computer networks cse 434 fall 2009 l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Computer Networks CSE 434 Fall 2009 PowerPoint Presentation
Download Presentation
Computer Networks CSE 434 Fall 2009

Loading in 2 Seconds...

play fullscreen
1 / 71

Computer Networks CSE 434 Fall 2009 - PowerPoint PPT Presentation


  • 388 Views
  • Uploaded on

Computer Networks CSE 434 Fall 2009 Sandeep K. S. Gupta Arizona State University http://impact.asu.edu/cse434fa09.html http://impact.asu.edu Research Experience for Undergraduates (REU) Agenda Quiz 2 Protocol Layering (Cont.) Summary Chapter 1 Application Layer (Intro) IP Addressing

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

Computer Networks CSE 434 Fall 2009


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
computer networks cse 434 fall 2009

Computer NetworksCSE 434 Fall 2009

Sandeep K. S. Gupta

Arizona State University

http://impact.asu.edu/cse434fa09.html

http://impact.asu.edu

Research Experience for Undergraduates (REU)

agenda
Agenda
  • Quiz 2
  • Protocol Layering (Cont.)
  • Summary Chapter 1
  • Application Layer (Intro)
  • IP Addressing
  • DHCP – an example of App Layer Protocol

Introduction

network security is essentially about providing
Network Security is Essentially about providing:

Confidentiality: only sender, intended receiver should “understand” message contents

sender encrypts message

receiver decrypts message

Authentication: sender, receiver want to confirm identity of each other

Message integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection

Access and availability: services must be accessible and available to users

friends and enemies alice bob trudy
Friends and enemies: Alice, Bob, Trudy

well-known in network security world

Bob, Alice (lovers!) want to communicate “securely”

Trudy (intruder) may intercept, delete, add messages

Alice

Bob

data, control messages

channel

secure

sender

secure

receiver

data

data

Trudy

who might bob alice be
Who might Bob, Alice be?

… well, real-life Bobs and Alices!

Web browser/server for electronic transactions (e.g., on-line purchases)

on-line banking client/server

DNS servers

routers exchanging routing table updates

other examples?

there are bad guys and girls out there
There are bad guys (and girls) out there!

Q: What can a “bad guy” do?

A: a lot!

eavesdrop: intercept messages

actively insert messages into connection

impersonation: can fake (spoof) source address in packet (or any field in packet)

hijacking: “take over” ongoing connection by removing sender or receiver, inserting himself in place

denial of service: prevent service from being used by others (e.g., by overloading resources)

And much more ….

the language of cryptography
The language of cryptography

symmetric key crypto: sender, receiver keys identical

public-key crypto: encryption key public , decryption key secret (private)

K

K

A

B

Alice’s

encryption

key

Bob’s

decryption

key

encryption

algorithm

decryption

algorithm

ciphertext

plaintext

plaintext

public key cryptography
Public key cryptography

+

K (m)

B

-

+

m = K (K (m))

B

B

+

Bob’s public

key

K

B

-

Bob’s private

key

K

B

encryption

algorithm

decryption

algorithm

plaintext

message

plaintext

message, m

ciphertext

authentication
Authentication

Goal: Bob wants Alice to “prove” her identity to him

Protocol ap1.0:Alice says “I am Alice”

“I am Alice”

Failure scenario??

authentication12
Authentication

Goal: Bob wants Alice to “prove” her identity to him

Protocol ap1.0:Alice says “I am Alice”

in a network,

Bob can not “see” Alice, so Trudy simply declares

herself to be Alice

“I am Alice”

authentication another try
Authentication: another try

Alice’s

IP address

“I am Alice”

Protocol ap2.0:Alice says “I am Alice” in an IP packet

containing her source IP address

Failure scenario??

authentication another try14
Authentication: another try

Alice’s

IP address

“I am Alice”

Protocol ap2.0:Alice says “I am Alice” in an IP packet

containing her source IP address

Trudy can create

a packet “spoofing”

Alice’s address

authentication another try15
Authentication: another try

Alice’s

password

Alice’s

IP addr

“I’m Alice”

Alice’s

IP addr

OK

Protocol ap3.0:Alice says “I am Alice” and sends her

secret password to “prove” it.

Failure scenario??

authentication another try16
Authentication: another try

Alice’s

password

Alice’s

IP addr

“I’m Alice”

Alice’s

IP addr

OK

Protocol ap3.0:Alice says “I am Alice” and sends her

secret password to “prove” it.

Alice’s

password

Alice’s

IP addr

“I’m Alice”

playback attack: Trudy records Alice’s packet

and later

plays it back to Bob

authentication yet another try
Authentication: yet another try

encrypted

password

Alice’s

IP addr

“I’m Alice”

Alice’s

IP addr

OK

Protocol ap3.1:Alice says “I am Alice” and sends her

encryptedsecret password to “prove” it.

Failure scenario??

authentication another try18
Authentication: another try

encrypted

password

Alice’s

IP addr

“I’m Alice”

Alice’s

IP addr

OK

Protocol ap3.1:Alice says “I am Alice” and sends her

encrypted secret password to “prove” it.

encrypted

password

Alice’s

IP addr

“I’m Alice”

record

and

playback

still works!

authentication yet another try19
Authentication: yet another try

K (R)

A-B

Goal:avoid playback attack

Nonce:number (R) used only once –in-a-lifetime

ap4.0:to prove Alice “live”, Bob sends Alice nonce, R. Alice

must return R, encrypted with shared secret key

“I am Alice”

R

Alice is live, and only Alice knows key to encrypt nonce, so it must be Alice!

Failures, drawbacks?

authentication ap5 0
Authentication: ap5.0

ap4.0 requires shared symmetric key

can we authenticate using public key techniques?

ap5.0: use nonce, public key cryptography

-

K (R)

A

+

+

K

K

A

A

-

-

+

(K (R)) = R

K

(K (R)) = R

A

A

A

“I am Alice”

Bob computes

R

and knows only Alice could have the private key, that encrypted R such that

“send me your public key”

ap5 0 security hole
ap5.0: security hole

Man (woman) in the middle attack: Trudy poses as Alice (to Bob) and as Bob (to Alice)

-

-

K (R)

K (R)

A

T

+

+

K

K

A

T

-

-

+

+

m = K (K (m))

m = K (K (m))

+

+

A

T

A

T

K (m)

K (m)

A

T

I am Alice

I am Alice

R

R

Send me your public key

Send me your public key

Trudy gets

sends m to Alice encrypted with Alice’s public key

ap5 0 security hole22
ap5.0: security hole

Man (woman) in the middle attack: Trudy poses as Alice (to Bob) and as Bob (to Alice)

  • Difficult to detect:
  • Bob receives everything that Alice sends, and vice versa. (e.g., so Bob, Alice can meet one week later and recall conversation)
  • problem is that Trudy receives all messages as well!
protocol stack
Protocol stack

A set of protocol layers

Each layer uses the layer below and provides a service to the layer above

Key idea

once we define a service provided by a layer, we need know nothing more about the details of how the layer actually implements the service

information hiding

decouples changes

the importance of layering
The importance of layering

Breaks up a complex problem into smaller manageable pieces

can compose simple service to provide complex ones

for example, WWW (HTTP) is Java layered over TCP over IP (and uses DNS, ARP, DHCP, RIP, OSPF, BGP, PPP, ICMP)

Abstraction of implementation details

separation of implementation and specification

can change implementation as long as service interface is maintained

Can reuse functionality

upper layers can share lower layer functionality

example: WinSock on Microsoft Windows

problems with layering
Problems with layering

Layering hides information

if it didn’t then changes to one layer could require changes everywhere

layering violation

But sometimes hidden information can be used to improve performance

for example, flow control protocol (at transport layer) may think packet loss is always because of network congestion

if it is, instead, due to a lossy link, the flow control breaks

this is because we hid information about reason of packet loss from flow control protocol

internet protocol stack
Internet protocol stack

application: supporting network applications

FTP, SMTP, HTTP

transport: process-process data transfer

TCP, UDP

network: routing of datagrams from source to destination

IP, routing protocols

link: data transfer between neighboring network elements

PPP, Ethernet

physical: bits “on the wire”

application

transport

network

link

physical

Introduction

1-28

iso osi reference model adds two more layers
ISO/OSI reference model adds two more layers

presentation: allow applications to interpret meaning of data, e.g., encryption, compression, machine-specific conventions

session: synchronization, checkpointing, recovery of data exchange

Internet stack “missing” these layers!

these services, if needed, must be implemented in application

needed?

application

presentation

session

transport

network

link

physical

Introduction

1-29

why seven layers and why iso osi failed
Why seven layers? And Why ISO-OSI failed?

Need a top and a bottom -- 2

Need to hide physical link, so need datalink -- 3

Need both end-to-end and hop-by-hop actions; so need at least the network and transport layers -- 5

Session and presentation layers are not so important, and are often ignored

So, we need at least 5, and 7 seems to be excessive

ISO-OSI failed – designed by committee before actual implementation experience.

layering implementation issue
Layering: Implementation Issue

There is a tension between information-hiding (abstraction) and achieving good performance

Art of protocol design is to leak enough information to allow good performance

but not so much that small changes in one layer need changes to other layers

layering summary
Layering: Summary

Breaks a complex problem into smaller, simpler pieces

Provides the application with sophisticated services

Each layer provides a clean abstraction to the layer above

summary chapter 1
Summary – Chapter 1

Networks are pervasive!

Various Types: PAN, LAN, WAN, MAN, ..

Various Networking Technologies/Standards IEEE802.11, Ethernet, WiMax

Internet

Networks of Networks

Consists of various components: end-systems (hosts), routers, switches, links of various types (wireless, optical, satellite ..)

Core of Internet versus Edge of Internet

Layered Architecture – based on principle “What happens in Vegas stays in Vegas” ()

Performance – Bandwidth, Latency, Reliability

E2E B/W constrained by bottleneck link b/w

E2E latency is sum of node, propagation, transmission, and queuing delay

Various causes of errors: link errors (bit errors), packet losses (drops) in congested buffers.

Security is important, cross-layer issues.

slide35

Song: On the Net by Sarah E. Miller (Based on “over there” by G. Cohan)(http://www.poppyfields.net/filks/00176.html) (Youtube: Over There" (George M. Cohan) sung by Ann Gibson)

On the Net

(to Over There)

by Sarah Elizabeth Miller

On the net,On the net,Hacking onAll night longOn the net.All the network systems,We're gonna list 'emAnd snarf anything that we can get.On the net,On the net,Hacking here,Hacking thereOn the net.We'll find a modemAnd then uncode'em.Then we'll log into every system on the net.

slide36

You Can’t Rush the Net by Ellio TT Schiff (Based on You Can’t Hurry Love by D. ross and the Supremes -Youtube) http://www.poppyfields.net/filks/00271.html

I need Netscape...To surf the webI need to find, find...Some software on lineThe F-A-Q said

You can't rush the net...No, you just have to waitIt said GIFS don't come quickly...Even with 56KYou can't rush the net...No you just have to waitIt takes a lot of time...To download from Ohio State

But how many searches...Must I doTo get the software...that I can useBut every single time...That I try to callI get a busy sign...Coming from the phoneBut the F-A-Q siad

You can't rush the net...No you just have to waitIt said GIFS don't come quickly...even with 56KHow long must I wait...How much RAM will this takeBefore a core dump...will cause my-yDisk to break.

No, I don't know...What is going wrongIt's a world wide wait...And it takes so longBut when the download...Is almost doneThat A-O-L...Keeps on hangin' up

You can't rush the net...No, you just have to waitIt said GIFS don't come quickly...Even with 56KYou can't rush the net...No you just have to waitIt takes a lot of time...To download from Ohio State

Four-oh-four...Site is not foundBut I keep on booing...And keep on hissingAt the programmer...To relink the siteFor the suport team...To set it all right

I keep on pointing...I keep on clickingBut it keeps stalling...It keeps stallingBut the F-A-Q said

You can't rush the net...No you just have to waitIt takes a lot of time...To download from Ohio StateYou can't rush the net...No, you just have to waitIt said GIFS don't come quickly...Even with 56K

application layer
Application Layer?

Where Network Applications and Application Layer protocols reside.

Top Layer in the Internet Stack

Only on the Edge of the Network

creating a network app
Creating a network app

write programs that

run on (different) end systems

communicate over network

e.g., web server software communicates with browser software

No need to write software for network-core devices

Network-core devices do not run user applications

applications on end systems allows for rapid app development, propagation

application

transport

network

data link

physical

application

transport

network

data link

physical

application

transport

network

data link

physical

2: Application Layer

38

kr chapter 2 application layer
KR Chapter 2: Application Layer

Our goals:

conceptual, implementation aspects of network application protocols

transport-layer service models

client-server paradigm

peer-to-peer paradigm

learn about protocols by examining popular application-level protocols

HTTP

FTP

SMTP / POP3 / IMAP

DNS

programming network applications

socket API

2: Application Layer

39

addtionally
Addtionally

KR Ch4 DHCP

Addressing Issues

some network apps
Some network apps

e-mail

web

instant messaging

remote login

P2P file sharing

multi-user network games

streaming stored video clips

voice over IP

real-time video conferencing

grid computing

2: Application Layer

41

application architectures
Application architectures

Client-server

Peer-to-peer (P2P)

Hybrid of client-server and P2P

2: Application Layer

42

client server architecture
Client-server architecture

server:

always-on host

permanent IP address

server farms for scaling

clients:

communicate with server

may be intermittently connected

may have dynamic IP addresses

do not communicate directly with each other

client/server

2: Application Layer

43

pure p2p architecture
Pure P2P architecture

no always-on server

arbitrary end systems directly communicate

peers are intermittently connected and change IP addresses

Highly scalable but difficult to manage

peer-peer

2: Application Layer

44

hybrid of client server and p2p
Hybrid of client-server and P2P

Skype

voice-over-IP P2P application

centralized server: finding address of remote party:

client-client connection: direct (not through server)

Instant messaging

chatting between two users is P2P

centralized service: client presence detection/location

user registers its IP address with central server when it comes online

user contacts central server to find IP addresses of buddies

2: Application Layer

45

ip addressing rkch4
IP Addressing [RKCh4]

IP address: 32-bit identifier for host, router interface

interface: connection between host/router and physical link

router’s typically have multiple interfaces

host typically has one interface

IP addresses associated with each interface

223.1.1.2

223.1.3.27

223.1.3.1

223.1.3.2

223.1.2.2

223.1.2.1

223.1.1.1

223.1.2.9

223.1.1.4

223.1.1.3

223.1.1.1 = 11011111 00000001 00000001 00000001

223

1

1

1

ip addresses how to get one
IP addresses: how to get one?

Q: How does a host get IP address?

hard-coded by system admin in a file

Windows: control-panel->network->configuration->tcp/ip->properties

UNIX: /etc/rc.config

DHCP:Dynamic Host Configuration Protocol: dynamically get address from as server

“plug-and-play”

More ways - later

dhcp rfc2131
DHCP [RFC2131]

“In computer networking, the Dynamic Host Configuration Protocol (DHCP) is a network application protocol used by devices (DHCP clients) to obtain configuration information for operation in an Internet Protocol network. This protocol reduces system administration workload, allowing networks to add devices with little or no manual intervention.” http://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol

a note on request for comments rfcs
A Note on Request for Comments (RFCs)

RFC Editor of Internet Society – oversees the RFCs – http://www.rfc-editor.org. Allows search by name, title, author, number.

Note Internet RFCs can be updated or obsoleted by later RFCs

See The Tao of IETF: A Novice's Guide to the Internet Engineering Task Force (http://www.ietf.org/tao.html) section 8.1:“Getting an RFC published” for

how Internet-Draft (ID) becomes an IETF standard and is published as an RFC by RFC editor.

Various types of RFCs (proposed standard, draft standard, full standard, best current practices, informational documents, experimental protocol, historic documentents).

what s next
What’s Next?

Next Class: Chapter 2 cont. – DHCP, DNS …

Wiseshark assignment for Monday –check the class website.

Reading:

Continue reading Chapter 2 (Ross Kurose (R&K))

RFC for DHCP

dhcp dynamic host configuration protocol
DHCP: Dynamic Host Configuration Protocol

Goal: allow host to dynamically obtain its IP address from network server when it joins network

Can renew its lease on address in use

Allows reuse of addresses (only hold address while connected an “on”)

Support for mobile users who want to join network (more shortly)

DHCP overview:

host broadcasts “DHCP discover” msg [optional]

DHCP server responds with “DHCP offer” msg [optional]

host requests IP address: “DHCP request” msg

DHCP server sends address: “DHCP ack” msg

dhcp client server scenario
DHCP client-server scenario

E

B

A

223.1.2.1

DHCP

223.1.1.1

server

223.1.1.2

223.1.2.9

223.1.1.4

223.1.2.2

arriving DHCP

client needs

address in this

network

223.1.1.3

223.1.3.27

223.1.3.2

223.1.3.1

dhcp client server scenario54
DHCP client-server scenario

DHCP discover

src : 0.0.0.0, 68

dest.: 255.255.255.255,67

yiaddr: 0.0.0.0

transaction ID: 654

arriving

client

DHCP server: 223.1.2.5

DHCP offer

src: 223.1.2.5, 67

dest: 255.255.255.255, 68

yiaddrr: 223.1.2.4

transaction ID: 654

Lifetime: 3600 secs

DHCP request

src: 0.0.0.0, 68

dest:: 255.255.255.255, 67

yiaddrr: 223.1.2.4

transaction ID: 655

Lifetime: 3600 secs

time

DHCP ACK

src: 223.1.2.5, 67

dest: 255.255.255.255, 68

yiaddrr: 223.1.2.4

transaction ID: 655

Lifetime: 3600 secs

dhcp more than ip address
DHCP: more than IP address

DHCP can return more than just allocated IP address on subnet:

address of first-hop router for client

name and IP address of DNS sever

network mask (indicating network versus host portion of address)

dhcp example
DHCP: example

connecting laptop needs its IP address, addr of first-hop router, addr of DNS server: use DHCP

DHCP

UDP

IP

Eth

Phy

DHCP

UDP

IP

Eth

Phy

DHCP

DHCP

DHCP

DHCP

DHCP

DHCP

DHCP

DHCP

DHCP

DHCP

  • DHCP request encapsulated in UDP, encapsulated in IP, encapsulated in 802.1 Ethernet

168.1.1.1

  • Ethernet frame broadcast (dest: FFFFFFFFFFFF) on LAN, received at router running DHCP server

router

(runs DHCP)

  • Ethernet demux’ed to IP demux’ed, UDP demux’ed to DHCP
dhcp example57
DCP server formulates DHCP ACK containing client’s IP address, IP address of first-hop router for client, name & IP address of DNS serverDHCP: example

DHCP

UDP

IP

Eth

Phy

DHCP

UDP

IP

Eth

Phy

DHCP

DHCP

DHCP

DHCP

DHCP

DHCP

DHCP

DHCP

DHCP

  • encapsulation of DHCP server, frame forwarded to client, demux’ing up to DHCP at client
  • client now knows its IP address, name and IP address of DSN server, IP address of its first-hop router

router

(runs DHCP)

dhcp wireshark output home lan
DHCP: wireshark output (home LAN)

reply

Message type: Boot Reply (2)

Hardware type: Ethernet

Hardware address length: 6

Hops: 0

Transaction ID: 0x6b3a11b7

Seconds elapsed: 0

Bootp flags: 0x0000 (Unicast)

Client IP address: 192.168.1.101 (192.168.1.101)

Your (client) IP address: 0.0.0.0 (0.0.0.0)

Next server IP address: 192.168.1.1 (192.168.1.1)

Relay agent IP address: 0.0.0.0 (0.0.0.0)

Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a)

Server host name not given

Boot file name not given

Magic cookie: (OK)

Option: (t=53,l=1) DHCP Message Type = DHCP ACK

Option: (t=54,l=4) Server Identifier = 192.168.1.1

Option: (t=1,l=4) Subnet Mask = 255.255.255.0

Option: (t=3,l=4) Router = 192.168.1.1

Option: (6) Domain Name Server

Length: 12; Value: 445747E2445749F244574092;

IP Address: 68.87.71.226;

IP Address: 68.87.73.242;

IP Address: 68.87.64.146

Option: (t=15,l=20) Domain Name = "hsd1.ma.comcast.net."

Message type: Boot Request (1)

Hardware type: Ethernet

Hardware address length: 6

Hops: 0

Transaction ID: 0x6b3a11b7

Seconds elapsed: 0

Bootp flags: 0x0000 (Unicast)

Client IP address: 0.0.0.0 (0.0.0.0)

Your (client) IP address: 0.0.0.0 (0.0.0.0)

Next server IP address: 0.0.0.0 (0.0.0.0)

Relay agent IP address: 0.0.0.0 (0.0.0.0)

Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a)

Server host name not given

Boot file name not given

Magic cookie: (OK)

Option: (t=53,l=1) DHCP Message Type = DHCP Request

Option: (61) Client identifier

Length: 7; Value: 010016D323688A;

Hardware type: Ethernet

Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a)

Option: (t=50,l=4) Requested IP Address = 192.168.1.101

Option: (t=12,l=5) Host Name = "nomad"

Option: (55) Parameter Request List

Length: 11; Value: 010F03062C2E2F1F21F92B

1 = Subnet Mask; 15 = Domain Name

3 = Router; 6 = Domain Name Server

44 = NetBIOS over TCP/IP Name Server

……

request

dns domain name system
DNS: Domain Name System

People: many identifiers:

SSN, name, passport #

Internet hosts, routers:

IP address (32 bit) - used for addressing datagrams

“name”, e.g., ww.yahoo.com - used by humans

Q: map between IP addresses and name ?

Domain Name System:

distributed database implemented in hierarchy of many name servers

application-layer protocol host, routers, name servers to communicate to resolvenames (address/name translation)

note: core Internet function, implemented as application-layer protocol

complexity at network’s “edge”

2: Application Layer

59

slide60
DNS

Why not centralize DNS?

single point of failure

traffic volume

distant centralized database

maintenance

doesn’t scale!

DNS services

hostname to IP address translation

host aliasing

Canonical, alias names

mail server aliasing

load distribution

replicated Web servers: set of IP addresses for one canonical name

2: Application Layer

60

distributed hierarchical database
Distributed, Hierarchical Database

Client wants IP for www.amazon.com; 1st approx:

client queries a root server to find com DNS server

client queries com DNS server to get amazon.com DNS server

client queries amazon.com DNS server to get IP address for www.amazon.com

Root DNS Servers

org DNS servers

edu DNS servers

com DNS servers

poly.edu

DNS servers

umass.edu

DNS servers

pbs.org

DNS servers

yahoo.com

DNS servers

amazon.com

DNS servers

2: Application Layer

61

dns root name servers
DNS: Root name servers

contacted by local name server that can not resolve name

root name server:

contacts authoritative name server if name mapping not known

gets mapping

returns mapping to local name server

a Verisign, Dulles, VA

c Cogent, Herndon, VA (also LA)

d U Maryland College Park, MD

g US DoD Vienna, VA

h ARL Aberdeen, MD

j Verisign, ( 21 locations)

k RIPE London (also 16 other locations)

i Autonomica, Stockholm (plus 28 other locations)

m WIDE Tokyo (also Seoul, Paris, SF)

e NASA Mt View, CA

f Internet Software C. Palo Alto, CA (and 36 other locations)

13 root name servers worldwide

b USC-ISI Marina del Rey, CA

l ICANN Los Angeles, CA

2: Application Layer

62

tld and authoritative servers
TLD and Authoritative Servers

Top-level domain (TLD) servers:

responsible for com, org, net, edu, etc, and all top-level country domains uk, fr, ca, jp.

Network Solutions maintains servers for com TLD

Educause for edu TLD

Authoritative DNS servers:

organization’s DNS servers, providing authoritative hostname to IP mappings for organization’s servers (e.g., Web, mail).

can be maintained by organization or service provider

2: Application Layer

63

local name server
Local Name Server

does not strictly belong to hierarchy

each ISP (residential ISP, company, university) has one.

also called “default name server”

when host makes DNS query, query is sent to its local DNS server

acts as proxy, forwards query into hierarchy

2: Application Layer

64

dns name resolution example
DNS name resolution example

Host at cis.poly.edu wants IP address for gaia.cs.umass.edu

local DNS server

dns.poly.edu

root DNS server

2

3

TLD DNS server

4

5

iterated query:

  • contacted server replies with name of server to contact
  • “I don’t know this name, but ask this server”

6

7

1

8

authoritative DNS server

dns.cs.umass.edu

requesting host

cis.poly.edu

gaia.cs.umass.edu

2: Application Layer

65

dns name resolution example66
DNS name resolution example

root DNS server

2

3

6

7

TLD DNS server

4

local DNS server

dns.poly.edu

5

1

8

authoritative DNS server

dns.cs.umass.edu

requesting host

cis.poly.edu

gaia.cs.umass.edu

recursive query:

  • puts burden of name resolution on contacted name server
  • heavy load?

2: Application Layer

66

dns caching and updating records
DNS: caching and updating records

once (any) name server learns mapping, it caches mapping

cache entries timeout (disappear) after some time

TLD servers typically cached in local name servers

Thus root name servers not often visited

update/notify mechanisms under design by IETF

RFC 2136

http://www.ietf.org/html.charters/dnsind-charter.html

2: Application Layer

67

dns records
DNS records

DNS: distributed db storing resource records (RR)

Type=NS

name is domain (e.g. foo.com)

value is hostname of authoritative name server for this domain

RR format: (name, value, type, ttl)

  • Type=A
    • name is hostname
    • value is IP address
  • Type=CNAME
    • name is alias name for some “canonical” (the real) name

www.ibm.com is really

servereast.backup2.ibm.com

    • value is canonical name
  • Type=MX
    • value is name of mailserver associated with name

2: Application Layer

68

dns protocol messages
DNS protocol, messages

DNS protocol :queryand reply messages, both with same message format

msg header

  • identification: 16 bit # for query, reply to query uses same #
  • flags:
    • query or reply
    • recursion desired
    • recursion available
    • reply is authoritative

2: Application Layer

69

dns protocol messages70
DNS protocol, messages

Name, type fields

for a query

RRs in response

to query

records for

authoritative servers

additional “helpful”

info that may be used

2: Application Layer

70

inserting records into dns
Inserting records into DNS

example: new startup “Network Utopia”

register name networkuptopia.com at DNS registrar (e.g., Network Solutions)

provide names, IP addresses of authoritative name server (primary and secondary)

registrar inserts two RRs into com TLD server:

(networkutopia.com, dns1.networkutopia.com, NS)

(dns1.networkutopia.com, 212.212.212.1, A)

create authoritative server Type A record for www.networkuptopia.com; Type MX record for networkutopia.com

How do people get IP address of your Web site?

2: Application Layer

71