COT 4600 Operating Systems Spring 2011

Dan C. MarinescuOffice: HEC 304Office hours: Tu-Th 5:00 – 6:00 PM

Last time: URLs Soft modularity

Procedure call conventions and the memory map; the stack Errors Strongly-typed languages help enforce modularity.

Enforced modularity; message passing and the client-server model. Example of a client –server system: WWW Today:

Today Client-server organization Intermediaries; Trusted Intermediaries; Thin clients Issues

Heterogeneity; little-endian and big-endian representation Timing, response time.

Examples: Event service, X11; Trusted intermediaries: Email, File Systems, Web Remote Procedure Call

Next time Strategies for name resolution Case study DNS

Lecture 11 – Thursday, February 17, 2011

Lecture 11 2

3Lecture 11

4

Client/service organization Not only separates functions but also enforces this separation!!

No globally-shared state (e.g., through the stack) Errors can only propagate from client to service and vice-versa only if

the messages are not properly checked. A client can use time-outs to detect a non-responsive service and take

another course of action. The separation of abstraction from implementation is clearer; the client

needs only to know the format of the message, the implementation of the service may change.

Lecture 11

55

Intermediaries What if the sender and the receiver of a message are not active at

the same time? Intermediaries support buffered communication and allow more

flexibility the intermediary may decide how to sort messages The sender and the receiver may:

Push a message Pull a message

Example: the mail service: The sender pushes a message into his/her outbox The outbox pushes it to the inbox of the recipient The recipient pulls it whenever s(he) wants

The publish/subscribe paradigm the sender notifies an event service when it produced a message. Recipients subscribe to the events and when the events occur the messages are delivered

Lecture 11

6

Trusted intermediary Trusted service acting as an intermediary among multiple clients.

Enforces modularity a fault of one client does not affect other clients. Examples:

File systems Mail systems

Supports thin-clients a significant part of client functionality is transferred to the intermediary.

In a thin client/server system, the only software installed on the thin client is the user interface, certain frequently used applications, and a networked operating system. By simplifying the load on the thin client, it can be a very small, low-powered device giving lower costs to purchase and to operate per seat.

The server, or a cluster of servers has the full weight of all the applications, services, and data. By keeping a few servers busy and many thin clients lightly loaded, users can expect easier system management and lower costs, as well as all the advantages of networked computing: central storage/backup and easier security.

Because the thin client is relatively passive and low-maintenance, but numerous, the entire system is simpler and easier to install and to operate. As the cost of hardware plunges and the cost of employing a technician, buying energy, and disposing of waste rises, the advantages of thin clients grow. From the user's perspective, the interaction with monitor, keyboard, and cursor changes little from using a thick client.

Lecture 11

7

Heterogeneity The client and the service may run on systems with different:

internal data representation, e.g., big versus little endian processor architecture, e.g., 32 bit /64 bit addressing operating systems, e.g., version of Linux, Mac OS, etc. libraries

Multiple clients and services provided/available on systems with different characteristics : the same service may be provided by multiple systems; a service may in turn user services available on other systems; the same client may use multiple services.

Marshaling/unmarshaling conversion of the information in a message into a canonical representation and back

Lecture 11

8

Little endian and big endian

Lecture 11

9

Timing; response time The client and the service are connected via communication channel. The response time is a function of the latency and the bandwidth of the

communication channel. Distinguish between service time communication time

Synchronous call the client blocks waiting for the response. Easier to manage.

Asynchronous calls the client does not block. Multi-threading and asynchronous calls. Message buffering

in kernel space (to allow clients to make asynchronous calls) in user space (before sending)

Lecture 11

Examples of client-server systems

Event service X-windows Electronic mail as a trusted intermediary Files systems as trusted intermediaries The Word Wide Web The Domain Name System

Lecture 11 10

Lecture 11 11

Lecture 11 12

13

Example: the X-windows (X11) X11  software system and network protocol that provides a GUI for

networked computer. Developed as part of Project Athena at MIT in 1984. Separates

the service program manipulates the display from the client program uses the display.

An application running on one machine can access the display on a different computer.

Clients operate asynchronously, multiple requests can be sent the display rate could be much higher than the rate between the client and the server.

Lecture 11

14

Editor is a client of File service which is a client of Block-storage serviceFile service is a trusted intermediary.

Lecture 11

15

A client-service system the World Wide Web

The information in each page is encoded and formatted according to some standard, e.g. images: GIF, JPEG, video: MPEG audio: MP3

The web is based upon a “pull” paradigm. The server has the resources and the client pulls it from the server.

The Web server also called an HTTP server listens at a well known port, port 80 for connections from clients.

The HTTP protocol uses TCP to establish a connection between the client and the server.

Some pages are created on the “fly” other have to be fetched from the disk.

Lecture 11

16

D ata

Server res idence tim e .W eb page is created onthe fly

User's HT TP request SYN

SYN

A C K

AC K + H T TP request

TC P connectionestab lishm ent

R T T

User's H TT P requestfo r an im age

Server residence tim e.Im age is re trived fromdisk

Data

H T TP request

ACK

A C K

Brow ser W eb Server

Lecture 11

17

Threadhandlingan HTTPrequest

Web Server

H T TP request

R esourceR epository

Loca l cache

Threadhandlingan HTTPrequest

H T T Presponse

W ebBrowser

C lien t

Pers isten t/N onP ersisten t

H T TPconnection

C lien t

TC Pport

H TT P request

H TT P response

An H TTP requst conta ins one of the fo llow ing m ethods:G ET - ge t a resourceH E AD - verify the link and cond itions o f a resourcePO S T - input to a resource, usua lly a C G I scrip tPU T - sto re a resource a t the serverD E LE T E - de le te a resourceT R AC E - include a ll headers in a response

W eb Cache

Sam ple H TT P sta tus code in a response100 - C ontinue200 - O K205 - R eset C onnection301 - M oved P erm anently402 - Paym ent R equried404 - N ot Found405 - M ethod N ot A llowed407 - P roxy Authentication R equ ired415 - U nsupported M edia T ype500 - In ternal Server E rror504 - G ateway T im eout505 - H TT P version N ot S upported

Lecture 11

18

Client server interactions in HTTP

HTTP clientWeb Browser

HTTPserver

TCPport80

request

response

HTTP clientWeb Browser

HTTPserver

Proxy

request to proxy

response to proxy

response to client

HTTP clientWeb Browser

HTTPserver

Tunnel

request to server

request to server

response to client

response to client

request to server

Lecture 11

1919

Peer-to-peer systems Decentralized architecture without a trusted intermediary. Peers are both suppliers and consumers of resources, in contrast to the

traditional client-server model where servers supply, and clients consume. Peer-to-peer systems often implement an Application Layer overlay network on top

of the native or physical network topology. Such overlays are used for indexing and peer discovery.

Content is typically exchanged directly over the underlying IP network.  Anonymous peer-to-peer systems implement extra routing layers to obscure the

identity of the source or destination of queries. In structured peer-to-peer networks, connections in the overlay are fixed. They

typically use distributed hash table-based (DHT) indexing, such as in the Chord system developed at MIT

Unstructured peer-to-peer networks do not provide any algorithm for organization or optimization of network connections.

Advantages use of spare resources at many sites difficult to censor content

Disadvantage Finding information in a large peer-to-peer network is hard.

Lecture 11

2020

Remote procedure call (RPC) Support inter-process communication of remotely located processes

and allows implementation of client-server systems (RFC 1831) Preserve the semantics of a local procedure call. To use an RPC a process may use a special service: PORTMAP or

RPCBIND available at port 111. A new RPC service uses the portmapper to register. The portmapper also allows a service lookup.

If the process knows the port number of the RPC it may call directly. RPC/TCP and also RPC/UDP Messages

must be well-structured; contain the identification of the specific RPC are addressed to an RPC demon listening at an RPC port.

A machine independent representation of data external data representation standard (XDR).

Lecture 11

2121

Stub Unburdens a user from implementation details of the RPC; it hides:

the marshalling of the arguments the communication details

The client calls the client stub which:1. marshals the arguments of the call into messages2. sends the message3. waits for the responds4. when the response arrives it un-marshals the results5. returns to the client

Lecture 11

2222Lecture 11

2323

RPCs differ from ordinary procedure calls

RPCs reduce the so called fate sharing between caller and callee have a different semantics (see next slide) take longer global variables and RPC do not mix well

Lecture 11

2424

RPC semantics At least once the client stub resends a message up to a given

number of times until it receives a message from the server; is no guarantee of a response the server may end up executing the a request more than once suitable for side-effect free operations

At most once a message is acted upon at most once. If the timeout set for receiving the response expires then an error code

is delivered to the client. The server must keep a history of the time-stamps of all messages.

Messages may arrive out of order….. suitable for operations which have side effects

Exactly once implement the at most once and request an acknowledgment from the server.

Lecture 11

25

Strategies for name resolution1. Distribute to all parties a copy of the directory mapping names to physical

/logical addresses. The strategy does not scale well:1. when the population is very large, e.g., the directory size is very large and the network

traffic to distribute it would be horrendous 2. the number of updates is proportional to the population and would add to the traffic

2. Central directory easy to update but it does not scale well, “hot spot” contention.

3. Distributed directory more sophisticated to implement but used successfully for DNS

Lecture 11 25

26

IP addresses IP address serves two functions:

host identification and location addressing.

All communication in the Internet must use the IP protocol. The IP addresses are used by the IP protocol to route messages from source to the destination through the Internet IPv4

uses 32-bit addresses; the address space is limited to 4,294,967,296 (232) possible unique addresses.

addresses for special purposes: private networks (~18 million addresses); multicast addresses (~270 million addresses).

addresses represented in dot-decimal notation e.g., 218.96.17.12). IPv6

uses 64-bit addresses; the address space is limited to 264 possible unique addresses.

No ‘’flag day”

Lecture 11

2727

Domain Name System

Domain Name System (DNS general-purpose name management system Hierarchically structured Maps user-friendly host names to IP addresses

Domain Name Service (DNS) A database editor generates tables of bindings and these bindings and then these

tables are distributed to DNS servers Propagation takes time, hours. Supports both relative and absolute paths

DNS architecture a hierarchical distributed database and an associated set of protocols that define: A mechanism for querying and updating the database. A mechanism for replicating the information in the database among servers. A schema of the database.

DNS has a referral architecture somewhat complicated due to need to optimize.

.

Lecture 11

28

DNS Dictionary

Domain name  an identification label that defines a realm of administrative autonomy, authority, or control in the Internet, based on the Domain Name System. The top-level domains (TLDs) are the highest level of domain names of the Internet; they form the DNS root zone. There are 20 generic top-level domains and 248 country code top-level domains

Authoritative name server gives original, first-hand, definitive answers; holds either the name record or a referral record for the name

Authoritative record first hand information about a host name Naming authority an Internet administrative authority allowed to add

authoritative records to a name server Referral record binds a hierarchical region of the DNS name space to another

server that could help resolve the name Recursive name service a DNS server takes upon itself to resolve a name

rather than provide a referral record. Idempotent action action that can be interrupted and restarted from the

beginning any number of times and still produce the same result as if the action had run to completion without interruption

Lecture 11

29

How DNS works A client sends a request to resolve a name to a Domain Name server The server examines the collection of the domains it is responsible for

If it finds the name record it returns the record Else it searches a set of referral records Starts with the most significant component of the requested domain name

for the one that matches the most components and If found it returns the name record Else returns “not found”

Example on the next slide (left diagram): the system ginger.cs.pedantic.edu tries to resolve the name ginger.Scholarly.edu

Important each host must have the address of a domain name server when it is connected to the Internet. This address could be : provided by the ISP (Internet Service Provider) hardwired into the browser generated when the system was installed selected by the user

Lecture 11 29

3030Lecture 11

31

The virtues of DNS Distributed responsibility any DNS name server may act as a

naming authority and add authoritative records (see example on the previous slide, the right

diagram) create lower-level naming domains; e.g., UCF can create EECS, EECS

can create ComputingFrontiers, etc. Robustness

High level of replication of the name servers There are some 80 replicas of the root name server Each organization with a name server has 2-4 replicas

Stateless name servers does not maintain any state, its public interface is idempotent

A DNS server is a dedicated computer running a relatively simple code, thus less likely to fail

Lecture 11

32

More virtues and some failings of DNS

Flexibility The same name may be bound to several IP addresses. Needed to

ensure replication of services improve performance see for example the content delivery services provided

by akamai Allows synonyms

a computer may appear to be in two different domains Indirect names

Lack of authentication DNS does not use protocols to authenticate the response to a DNS request. One can impersonate a DNS server and provide a fake response.

Does not guarantee accuracy a DNS cache may hold obsolite information

Lecture 11