DNS and CDNs (Content Distribution Networks)What do all of these have in common?They all have a DNS name somewhereWhy is DNS so important?DNS is the “core” of the InternetPicture of DNS query/replyWhy all these dots?It wasn’t always that wayThe “host table” and DNSThe host table (historic)Distributed DirectoryDNS is simple but powerfulDNS is the core of the InternetImportant DNS RR typesDNS tree structurePrimary and secondary serversResolver structure and configurationSlide 18DNS cache managementCaching is the key to performanceChanging a DNS nameDNS IssuesNext, Content Distribution NetworksContent Routing Principle (a.k.a. Content Distribution Network)Slide 25Slide 26Two basic types of CDN: cached and pushedCached CDNSlide 29Slide 30Slide 31Pushed CDNSlide 33CDN benefitsCDN costs and limitationsWhat if lots of clients try to access the same CS?How can the CDN spread this load around?Guess what: DNS!How well do CDNs work?DNS and CDNs (Content Distribution Networks)Paul FrancisCornell Computer ScienceWhat do all of these have in common?http://www.cnn.com/news/story.htmlHTTP (web)mailto://[email protected]Emailsip://[email protected]SIP (Session Initiation Protocol)They all have a DNS name somewherehttp://www.cnn.com/news/story.htmlHTTP (web)[email protected]Emailsip://[email protected]SIP (Session Initiation Protocol)Why is DNS so important?Names are easier to remember than IP addresses[email protected] ???And in any event, IP addresses are not “dependable”They change often (dialup)They are not all uniqueDNS is the “core” of the InternetSo “we” (humans, and applications) like to deal with dependable, stable, friendly DNS namesThe names get “mapped” into IP addresses by lower layersBy the Domain Name System (DNS)Then the learned IP address is put into packets, and IP routing gets the packets across the InternetPicture of DNS query/replyWhy all these dots?Why falcon.cs.cornell.edu?Why not “cornell-falcon” or something?It wasn’t always that wayTwenty years ago, this was a valid email address:george@isiHow did my computer learn the IP address of “isi”?The “host table” and DNSBefore DNS, there was the host tableThis was a complete list of all the hosts in the Internet!It was copied every night to every machine on the Internet!At some point, this was perceived as a potential scaling bottleneck…So a distributed directory called the “Domain Name System” was invented (DNS)The host table (historic)Host Name IP Addressmit-dlab 133.65.14.77isi-mail 24.72.188.13mit-lcs 133.65.29.1… …Distributed DirectoryA primary goal of DNS was to have a distributed “host table”, so that each site could manage its own name-to-address mappingBut also, it should scale well!DNS is simple but powerfulOnly one type of queryQuery(domain name, RR type)•Resource Record (RR) type is like an attribute typeAnswer(values, additional RRs) Limited number of RR typesHard to make new RR typesNot for technical reasons…Rather because each requires global agreementDNS is the core of the InternetGlobal name spaceCan be the core of a naming or identifying schemeGlobal directory serviceCan resolve a name to nearly every computer on the planetImportant DNS RR typesNS: Points to next Name Server down the treeA: Contains the IP addressAAAA for IPv6MX: Contains the name of the mail serverService-oriented RR typesSRV: Contains addresses and ports of services on servers•One way to learn what port number to useNAPTR: Essentially a generalized mapping from one name space (i.e. phone numbers) to another (i.e. SIP URL)DNS tree structure.edu.cornell.edu.cs.cornell.edu.com. jp. us.cmu.edu. mit.edu.eng.cornell.edu.foo.cs.cornell.edu A 10.1.1.1bar.cs.cornell.edu A 10.1.1.1NS RR “pointers”Primary and secondary serverscornell.edu.cs.cornell.edu.NS RRs point to both primary and secondary serversRRs are initially configured into primary serverPrimary server replicates RRs onto secondary servers periodically(updates are incremental)Resolver structure and configuration.edu.cornell.edu.cs.cornell.edu.com. jp.cmu.edu.eng.cornell.edu.Static configurationof root serversStub resolver resides on client host, points to configured recursive serverResolver manages DNS queries on behalf of stub resolversResolver structure and configuration.edu.cornell.edu.cs.cornell.edu.com. jp.cmu.edu.eng.cornell.edu.1. Stub resolver sends recursive query2,3,4… Resolver makes iterative queries to serversN. Resolver returns final answer to stub resolver (which also caches result)Resolver caches results for efficiencyDNS cache managementAll RRs have Time-to-live (TTL) valuesWhen TTL expires, cache entries are removedNS RRs tend to have long TTLsCached for a long timeReduces load on higher level serversA RRs may have very short TTLsOrder one minute for some web servicesOrder one day for typical hostsCaching is the key to performanceWithout caching, the small number of machines at the top of the hierarchy would be overwhelmedBut what if you want to change the IP address of a host? How do you change all those cached entries around the world?You can’t…you wait until they timeout on their own, then make your changeChanging a DNS nameSay your TTL was set to one dayThis means that even if you change DNS now, some hosts will continue to use the old address for a daySo, give the host two IP addresses for a while (the old one and the new one)But DNS only answers with the new oneAfter a day, the old one is cleaned out of caches, and you can remove it from the hostDNS IssuesDoS attacks on (13) root serversDoS = Denial of ServiceMis-configuration issuesBut on the whole DNS is an incredible system, and is in many important respects is the “core” of the Internethttp://www.cnn.com/news[email protected], Content Distribution NetworksIdea here is to replicate a “web server” in many places over the InternetLatency to a single centralized web server farm may be too highA centralized web server farm may failContent Routing Principle(a.k.a. Content Distribution Network)SISPBackboneISPIX IXS SSiteSISPS S SISPS SBackboneISPBackboneISPHostingCenterHostingCenterSitesContent Routing Principle(a.k.a. Content Distribution Network)SISPBackboneISPIX IXS
View Full Document
Unlocking...