Скачать презентацию Lecture 10 Doman Name System CPE 401 Скачать презентацию Lecture 10 Doman Name System CPE 401

845733cc01f3518e7768d6bcde73d19c.ppt

  • Количество слайдов: 39

Lecture 10 Doman Name System CPE 401 / 601 Computer Network Systems slides are Lecture 10 Doman Name System CPE 401 / 601 Computer Network Systems slides are modified from Dave Hollinger and Kurose & Ross

Hostnames People: many identifiers: v SSN, name, passport # Internet hosts, routers: v v Hostnames People: many identifiers: v SSN, name, passport # Internet hosts, routers: v v IP address (32/128 bit) - used for addressing datagrams “name”, e. g. , ww. yahoo. com - used by humans q http: //www. youtube. com/watch? v=9 il. Yr. Y 9 i. Bhk q IP Addresses are great for computers v IP address includes information used for routing. q IP addresses are tough for humans to remember. v IP addresses are impossible to guess. v ever guessed at the name of a WWW site? DNS 2

Domain Name System q The domain name system is usually used to translate a Domain Name System q The domain name system is usually used to translate a host name into an IP address. q Domain names comprise a hierarchy so that names are unique, yet easy to remember. q distributed database v v implemented in hierarchy of many name servers hosts, routers, communicate with name servers to resolve names (address/name translation) DNS 3

Host name structure q Each host name is made up of a sequence of Host name structure q Each host name is made up of a sequence of labels separated by periods. Each label can be up to 63 characters v The total name can be at most 255 characters. v q Examples: v whitehouse. gov v barney. the. purple. dinosaur. com v cnl. cse. unr. edu DNS 4

Domain Name q The domain name for a host is the sequence of labels Domain Name q The domain name for a host is the sequence of labels that lead from the host (leaf node in the naming tree) to the top of the worldwide naming tree. q A domain is a subtree of the worldwide naming tree. Root DNS Servers com DNS servers yahoo. com amazon. com DNS servers org DNS servers pbs. org DNS servers edu DNS servers unr. edu dri. edu DNS servers DNS 5

DNS services q hostname to IP address translation q host aliasing v Canonical, alias DNS services q hostname to IP address translation q host aliasing v Canonical, alias names q mail server aliasing q load distribution v replicated Web servers: set of IP addresses for one canonical name Why not centralize DNS? q single point of failure q traffic volume q distant centralized database q maintenance doesn’t scale! DNS 6

Distributed, Hierarchical Database Client wants IP for www. unr. edu; 1 st approx: q Distributed, Hierarchical Database Client wants IP for www. unr. edu; 1 st approx: q client queries a root server to find edu DNS server q client queries edu DNS server to get unr. edu DNS server q client queries unr. edu DNS server to get IP address for www. unr. edu DNS 7

DNS: Root name servers q contacted by local name server that can not resolve DNS: Root name servers q contacted by local name server that can not resolve name q root name server: v v v contacts authoritative name server if name mapping not known gets mapping returns mapping to local name server a Verisign, Dulles, VA c Cogent, Herndon, VA (also LA) d U Maryland College Park, MD g US Do. D Vienna, VA h ARL Aberdeen, MD j Verisign, ( 21 locations) e NASA Mt View, CA f Internet Software C. Palo Alto, k RIPE London (also 16 other locations) i Autonomica, Stockholm (plus 28 other locations) m WIDE Tokyo (also Seoul, Paris, SF) CA (and 36 other locations) 13 root name servers worldwide b USC-ISI Marina del Rey, CA l ICANN Los Angeles, CA DNS 8

Top-Level Domain Servers q responsible for com, org, net, edu, gov, … v Network Top-Level Domain Servers q responsible for com, org, net, edu, gov, … v Network Solutions maintains servers for com TLD v Educause for edu TLD q Countries each have a top level domain v 2 letter domain name v uk, fr, ca, jp, … q New top level domains include. aero. biz. coop. info. name. pro DNS 9

Authoritative Servers q organization’s DNS servers, v providing authoritative hostname to IP mappings for Authoritative Servers q organization’s DNS servers, v providing authoritative hostname to IP mappings for organization’s servers (e. g. , Web, mail). q The organization that owns a domain name is responsible for running a DNS server that can provide the mapping between hostnames within the domain to IP addresses. v So - some machine run by UNR is responsible for everything within the rpi. edu domain. q can be maintained by organization or service provider DNS 10

DNS Distributed Database q There is one primary server for a domain, and typically DNS Distributed Database q There is one primary server for a domain, and typically a number of secondary servers containing replicated databases. unr. edu DNS server unr. edu DNS DB Authoritative unr. edu rpi. edu DNS DB Replicas UNR 11

Local Name Server q does not strictly belong to hierarchy q each ISP (residential Local Name Server q does not strictly belong to hierarchy q each ISP (residential ISP, company, university) has one. v also called “default name server” q when host makes DNS query, query is sent to its local DNS server v acts as proxy, forwards query into hierarchy DNS 12

DNS: caching and updating records q once (any) name server learns mapping, it caches DNS: caching and updating records q once (any) name server learns mapping, it caches mapping v cache entries timeout (disappear) after some time v TLD servers typically cached in local name servers • Thus root name servers not often visited q DNS Cache poisoning attacks v http: //www. youtube. com/watch? v=1 d 1 t. Uef. Yn 4 U q update/notify mechanisms under design by IETF v RFC 2136 v http: //www. ietf. org/html. charters/dnsind-charter. html DNS 13

Inserting records into DNS q example: new startup “Network Utopia” q register name networkuptopia. Inserting records into DNS q example: new startup “Network Utopia” q register name networkuptopia. com at DNS registrar (e. g. , Network Solutions) v v provide names, IP addresses of authoritative name server (primary and secondary) registrar inserts two RRs into com TLD server: (networkutopia. com, dns 1. networkutopia. com, NS) (dns 1. networkutopia. com, 212. 1, A) q create authoritative server v Type A record for www. networkuptopia. com; v Type MX record for networkutopia. com DNS 14

DNS Clients q A DNS client is called a resolver. q A call to DNS Clients q A DNS client is called a resolver. q A call to gethostbyname()is handled by a resolver (typically part of the client). q Most Unix workstations have the file /etc/resolv. conf that contains the local domain and the addresses of DNS servers for that domain. DNS 16

/etc/resolv. conf search cse. unr. edu me. unr. edu engr. unr. edu ce. unr. /etc/resolv. conf search cse. unr. edu me. unr. edu engr. unr. edu ce. unr. edu it. unr. edu nameserver 134. 197. 5. 1 nameserver 134. 197. 6. 1 DNS 17

nslookup q nslookup is an interactive resolver that allows the user to communicate directly nslookup q nslookup is an interactive resolver that allows the user to communicate directly with a DNS server. q nslookup is usually available on Unix workstations. v dig and host are also DNS clients DNS 18

DNS Servers q Servers handle requests for their domain directly. q Servers handle requests DNS Servers q Servers handle requests for their domain directly. q Servers handle requests for other domains by contacting remote DNS server(s). q Servers cache external mappings. DNS 19

Server - Server Communication q If a server is asked to provide the mapping Server - Server Communication q If a server is asked to provide the mapping for a host outside it’s domain (and the mapping is not in the server cache): The server finds a nameserver for the target domain. v The server asks the nameserver to provide the host name to IP translation. v q To find the right nameserver, use DNS! DNS 20

DNS Data q DNS databases contain more than just hostname-to-address records: Name server records DNS Data q DNS databases contain more than just hostname-to-address records: Name server records v Hostname aliases v Mail Exchangers v Host Information v NS CNAME MX HINFO DNS 21

Server Operation q If a server has no clue about where to find the Server Operation q If a server has no clue about where to find the address for a hostname, ask the root server. q The root server will tell you what nameserver to contact. q A request may get forwarded a few times. DNS 22

DNS name resolution example root DNS server q Host at cse. unr. edu wants DNS name resolution example root DNS server q Host at cse. unr. edu wants 2 IP address for rec. dri. edu 3 4 TLD DNS server 5 iterated query: r contacted server replies with name of server to contact r “I don’t know this name, but ask this server” local DNS server ns 1. unr. edu 1 8 requesting host 7 6 authoritative DNS server dns. dri. edu cse. unr. edu rec. dri. edu DNS 23

Recursion q A request can indicate that recursion is desired - this tells the Recursion q A request can indicate that recursion is desired - this tells the server to find out the answer (possibly by contacting other servers). q If recursion is not requested - the response may be a list of other name servers to contact. DNS 24

DNS name resolution example recursive query: root DNS server 2 r puts burden of DNS name resolution example recursive query: root DNS server 2 r puts burden of name resolution on contacted name server r heavy load? 3 7 6 TLD DNS server local DNS server ns 1. unr. edu 1 5 4 8 requesting host authoritative DNS server dns. dri. edu cse. unr. edu rec. dri. edu DNS 25

UDP & TCP q Both UDP and TCP are used: v TCP for transfers UDP & TCP q Both UDP and TCP are used: v TCP for transfers of entire database to secondary servers (replication) v UDP for lookups v If more than 512 bytes in response • requestor resubmits request using TCP. DNS 26

DNS records DNS: distributed db storing resource records (RR) RR format: (name, r Type=A DNS records DNS: distributed db storing resource records (RR) RR format: (name, r Type=A v v name is hostname value is IP address value, type, ttl) r Type=CNAME v r Type=AAA r Type=NS v v name is domain (e. g. foo. com) value is hostname of authoritative name server for this domain name is alias name for some “canonical” (the real) name www. ibm. com is really servereast. backup 2. ibm. com v value is canonical name r Type=MX v value is name of mailserver associated with name DNS 27

DNS protocol, messages DNS protocol : query and reply messages, both with same message DNS protocol, messages DNS protocol : query and reply messages, both with same message format r identification: 16 bit # for query, reply to query uses same # Response r flags: QR: Query=0, Response=1 AA: Authoritative Answer TC: response truncated (> 512 bytes) RD: recursion desired RA: recursion available rcode: return code DNS 28

DNS protocol, messages Name, type fields for a query RRs in response to query DNS protocol, messages Name, type fields for a query RRs in response to query records for authoritative servers additional “helpful” info that may be used DNS 29

Name to Address Conversion q There is a library of functions that act as Name to Address Conversion q There is a library of functions that act as DNS client (resolver). v you don’t need to write DNS client code to use DNS! q With some OSs you need to explicitly link with the DNS resolver library: -lnsl (nsl is “Name Server Library”) Suns (Solaris) need this! DNS 30

DNS library functions gethostbyname gethostbyaddr gethostbyname 2 6! V IP DNS 31 DNS library functions gethostbyname gethostbyaddr gethostbyname 2 6! V IP DNS 31

gethostbyname q Return IP addresses of a host struct hostent *gethostbyname( const char *hostname); gethostbyname q Return IP addresses of a host struct hostent *gethostbyname( const char *hostname); q struct hostent is defined in netdb. h: q All the IP addresses returned via the hostent are in network byte order! DNS 32

hostent picture h_name h_aliases h_addrtype h_length h_addr_list Official Name alias 1 alias 2 null hostent picture h_name h_aliases h_addrtype h_length h_addr_list Official Name alias 1 alias 2 null IP address 1 IP address 2 null DNS 33

Which Address? q On success, gethostbyname returns the address of a hostent that has Which Address? q On success, gethostbyname returns the address of a hostent that has been created. v has an array of ptrs to IP addresses q Usually use the first one: #define h_addr_list[0] DNS 34

gethostbyname and errors q On error gethostbyname return null. q Gethostbyname sets the global gethostbyname and errors q On error gethostbyname return null. q Gethostbyname sets the global variable h_errno to indicate the exact error: HOST_NOT_FOUND v TRY_AGAIN v NO_RECOVERY v NO_DATA v NO_ADDRESS v . h b td e Al ed fin nn i de l DNS 35

Getting at the address: char **h_addr_list; h = gethostbyname(h_addr_list[0]); This won't work!!!! h_addr_list[0] is a char* ! DNS 36

Using memcpy q You can copy the 4 bytes (IPv 4) directly: h = Using memcpy q You can copy the 4 bytes (IPv 4) directly: h = gethostbyname("joe. com"); memcpy(&sockaddr. sin_addr, h->h_addr_list[0], sizeof(struct in_addr)); DNS 37

gethostbyaddr q Return hostname corresponding to an IP. struct hostent *gethostbyaddr( const char *addr gethostbyaddr q Return hostname corresponding to an IP. struct hostent *gethostbyaddr( const char *addr size_t len, int family); sizeof(struc t in_addr) AF_I NET (cou ld b e AF _INE T 6) DNS 38

Some other functions uname get hostname of local host getservbyname get port number for Some other functions uname get hostname of local host getservbyname get port number for a named service getservbyaddr get name for service associated with a port number DNS 39