DNS Domain Name System EE 122 Intro to Communication Networks Fall 2007 WF 4 5 30 in Cory 277 Vern Paxson TAs Lisa Fowler Daniel Killebrew Jorge Ortiz http inst eecs berkeley edu ee122 Materials with thanks to Jennifer Rexford Ion Stoica and colleagues at Princeton and UC Berkeley 1 Announcements Enough folks would be inconvenienced that we won t be closing either of the Monday or Tuesday sections Reminder Homework 1 due this Friday before class 2 1 Goals of Today s Lecture Concepts principles underlying the Domain Name System DNS Indirection names in place of addresses Hierarchy in names addresses and servers Caching of mappings from names to from addresses Inner workings of DNS DNS resolvers and servers Iterative and recursive queries TTL based caching Use of the dig utility Security analysis 3 Host Names vs IP addresses Host names Mnemonic name appreciated by humans Variable length full alphabet of characters Provide little if any information about location Examples www cnn com and bbc co uk IP addresses Numerical address appreciated by routers Fixed length binary number Hierarchical related to host location Examples 64 236 16 20 and 212 58 224 131 4 2 Separating Naming and Addressing Names are easier to remember www cnn com vs 64 236 16 20 Addresses can change underneath Move www cnn com to 4 125 91 21 E g renumbering when changing providers Name could map to multiple IP addresses www cnn com to multiple 8 replicas of the Web site Enables o Load balancing o Reducing latency by picking nearby servers o Tailoring content based on requester s location identity Multiple names for the same address E g aliases like www cnn com and cnn com 5 Scalable Name Address Mappings Originally per host file Flat namespace etc hosts what is this on your computer today SRI Menlo Park kept master copy Downloaded regularly Single server doesn t scale Traffic implosion lookups updates Single point of failure Amazing politics Need a distributed hierarchical collection of servers 6 3 Domain Name System DNS Properties of DNS Hierarchical name space divided into zones Zones distributed over collection of DNS servers Hierarchy of DNS servers Root hardwired into other servers Top level domain TLD servers Authoritative DNS servers Performing the translations Local DNS servers Resolver software 7 Distributed Hierarchical Database unnamed root com edu org generic domains bar ac uk arpa country domains Top Level Domains TLDs ac west east cam foo my usr my east bar edu zw inaddr usr cam ac uk 8 4 DNS Root Located in Virginia USA How do we make the root scale Verisign Dulles VA 9 DNS Root Servers 13 root servers see http www root servers org Labeled A through M Does this scale A Verisign Dulles VA C Cogent Herndon VA D U Maryland College Park MD G US DoD Vienna VA K RIPE London H ARL Aberdeen MD I Autonomica Stockholm J Verisign E NASA Mt View CA F Internet Software Consortium Palo Alto CA M WIDE Tokyo B USC ISI Marina del Rey CA L ICANN Los Angeles CA 10 5 DNS Root Servers 13 root servers see http www root servers org Labeled A through M Replication via any casting localized routing for addresses E NASA Mt View CA F Internet Software Consortium Palo Alto CA and 37 other locations A Verisign Dulles VA C Cogent Herndon VA also Los Angeles NY Chicago D U Maryland College Park MD G US DoD Vienna VA K RIPE London plus 16 other locations H ARL Aberdeen MD I Autonomica Stockholm J Verisign 21 locations plus 29 other locations M WIDE Tokyo plus Seoul Paris San Francisco B USC ISI Marina del Rey CA L ICANN Los Angeles CA 11 TLD and Authoritative DNS Servers Top level domain TLD servers Generic domains e g com org edu Country domains e g uk fr cn jp Special domains e g arpa Typically managed professionally o Network Solutions maintains servers for com o Educause maintains servers for edu Authoritative DNS servers Provide public records for hosts at an organization o Private records may differ though not part of original design s intent For the organization s servers e g Web and mail Can be maintained locally or by a service provider 12 6 Using DNS Local DNS server default name server Usually near the endhosts that use it Local hosts configured with local server e g etc resolv conf or learn server via DHCP Client application Extract server name e g from the URL Do gethostbyname to trigger resolver code Server application Extract client IP address from socket Optional gethostbyaddr to translate into name 13 Example root DNS server Host at cis poly edu wants IP address for gaia cs umass edu 2 3 4 local DNS server TLD DNS server 5 dns poly edu 1 8 requesting host cis poly edu 7 6 authoritative DNS server dns cs umass edu gaia cs umass edu 14 7 Recursive vs Iterative Queries Recursive query Ask server to get answer for you E g request 1 and response 8 root DNS server 2 4 local DNS server Iterative query Ask server who to ask next E g all other request response pairs 3 dns poly edu TLD DNS server 5 1 8 requesting host 7 6 authoritative DNS server dns cs umass edu cis poly edu 15 Reverse Mapping Address Host How do we go the other direction from an IP address to the corresponding hostname Addresses already have natural quad hierarchy 12 34 56 78 But quad notation has most sig hierarchy element on left while www cnn com has it on the right Idea reverse the quads 78 56 34 12 and look that up in the DNS Under what TLD Convention in addr arpa So lookup is for 78 56 34 12 in addr arpa 16 8 Distributed Hierarchical Database unnamed root com edu org generic domains ac uk zw arpa country domains bar ac inaddr west east cam 12 foo my usr 34 my east bar edu usr cam ac uk 56 17 12 34 56 0 24 DNS Caching Performing all these queries takes time And all this before actual communication takes place E g 1 second latency before starting Web download Caching can greatly reduce overhead The top level servers very rarely change Popular sites e g www cnn com visited often Local DNS server often has the information cached How DNS caching works DNS servers cache responses to queries Responses include a time to live TTL field Server deletes cached entry after TTL expires 18 9 Negative Caching Remember things that don t work Misspellings like www cnn comm and www cnnn com These can take a long time to fail the first time Good to remember that they don t work so the failure takes less time the next time around But negative caching is optional And not widely implemented 19 DNS Resource Records DNS distributed DB storing resource records RR RR format
View Full Document
Unlocking...