DNS and CDNs 14-740: Fundamentals of Computer Networks Bill Nace Material from Computer Networking: A Top Down Approach, 6 th edition. J.F. Kurose and K.W. Ross
Administrivia • HW #1 is posted • Mission: Learn to use network tools to gather information and for debugging • Due in 2 weeks (30 Sep) • Close to Quiz and Lab #1, so don’t procrastinate • Report due to Canvas 2
Last lecture • Application level protocols • Ignore details of transport and below • Included example of how abstraction sometimes is incomplete • HTTP • Request / Response messages • Parallel, Persistent, Pipelining • Caching 3
traceroute • Overview • DNS: Domain Name System • The Protocol • Organization of domains, zones, nameservers • Content Distribution Networks 4
Address Conversion • Protocols often have their own address mechanism • URL, Domain Names, Ports, IP , MAC, ... • Designed w/requirements of that protocol • Conversion needed when communication traverses protocols (layer boundaries) 5
A Need for Domain Names? • The venerable Dr Amend (Foxtrot) saith... 6
Characteristics of a Name • Human readable • String, often variable length • Format is important: [Title][f_initial][l_name] • Generally not unique • Perhaps unique in a particular area • Siblings don’t have same first name • Computers have trouble with names • Hard to process and store 7
Translating a Domain Name • Application sends a request to a DNS server • Who answers with an IP address • Complications: • Navigation • Caching 8
Where is www.cmuj.jp? 60.43.157.130
traceroute • Overview • DNS: Domain Name System • The Protocol • Organization of domains, zones, nameservers • Content Distribution Networks 10
What is DNS? • A directory 1 service for the Internet • Translates (“maps”) names to IP addresses • plus some other services • A distributed database • Implemented in a hierarchy of name servers • Name servers are distributed globally • Maintained / administered by di ff erent organizations • An application-layer protocol • Allows host to query the database and handle replies 1 Pedantic Warning: I use the term “directory” very loosely in this context. True directory services are related, but di ff erent. 11
DNS History • DNS created in early 1980s • IETF process ➙ RFC 1034, 1035 • Documented in Mockapetris88 • DNS has grown since then • How many pages is original RFC? • How many subsequent RFCs are there? • 12
DNS Services • Host name to IP address translation • Mapping www.ini.cmu.edu ➙ 128.2.42.69 • Host aliasing • Mapping between alias and canonical hostnames • Canonical: “real,” di ffi cult to remember • www-cmu-prod-vip.andrew.cmu.edu (try it!) • Alias: shorter, easier to remember • www.cmu.edu 13
DNS Services (2) • Mail server aliasing • Similar to host aliasing, but for mail servers • you@andrew.cmu.edu • alias of andrew-mx-0[1-6].andrew.cmu.edu • you@cmu.edu • alias of cmu-mx-0[1-4].andrew.cmu.edu • Try it! 14
DNS Services (3) • Load distribution across replicated servers • A name can map to multiple hosts • thus multiple addresses • DNS server returns all addresses • but rotates ordering • ex: for joe@aplace.edu, one of a group of 4 mail servers • 1st request returns address for: mx3, mx4, mx1, mx2 • 2nd request returns: mx4, mx1, mx2, mx3 • Why a list? Why not just return first address? 15
traceroute • Overview • DNS: Domain Name System • The Protocol • Organization of domains, zones, nameservers • Content Distribution Networks 16
DNS Protocol • Simple query and reply mechanism • Runs over UDP on port 53 • as recommended by RFC 1035 • Exception: zone transfer (records of entire zone) • TCP for reliable delivery • Exception: Answers longer than 512 bytes • TCP for bulk data transfer 17
UDP? • Why UDP? • Shouldn’t this be a reliable protocol? • DNS is not real-time audio or video! 18
Protocol • Query and reply messages • Both use the same message format • Data being queried is in a form known as Resource Record (RR) 19
Resource Records • Each server stores some resource records (RRs) • Each RR is a 5-tuple: ( Name, Value, Type, Class, TTL ) • Name: Owner name, depends on type • Value: Value associated with name • Type: Denotes type of RR • Class: Almost always IN (Internet) • TTL: Cache timeout value, 32-bits, in seconds • a zero value means do not cache • Size limits • 63 bytes for labels (parts of domain name separated by dots) • 255 bytes for names 20
Types • A = Address (AAAA for IPv6 address) • Name = hostname, e.g. pi.ece.cmu.edu • Value = IP address, e.g. 31.41.59.26 • NS = Nameserver • Name = domain, e.g. cmu.edu • Value = hostname of an authoritative name server, e.g. dns.cmu.edu 21
Types (2) • CNAME = Canonical Name • Name = alias hostname, e.g. www.cmu.edu • Value = canonical (real) hostname, e.g. www-cmu-prod-vip.andrew.cmu.edu • MX = Mail Exchange • Name = alias hostname, e.g. cmu.edu • Value = hostname of a mail server, e.g. cmu-mx-03.andrew.cmu.edu 22
Types (3) • There are 32 other types defined for a variety of uses • Research project: Look up the SINK type 23
Message Format • Message Header (12 bytes) ⇤ 4 Bytes ⇥ • Identification: 16 bit number identification flags • Reply uses same id as query number of number of questions answer RRs • Flags (1 bit each) number of number of authority RRs additional RRs • query or reply questions • recursion desired (variable number of questions) answers • recursion available (variable number of RRs) • reply is authoritative authority (variable number of RRs) • ... and others additional information (variable number of RRs)
Message Format ⇤ 4 Bytes ⇥ • Message Payload (no more than identification flags 500 bytes) number of number of • Sequence of name, type fields for questions answer RRs number of number of a query authority RRs additional RRs • RRs in response to a query questions (variable number of questions) • RRs for authoritative servers answers (variable number of RRs) • Additional “helpful” information authority (variable number of RRs) additional information (variable number of RRs)
What if your DNS server doesn’t know the answer? Where is www.cmuj.jp? I don’t know. Ask .jp nameserver
Navigation • How a client traverses nameservers in search of an answer is called navigation • Iterative Navigation Answer Client NS2 • Client asks a series of NS ? ? NS2 NS0 ? • Each NS responds with a NS1 ? Local pointer to another NS with NS0 NS1 NS more info • Client eventually asks the authoritative server
Server controlled navigation Client Answer • Server may take over navigation NS2 ? ? job from client Answer NS2 • Reduces response bandwidth ? Local NS0 NS1 • Results can be cached in a NS NS1 ? manner useful to other clients • Some domains limit access to DNS for security reasons Client NS2 • Two forms ? Answer Answer • Non-recursive: server iterates ? Answer Answer Local NS0 NS1 • Recursive: Each NS takes over NS ? ? the job, sends results
Caching • Once (any) name server learns mapping, it caches mapping • Cache entries timeout (disappear) after some time • Controlled by the TTL of that RR • Default TTL is 2 days • TLD servers typically cached in local name servers • Thus root name servers not often visited 29
traceroute • Overview • DNS: Domain Name System • The Protocol • Organization of domains, zones, nameservers • Content Distribution Networks 30
Distributed, Hierarchical Design • Why not a central server? (RFC-811) • Single point of failure • If the only DNS server crashes, the entire Internet dies • Immense tra ffi c volume • Needs to handle all query requests for entire world • Location? • Close to some, far from others • Maintenance • Nightmare to get records updated • Doesn’t scale! 31
Domain Namespace Root (/) • Hierarchical structure com edu org jp • Written in a dot-separated cmu ne cmuj form, from specific to general cs ece drama biglobe • ignoring the root msi
Domain Name Types Top-Level Domain (TLD) ICANN country code TLD infrastructure registers TLDs, generic TLD (gTLD) (ccTLD) TLD manages IANA sponsored TLD (sTLD) .com .org .edu .gov .cat .aero .au .ca .fr .jp .arpa Registrars assign cmu.edu cmuj.jp within TLD ISO 3166-1 lists Verisign: .com country codes Educause: .edu Japan Registry Services: .jp Not the same as name server hierarchy!
Name Server Hierarchy Root Name Servers • Types of DNS name servers (A-M) • Root com edu org jp • Top-level domain (TLD) name servers name servers name servers name servers • Authoritative CMU name servers • Local
Mapping name to server • Administrative authority doesn’t always match namespace hierarchy • Some organizations want to maintain their own name server • Others don’t • ex: CMU’s CS dept wants to run their own name server. Drama doesn’t, but still wants drama.cmu.edu name 35
Recommend
More recommend