pese t a DNS

1
?p??es?e? ???µ?t?? ?a? DNS

2
The role of names and name services

• Resources are accessed using identifier or
  reference
• An identifier can be stored in variables and
  retrieved from tables quickly
• Identifier includes or can be transformed to an
  address for an object
• E.g. NFS file handle, Corba remote object
  reference
• A name is human-readable value (usually a string)
  that can be resolved to an identifier or address
• Internet domain name, file pathname, process
  number
• E.g ./etc/passwd, http//www.cdk3.net/
• For many purposes, names are preferable to
  identifiers
• because the binding of the named resource to a
  physical location is deferred and can be changed
• because they are more meaningful to users
• Resource names are resolved by name services
• to give identifiers and other useful attributes

3
Names and resources

• Currently, different name systems are used for
  each type of resource
• resource name identifies
• file pathname file within a given file system
• process process id process on a given computer
• port port number IP port on a given computer
• Uniform Resource Identifiers (URI) offer a
  general solution for any type of resource. There
  two main classes
• URL Uniform Resource Locator
• typed by the protocol field (http, ftp, nfs,
  etc.)
• part of the name is service-specific
• resources cannot be moved between domains
• URN Uniform Resource Name
• requires a universal resource name lookup service
  - a DNS-like system for all resources

• More on URNs
• format urn
• examples
• a) urnISBN021-61918-0
• b) urndcs.qmul.ac.ukTR2000-56
• resolution
• send a request to nearest ISBN-lookup service -
  it would return whatever attributes of a book
  are required by the requester
• b) send a request to the urn lookup service at
  dcs.qmul.ac.uk - it would return a url for the
  relevant document

4
Name services

• ?p????e???? s?????? e??? ? pe??ss?t???? naming
  contexts s????a ap? p??sd?se?? (bindings)
  a??µesa se ???µata ?a? ?at?????µata
  a?t??e?µ????-object attributes (???ste?, ?/?,
  ?p??es?e?, ap?µa???sµ??a a?t??e?µe?a).
• ?as??? ?e?t?????a t??? ? ep???s? (resolution)
  e??? ???µat??, d??ad? ? e??es? t?? ?at?????µ?t??
  t??.
• ?pa?t?se?? ap? ?p??es?e? ???µ?t??
• ?p?st????? µ? pepe?asµ???? a???µ?? ???µ?t?? ??a
  p????? d?a?e???st???? a????.
• ?e????? ?????? ????.
• ????? d?a?es?µ?t?ta (high availability) ?
  ?e?t?????a p????? s?st?µ?t?? ßas??eta? se name
  services.
• ?p?µ???s? ß?aß?? ?ste t?p???? ß??ße? ?a µ??
  ep??e????? ???????? t?? ?p??es?a.
• ????? st?? ?a??p???a (tolerance of mistrust) se
  ??a a????t? s?st?µa de? e??a? d??at?? ?p?? ??a ta
  st???e?a t?? e??a? ?µp?sta µeta?? t???.

5
Name spaces ????? ???µ?t??

• ????? ???µ?t?? ??a ta ?????a ???µata p??
  a?a??????e? µ?a s???e???µ??? ?p??es?a.
• ?a ???µata p??pe? ?a
• ????? es?te???? d?µ?, ? ?p??a a?t?p??s?pe?e? t?
  ??s? t??? se ??a ?e?a????? ???? ???µ?t??, ?ste
• ?a ep?t??peta? ? ???s? pa??µ???? ?p?-???µ?t??
  ????? s??????se??.
• ?a e??a? d??at? ? ?µad?p???s? a?????s?s?et???µe???
  ???µ?t??.
• ??e????????? t?? d?a?e???s? t?? eµp?st?s????.
• ??e????????? t?? a?ad?µ?s? d??d??? ???µ?t??.
• ?ed?a ???µ?t?? (naming domains) ????? ???µ?t??
  ?p? µ?a ????? d?a?e???st??? a???. ? a??? a?t?
  ??e? ap???t? ??e??? ??a t? p??? ???µata ?a
  p??sde???? (bind) se p????? p????? t?? ped???.

6
Composed naming domains used to access a resource
from a URL
Figure 9.1
7
?p???s? ???µ?t?? (name resolution)

• ?pa?a??pt??? d?ad??as?a ?at? t?? ?p??a ??a ???µa
  pa???s???eta? epa?a??pt??? se d?ad????? p?a?s?a
  ???µ?t?? (naming contexts).
• ?a???a ap? a?t? ta p?a?s?a e?te ep???e?
  (a?t?st?????e?) t? ???µa se ??a s????? ap?
  p??t??e?? ?at?????µata (primitive attributes)
  e?te ape??????e? µ?a µetas??µat?sµ??? µ??f? t??
  se ??a ???? p?a?s?? ???µ?t?? ??a pe?a?t???
  ep???s?.
• St?? pe??pt?s? ???s?? ?e?d???µ?? (aliases), p??ta
  ???eta? µetas??µat?sµ?? t?? ?e?d???µ?? st?
  ?a?????? ???µa ?a? µet? ep???s? (p??ß??µa
  ??????).
• ?? ?t?p? t?? ?e?t????? e??p??et?t? ???µ?t?? ??a
  t? ??ad??t?? (DNS) bottleneck, critical point
  of failure, scalability. ???s????s?
• ??apa?a???? (replication)
• ?ata??µ? (partitioning)
• ??????s? (navigation) ? d?ad??as?a e?e??es??
  ded?µ???? ???µat?????a? ap? ??a? ? pe??ss?te????
  e??p??et?t?? ???µ?t??.

8
??????s? se ???µat???????

• ?pa?a??pt??? p?????s? (iterative navigation)
• ?? s?st?µa pe??t? pa???s???e? t? p??? ep???s?
  ???µa se t?p??? e??p??et?t? ???µ?t??.
• ?? ???e? ep???s? t?p???, ep?st??feta? st?? pe??t?
  t? ?at?????? ?at?????µa.
• ??af??et???, ep?st??f? ????? e??p??et?t?
  ???µ?t??.
• ?????t?s? st? DNS ?a? NFS.
• ??????s? multicasting
• ??p?µp? t?? p??? ep???s? ???µat?? ap? t?? pe??t?
  se d??f????? e??p??et?t??.
• ???? ? e??p??et?t?? p?? d?a??te? t? ???µa,
  ep?st??fe? t?? ap??t?s? st?? pe??t?.
• ???ß??µata t? ?a s?µße? a? ?a?e?? ap? a?t??? de?
  d?a??te? t?? ap??t?s?

9
??????s? se ???µat??????? (s????e?a)

• ???s? e??p??et?t? ??a s??t???sµ? t?? d?ad??as?a?
  ep???s?? ???µ?t??.
• ??-a?ad??µ??? µ???d?? (non-recursive)
• ? pe??t?? ep????e? ??a? e??p??et?t? ???µ?t?? ?a?
  t?? st???e? t? a?t?µa.
• ? e??p??et?t?? a?t??, ef?s?? de? ??e? t??
  ap??t?s?, ???s?µ?p??e? epa?a??pt??? p?????s? ?
  multicasting ??a ?a ß?e? ap??t?s? ap? a????.
• ??ad??µ??? µ???d??
• ? pe??t?? ep????e? ??a? e??p??et?t? ???µ?t?? ?a?
  t?? st???e? t? a?t?µa.
• ? e??p??et?t?? a?t??, ef?s?? de? ??e? t??
  ap??t?s?, ep???????e? µe ??p???? ?µ????? t??
  (peer) ?a? ep???te? t?? ep???s? e??? ep???µat??
  (prefix) t?? ???µat??.
• ?? t? ???µa e?te??eta? se pe??ss?te?a t?? e???
  d?????t??? ped?a, ? pe??t?? µp??e? ?a µ??
  ep?t??peta? ?a d?at?p?se? e??t?µata e?t?? t??
  d?????t???? t?? ped???. Se a?t? t?? pe??pt?s?
  µp??e? ?a ???s?µ?p????e? recursive
  server-controlled navigation.
• ?p?µ??µ??e?s? (caching).

10
Iterative navigation
Figure 9.2
Reason for NFS iterative name resolution This is
because the file service may encounter a symbolic
link (i.e. an alias) when resolving a name. A
symbolic link must be interpreted in the clients
file system name space because it may point to a
file in a directory stored at another server. The
client computer must determine which server this
is, because only the client knows its mount
points. (p.362.)

• Used in
• DNS Client presents entire name to servers,
  starting at a local server, NS1. If NS1 has the
  requested name, it is resolved, else NS1 suggests
  contacting NS2 (a server for a domain that
  includes the requested name).
• NFS Client segments pathnames (into 'simple
  names') and presents them one at a time to a
  server together with the filehandle of the
  directory that contains the simple name.

11
Non-recursive and recursive server-controlled
navigation
Figure 9.3
A name server NS1 communicates with other name
servers on behalf of a client

• DNS offers recursive navigation as an option, but
  iterative is the standard technique. Recursive
  navigation must be used in domains that limit
  client access to their DNS information for
  security reasons.

12
DNS - The Internet Domain Name System

• A distributed naming database
• Name structure reflects administrative structure
  of the Internet
• Rapidly resolves domain names to IP addresses
• exploits caching heavily
• typical query time 100 milliseconds
• Scales to millions of computers
• partitioned database
• caching
• Resilient to failure of a server
• replication

13
DNS Resolver (ep???t?? DNS)

• ? µet?f?as? ???µ?t?? ??µß?? se d?e????se?? IP ?a?
  ta??pa??? s??t????eta? ap? t? Domain Name System
  (DNS).
• ?fa?µ???? t?? ??ad??t???, ?p?? ?? f????µet??t??,
  ep?????????? µe t? DNS µ?s? e??? ep???t?
  (resolver), µ?a? ß?ß???????? d??. ? ?p??a ??e?
  s??de?e? (linked) µe t?? efa?µ???.
• ?e?t?????e? t?? ep???t?
• gethostbyname() hostname ? IP address
• gethostbyaddr() IP address ? hostname
• ??p???, ???e ep???t?? p??pe? ?a ??????e?
  t??????st?? ??a? e??p??et?t? DNS st?? ?p??? ?a
  ape????e? ta e??t?µat? t?? (s?????? ??sta
  e??p??et?t??, µe t??? ???t???te???? p??t??? st?
  ??sta).

14
????te?t????? DNS

• ?? DNS e??a? µ?a ?ata?eµ?µ??? ß?s? ded?µ????, ?
  ?p??a ap?te?e?ta? ap? µ?a ?e?a???a e??p??et?t??
  ???µ?t??. ?a???a? ap? a?t??? e??a? ?pe?????? ??a
  ??a tµ?µa t?? ???µ??? ped??? ?a? t?? ?????
  d?e????se?? t?? ??ad??t???.
• ? a???te?t????? DNS a?ta?a??? t?? ?e?a???a t??
  ???µ?t?? ped??? ?a? t?? d?e????se?? IP.

Unamed root
Top-level domains
Country domains
Generic domains
Second-level domains
15
????te?t????? DNS

• ???e? (zones) ?p?d??d?a t?? ?e?a???a? t?? DNS,
  ta ?p??a a?????? se d?af??et??? d?????t??? a???.
• ???e ???? ??e? s?????? ??a? p??ta?????
  e??p??et?t? ?a? pe??ss?te???? de?te?e???te?
  e??p??et?t??, ?? ?p???? µp????? ?a ?p??atast?s???
  t?? p??ta????? se pe??pt?s? ß??ß??.
• ?e????? ???a??sµ?? µp????? ?a ???a?????? ta ped?a
  t??? se pe??ss?te?e? t?? µ?a? ???e?.
• ? ap?d?t??? ape?????s? d?e????se?? IP se ???µata
  ??µß?? (hostnames) p???p???te? µ?a d?af??et???
  ?e?a???a, ßas???µe?? se d?e????se?? IP.
• ? a???es? t?? d?e????se?? IP ?p?st????eta? ap?
  t??a ?at?st??a (registries) APNIC (?s?a), ARIN
  (?. ?µe????), RIPE NCCC (????p?). ??? ??a
  ?at?st??a d?µ????????ta? ??a ?. ?µe???? ?a?
  ?f????.
• ? a???es? d?e????se?? IP sta t??a ?at?st??a
  ???eta? ap? t?? ???a??sµ? ICANN.
• ?e t?? d?sµe?s? e??? s?????? d?e????se?? IP ap?
  ??a? ???a??sµ?, ? ???a??sµ?? a?t?? ???eta?
  ?pe?????? ??a ??a tµ?µa t?? ???µat??????
  in-addr.arpa. ????e?ta? ??a µ?a ?e?a???a p??
  ßas??eta? st?? ??t?de? t?? 32-µp?t?? d?e????se??
  IP.

16
DNS name servers
Figure 9.4
Note Name server names are in italics, and the
corresponding domains are in parentheses.Arrows
denote name server entries
authoritative path to lookup jeans-pc.dcs.qmw.ac.
uk

17
?e?t???????t?ta DNS

• Main function is to resolve domain names for
  computers, i.e. to get their IP addresses
• caches the results of previous searches until
  they pass their 'time to live'
• Other functions
• get mail host for a domain
• reverse resolution - get domain name from IP
  address
• Host information - type of hardware and OS
• Well-known services - a list of well-known
  services offered by a host
• Other attributes can be included (optional)

18
DNS issues

• Name tables change infrequently, but when they
  do, caching can result in the delivery of stale
  data.
• Clients are responsible for detecting this and
  recovering
• Its design makes changes to the structure of the
  name space difficult. For example
• merging previously separate domain trees under a
  new root
• moving subtrees to a different part of the
  structure (e.g. if Scotland became a separate
  country, its domains should all be moved to a new
  country-level domain.

19
?? p??t?????? DNS

• ?a?????e? t?? t??p? ep????????a? a??µesa st???
  pe??te? ?a? t??? e??p??et?t?? DNS.
• ??a? pe??t?? DNS st???e? µ?a epe??t?s? (query)
  ??a p????f???e? se ??p??? e??p??et?t? DNS.
• ??a? e??p??et?t?? DNS apa?t?e? st?? epe??t?se??
  t?? pe?at??-ep???t?? DNS ?a? ap?st???e?
  epe??t?se?? se ?????? e??p??et?t?? DNS.
• ?? epe??t?se?? DNS e?te????ta?
• ??ad??µ???? pa?a??pt??-e??p??et?t?? a?a?aµß??e?
  ?a ep???se? ???????? t?? epe??t?s? t?? pe??t?.
• ?pa?a??pt??? ? pa?a??pt??-e??p??et?t?? apa?t?
  ?ate??e?a? st?? pe??t? e?te µe t? ??t??µe??
  d?e????s? IP e?te µe t? d?e????s? t?? ep?µe???
  e??p??et?t? st?? ?e?a???a DNS.
• ?? e??p??et?t?? ???a? (root servers) t?? DNS
  ?e??????ta? µ??? epa?a??pt???? epe??t?se??.

20
DNS in typical operation
Without caching
client.ic.ac.uk

21
?p?µ??µ??e?s? st? DNS (DNS caching)

• G?a ße?t??s? t?? ap?d?t???t?ta?, ??a? t?p????
  e??p??et?t?? DNS ap????e?e? st?? ???pt? t??
• ?pa?t?se?? p?? st???e? st??? ep???t??-pe??te?.
• ??e????se?? IP t?? e??p??et?t?? DNS p??
  eµp?????ta? st?? e??p???t?s? a?t?µ?t?? (?ste ?a
  ap?fe??e? se ep?µe?e? epe??t?se?? ?a p??se????e?
  e??p??et?t?? sta p??? ep?peda t?? ?e?a???a? DNS).
• ? ap?µ??µ??e?s? ???eta? µe ß?s? t? ped?? TTL, t?
  ?p??? pe????e?eta? st?? ap????se?? DNS.
• ?? DNS ???s?µ?p??e? t? UDP ??a ap?st???
  epe??t?se?? ?a? ap????se??.

22
DNS resource records
Figure 9.5
Record type
Meaning
Main contents
A
A computer address
IP number
NS
An authoritative name server
Domain name for server
CNAME
The canonical name for an alias
Domain name for alias
SOA
Marks the start of data for a zone


Parameters governing the zone
WKS
A well-known service description
List of service names and protocols
PTR
Domain name pointer (reverse
Domain name
lookups)
HINFO
Host information
Machine architecture and operating
system
MX
Mail exchange
List of preference, host
pairs
TXT
Text string
Arbitrary text
23
Summary

• Name services
• defer the binding of resource names to addresses
  (and other attributes)
• Names are resolved to give addresses and other
  attributes
• Goals
• Scalability (size of database, access traffic
  (hits/second), update traffic)
• Reliability
• Trust management (authority of servers)
• Issues
• exploitation of replication and caching to
  achieve scalability without compromising the
  distribution of updates
• navigation methods
• Directory and discovery services
• 'yellow pages' retrieval by attributes
• dynamic resource registration and discovery