32.10 ns3.google.com internet address = 216.239.36.10 ns4.google.com internet address = 216.239.38.10
ns2.google.com internet address = 216.239.34.10 ns1.google.com internet address = 216.239.32.10 ns3.google.com internet address = 216.239.36.10 ns4.google.com internet address = 216.239.38.10
nameserver = ns2.google.com nameserver = ns4.google.com nameserver = ns3.google.com nameserver = ns1.google.com
2: Application Layer 39

Test DNS using our own C++
 Compare the results with the one returned by (nslookup www.google.co.nz)
 dns www.google.co.nz 80 ipv4
 dns www.google.co.nz 80 ipv6
 dns loopback 80 ipv4
 dns loopback 80 ipv6
2: Application Layer 40

Test DNS using our own C++ codes
 C:\>dns www.google.co.nz 80 ipv6
 Translation results: IP: 2404:6800:4006:802::2003, IPv6 at port: 80
 DNS CLIENT is shutting down…
 C:\>dns www.google.co.nz 80 ipv4
 Translation results: IP: 210.7.45.53, IPv4 at port: 80  DNS CLIENT is shutting down…
Test for IPv6 connectivity: http://ipv6-test.com/
2: Application Layer 41

WireShark + Our C codes
Let’s see what can we extract using WireShark when running our C/C++ code (dns.cpp):
 dns www.ibm.com 80 ipv4 Results returned by our codes:
 Translation results:
IP address: 23.222.88.13, IPv4 at port: 80
Some useful information about the querying host: IP origin host=130.123.249.2
DNS servers
130.123.104.53 130.123.107.2 130.123.128.16
2: Application Layer 42

Exercise using Wireshark
 Use ipconfig /flushdns to empty the DNS cache in your mac

程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com