Transcript DNS

DOMAIN NAME
SYSTEM
Class 9
CSCI 6433
Dave Roberts
Entire contents copyright 2014, David C. Roberts, all rights reserved
2
Agenda
• Name systems
• DNS
• DHCP
3
NAME SYSTEMS
4
Why Name Systems
• Computers are happy with numbers
• Important reasons why IP addresses have numbers
• However, humans like to deal with names
• Especially in the case of IPv6
• Name systems can provide names for humans to deal
with
• But there’s another reason too—names can be made
more persistent than IP addresses
5
Internet Name Spaces
• MAC Addresses
• Identities of NICs
• Unique across a LAN, at least
• Usually 48 bits
• IP Addresses
• Routable address of a host
• Can change frequently
• 32 or 128 bits
• Unique across the Internet
• Domain Names
• English language names
• Generally tied to an activity of people
• Changes slowly, may have years of duration
6
DOMAIN NAME SYSTEM
7
In The Beginning—Host Name
Mechanism
• Text file called hosts
• Looked like this:
# Host Database
# This file should contain the addresses and aliases
# for local hosts that share this file.
#
# Each line should take the form:
# <address> <host name>
#
127.0.0.1 localhost
128.164.1.16 www.gwu.com
74.220.25.150 www.webmarketingadvantage.com
198.175.98.64 ftp.intel.com
• This is no longer used.
• Why not?
8
Internet with Names, without DNS
9
With DNS
10
Basic Name System Functions
• Name space: rules how names are structured and used
• Name registration: a method for linking specific names to specific
devices so that names are unique across the entire Internet
• Name resolution: mechanism for translating a symbolic name into an
IP address
11
Principal RFCs for DNS
12
Goals for DNS
• Global, scalable, consistent name space
• Local control over local resources
• Distributed design to avoid bottlenecks
• Application universality
• Support for multiple underlying protocols
• Hardware universality
13
The Approach
• As the Internet grew, there were predictions that it would
•
•
•
•
collapse because of the growth of DNS and the large
amount of name-lookup traffic
This is one of the most centralized features of the Internet
The approach used was to adopt a hierarchical name
system, so that as the name space grew it could be
subdivided and reside on multiple servers
The use of caching throughout the DNS has greatly
reduced the amount of traffic to primary servers
The system has proved to be quite robust
14
What DNS Does
• Designates an authoritative name server for each domain
• Authoritative name server is responsible for its designated
domains
• For example, servers for webmarketingadvantage.com
are ns.intersessions.com and ns2.intersessions.com
• Some types of DNS records:
• A or AAAA—IP address
• NS—name server
• MX—mail exchanger
15
Domain Name Space
• Highest level domain is on the right
• Test.ncww.us
• Highest level domain is .us
• Then ncww
• Then test
• Symbols used follow the LDH rule—letters, digits, hyphen
• Domains are interpreted as case-independent
• Hostname—a domain name associated with an IP
address
Source: Wikipedia
16
Domain Name Space
17
DNS Functions
18
Address Resolution
• DNS Resolvers query TLD servers to find domain servers
1. Network host has initial cache (called hints) with addresses of
known root servers
2. Query to a root server finds server for the TLD
3. Query to TLD server finds DNS server authoritative for the
second-level domain
4. This continues until the final step returns IP address of the host
Question: what can be done to reduce the message traffic
associated with the DNS process?
19
How It Works
Source: Wikipedia
20
Iterative Resolution
21
Recursive Resolution
22
DNS Name Servers
• Each DNS server is a database server
• Resource record stores a type of information about a
node in the DNS tree. It has general format for part of
record, specialized format for information for its type
• Master file representation is text representation for
resource record, editable by humans
23
Root Name Servers
• Today there are 13 different root name servers
• Each of these has multiple physical servers
24
DNS Resolvers
Functions:
• Standard name resolution: given a DNS name, find the IP
address
• Reverse name resolution: take an IP address and determine
what name is associated with it
• Electronic mail resolution: determine where to send email
based on the email address used in a message
Actions:
• Provide user interface: allow name to be used in place of IP
address
• Forming and sending queries: sends queries to DNS
• Processing responses: accept response from DNS, decide
what do with it
25
DNS Resource Records and Classes
• Each DNS server is a type of database server
• The database has entries called Resource Records for
domains
• RRs are stored in binary but have text versions that are
shown to humans
26
Common DNS Resource Records
27
Examples of Object Types
28
Caching
• Caching is very important to DNS
• Names that are referenced are often referenced again
• There is extensive caching at all levels of DNS
• When a cached value is returned, the address of the
authoritative server is also returned
• Each RR has a TTL specified. Servers that cache the
record discard it when the time interval expires
29
DNS Message Format
30
Name Space
Each node in the DNS tree is identified by a label
31
Name Syntax
• Length: each label can be up to 63 characters long
• Symbols: letters, numbers, dash are allowed
• Case: labels are not case-sensitive
• Every label must be unique within its parent domain
32
Domain Name Construction
33
Uniqueness
• Every label must be unique within its parent domain
Names can be up to 255 characters long
34
Resource Specification
• Can specify a resource within a domain name by
providing a directory structure after the name
• For example, could have
• Salt.crystal.rocks/Essay
35
Management of the Name Space
• ICANN and IANA are responsible for management of the
name space
• They delegate responsibility for parts of the name space
to other organizations
• Different parts of the name space may be managed
differently
36
Original TLDs
• .ARPA
• .COM
• .EDU
• .GOV
• .MIL
• .NET
• .ORG
The three TLDs for most names
became very crowded very
quickly
37
More TLDs
38
Many More TLDs
• Country code TLDs (.ca, .cn, .us)
• Geographic TLDs (.alsace, .wales)
• Brand TLDs (.android, .bnpparibas)
…and more
39
Country Code TLD Authorities
• Each country has authority to set up and manage its TLD
• Many country codes have been defined
• Country codes have two letters
• Some country codes are used for other purposes
• Some TLDs are restricted
Examples:
Scoop.It uses TLD for Italy to spell “scoop it”
Bit.ly spells out “bitly” using TLD for Lybia
40
Details
41
Persistence
• Persistence of DNS names and IP addresses is different
• How?
42
Summary
• DNS is a crucial Internet service
• It allows names to be established for persistent areas of
influence
• The convenience of names is secondary to its importance
• DNS is the Internet name space that best represents
human activities
43
DHCPV4: HOW DOES A
HOST GET STARTED?
44
What Information Does a Host Need?
• Address of default router
• Network mask
• Addresses of mail server, DNS server
• MTU of local network
• TTL value to use for IP datagrams
• IP address of host
45
What About Manual Configuration?
• People make mistakes
• There aren’t enough people
• Hosts may be dumb and unable to remember settings
So—we use IP to get the IP addresses that we need.
The “limited broadcast” IP address is used to broadcast
even before the client knows its own IP address.
46
Retransmission
• Responsibility for reliable communication on the client
• Requires that UDP checksum be on
• Requires that do not fragment bit be on
• Client sets timeout, retransmits when timeout expires
• Delay has a random number added
• After failure, delay is doubled, up to 60 seconds
47
Message Format
48
Address Allocation Methods
• Manual allocation: Each IP address is allocated
to a single device. DHCP communicates that
address
• Automatic allocation: DHCP automatically
assigns an IP address permanently to a device,
selecting from a pool
• Dynamic allocation: DHCP assigns an IP
address from a pool for a time chosen by the
server or until the client gives it up (most used, by
far)
49
DHCP Lease Length
• DHCP administrator must pick lease length for IP
addresses
• Short lease lengths make most effective use of IP addresses
• Long lease lengths produce more network stability
• Lease lengths might be from one hour to months
50
DHCP Lease Allocation Process
51
Summary
• DHCPv4 is run by hosts at startup
• It configures the host for network operation
What about v6?
52
Startup with IPv6
• Designers wanted startup without DHCP
• Designed stateless autoconfiguration
• But ISPs and network managers wanted more control, so
DHCPv6 was also developed
53
DHCPv6
• Server for each network; host contacts server
• Host generates link-local address, uses link-local
multicast to reach server
• DHCPv6 allows for authentication
• RFC for DHCPv6 is twice the size as RFC for DHCPv4
54
Neighbor Discovery Protocol
• This is a new alternative to DHCP
• NDP takes over and uses messages similar to:
• ICMPv4 router discovery
• Address resolution
• ICMPv4 redirect
• NDP also adds new features:
• ND operates at the IP level, can use IPSec
• Autoconfiguration
• Dynamic router selection
• Multi-cast based address resolution
• Improved redirection
55
Stateless Autoconfiguration
• Uses IPv6 Neighbor Discovery Protocol (NDP)
• Host generates an IPv6 address and checks its
uniqueness on its network
• Link-local address generated with prefix in leftmost bits
and MAC address in rightmost bits. Any in between are
set to zero.
• Host uses Duplicate Address Detection (DAD) to test
whether the link-local address s unique on the subnet
56
Duplicate Address Detection
• Host sends neighbor solicitation message asking for
•
•
•
•
address it wants to use
If other host is using it, it responds and requesting host
stops autoconfiguration
This rarely happens because MAC addresses are
intended to be unique
Next, host sends router solicitation message to all-routers
multicast address
Response from router tells host whether to use DHCP,
whether to create global address
57
ICMPv6 Message Types for NDP
• Router Solicitation
• Router Advertisement
• Neighbor Solicitation
• Neighbor Advertisement
• Redirect
58
ICMPv6 Router Solicitation
Requests routers on the network to respond with router advertisement
59
ICMPv6 Router Advertisement
• Each router sends out regular router advertisements
• Also sent in response to router solicitation message
• Router maintains hop limit, MTU
60
ICMPv6 Neighbor Solicitation
•
•
•
•
Message used to find IP address of a destination on the same network
Replaces ARP message
Each host has a cache of neighbor IP addresses
Also used for duplicate address detection
61
ICMPv6 Neighbor Advertisement
62
ICMPv6 Redirect
• Router checks for local hosts using poor next-hop address
• Informs host of better next hop address for datagrams to a particular
destination
63
ICMP Redirect
64
Summary
• For IPv6, configurations can be managed by DHCP or
automatically
• Either method can provide all the parameters needed on
startup
• DHCP allows for more complete control of which hosts
can connect to a network