EE 122 Lecture 20 Domain Name Server DNS Ion Stoica Nov 15 2001 based on the some on line slides of J Kurose K Rose and of Raj Jain Names Addresses What is a name What is an address What is an identifier What is the difference between name addresses and identifiers istoica cs berkeley edu 2 Internet Centric View Addresse Says how to reach an object it has location semantics associated to it It s in a format easy to process by computers Name Does not have any location semantics associated to it It s in a format easier to understand read remember by people Examples IP address 128 32 27 22 Name amber berkeley edu istoica cs berkeley edu 3 General View Differentiating between names and addresses introduces several consistency problems What is a multicast IP address What is the IP address of a mobile host What is cnri reston va us Solution interpret an address as just another name that may happen to have location semantics istoica cs berkeley edu 4 Name Service Name space define the set of possible names Hierarchical e g Unix and Windows file names Flat Bindings the mapping between names and values e g bindings can be implemented by using tables Resolution procedure that when invoked with a name returns the corresponding value Name server specific implementation of a resolution mechanism that is available on the network and that can be queried by sending messages istoica cs berkeley edu 5 General View In general there are multiple mappings Host name amber berkeley edu DNS resolution IP address 128 32 27 22 ARP Address Resolution Protocol Ethernet MAC address 12 34 56 78 90 12 istoica cs berkeley edu 6 Mapping Multiple names can map onto the same name at the underlying level Example www berkeley edu and amber berkeley edu can map to the same machine I e the same IP address One name can map onto multiple names at the underlying level Example www yahoo com can be mapped to multiple machines istoica cs berkeley edu 7 Name Hierarchy root edu berkeley eecs com gov mil org net uk fr cmu sims divine istoica cs berkeley edu 8 Name Hierarchy Unique domain suffix is assigned by the Internet Authority The domain administrators have complete control over the domain No limit on the number of subdomains or number of levels Name space is not related with the physical interconnection Geographical hierarchy is allowed e g cnri reston va us A name could be a domain or an individual objects istoica cs berkeley edu 9 Top Level Domains Domain Name Assignment com Commercial edu Educational gov Government mil Military net Network Org Other organizations Arpa Advances research project agency country code au uk ca istoica cs berkeley edu 10 DNS Name Servers Why not centralize DNS Single point of failure Traffic volume Distant centralized database Maintenance Doesn t scale istoica cs berkeley edu 11 Server Hierarchy Zones A zone corresponds to an administrative authority that is responsible for that portion of the hierarchy root edu berkeley eecs divine com gov mil org net uk fr cmu sims istoica cs berkeley edu 12 Server Hierarchy Server are organized in hierarchies Each server has authority over a portion of the hierarchy A single node in the name hierarchy cannot be split A server maintains only a subset of all names It needs to know other servers that are responsible for the other portions of the hierarchy istoica cs berkeley edu 13 Server Hierarchy Authority each server has the name to address translation table for all names in the name space it controls Every server knows the root Root server knows about all top level domains istoica cs berkeley edu 14 DNS Name Servers No server has all name to IP address mappings Local name servers Each ISP company has local default name server Host DNS query first go to local name server Authoritative name servers For a host stores that host s IP address name Can perform name address translation for that host s name istoica cs berkeley edu 15 DNS Root Name Servers Contacted by local name server that can not resolve name Root name server Contacts authoritative name server if name mapping not known Gets mapping Returns mapping to local name server Dozen root name servers worldwide istoica cs berkeley edu 16 Simple DNS Example root name server Host whsitler cs cmu edu wants IP address of www berkeley edu 1 Contacts its local DNS server mango srv cs cmu edu 2 mango srv cs cmu edu contacts root name server if necessary 3 Root name server contacts authoritative name server ns1 berkeley edu if necessary 2 5 3 4 local name server authorititive name server mango srv cs cmu edu 1 6 requesting host whistler cs cmu edu istoica cs berkeley edu ns1 berkeley edu www berkeley edu 17 DNS Example root name server Root name server May not know 2 7 authoritative name server May know intermediate name server who to contact to find local name server authoritative name mango srv cs cmu edu server 1 8 requesting host 6 3 intermediate name server edu server 4 5 authoritative name server ns1 berkeley edu whistler cs cmu edu www berkeley edu istoica cs berkeley edu 18 DNS Iterated Queries Recursive query root name server Puts burden of name resolution on contacted name server Heavy load iterated query 2 3 5 Iterated query Contacted server replies with name of server to contact I don t know this name but ask this server 4 local name server mango srv cs cmu edu 1 8 requesting host intermediate name server edu server 6 7 authoritative name server ns1 berkeley edu whistler cs cmu edu istoica cs berkeley edu www berkeley edu 19 DNS Records DNS distributed database storing resource records RR RR format name value type ttl Type A name is an alias name for some cannonical the real name value is cannonical name name is hostname value is IP address Type CNAME Type NS name is domain e g foo com value is IP address of authoritative name server for this domain Type MX value is hostname of mailserver associated with name istoica cs berkeley edu 20 DNS protocol messages DNS protocol query and reply messages both with same message format msg header identification 16 bit for query reply to query uses same flags query or reply recursion desired recursion available reply is authoritative istoica cs berkeley edu 21 DNS protocol messages Name type fields for a query RRs in reponse to query Records for authoritative servers Additional helpful info that may be used istoica cs berkeley edu 22 Discussion Robustness Use multiple replicas but what if someone mounts a denial of service attack to all root servers
View Full Document
Unlocking...