Internet Engineering Internet Engineering CourseCourse

DHCP, DNS

IntroductionIntroductionClient administration:

◦IP address management: They need to ease the process of joining the

network and they do not want users to do any special configuration

They want to network boot their workstations i.e. Diskless workstations or remote OS installation

(acquiring the network setting during boot process) Solution: Deploy a DHCP server

◦Machine names management: They need to be able to name machines and

access them by names instead of IP addresses Solution: Deploy A DNS server

So we discuss on DHCP and DNS in this session

DHCPDHCP Provides configuration parameters specific to the DHCP

client host to participate on an IP network Methods of IP allocation

◦ Manual Only requesting clients with a MAC address listed in the

table (MAC-IP pairs) get the IP address according to the table

◦ Automatic DHCP server permanently assigns to a requesting client a

free IP-address from a range given by the administrator◦ Dynamic

The only method which provides dynamic re-use of IP addresses

The request-and-grant process uses a lease concept with a controllable time period.

DHCP cont.DHCP cont. DHCP server can provide optional configuration

◦ e.g. Subnet Mask, Name Server, …◦ RFC 2132 defines DHCP options Usage

DHCP relay agent (mostly in network routers/high-end switches)◦ Relays DHCP Discover broadcasts from a LAN

without DHCP to a network which has one Usage

◦ Cable Internet providers◦ DSL providers◦ broadband ISP networks◦ Office networks◦ public internet access◦ Places where there are mobile nodes that want to

access the net

DHCP ImplementationsDHCP Implementations Microsoft introduced DHCP on their servers with

Windows NT 3.5 in late 1994◦ DHCP did not originate from Microsoft

Internet Software Consortium published DHCP for Unix variants◦ Version 1.0.0 released on December 6, 1997◦ Version 2.0 on June, 1999 – A more RFC-compliant

one Novell included a DHCP server in NetWare OS since v.

5, 1999◦ It integrates with Novell eDirectory

Cisco since Cisco IOS 12.0 in February 1999 Sun added DHCP support in Solaris 8, July 2001

BOOTPBOOTPBOOTstrap Protocol (RFC 951)UDPUsed to obtain IP address automatically

◦ Usually in booting process of computers or OSs Diskless workstations

Historically used for UNIX-like diskless workstations◦ Also obtains the locations of the boot image

Also can be used for installing a pre-configured OS

Protocol became embedded in the BIOS of some NICs◦ Allowing direct network booting without need

for a floppy

BOOTP cont.BOOTP cont.Recently is used for booting a Windows

OS in diskless standalone media center PCs

DHCP is a more advanced protocol base on BOOTP◦Far more complex to implement than BOOTP◦Most DHCP servers also offer BOOTP

support◦Duration based leases is the fundamental

addition in DHCP Dynamic in DHCP is for this

DHCP AnatomyDHCP Anatomy Uses the same IANA assigned ports as BOOTP

◦ 67/udp for the server, 68/udp for the client DHCP Messages

◦ Discover Client broadcasts on the local physical subnet to find

servers UDP packet (broadcast dest. 255.255.255.255)

Also request last-known IP address (optional parameter)◦ Offer

Server determines the configuration based on the client’s MAC addr.

Server specifies the IP address and put optional parameters

◦ Request Client selects a configuration out the DHCP Offer packet

and broadcasts it again◦ Acknowledge

Server acknowledges the request and sends the ack to the client

DHCP AnatomyDHCP Anatomy

DHCP Anatomy cont.DHCP Anatomy cont.◦Inform

Client requests more information than the server sent with the DHCPACK, or to repeat data for a particular application (e.g. to obtain web proxy settings by a browser)

◦Release Client requests the server to release the

DHCP and the client unconfigures its IP address

Sending this message is not mandatory (unplug or …)

RARPRARP ARP

◦ Address Resolution Protocol◦ Resolve a hardware address from a given IP address◦ Try arp command in both Windows and Linux

RARP◦ Reverse Address Resolution Protocol (RFC 903)◦ Complement of ARP◦ Resolve an IP address from a given hardware

address◦ Needs manual configuration on a central server

Not scalable◦ Obsolete by BOOTP and the more modern DHCP◦ Try rarp command in Linux (if supported by Kernel),

and RARP daemon - RARPd

DNSDNSDomain Name System (RFC 1034, 1035)

◦RFC 1034 and 1035 made RFC 882, 883 obsolete

A system that stores info associated with domain names in a distributed database on networks (such as Internet)

Many types of information for the domain are provided by DNS◦Most important, IP address associated with

domain nameMainly UDP

◦TCP only when response data size exceeds 512 bytes or for things like zone transfer

DNS is DecentralizedDNS is DecentralizedNo single point of failureLess traffic volumeEasier maintenanceScalableLess distant (delay) issuesDelegation

ResolversResolversClients that access name servers

◦Querying a name server◦ Interpreting responses◦Returning the information to the programs

that requested itIn BIND, the resolver is just a set of

library routines that is linked into programs◦Not even a separate process ◦Most of the overhead of finding an answer

to the query is placed on the name server ◦The DNS specs call this kind of resolver a

stub resolver

Types of DNS ServersTypes of DNS ServersPrimary master

◦ Reads the data for the zone from a file on its hostSecondary master (Slave)

◦ Gets the zone data from another ns that is authoritative for the zone (master server)

◦ Often, master server is the zone’s primary master Not always the case Secondary master may get the info from another

secondary server◦ Zone transfer

Contacting master ns and if necessary pulling the zone data

◦ RedundancyBoth

◦ An authoritative ns may be master for some of its zones and be slave for some others

◦ It’s imprecise to call an ns, master or slave!

DNS ApplicationsDNS ApplicationsAttach IP addresses to domain

names (ease of use)Many to many mapping

◦Virtual HostingSender Policy FrameworkMakes it possible for people to

assign authoritative names, without needing to communicate with a central registrar

Load balancing between hosts

DNS HistoryDNS HistoryIdea in ARPAnetOriginally, each computer retrieved a file

called HOSTS.TXT which contained the mappings◦ Hosts file exists today (Looked up before

querying DNS) /etc/hosts, C:\WINDOWS\system32\drivers\etc\hosts

◦ Limitations Not scalable Each time a given computer’s address changed, all

computers should update their Hosts fileDNS invented by Paul Mockapetris in 1983

◦ First implementation was called JEEVES by himself

Parts of a Domain NameParts of a Domain NameDomain name consists of two or

more parts separated by dots (eng.ui.ac.ir for example)◦Rightmost label: Top-level domain (ir)◦Each label to the left specifies a

subdomain of the domain above it. ac is a subdomain of the ir domain ui is a subdomain of the ac.ir domain Theoretical limits: 127 level, each level 63

chars, total domain name 255 chars◦A domain name with one or more IP

addresses is called a hostname (eng.ui.ac.ir, ui.ac.ir but not ac.ir)

A Distributed Hierarchical A Distributed Hierarchical DatabaseDatabase

Root Servers (13 root servers worldwide)

TLD Servers (.com, .org, .net, .uk, .ir, …)

Authoritative DNS Servers (organization’s DNS server)

Distributed, Hierarchical Distributed, Hierarchical DatabaseDatabase

Root servers and TLD servers typically do not contain hostname to IP mappings; they contain mappings for locating authoritative servers.

Root DNS Servers

com DNS servers ir DNS servers edu DNS servers

poly.eduDNS servers

umass.eduDNS servers

yahoo.comDNS servers

amazon.comDNS servers

ac.irDNS servers

TLDServers

co.irDNS servers

Local DNS ServerLocal DNS ServerDoes not belong to hierarchyAlso called default name serverActs as a proxy (forwarder),

forwards query into hierarchy◦Caches the results if of interest

DNS QueriesDNS QueriesRecursive

◦Contacted name server should recurs and find the mapping for the requesting host

◦Heavy load on the serversIterative

◦Contacted server replies with the name of the server to contact

◦An ns provides the name of the next ns Bootstrapping problem (another query is

required and …) So the IP of the next ns is provided

Glue record

DNS QueriesDNS QueriesRecursive

query example

requesting host

gaia.cs.umass.edu

root DNS server

local DNS serverNs.ui.ac.ir

1

2

45

6

authoritative DNS serverdns.cs.umass.edu

7

8

TLD DNS server

3

DNS QueriesDNS QueriesIterative query

example

requesting host

gaia.cs.umass.edu

root DNS server

local DNS serverns.ui.ac.ir

1

23

4

5

6

authoritative DNS serverdns.cs.umass.edu

78

TLD DNS server

DNS Caching and Updating DNS Caching and Updating RecordsRecordsOnce a name server learns mapping, it

caches it◦It’ll expire (TTL defined by the

authoritative server)◦TLD servers typically cached in local

name server Root name servers not often visited

Update/Notify Mechanisms◦RFC 2136

DNS recordsDNS records

DNS: distributed db storing resource records (RR)

Type=NS◦ name is domain (e.g.

foo.com)◦ value is IP address of

authoritative name server for this domain

RR format: (name, value, type, ttl)

Type=A name is hostname value is IP address

Type=CNAME name is alias name for some

“canonical” (the real) name www.ibm.com is really servereast.backup2.ibm.com value is canonical name

Type=MX value is name of mail server

associated with name

Legal Users of DomainsLegal Users of DomainsRegistrantAdministrative contactTechnical contactBilling contactName servers

Try whois in Linux and see these information for different hosts

DNS SoftwareDNS SoftwareBIND (Berkeley Internet Name Daemon) – full

featured, most popular, de facto Internet standard

Djbdns (Daniel J. Bernstein's DNS) – composed of several small-footprint components

MaraDNS – UDP only VitalQIP (Lucent Technologies) Adonis DNS Management Appliance (BlueCat

Networks Inc) NSD (Name Server Daemon) – small

footprint, UDP only, authoritative only PowerDNS Microsoft DNS (in the server editions of

Windows 2000 and Windows 2003)

ReferencesReferencesWikipedia, the free encyclopedia

◦http://en.wikipedia.org/wiki/Domain_Name_System

Computer Networking: A Top Down Approach Featuring the Internet, 3rd edition, Jim Kurose, Keith Ross, Addison-Wesley, July 2004

DNS and BIND, 3rd edition, Cricket Liu, Paul Albitz, O’Reilly, September 1998

BIND9 Administrator Reference Manual