Lecture 10 Doman Name System CPE 401 / 601 Computer Network Systems slides are modified from Dave Hollinger and Kurose & Ross.

Download Report

Transcript Lecture 10 Doman Name System CPE 401 / 601 Computer Network Systems slides are modified from Dave Hollinger and Kurose & Ross. 

Lecture 10
Doman Name System
CPE 401 / 601
Computer Network Systems
slides are modified from Dave Hollinger and Kurose & Ross
Hostnames
People: many identifiers:

SSN, name, passport #
Internet hosts, routers:


IP address (32/128 bit) - used for addressing datagrams
“name”, e.g., ww.yahoo.com - used by humans
 http://www.youtube.com/watch?v=9ilYrY9iBhk
 IP Addresses are great for computers
 IP address includes information used for routing.
 IP addresses are tough for humans to remember.
 IP addresses are impossible to guess.
 ever guessed at the name of a WWW site?
DNS
2
Domain Name System
 The
domain name system is usually used to translate
a host name into an IP address .
 Domain names comprise a hierarchy so that names
are unique, yet easy to remember.

distributed database


implemented in hierarchy of many name servers
hosts, routers, communicate with name servers to resolve names
(address/name translation)
DNS
3
Host name structure
 Each host name is made up of a sequence of
labels separated by periods.
Each label can be up to 63 characters
 The total name can be at most 255 characters.

 Examples:
 whitehouse.gov
 barney.the.purple.dinosaur.com
 cnl.cse.unr.edu
DNS
4
Domain Name
 The domain name for a host is the sequence of labels
that lead from the host (leaf node in the naming
tree) to the top of the worldwide naming tree.
 A domain is a subtree of the worldwide naming tree.
Root DNS Servers
com DNS servers
yahoo.com
amazon.com
DNS servers DNS servers
org DNS servers
pbs.org
DNS servers
edu DNS servers
unr.edu
dri.edu
DNS servers DNS servers
DNS
5
DNS services
 hostname to IP address translation
 host aliasing
 Canonical, alias names
 mail server aliasing
 load distribution
 replicated Web servers: set of IP addresses for one
canonical name
Why not centralize DNS?
 single point of failure
 traffic volume
 distant centralized database
 maintenance
doesn’t scale!
DNS
6
Distributed, Hierarchical Database
Client wants IP for www.unr.edu; 1st approx:
 client queries a root server to find edu DNS server
 client queries edu DNS server to get unr.edu DNS
server
 client queries unr.edu DNS server to get IP address
for www.unr.edu
DNS
7
DNS: Root name servers
 contacted by local name server that can not resolve name
 root name server:



contacts authoritative name server if name mapping not
known
gets mapping
returns mapping to local name server
a Verisign, Dulles, VA
c Cogent, Herndon, VA (also LA)
d U Maryland College Park, MD
g US DoD Vienna, VA
h ARL Aberdeen, MD
j Verisign, ( 21 locations)
e NASA Mt View, CA
f Internet Software C. Palo Alto,
k RIPE London (also 16 other locations)
i Autonomica, Stockholm (plus
28 other locations)
m WIDE Tokyo (also Seoul,
Paris, SF)
CA (and 36 other locations)
13 root name servers
worldwide
b USC-ISI Marina del Rey, CA
l ICANN Los Angeles, CA
DNS
8
Top-Level Domain Servers
 responsible for com, org, net, edu, gov, …
 Network Solutions maintains servers for com TLD
 Educause for edu TLD
 Countries each have a top level domain
 2 letter domain name
 uk, fr, ca, jp, …
 New top level domains include
.aero .biz .coop .info .name .pro
DNS
9
Authoritative Servers
 organization’s DNS servers,

providing authoritative hostname to IP mappings for
organization’s servers (e.g., Web, mail).
 The organization that owns a domain name is
responsible for running a DNS server that can
provide the mapping between hostnames within
the domain to IP addresses.

So - some machine run by UNR is responsible for
everything within the rpi.edu domain.
 can be maintained by organization or service
provider
DNS
10
DNS Distributed Database
 There is one primary server for a domain, and
typically a number of secondary servers
containing replicated databases.
unr.edu DNS server
unr.edu
DNS DB
Authoritative
unr.edu
rpi.edu
rpi.edu
DNS
DB
DNS
DNSDB
DB
Replicas
UNR
11
Local Name Server
 does not strictly belong to hierarchy
 each ISP (residential ISP, company, university)
has one.

also called “default name server”
 when host makes DNS query, query is sent to
its local DNS server

acts as proxy, forwards query into hierarchy
DNS
12
DNS: caching and updating records
 once (any) name server learns mapping, it
caches
mapping
 cache entries timeout (disappear) after some time
 TLD servers typically cached in local name servers
• Thus root name servers not often visited
 DNS Cache poisoning attacks
 http://www.youtube.com/watch?v=1d1tUefYn4U
 update/notify mechanisms under design by IETF
 RFC 2136

http://www.ietf.org/html.charters/dnsind-charter.html
DNS
13
Inserting records into DNS
 example: new startup “Network Utopia”
 register name networkuptopia.com at
(e.g., Network Solutions)


DNS registrar
provide names, IP addresses of authoritative name server
(primary and secondary)
registrar inserts two RRs into com TLD server:
(networkutopia.com, dns1.networkutopia.com, NS)
(dns1.networkutopia.com, 212.212.212.1, A)
 create authoritative server
 Type A record for www.networkuptopia.com;
 Type MX record for networkutopia.com
DNS
14
DNS Clients
 A DNS client is called a
resolver.
 A call to gethostbyname()is handled by a
resolver (typically part of the client).
 Most Unix workstations have the file
/etc/resolv.conf that contains the local
domain and the addresses of DNS servers
for that domain.
DNS
16
/etc/resolv.conf
search cse.unr.edu me.unr.edu
engr.unr.edu ce.unr.edu it.unr.edu
unr.edu
nameserver 134.197.5.1
nameserver 134.197.6.1
DNS
17
nslookup
 nslookup is an interactive resolver that
allows the user to communicate directly with
a DNS server.
 nslookup is usually available on Unix
workstations.

dig and host are also DNS clients
DNS
18
DNS Servers
 Servers handle requests for their domain
directly.
 Servers handle requests for other domains
by contacting remote DNS server(s).
 Servers cache external mappings.
DNS
19
Server - Server Communication
 If a server is asked to provide the mapping
for a host outside it’s domain (and the
mapping is not in the server cache):
The server finds a nameserver for the target
domain.
 The server asks the nameserver to provide the
host name to IP translation.

 To find the right nameserver, use DNS!
DNS
20
DNS Data
 DNS databases contain more than just
hostname-to-address records:
Name server records
 Hostname aliases
 Mail Exchangers
 Host Information

NS
CNAME
MX
HINFO
DNS
21
Server Operation
 If a server has no clue about where to find
the address for a hostname, ask the root
server.
 The root server will tell you what nameserver
to contact.
 A request may get forwarded a few times.
DNS
22
DNS name
resolution example
root DNS server
 Host at cse.unr.edu wants
2
3
IP address for rec.dri.edu
TLD DNS server
4
5
iterated query:
r
r
contacted server replies with
name of server to contact
“I don’t know this name, but
ask this server”
local DNS server
ns1.unr.edu
1
8
7
6
authoritative DNS server
dns.dri.edu
requesting host
cse.unr.edu
rec.dri.edu
DNS
23
Recursion
 A request can indicate that recursion is
desired - this tells the server to find out the
answer (possibly by contacting other
servers).
 If recursion is not requested - the response
may be a list of other name servers to
contact.
DNS
24
DNS name
resolution example
recursive query:
r
r
root DNS server
2
puts burden of name
resolution on contacted
name server
heavy load?
3
7
6
TLD DNS server
local DNS server
5
ns1.unr.edu
1
4
8
authoritative DNS server
dns.dri.edu
requesting host
cse.unr.edu
rec.dri.edu
DNS
25
UDP & TCP
 Both UDP and TCP are used:

TCP for transfers of entire database to secondary
servers (replication)

UDP for lookups

If more than 512 bytes in response
• requestor resubmits request using TCP.
DNS
26
DNS records
DNS: distributed db storing resource records (RR)
RR format: (name,
r Type=A


name is hostname
value is IP address
value, type, ttl)
r Type=CNAME

r Type=AAA
r Type=NS


name is domain (e.g.
foo.com)
value is hostname of
authoritative name server
for this domain
name is alias name for some
“canonical” (the real) name
www.ibm.com is really
servereast.backup2.ibm.com

value is canonical name
r Type=MX

value is name of mailserver
associated with name
DNS
27
DNS protocol, messages
DNS protocol : query and reply messages, both with
same message format
identification:
16 bit # for query,
reply to query uses same #
Response
flags:
QR: Query=0, Response=1
AA: Authoritative Answer
TC: response truncated (> 512 bytes)
RD: recursion desired
RA: recursion available
rcode: return code
DNS
28
DNS protocol, messages
Name, type fields
for a query
RRs in response
to query
records for
authoritative servers
additional “helpful”
info that may be used
DNS
29
Name to Address Conversion
 There is a library of functions that act as DNS
client (resolver).

you don’t need to write DNS client code to use DNS!
 With some OSs you need to explicitly link with
the DNS resolver library:
-lnsl
(nsl is “Name Server Library”)
Suns (Solaris) need this!
DNS
30
DNS library functions
gethostbyname
gethostbyaddr
gethostbyname2
DNS
31
gethostbyname
 Return IP addresses of a host
struct hostent *gethostbyname(
const char *hostname);
 struct hostent is defined in netdb.h:
 All the IP addresses returned via the hostent are in
network byte order!
DNS
32
hostent picture
h_name
h_aliases
h_addrtype
h_length
h_addr_list
Official Name
alias 1
alias 2
null
IP address 1
IP address 2
null
DNS
33
Which Address?
 On success, gethostbyname returns the
address of a hostent that has been created.

has an array of ptrs to IP addresses
 Usually use the first one:
#define h_addr h_addr_list[0]
DNS
34
gethostbyname and errors
 On error gethostbyname return null.
 Gethostbyname sets the global variable
h_errno to indicate the exact error:
HOST_NOT_FOUND
 TRY_AGAIN
 NO_RECOVERY
 NO_DATA
 NO_ADDRESS

DNS
35
Getting at the address:
char **h_addr_list;
h = gethostbyname("joe.com");
sockaddr.sin_addr.s_addr =
*(h->h_addr_list[0]);
This won't work!!!!
h_addr_list[0] is a char* !
DNS
36
Using memcpy
 You can copy the 4 bytes (IPv4) directly:
h = gethostbyname("joe.com");
memcpy(&sockaddr.sin_addr,
h->h_addr_list[0],
sizeof(struct in_addr));
DNS
37
gethostbyaddr
 Return hostname corresponding to an IP.
struct hostent *gethostbyaddr(
const char *addr
size_t len,
int family);
DNS
38
Some other functions
uname
get hostname of local host
getservbyname
get port number for a named service
getservbyaddr
get name for service associated with a port
number
DNS
39