2: Application Layer1 DNS: Domain Name System People have many identifiers: SSN, name, passport...
-
Upload
melvyn-hawkins -
Category
Documents
-
view
218 -
download
4
Transcript of 2: Application Layer1 DNS: Domain Name System People have many identifiers: SSN, name, passport...
2: Application Layer 1
DNS: Domain Name SystemPeople have many identifiers:
SSN, name, passport number
Internet hosts, routers have identifiers, too:IP address (32 bit) - used for addressing datagrams“name”, e.g., www.yahoo.com - used by humans
Domain Name System:Distributed database Distributed database implemented in hierarchy of many name serversname servers
Application-layer protocolApplication-layer protocol host, routers, name servers to communicate to resolveresolve names (address/name translation)DNS is core Internet function, implemented as application-layer protocolComplexity at network’s “edge”
2: Application Layer 2
DNS DNS services
Hostname to IP address translation and vice versaHost aliasing – canonical and alias namesMail server aliasingLoad distribution – e.g. replicated Web servers: set of IP addresses for one canonical name
Why not centralize DNS?Single point of failureTraffic volumeDistant centralized databaseMaintenance
2: Application Layer 3
Root DNS Servers
.com DNS servers .org DNS servers .edu DNS servers
poly.eduDNS servers
umass.eduDNS servers
yahoo.comDNS servers
amazon.comDNS servers
pbs.orgDNS servers
Distributed, Hierarchical Database
Client wants IP for www.amazon.com A straightforward strategy:
Client queries a root server to find .com DNS serverClient queries .com DNS server to get amazon.com DNS serverClient queries amazon.com DNS server to get IP address for www.amazon.com
2: Application Layer 4
DNS: Root name servers
Contacted by local name server that can not resolve nameRoot name server:
Returns mapping of the domain server to local name server
13 root name servers worldwide
b USC-ISI Marina del Rey, CAl ICANN Los Angeles, CA
e NASA Mt View, CAf Internet Software C. Palo Alto, CA (and 17 other locations)
i Autonomica, Stockholm (plus 3 other locations)
k RIPE London (also Amsterdam, Frankfurt)
m WIDE Tokyo
a Verisign, Dulles, VAc Cogent, Herndon, VA (also Los Angeles)d U Maryland College Park, MDg US DoD Vienna, VAh ARL Aberdeen, MDj Verisign, ( 11 locations)
2: Application Layer 5
TLD and Authoritative Servers
Top-level domain (TLD) servers: responsible for com, org, net, edu, etc, and all top-level country domains uk, fr, ca, jp.
Network solutions maintains servers for .com TLDEducause for .edu TLD
Authoritative DNS servers: organization’s DNS servers, providing authoritative hostname to IP mappings for organization’s servers (e.g., Web and mail).
Can be maintained by organization or service provider
2: Application Layer 6
Local Name Server
Does not strictly belong to DNS hierarchyEach ISP (residential ISP, company, university) has one
Also called “default name server”
When a host makes a DNS query, query is sent to its local DNS server
Acts as a cacheIf no record for this query, forwards query into hierarchyCaches replies
2: Application Layer 7
requesting hosttitan.cis.udel.edu
lever.cs.ucla.edu131.179.192.136
root DNS server
local DNS serverdns.udel.edu
1
23
4
5
6
authoritative DNS serverdns.ucla.edu
78
TLD DNS server.edu
Example
Host titan.cis.udel.edu wants IP address for lever.cs.ucla.edu
2: Application Layer 8
requesting hosttitan.cis.udel.edu
lever.cs.ucla.edu131.179.192.136
root DNS server
local DNS serverdns.udel.edu
1
2
45
6
authoritative DNS serverdns.ucla.edu
7
8
TLD DNS server.edu
3
Recursive queriesrecursive query:
puts burden of name resolution on contacted name serverheavy load?
iterated query:contacted server replies with name of server to contact“I don’t know this name, but ask this server”
2: Application Layer 9
DNS: caching and updating records
Once (any) name server learns mapping, it cachescaches this mapping
Cache entries timeout (disappear) after some timeTLD servers typically cached in local name servers Thus root name servers are not often visited
Update/notify mechanisms under design by IETF
RFC 2136http://www.ietf.org/html.charters/dnsind-charter.html
2: Application Layer 10
DNS resource records (RR)
Type=NSname is domain (e.g. foo.com)value is hostname of authoritative name server for this domain
RR format: (name, value, type, ttl)
Type=Aname is hostnamevalue is IP address
Type=CNAMEname is alias name for some “canonical” (the real) name
www.ibm.com is really servereast.backup2.ibm.com
value is canonical name
Type=MXvalue is name of mailserver associated with name
And more!And more!
2: Application Layer 11
DNS resource records (RR)
mycompany.com IN SOA nameserv.mycompany.comroot.mymachine.mycompany.com (1999112701 ; Serial number
10800 ; Refresh in seconds3600 ; Retry in seconds 604800 ; Expire86400) ; Minimum TTL
mycompany.com IN NS nameserv.mycompany.com.
mycompany.com IN MX 10 mailserv.mycompany.com
nameserv.mycompany.com
IN A 10.1.0.100
mailserv.mycompany.com
IN A 10.1.0.4
www.mycompany.com IN CNAME webhost1.mycompany.com
webhost1.mycompany.com
IN A 10.1.0.13
2: Application Layer 12
DNS protocol, messagesDNS protocol has queryquery and replyreply messages, both with same message format
16 bit number for query, reply to query uses same number
flags: query or reply recursion desired recursion available reply is authoritative
2: Application Layer 13
DNS protocol, messages
Name, type fields for a query
RRs in responseto query
records forauthoritative servers
additional “helpful”info that may be used
2: Application Layer 14
Inserting records into DNSExample: just created startup “Network Utopia”Register name networkuptopia.com at a registrar registrar (e.g., Network Solutions)
Need to provide registrar with names and IP addresses of your authoritative name server (primary and secondary)Registrar inserts following RRs into the com TLD server:
(networkutopia.com NS dns1.networkutopia.com)(networkutopia.com NS dns2.networkutopia.com)(dns1.networkutopia.com A 212.212.212.1)(dns2.networkutopia.com A 212.212.212.3)
At dns1.networkutopia.com put in more information for various hostsHow do people get the IP address of your Web site?
2: Application Layer 15
Try out DNS!nslookup www.microsoft.com
Server: 127.0.0.1Address: 127.0.0.1#53
Non-authoritative answer:www.microsoft.com canonical name = toggle.www.ms.akadns.nettoggle.www.ms.akadns.net canonical name = g.www.ms.akadns.netg.www.ms.akadns.net canonical name = lb1.www.ms.akadns.netName: lb1.www.ms.akadns.netAddress: 207.46.199.30Name: lb1.www.ms.akadns.netAddress: 207.46.225.60Name: lb1.www.ms.akadns.netAddress: 207.46.18.30Name: lb1.www.ms.akadns.netAddress: 207.46.19.30
2: Application Layer 16
Try out DNS!nslookup www.yahoo.com
Server: 127.0.0.1Address: 127.0.0.1#53
Non-authoritative answer:www.yahoo.com canonical name = www.yahoo.akadns.net.Name: www.yahoo.akadns.netAddress: 68.142.226.56Name: www.yahoo.akadns.netAddress: 68.142.226.33Name: www.yahoo.akadns.netAddress: 68.142.226.35Name: www.yahoo.akadns.netAddress: 68.142.226.37Name: www.yahoo.akadns.netAddress: 68.142.226.38
2: Application Layer 17
Try out DNS!nslookup –debug www.yahoo.com
QUESTIONS: www.yahoo.com, type = A, class = IN ANSWERS: -> www.yahoo.com canonical name = www.yahoo.akadns.net. -> www.yahoo.akadns.net internet address = 68.142.226.34 -> www.yahoo.akadns.net internet address = 68.142.226.36 -> www.yahoo.akadns.net internet address = 68.142.226.43 -> www.yahoo.akadns.net internet address = 68.142.226.45 -> www.yahoo.akadns.net internet address = 68.142.226.47 -> www.yahoo.akadns.net internet address = 68.142.226.52
-> www.yahoo.akadns.net internet address = 68.142.226.53 -> www.yahoo.akadns.net internet address = 68.142.226.56 AUTHORITY RECORDS: -> akadns.net nameserver = use1.akadns.net. -> akadns.net nameserver = use9.akadns.net. -> akadns.net nameserver = usw5.akadns.net. -> akadns.net nameserver = asia5.akadns.net. -> akadns.net nameserver = asia9.akadns.net. -> akadns.net nameserver = eur4.akadns.net. -> akadns.net nameserver = eur5.akadns.net. -> akadns.net nameserver = usc4.akadns.net.
2: Application Layer 18
P2P file sharingAlice runs P2P client application such as Kazaaon her notebook computerIntermittently connects to Internet; gets new IP address for each connectionAsks for “Hey Jude”Application displays peers that have a copy Alice chooses one of the peers, Bob.File is copied from Bob’s PC to Alice’s notebook: HTTPWhile Alice downloads, other users uploading other songs from Alice.Alice’s application is both a Web client and a transient Web server.All peers are servers = highly scalable!
2: Application Layer 19
Centralized directory
Original “Napster” design1) when peer connects, it informs
central server: IP address content
2) Alice queries server for “Hey Jude”3) Server tells Alice which users
(including Bob) have the file4) Alice requests file from Bob
centralizeddirectory server
peers
Alice
Bob
1
1
1
12/3
4
2: Application Layer 20
Problems with centralized directory
Single point of failurePerformance bottleneckCopyright infringement
file transfer is decentralized, but locating content is highly centralized
2: Application Layer 21
Query flooding: Gnutella
Fully distributedNo central server
Public domain protocolMany Gnutella clients implementing protocolOverlay network is a graph: edge between peer X and Y if there’s a TCP connection
Edge is not a physical link
All active peers and edges form overlay netGiven peer will typically be connected with < 10 overlay neighbors
2: Application Layer 22
Gnutella: protocol
Query
QueryHit
Query
Query
QueryHit
Query
Query
QueryHit
File transfer:HTTP Query message
sent over existing TCPconnections Peers forward
Query message QueryHit
sent over reversepath
Scalability:limited scopeflooding
2: Application Layer 23
Gnutella: Peer joining
1. Joining peer X must find some other peer in Gnutella network: use list of candidate peers
2. X sequentially attempts to make TCP with peers on list until connection setup with Y
3. X sends Ping message to Y; Y forwards Ping message.
4. All peers receiving Ping message respond with Pong message
5. X receives many Pong messages. It can then setup additional TCP connections
2: Application Layer 24
Exploiting heterogeneity: KaZaA
Each peer is either a group leader or assigned to a group leader.
TCP connection between peer and its group leader.TCP connections between some pairs of group leaders.
Group leader tracks the content in all its children.
ordinary peer
group-leader peer
neighoring relationshipsin overlay network
2: Application Layer 25
KaZaA: Querying
Each file has a hash and a descriptorClient sends keyword query to its group leaderGroup leader responds with matches:
For each match: metadata, hash, IP address
If group leader forwards query to other group leaders, they respond with matchesClient then selects files for downloading
HTTP requests using hash as identifier sent to peers holding desired file
2: Application Layer 26
KaZaA tricks
Limitations on simultaneous uploadsRequest queuingIncentive prioritiesParallel downloading
For more info:J. Liang, R. Kumar, K. Ross, “Understanding KaZaA,”(available via cis.poly.edu/~ross)