EE 122 Domain Name System Ion Stoica TAs Junda Liu DK Moon David Zats http inst eecs berkeley edu ee122 Materials with thanks to Vern Paxson Jennifer Rexford and colleagues at UC Berkeley 1 Goals of Today s Lecture Concepts principles underlying the Domain Name System DNS Inner workings of DNS Indirection names in place of addresses Hierarchy in names addresses and servers Caching of mappings from names to from addresses DNS resolvers and servers Iterative and recursive queries TTL based caching Use of the dig utility Security analysis 2 Host Names vs IP addresses Host names Mnemonic name appreciated by humans Variable length full alphabet of characters Provide little if any information about location Examples www cnn com and bbc co uk IP addresses Numerical address appreciated by routers Fixed length binary number Hierarchical related to host location Examples 64 236 16 20 and 212 58 224 131 3 Separating Naming and Addressing Names are easier to remember Addresses can change underneath www cnn com vs 64 236 16 20 Move www cnn com to 4 125 91 21 E g renumbering when changing providers Name could map to multiple IP addresses www cnn com to multiple 8 replicas of the Web site Enables Load balancing Reducing latency by picking nearby servers Tailoring content based on requester s location identity Multiple names for the same address 4 E g aliases like www cnn com and cnn com Scalable Name Address Mappings Originally per host file Flat namespace etc hosts what is this on your computer today SRI Menlo Park kept master copy Downloaded regularly Single server doesn t scale Traffic implosion lookups updates Single point of failure Amazing politics Need a distributed hierarchical collection5 of servers Domain Name System DNS Properties of DNS Hierarchical name space divided into zones Zones distributed over collection of DNS servers Hierarchy of DNS servers Root hardwired into other servers Top level domain TLD servers Authoritative DNS servers Performing the translations Local DNS servers 6 Distributed Hierarchical Database unnamed root com edu org generic domains bar arpa country domains Top Level Domains TLDs inaddr ac west east cam foo my usr my east bar edu zw uk ac usr cam ac uk 7 DNS Root Located in Virginia USA How do we make the root scale Verisign Dulles VA 8 DNS Root Servers 13 root servers see http www root servers org Labeled A through M Does this scale A Verisign Dulles VA C Cogent Herndon VA D U Maryland College Park MD G US DoD Vienna VA K RIPE London H ARL Aberdeen MD I Autonomica Stockholm J Verisign E NASA Mt View CA F Internet Software Consortium Palo Alto CA M WIDE Tokyo B USC ISI Marina del Rey CA L ICANN Los Angeles CA 9 DNS Root Servers 13 root servers see http www root servers org Labeled A through M Replication via any casting localized routing for addresses E NASA Mt View CA F Internet Software Consortium Palo Alto CA and 37 other locations A Verisign Dulles VA C Cogent Herndon VA also Los Angeles NY Chicago D U Maryland College Park MD G US DoD Vienna VA K RIPE London plus 16 other locations H ARL Aberdeen MD I Autonomica Stockholm J Verisign 21 locations plus 29 other locations M WIDE Tokyo plus Seoul Paris San Francisco B USC ISI Marina del Rey CA L ICANN Los Angeles CA 10 TLD and Authoritative DNS Servers Top level domain TLD servers Generic domains e g com org edu Country domains e g uk fr cn jp Special domains e g arpa Typically managed professionally Network Solutions maintains servers for com Educause maintains servers for edu Authoritative DNS servers Provide public records for hosts at an organization Private records may differ though not part of original design s intent For the organization s servers e g Web11 and mail Using DNS Local DNS server default name server Usually near the endhosts that use it Local hosts configured with local server e g etc resolv conf or learn server via DHCP Client application Extract server name e g from the URL Do gethostbyname to trigger resolver code Server application 12 Extract client IP address from socket Example root DNS server Host at cis poly edu wants IP address for gaia cs umass ed u 2 3 4 local DNS server TLD DNS server 5 dns poly edu 1 8 requesting host cis poly edu 7 6 authoritative DNS server dns cs umass edu gaia cs umass edu 13 How did it know the root server IP Hard coded What if it changes 14 Recursive vs Iterative Queries Recursive query Ask server to get answer for you E g request 1 and response 8 local DNS server Iterative query root DNS server Ask server who to ask next E g all other requestresponse pairs 2 3 4 dns poly edu TLD DNS server 5 1 8 requesting host 7 6 authoritative DNS server dns cs umass edu cis poly edu 15 Reverse Mapping Address Host How do we go the other direction from an IP address to the corresponding hostname Addresses already have natural quad hierarchy 12 34 56 78 But quad notation has most sig hierarchy element on left while www cnn com has it on the right Idea reverse the quads 78 56 34 12 and look that up in the DNS Under what TLD Convention in addr arpa So lookup is for 78 56 34 12 in addr arpa 16 Distributed Hierarchical Database unnamed root com edu org generic domains bar zw uk ac arpa country domains ac inaddr west east cam 12 foo my usr 34 my east bar edu usr cam ac uk 56 17 12 34 56 0 24 DNS Caching Performing all these queries takes time And all this before actual communication takes place E g 1 second latency before starting Web download Caching can greatly reduce overhead The top level servers very rarely change Popular sites e g www cnn com visited often Local DNS server often has the information cached How DNS caching works DNS servers cache responses to queries Responses include a time to live TTL field Server deletes cached entry after TTL expires 18 Negative Caching Remember things that don t work Misspellings like www cnn comm and www cnnn com These can take a long time to fail the first time Good to remember that they don t work so the failure takes less time the next time around But negative caching is optional And not widely implemented 19 DNS Resource Records DNS distributed DB storing resource records RR RR format Type A name is hostname value is IP address Type CNAME Type NS name value type ttl name is domain e g foo com value is hostname of authoritative name server for this domain Type PTR name is reversed IP quads E g 78 56 34 12 in addr arpa value is corresponding hostname name is alias name for some canonical name E g www cs mit edu is really
View Full Document
Unlocking...