CS556: Distributed Systems

1
CS-556 Distributed Systems
Naming (II)

• Manolis Marazakis
• maraz_at_csd.uoc.gr

2
Directories as specialized databases

• Read access is much more frequent than write
  access
• Static view of data
• Attribute-value pairs
• Simple updates
• No transactions
• No rollback
• Network access protocol
• Replication scheme
• Data distribution scheme
• Referrals

3
X.500 principles

• Organizes directory entries into a hierarchical
  namespace
• Powerful search capabilities
• Often used for interfacing incompatible directory
  services
• Used DAP for client-server communication
• DAP (App. Layer) requires entire OSI stack to
  operate
• Too heavy for small environments

4
The X.500 Name Space (I)

• A simple example of a X.500 directory entry using
  X.500 naming conventions.

5
The X.500 Name Space (II)
DN Distinguished Name RDN Relative DN

• Part of the directory information tree.

6
The X.500 Name Space (III)

• Two directory entries having Host_Name as RDN.

7
LDAP vs DAP

• Lightweight alternative to DAP
• Uses TCP/IP instead of OSI stack
• TCP Port 389 (636 for SSL access)
• Simplifies certain functions and omits others
• Uses strings rather than DAPs ASN.1 notation to
  represent data.

8
LDAP operations (I)

• Authentication
• BIND/UNBIND
• ABANDON
• Query
• Search
• Compare entry
• Update
• Add an entry
• Delete an entry (Only Leaf nodes, no aliases)
• Modify an entry, Modify DN/RDN

9
LDAP operations (II)

• Client establishes session with server (BIND)
• Hostname/IP and port number
• Security
• User-id/password based authentication
• Clear-text password ?
• Anonymous connection - default access rights
• Encryption/Kerberos also supported
• Client performs operations
• Read/Update/Search
• SELECT X,Y,Z FROM PART_OF_DIRECTORY
• Client ends the session (UNBIND)
• Client can ABANDON the session

10
LDAP operations (III)

• Accessing an LDAP-based directory is accomplished
  by using a combination of DN, filter, and
  scope...
• a base DN indicates where in the hierarchy to
  begin the search
• a filter specifies attribute types, assertion
  values, and matching criteria
• scope indicates what to search
• the base DN itself
• one level below the base DN
• the entire subtree rooted at the base DN

11
LDAP (I)
You can put just about anything you want into the
directory Text, Photos, URLs, Binary data, PK
Certificates, Though, there may be
implementation-dependent limitations on the
amount of data of a given type you can store.
Information storage model
Entries themselves are "typed". This is
accomplished by the objectClass attribute...
12
LDAP (II)

• X.500s Directory Access Protocol
• adapted for Internet use
• RFC-1777
• TCP/IP access to directory servers
• Bind/unbind
• Add, modify, delete, update entries
• Search filters compare to locate information
• Schemas
• Hierarchical structure Directory Information
  Tree
• LDAP Data Interchange Format

13
LDAP Distinguished Names
"cntest entry, oupeople, dcstanford, dcedu"
dc domain component
14
LDAP schema example

• posixAccount
• Defined in RFC-2037
• dn uidlester, dcsomeorg, dcorg
• objectClass top
• objectClass account
• objectClass posixAccount
• uid lester cn Lester the SysAdm
• userPassword cryptX5/DBrWPOQQaI
• gecos Lester
• loginShell /bin/csh
• uidNumber 10
• gidNumber 10
• homeDirectory /home/lester

15
LDAP Applications

• White Pages
• Yellow Pages
• Attribute Mapping
• Namespace Implementation

16
LDAP deployment (I)
Upon clients request, server 1 returns referral
to server 2
17
LDAP deployment (II)

• Replication architecture
• Reliability - if one copy of the directory
  is down
• Availability - more likely to find an
  available server
• Latency - can use a server closer to you
• Throughput - can take more queries as
  replicas are added
• Temporary inconsistentencies are ok
• Having replicas close to clients is important
• - Network going down is the same as server
  going down
• - Removes single point of failure

18
LDAP deployment (III)
Replication Option-I All updates go to the
master server
19
LDAP deployment (IV)
Replication Option-II Update propagation via
referrals
20
LDAP deployment (V)
Replication Option-III Update propagation via
chaining
21
Naming versus Locating Entities

• Direct, single level mapping between names and
  addresses.
• T-level mapping using identities.

22
Forwarding Pointers (I)

• The principle of forwarding pointers using
  (proxy, skeleton) pairs.

23
Forwarding Pointers (II)

• Redirecting a forwarding pointer, by storing a
  shortcut in a proxy.

24
Mobile IP (RFC 2002) Motivation

• Traditional routing
• based on IP destination address
• network prefix determines physical subnet
• change of physical subnet implies
• change of IP address (conform to new subnet), or
• special routing table entries to forward packets
  to new subnet
• Changing of IP address
• DNS updates take to long time
• TCP connections break
• security problems
• Changing entries in routing tables
• does not scale with the number of mobile hosts
  and frequent changes in the location
• security problems
• Solution requirements
• retain same IP address, use same layer-2
  protocols
• authentication of registration messages,

25
Mobile IP Terminology

• Mobile Node (MN)
• node that moves across networks without changing
  its IP address
• Home Agent (HA)
• host in the home network of the MN, typically a
  router
• registers the location of the MN, tunnels IP
  packets to the COA
• Foreign Agent (FA)
• host in the current foreign network of the MN,
  typically a router
• forwards tunneled packets to the MN, typically
  the default router for MN
• Care-of Address (COA)
• address of the current tunnel end-point for the
  MN (at FA or MN)
• actual location of the MN from an IP point of
  view
• Correspondent Node (CN)
• host with which MN is corresponding (TCP
  connection)

26
Home-Based Approaches

• The principle of Mobile IP.

27
Mobile IP (I)
IP Encapsulation within IP
Association bet. Home IP Care-of address
A tunnel is established bet. the home agent a
reachable point for the mobile node.
28
Mobile IP (II)
Agent advertisements agent solicitation

• 3 phases
• - Agent Discovery
• Registration
• Tunneling

• Mobile IP registration request/reply
• includes authentication validation
• MHAE 128-bit preshared key

• Set-up of routing mechanism (packet redirection)
• Mobile node sends packets using its Home address

29
Mobile IP (III)
Packets addressed to the mobile node are routed
to its Home network - interception tunneling to
the care-of address
Encapsulation/decapsulation of data packet
Packets show the home network as their source
Reverse tunneling - to allow for ingress filtering
30
Locating Objects in Wide-Area Systems

• M. van Steen, F.J. Hauck, P. Homburg, A.S.
  Tanenbaum Locating Objects in Wide-Area
  Systems, IEEE Communications Magazine, vol. 36,
  no. 1, 1998, pp. 104-109.
• 2-level naming hierarchy
• Hierarchical user-defined name spaces
• Object handles globally-unique,
  location-independent
• Eg DCEs UUID
• Object naming service
• Mapping bet. object handle set of contact
  addresses
• Object location service
• Per-region directory nodes
• partitioned into sub-nodes for scalability
• (Virtual) search tree
• Paths of forwarding pointers

31
Locating Objects in Mobile Computing

• E. Pitoura and G. Samaras Locating Objects in
  Mobile Computing, IEEE Trans. Knowledge and Data
  Engineering, vol. 13, no. 4, 2001, pp. 571-592.
• Two-tier schemes
• Mobile IP
• GSM (roaming)
• Home Location Register, Visitor Location
  Registers
• Tree-structured distributed database

32
Location Management

• Involves two basic operations
• Paging
• Search by system to track the mobile
• MSC broadcasts message on the FCC
• Target replies in the reverse channel
• Update
• Upper bound on the location uncertainty
• Mobile sends update message on the reverse
  channel

Cost of Communicating with mobile user is
augmented by Cost of Searching for the Current
location of the user. Paging cost calls
arrived cells paged Update cost times
mobile updates Trade-off More the paging, less
the update
33
GSM HLR VLR scheme (I)

• HLR
• Located at a pre-specified zone for each user
• Maintains the current location of the user as
  part of the User Profile
• To locate user x, xs HLR is identified and
  queried
• When x moves, contacts HLR and updates it to
  New Current Location
• VLR
• stores profiles of users not at home location and
  currently located inside its area.
• When call is placed from zone i to user x
• Query for x in i s VLR
• If ( not found )
• contact xs HLR
• When x moves from zone i to zone j
• Delete entry x from is VLR
• Add new entry x to js VLR
• Update xs HLR

34
GSM HLR VLR scheme (II)

• A powered-on mobile is informed of an incoming
  call by a paging message sent over the PAGCH
  channel of a cell.
• Design choices
• Page each cell in the network for each call
• Waste of Bandwidth
• Page exactly one cell but requires the mobile to
  send updates each time it changes cell
• Results in a large number of updates
• Compromise solution used in GSM
• Group cells into Location areas
• Updating messages are required when moving
  between location areas, and mobile stations are
  paged in the cells of their current location
  area.

35
GSM HLR VLR scheme (III)

• Assignment of HLR to a mobile is permanent
• users permanently shifted to different region
  still contact the same HLR
• Scalability
• Not scalable to highly distributed systems
• Locality of mobility is not taken advantage of

36
Hierarchical Approaches (I)

• Hierarchical organization of a location service
  into domains, each having an associated directory
  node.

37
Hierarchical Approaches (II)

• An example of storing information of an entity
  having two addresses in different leaf domains.

38
Hierarchical Approaches (III)

• Looking up a location in a hierarchically
  organized location service.

39
Hierarchical Approaches (IV)

• An insert request is forwarded to the first node
  that knows about entity E.
• A chain of forwarding pointers to the leaf node
  is created.

40
Pointer Caches (I)

• Caching a reference to a directory node of the
  lowest-level domain in which an entity will
  reside most of the time.

41
Pointer Caches (II)

• A cache entry that needs to be invalidated
  because it returns a nonlocal address, while such
  an address is available.

42
Scalability Issues

• Uniformly placing subnodes of a partitioned root
  node across the network covered by a location
  service.

43
The Problem of Unreferenced Objects

• An example of a graph representing objects
  containing references to each other.

44
Reference Counting (I)

• The problem of maintaining a proper reference
  count in the presence of unreliable communication.

45
Reference Counting (II)

• Copying a reference to another process and
  incrementing the counter too late
• A solution.

46
Advanced Referencing Counting (I)

• The initial assignment of weights in weighted
  reference counting
• Weight assignment when creating a new reference.

47
Advanced Referencing Counting (II)

• Weight assignment when copying a reference.

48
Advanced Referencing Counting (III)

• Creating an indirection when the partial weight
  of a reference has reached 1.

49
Advanced Referencing Counting (IV)

• Creating copying a remote reference in
  generation reference counting.

50
Tracing in Groups (I)

• Initial marking of skeletons.

51
Tracing in Groups (II)

• After local propagation in each process.

52
Tracing in Groups (III)

• Final marking.