CSCE 790: Computer Network Security
Download
Report
Transcript CSCE 790: Computer Network Security
CSCE 515:
Computer Network Programming
Chin-Tser Huang
[email protected]
University of South Carolina
A Client/Server Multicast Chat System
Each client unicasts its message to
server
Server then multicasts message to all
clients
Otherwise similar to MulticastChat
discussed in last lecture: client opens a
chat frame and starts a thread that
listens for incoming packets
2/22/2005
2
MixedcastChat.java
/* * Java Network Programming, Second Edition * Merlin Hughes, Michael Shoffner, Derek
Hamner * Manning Publications Company; ISBN 188477749X * * http://nitric.com/jnp/ * *
Copyright (c) 1997-1999 Merlin Hughes, Michael Shoffner, Derek Hamner; * all rights
reserved; see license.txt for details. */
import java.io.*;
import java.net.*;
import java.awt.*;
public class MixedcastChat extends MulticastChat {
// public MixedcastChat (InetAddress group, int port, InetAddress server, int serverPort) …
// protected void initNet () throws IOException…
// public static void main (String[] args) throws IOException …
}
2/22/2005
3
Constructor MixedcastChat
protected InetAddress server;
protected int serverport;
public MixedcastChat (InetAddress group, int port, InetAddress server, int
serverPort) {
super (group, port);
this.server = server;
this.serverPort = serverPort;
frame.setTitle ("MixedcastChat [" + group.getHostAddress () + ":" + port +
"/" + server.getHostName () + ":" + serverPort + "]");
}
2/22/2005
4
Method initNet
protected void initNet () throws IOException {
super.initNet ();
outgoing.setAddress (server);
outgoing.setPort (serverPort);
}
2/22/2005
5
Method main
public static void main (String[] args) throws IOException {
if ((args.length != 2) || (args[0].indexOf (":") < 0) ||
(args[1].indexOf (":") < 0))
throw new IllegalArgumentException
("Syntax: MixedcastChat <group>:<port> <server>:<port>");
int idx = args[0].indexOf (":");
InetAddress group = InetAddress.getByName (args[0].substring (0, idx));
int port = Integer.parseInt (args[0].substring (idx + 1));
idx = args[1].indexOf (":");
InetAddress server = InetAddress.getByName (args[1].substring (0, idx));
int serverPort = Integer.parseInt (args[1].substring (idx + 1));
}
MixedcastChat chat = new MixedcastChat (group, port, server, serverPort);
chat.start ();
2/22/2005
6
MixedcastServer.java
/* * Java Network Programming, Second Edition * Merlin Hughes, Michael Shoffner, Derek
Hamner * Manning Publications Company; ISBN 188477749X * * http://nitric.com/jnp/ * *
Copyright (c) 1997-1999 Merlin Hughes, Michael Shoffner, Derek Hamner; * all rights
reserved; see license.txt for details. */
import java.io.*;
import java.net.*;
public class MixedcastServer {
// public static void main (String[] args) throws IOException…
// protected static void init (int serverPort, InetAddress group, int port) throws IOException…
// protected static void relay () throws IOException…
}
2/22/2005
7
Method main
public static void main (String[] args) throws IOException {
if ((args.length != 2) || (args[1].indexOf (":") < 0))
throw new IllegalArgumentException
("Syntax: MixedcastServer <server port> <group>:<port>");
int serverPort = Integer.parseInt (args[0]);
int idx = args[1].indexOf (":");
InetAddress group = InetAddress.getByName (args[1].substring (0, idx));
int port = Integer.parseInt (args[1].substring (idx + 1));
}
init (serverPort, group, port);
while (true) {
relay ();
}
// protected static void init (int serverPort, InetAddress group, int port) throws IOException…
// protected static void relay () throws IOException…
2/22/2005
8
Method init
protected static DatagramSocket inSocket;
protected static MulticastSocket outSocket;
protected static DatagramPacket incoming, outgoing;
protected static void init (int serverPort, InetAddress group, int port) throws IOException {
inSocket = new DatagramSocket (serverPort);
outSocket = new MulticastSocket ();
outSocket.setTimeToLive (1);
byte[] buffer = new byte[65508];
incoming = new DatagramPacket (buffer, buffer.length);
outgoing = new DatagramPacket (buffer, buffer.length, group, port);
}
2/22/2005
9
Method relay
protected static void relay () throws IOException {
incoming.setLength (incoming.getData ().length);
inSocket.receive (incoming);
outgoing.setLength (incoming.getLength ());
outSocket.send (outgoing);
}
2/22/2005
10
Internet Group Management Protocol
(IGMP)
Let all systems on a physical network know
which hosts currently belong to which
multicast groups
IGMP messages are carried in IP datagrams
Two types of messages: IGMP report and
IGMP query
Latest version is 3 (RFC 3376)
2/22/2005
11
IGMPv1 Message Format
0
34
78
IGMP
IGMP
version type(1-2)
15 16
unused
destination port number
group address (class D IP address)
2/22/2005
31
8 bytes
12
Joining a Multicast Group
A process joins a multicast group on a
given interface on a host
A process can join same group on
multiple interfaces
Membership in a multicast group on a
given interface is dynamic: process can
join and leave group at any time
2/22/2005
13
IGMP Operation
A host sends an IGMP report when first
process joins a group
A multicast router sends an IGMP query with
group address 0 at regular intervals on each
interface
A host responds to an IGMP query by sending
one IGMP report for each group that still
contains at least one process
A host does not send a report when leaving a
group; it just won’t report to next query
2/22/2005
14
IGMP Operation
IGMP report, TTL = 1,
IGMP group addr = group address
dest IP addr = group address
src IP addr = host’s IP addr
host
2/22/2005
IGMP query, TTL = 1,
IGMP group addr = 0
dest IP addr = 224.0.0.1
src IP addr = router’s IP addr
multicast
router
15
Some Implementation Considerations
A host sends out second copy of an initial
IGMP report after a random delay
To make sure the report is delivered
A host does not respond to an IGMP query
immediately; it schedules responses for later
times
If a host is scheduled to send a report but
receives a copy of same report from other host, it
can cancel the scheduled report
2/22/2005
16
Domain Name System (DNS)
A distributed database used by TCP/IP
applications to map between hostnames
and IP addresses
No single site on Internet knows all
information; each site maintains its own
database and let other sites query it
DNS name space is hierarchical
2/22/2005
17
Hierarchical Organization of DNS
Unnamed
root
arpa
com
edu
gov
int
mil
net
org
ae
…
United Arab
Emirates
us
in-addr
sc
118
cse
state
130
vega
www
vega.cse.sc.edu
252
Generic
domains
…
sc
zw
Zimbabwe
www.state.sc.us
Country
domains
129
2/22/2005
18
DNS Tree
Every node has a label of up to 63
characters
Root of tree is a special node with null
label
Name of a leaf node stands for host
name
2/22/2005
19
Domain Name
Domain name of any node is the list of labels,
starting at that node, working up to root,
using a dot to separate labels
Every node must have a unique domain
name, but same label can be used at
different nodes in the tree
A domain name ending with a dot is called a
fully qualified domain name (FQDN)
Because it ends with root and root has null label
2/22/2005
20
Top-level Domains
Three areas of top-level domains
arpa, a special domain used for addressto-name mappings
Seven 3-character generic domains
com, edu, gov, int, mil, net, org
2-character country domains
2/22/2005
21
DNS Zone
A subtree of DNS tree that is administered
separately
A second-level domain is a common zone,
and is divided into smaller zones
Each zone has a primary name server and
one or more secondary name server
To avoid single point of failure
2/22/2005
22
DNS Operation
When a new system is added to a zone, DNS
administrator for the zone assigns a name
and an IP address and stores information in
name server
To resolve a name or address, client can send
DNS query message to a name server of its
zone
2/22/2005
23
DNS Operation (cont’d)
When a name server is queried, it first
searches its database
If found, reply with a DNS response message
If not found, contact a root name server, and root
name server contacts a second-level name server,
continues iteratively until an answer of yes or no
A name server caches received information
about a mapping to reduce DNS traffic
2/22/2005
24
DNS Message Format
0
1516
identification
31
flags
number of questions
number of answer RRs 12 bytes
number of authority RRs
number of additional RRs
questions
answers
(variable number of resource records)
authority
(variable number of resource records)
additional information
(variable number of resource records)
2/22/2005
25
Format of question Portion of DNS Query
0
15 16
31
query name
query type
2/22/2005
query class
26
Format of DNS Resource Record
0
15 16
31
domain name
type
class
time-to-live
resource data length
resource data
2/22/2005
27
Next Class
TCP
Read TI Ch. 17, 18
Homework 2 will be passed out
2/22/2005
28