Project 3a is out! Goal: implement a basic network firewall. Due: Nov noon. l We give you the VM & framework. l You implement the firewall logic.
|
|
- Chester Miles
- 6 years ago
- Views:
Transcription
1 Project 3a is out! Goal: implement a basic network firewall l We give you the VM & framework. l You implement the firewall logic. Due: Nov noon 1
2 What Is Firewall? Blocks malicious traffic Blocks unauthorized traffic 2
3 VM Linux TCP/IP network stack ext firewall int
4 VM Linux TCP/IP network stack ext firewall int 1. Decode the packet 2. Check the firewall rules 3. Pass or drop the packet
5 Packets on wire look like this 5 and your firewall should decode this.
6 Firewall rules Type 1: a combination of l Protocol (TCP/UDP/ICMP) l IP address or country (e.g., Canada) l Port number Type 2: domain names l E.g., block DNS queries for *.facebook.com 6
7 NO CHEATING WE RUN COPY CHECKER 7
8 Questions? l General questions l Ask your favorite GSI l Project-specific questions l Chang Lan (main) l Shoumik Palkar l Sangjin Han l Start Early! 8
9 Today l Router- assisted Conges0on Control (wrap up) l Applica0on layer: DNS
10 Router- Assisted Conges3on Control l Recall: Three tasks for CC: l Fairness l Rate adjustment l Detec0ng conges0on
11 Router- Assisted Conges3on Control l Recall: Three tasks for CC: l Fairness à e.g., Fair Queuing l Rate adjustment à e.g., Rate Control Protocol l Detec0ng conges0on à e.g., ECN
12 Fairness: General Approach l Routers classify packets into flows l Assume for now flows ~ TCP connections l Each flow has its own FIFO queue in router l Router services flows in a fair fashion
13 Max-Min Fairness l Given set of bandwidth demands r i and total bandwidth C, max-min bandwidth allocations are: a i = min(f, r i ) where f is the unique value such that Sum(a i ) = C r 1 r 2? C bits/s?? r 3 l This is what round-robin service gives if all packets are the same size
14 Fair Queuing is how we deal with packets of different sizes l Mental model: Bit-by-bit round robin l For each packet, compute its deadline l deadline à the time at which the last bit of a packet would have left the router if flows are served bit-by-bit l Transmit packets in increasing order of deadlines
15 Example Flow 1 (arrival traffic) time Flow 2 (arrival traffic) time Bit-wise round-robin time FQ time
16 Exercise Flow A (arrival traffic) Flow B (arrival traffic) A1 A2 A3 A4 B1 B2 time time Flow C (arrival traffic) C1 C2 time What s the packet order at the output for four scheduling disciplines? FIFO Round-Robin Fair Queuing Priority Assume Flow A > B > C in priority and for breaking ties
17 Router- Assisted Conges3on Control l Recall: Three tasks for CC: l Fairness à e.g., Fair Queuing l Rate adjustment à e.g., Rate Control Protocol l Detec0ng conges0on à e.g., ECN
18 Idea: Let routers tell endhosts what rate they should use l Packets carry rate field l Routers insert fair share f in packet header l End-hosts set sending rate (or window size) to f l Note: still assumes end-hosts play by the rules l This is the basic idea behind the Rate Control Protocol (RCP) from Dukkipati&McKeown in 2007
19 Flow Completion Time: TCP vs. RCP (Ignore XCP) Flow Duration (secs) vs. Flow Size RCP 19
20 Why the improvement?
21 Why is RCP important? l Congestion control had long focused on safety (primary) and fairness (secondary) l TCP does a good enough job at both l RCP highlighted CC s impact on performance l performance matters a lot in today s environment l RCP shows we can do better but is still fairly complex and not incrementally deployable
22 RC3 Mittal et al., 2014 l RC3: Recursively Cautious Congestion Control l Senders transmit at max rate from the get-go l But packets are marked with priorities l CWND packets are sent at priority#1 l The remaining at low priority l Routers implement priority scheduling (exists today) l If no congestion, all packets get through (high performance) l else, low priority packets dropped (safety and fairness)
23 Router- Assisted Conges3on Control l Recall: Three tasks for CC: l Fairness à e.g., Fair Queuing l Rate adjustment à e.g., Rate Control Protocol l Detec0ng conges0on à e.g., ECN
24 Explicit Congestion Notification (ECN) l Single bit in packet header; set by congested routers l l Many options for when routers set the bit Tradeoff between (link) utilization and (packet) delay l Receiver relays ECN bit in its ACK to the sender l l Congestion semantics can be exactly like that of drop e.g., endhost reacts as though it saw a drop l Advantages: l l l l Don t confuse corruption with congestion Serves as an early indicator of congestion to avoid delays Easy (easier) to incrementally deploy Today: defined in RFC 3168 using ToS/DSCP bits in the IP header
25 A final proposal: Charge people for congestion! l Use ECN as congestion markers l Whenever I get an ECN bit set, I have to pay $$ l Now, there s no debate over what a flow is, or what fair is l Idea started by Frank Kelly at Cambridge l l l optimal solution, backed by much math Great idea: simple, elegant, effective Unclear that it will impact practice
26 Recap! l TCP l allows apps to assume reliable bytestream delivery l with (mostly) fair and safe sharing of network resources l Congestion control 1. avoid overloading the network to the point of collapse 2. while sharing resources fairly 3. and maximizing performance l TCP does a good enough job at the first two but the last is more iffy
27 Taking Stock l Course so far l Concepts (links, delays, switches) l Overall architecture (layers, protocols, principles) l Network layer (how we interconnect hosts and networks) l Transport layer (how we make best-effort usable to apps) l What s left? l Application layer (DNS, HTTP) ß this week l Lower layers (Ethernet, Wireless) ß next l Advanced topics (datacenters, SDN, IPv6) ß last ~2 weeks
28 Some very special guest lectures l Nov 10: Yahel Ben-David (Wireless) l Nov 19: Stephen Strowes (IPv6) l Nov 24: Scott Shenker (SDN) l Dec 1: Panel: Careers in networking (tentative)
29 Application Layer l Domain Name System (DNS) l What s behind (e.g.) instr.eecs.berkeley.edu? l HTTP and the Web l What happens when you click on a link?
30 Host Names & Addresses l Host addresses: e.g., l a number used by protocols l conforms to network structure (the where ) l Host names: e.g., instr.eecs.berkeley.edu l mnemonic name usable by humans l conforms to organizational structure (the who ) l The Domain Name System (DNS) is how we map from one to the other l a directory service for hosts on the Internet
31 Why bother? l Convenience l Easier to remember than l Provides a level of indirection! l Decoupled names from addresses l Many uses beyond just naming a specific host
32 DNS: Early days l Mappings stored in a hosts.txt file (in /etc/hosts) l l maintained by the Stanford Research Institute (SRI) new versions periodically copied from SRI (via FTP) l As the Internet grew this system broke down l l l SRI couldn t handle the load conflicts in selecting names hosts had inaccurate copies of hosts.txt l The Domain Name System (DNS) was invented to fix this l First name server implementation done by 4 UCB students!
33 Goals? l Scalable l many names l many updates l many users creating names l many users looking up names l Highly available l Correct l no naming conflicts (uniqueness) l consistency l Lookups are fast
34 How? l Partition the namespace l Distribute administration of each partition l Autonomy to update my own (machines ) names l Don t have to track everybody s updates l Distribute name resolution for each partition l How should we partition things?
35 Key idea: hierarchical distribution Three intertwined hierarchies l Hierarchical namespace l As opposed to original flat namespace l Hierarchically administered l As opposed to centralized administrator l Hierarchy of servers l As opposed to centralized storage
36 Hierarchical Namespace root edu com gov mil org net uk fr berkeley eecs sims instr ucla l Top Level Domains are at the top l Domains are subtrees l E.g:.edu, berkeley.edu, eecs.berkeley.edu l Name is leaf-to-root path l instr.eecs.berkeley.edu l Name collisions trivially avoided! l each domain s responsibility
37 Hierarchical Administration ICANN/IANA root edu com gov mil org net uk fr berkeley ucla eecs sims instr A zone corresponds to an administrative authority responsible for a contiguous portion of the hierarchy E.g.: UCB controls *.berkeley.edu and *.sims.berkeley.edu while EECS controls *.eecs.berkeley.edu
38 Server Hierarchy l Top of hierarchy: Root servers l Location hardwired into other servers l Next Level: Top-level domain (TLD) servers l.com,.edu, etc. l Managed professionally l Bottom Level: Authoritative DNS servers l Actually store the name-to-address mapping l Maintained by the corresponding administrative authority
39 Server Hierarchy l Every server knows the address of the root name server l Root servers know the address of all TLD servers l l An authoritative DNS server stores name-to-address mappings ( resource records ) for all DNS names in the domain that it has authority for à Each server stores a subset of the total DNS database à Each server can discover the server(s) responsible for any portion of the hierarchy
40 DNS Root l Located in Virginia, USA Verisign, Dulles, VA
41 DNS Root Servers l 13 root servers (labeled A-M; see A Verisign, Dulles, VA C Cogent, Herndon, VA D U Maryland College Park, MD G US DoD Vienna, VA H ARL Aberdeen, MD J Verisign K RIPE London I Autonomica, Stockholm E NASA Mt View, CA F Internet Software Consortium Palo Alto, CA M WIDE Tokyo B USC-ISI Marina del Rey, CA L ICANN Los Angeles, CA
42 DNS Root Servers l 13 root servers (labeled A-M; see l Replicated via any-casting E NASA Mt View, CA F Internet Software Consortium, Palo Alto, CA (and 37 other locations) A Verisign, Dulles, VA C Cogent, Herndon, VA (also Los Angeles, NY, Chicago) D U Maryland College Park, MD G US DoD Vienna, VA H ARL Aberdeen, MD J Verisign (21 locations) K RIPE London (plus 16 other locations) I Autonomica, Stockholm (plus 29 other locations) M WIDE Tokyo plus Seoul, Paris, San Francisco B USC-ISI Marina del Rey, CA L ICANN Los Angeles, CA
43 Anycast in a nutshell l Routing finds shortest paths to destination l What happens if multiple machines advertise the same address? l The network will deliver the packet to the closest machine with that address l This is called anycast l Very robust l Requires no modification to routing algorithms
44 DNS Records l DNS servers store resource records (RRs) l RR is (name, value, type, TTL) l Type = A: (à Address) l name = hostname l value = IP address l Type = NS: (à Name Server) l name = domain l value = name of dns server for domain
45 DNS Records (cont d) l Type = MX: (à Mail exchanger) l name = domain in address l value = name(s) of mail server(s)
46 Inser3ng Resource Records into DNS l Example: you just created company FooBar l You get a block of IP addresses from your ISP l say /25 l Register foobar.com at registrar (e.g., Go Daddy) l Provide registrar with names and IP addresses of your authorita0ve name server(s) l Registrar inserts RR pairs into the.com TLD server: l (foobar.com, dns1.foobar.com, NS) l (dns1.foobar.com, , A) l Store resource records in your server dns1.foobar.com l e.g., type A record for l e.g., type MX record for foobar.com
47 Using DNS (Client/App View) l Two components l Local DNS servers l Resolver sozware on hosts l Local DNS server ( default name server ) l Clients configured with the default server s address or learn it via a host configura0on protocol (e.g., DHCP future lecture) l Client applica0on l Obtain DNS name (e.g., from URL) l Triggers DNS request to its local DNS server
48 local DNS server (mydns.berkeley.edu) root servers.edu servers DNS client (me.cs.berkeley.edu) nyu.edu servers 48
49 local DNS server (mydns.berkeley.edu) root servers.edu servers DNS client (me.cs.berkeley.edu) nyu.edu servers 49
50 root DNS server DNS server (mydns.berkeley.edu).edu servers DNS client (me.cs.berkeley.edu) nyu.edu servers 50
51 root DNS server DNS server (mydns.berkeley.edu).edu servers DNS client (me.cs.berkeley.edu) nyu.edu servers 51
52 recursive DNS query root DNS server DNS server (mydns.berkeley.edu).edu servers DNS client (me.cs.berkeley.edu) nyu.edu servers 52
53 root DNS server DNS server (mydns.berkeley.edu).edu servers DNS client (me.cs.berkeley.edu) nyu.edu servers 53
54 itera0ve DNS query root DNS server DNS server (mydns.berkeley.edu).edu servers DNS client (me.cs.berkeley.edu) nyu.edu servers
55 DNS Protocol l Query and Reply messages; both with the same message format l see text/section for details l Client-Server interaction on UDP Port 53 l Spec supports TCP too, but not always implemented
56 Goals how are we doing? l Scalable l many names l many updates l many users creating names l many users looking up names l Highly available
57 Per-domain availability l DNS servers are replicated l Primary and secondary name servers required l Name service available if at least one replica is up l Queries can be load-balanced between replicas l Try alternate servers on timeout l Exponential backoff when retrying same server
58 Goals how are we doing? l Scalable l many names l many updates l many users creating names l many users looking up names l Highly available l Correct l no naming conflicts (uniqueness) l consistency l Lookups are fast
59 root DNS server local DNS server.edu TLD DNS server DNS client nyu.edu DNS server 59
60 Caching l Caching of DNS responses at all levels l Reduces load at all levels l Reduces delay experienced by DNS client
61 DNS Caching l How DNS caching works l DNS servers cache responses to queries l Responses include a 0me to live (TTL) field l Server deletes cached entry azer TTL expires l Why caching is effec0ve l The top- level servers very rarely change l Popular sites visited ozen à local DNS server ozen has the informa0on cached
62 Nega3ve Caching l Remember things that don t work l Misspellings like and l These can take a long 0me to fail the first 0me l Good to remember that they don t work l so the failure takes less 0me the next 0me around l Nega0ve caching is op0onal
63 How can one amack DNS? 63
64 root DNS server local DNS server.edu TLD DNS server Persa (the impersonator) DNS client nyu.edu DNS server 64
65 How can one amack DNS? l Impersonate the local DNS server give the wrong IP address to the DNS client
66 root DNS server local DNS server.edu TLD DNS server DNS client Denis (the epfl.ch denial- of- service DNS agacker) server 66
67 How can one amack DNS? l Impersonate the local DNS server give the wrong IP address to the DNS client l Denial- of- service the root or TLD servers make them unavailable to the rest of the world
68 root DNS server local DNS server.edu TLD DNS server Casha DNS client nyu.edu DNS server 68
69 How can one amack DNS? l Impersonate the local DNS server give the wrong IP address to the DNS client l Denial- of- service the root or TLD servers make them unavailable to the rest of the world l Poison the cache of a DNS server increase the delay experienced by DNS clients
70 Important Proper3es of DNS Administra0ve delega0on and hierarchy results in: l Easy unique naming l Fate sharing for network failures l Reasonable trust model l Caching lends scalability, performance
71 DNS provides Indirec3on l Addresses can change underneath l l Move to a new IP address Humans/apps are unaffected l Name could map to mul0ple IP addresses l Enables load- balancing l Mul0ple names for the same address l E.g., many services (mail, www, Zp) on same machine l Allowing host names to evolve into service names
72 Next Lecture (ScoM Shenker lecturing) l HTTP and the Web l (Broadcast) Ethernet
CSE561 Naming and DNS. David Wetherall
CSE561 Naming and DNS David Wetherall djw@cs.washington.edu Naming and DNS Focus: How do we resolve names to addresses Names and addresses Application DNS as a system design Transport Network Link Physical
More informationIP ADDRESSES, NAMING, AND DNS
IP ADDRESSES, NAMING, AND DNS George Porter Apr 9, 2018 ATTRIBUTION These slides are released under an Attribution-NonCommercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0) Creative Commons license These
More informationDomain Name Service. DNS Overview. October 2009 Computer Networking 1
Domain Name Service DNS Overview October 2009 Computer Networking 1 Why DNS? Addresses are used to locate objects (contain routing information) Names are easier to remember and use than numbers DNS provides
More informationPage 1. TCP Flow Control" TCP Flow Control" TCP Flow Control" CS162 Operating Systems and Systems Programming Lecture 16. Flow Control, DNS"
CS162 Operating Systems and Systems Programming Lecture 16 Flow Control, DNS" March 28, 2011! Ion Stoica! http://inst.eecs.berkeley.edu/~cs162! TCP: stream oriented protocol! Sender sends a stream of bytes,
More informationCSEN 503 Introduction to Communication Networks
CSEN 503 Introduction to Communication Networks 1-1 Mervat AbuElkheir Hana Medhat Ayman Dayf ** Slides are attributed to J. F. Kurose Roadmap: Application layer Cookies and User-Server State Web caches
More informationCSc 450/550 Computer Networks Domain Name System
CSc 450/550 Computer Networks Domain Name System Jianping Pan Summer 2007 5/28/07 CSc 450/550 1 Review: Web/HTTP Web URI/URL, HTML tags, embedded objects HTTP request and response persistence, statefulness
More informationThe Domain Name System
The Domain Name System Stefano Vissicchio UCL Computer Science COMP0023 Today 1. The Domain Name System (DNS) 2. A Brief Word on DNS Security A name indicates what we seek. An address indicates where it
More informationComputer Networks. Domain Name System. Jianping Pan Spring /25/17 CSC361 1
Computer Networks Domain Name System Jianping Pan Spring 2017 1/25/17 CSC361 1 Review: Web/HTTP Web URI/URL, HTML tags embedded/linked objects HTTP request and response persistence, statefulness web caching,
More informationChapter 2 Application Layer. Lecture 5 DNS. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012
Chapter 2 Application Layer Lecture 5 DNS Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Application Layer 2-1 Chapter 2: outline 2.1 principles
More informationEECS 122: Introduction to Computer Networks DNS and WWW. Internet Names & Addresses
EECS 122: Introduction to Computer Networks DNS and WWW Computer Science Division Department of Electrical Engineering and Computer Sciences University of California, Berkeley Berkeley, CA 94720-1776 Internet
More informationCSE 486/586 Distributed Systems
CSE 486/586 Distributed Systems The Domain Name System Slides by Steve Ko Computer Sciences and Engineering University at Buffalo CSE 486/586 Domain Name System (DNS) Proposed in 1983 by Paul Mockapetris
More informationLecture 05: Application Layer (Part 02) Domain Name System. Dr. Anis Koubaa
NET 331 Computer Networks Lecture 05: Application Layer (Part 02) Domain Name System Dr. Anis Koubaa Reformatted slides from textbook Computer Networking a top-down appraoch, Fifth Edition by Kurose and
More informationCSEN 404 Introduction to Networks. Mervat AbuElkheir Mohamed Abdelrazik. ** Slides are attributed to J. F. Kurose
CSEN 404 Introduction to Networks Mervat AbuElkheir Mohamed Abdelrazik ** Slides are attributed to J. F. Kurose HTTP Method Types HTTP/1.0 GET POST HEAD asks server to leave requested object out of response
More informationCS 43: Computer Networks. 10: Naming and DNS September 24, 2018
CS 43: Computer Networks 10: Naming and DNS September 24, 2018 Last class Distributed systems architectures Client-Server Peer-to-Peer Challenges in design Partial failures Event ordering Lecture 10 -
More informationApplications & Application-Layer Protocols: (SMTP) and DNS
CS 312 Internet Concepts Applications & Application-Layer Protocols: E (SMTP) and DNS Dr. Michele Weigle Department of Computer Science Old Dominion University mweigle@cs.odu.edu http://www.cs.odu.edu/~mweigle/cs312-f11
More informationLecture 7: Application Layer Domain Name System
Lecture 7: Application Layer Domain Name System COMP 332, Spring 2018 Victoria Manfredi Acknowledgements: materials adapted from Computer Networking: A Top Down Approach 7 th edition: 1996-2016, J.F Kurose
More informationEE 122: Domain Name System
EE 122: Domain Name System Ion Stoica (and Brighten Godfrey) TAs: Lucian Popa, David Zats and Ganesh Ananthanarayanan http://inst.eecs.berkeley.edu/~ee122/ Materials with thanks to Vern Paxson, Jennifer
More informationReminders. EE 122: Domain Name System. Goals of Today!s Lecture. Host Names vs. IP addresses. Separating Naming and Addressing
Reminders EE 122: Domain Name System Homework 2 due Oct 1 @ 3:50 pm Oct 1 is this Wednesday Project 1 checkpoint due Oct 6 @ 11:59:59 pm Ion Stoica (and Brighten Godfrey) TAs: Lucian Popa, David Zats and
More informationCSCI-1680 DNS Rodrigo Fonseca
CSCI-1680 DNS Rodrigo Fonseca Based partly on lecture notes by Sco2 Shenker and John Janno6 Host names and IP Addresses Host names Mnemonics appreciated by humans Variable length, ASCII characters Provide
More informationLight at the end of the tunnel Final Lecture: Course Overview
Light at the end of the tunnel Final Lecture: Course Overview Acknowledgments: Lecture slides are from Computer networks course thought by Jennifer Rexford at Princeton University. When slides are obtained
More informationDomain Name System (DNS) 김현철 ( 화 ) 정보통신융합서울대학교컴퓨터공학부
Domain Name System (DNS) 김현철 2010.09.29 ( 화 ) 정보통신융합서울대학교컴퓨터공학부 Chapter 2 Application Layer A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students,
More informationELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition
ELEC / COMP 177 Fall 2013 Some slides from Kurose and Ross, Computer Networking, 5 th Edition Project 1 Python HTTP Server Work day: Next Tuesday (Sept 24 th ) Due Thursday, September 26 th by 11:55pm
More informationApplication-layer Protocols
Application-layer Protocols Kai Shen application transport data link physical Network Applications and Application-Layer Protocols application transport data link physical application transport data link
More informationChapter 2: Application layer
Chapter 2: Application layer 2.1 Principles of network applications 2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail SMTP, POP3, IMAP 2.5 DNS 2.6 P2P applications 2.7 Socket programming with TCP 2.8 Socket
More informationApplication Layer. Pure P2P architecture. Client-server architecture. Processes communicating. Hybrid of client-server and P2P. Creating a network app
Application Layer e- web instant messaging remote login P2P file sharing multi- network games streaming stored video (YouTube) voice over IP real-time video conferencing cloud computing Creating a network
More informationAnnouncements. Transport Protocols & DNS. Goals for Today s Lecture, Part 1. Goals of Today s Lecture, Part 2. Transport Protocols
Announcements Transport Protocols & DNS EE 122: Intro to Communication Networks Fall 2006 (MW 4-5:30 in Donner 155) We re soliciting feedback What s not working? What s working well? Send via email or
More informationTranslating Addresses
Translating Addresses Reading: Sections 9.3.1, 3.2.6. 3.2.7 Slides by Rexford @ Princeton, slightly altered by M.D. Context Application DNS DHCP Transport TCP UDP Network ICMP IP ARP Physical Physical
More informationComputer Networking Introduction
Computer Networking Introduction Halgurd S. Maghdid Software Engineering Department Koya University-Koya, Kurdistan-Iraq Lecture No.5 Chapter 2: outline 2.1 principles of network applications app architectures
More informationDNS and CDNs : Fundamentals of Computer Networks Bill Nace
DNS and CDNs 14-740: Fundamentals of Computer Networks Bill Nace Material from Computer Networking: A Top Down Approach, 6 th edition. J.F. Kurose and K.W. Ross Administrivia HW #1 is posted Mission: Learn
More information0 0& Basic Background. Now let s get into how things really work!
+,&&-# Department of Electrical Engineering and Computer Sciences University of California Berkeley Basic Background General Overview of different kinds of networks General Design Principles Architecture
More informationChapter 2 part B: outline
Chapter 2 part B: outline 2.3 FTP 2.4 electronic, POP3, IMAP 2.5 DNS Application Layer 2-1 FTP: the file transfer protocol at host FTP interface FTP client local file system file transfer FTP remote file
More informationDomain Name System.
Domain Name System http://xkcd.com/302/ CSCI 466: Networks Keith Vertanen Fall 2011 Overview Final project + presentation Some TCP and UDP experiments Domain Name System (DNS) Hierarchical name space Maps
More informationCS 3516: Advanced Computer Networks
Welcome to CS 3516: Adanced Computer Networks Prof. Yanhua Li Time: 9:00am 9:50am M, T, R, and F Location: Fuller 320 Fall 2017 A-term 1 Some slides are originally from the course materials of the textbook
More informationCSE 124: IP ADDRESSES, NAMING, AND DNS. George Porter Oct 4, 2017
CSE 124: IP ADDRESSES, NAMING, AND DNS George Porter Oct 4, 2017 ATTRIBUTION These slides are released under an Attribution-NonCommercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0) Creative Commons license
More informationApplication Layer: , DNS
Application Layer: E-mail, DNS EECS 3214 Slides courtesy of J.F Kurose and K.W. Ross, All Rights Reserved 22-Jan-18 1-1 Chapter 2: outline 2.1 principles of network applications 2.2 Web and HTTP 2.3 electronic
More informationApplication Layer. Pure P2P architecture. Client-server architecture. Processes communicating. Hybrid of client-server and P2P. Creating a network app
Application Layer e- web instant messaging remote login PP file sharing multi- network games streaming stored video (YouTube) voice over IP real-time video conferencing cloud computing Creating a network
More informationDNS. dr. C. P. J. Koymans. September 16, Informatics Institute University of Amsterdam. dr. C. P. J. Koymans (UvA) DNS September 16, / 46
DNS dr. C. P. J. Koymans Informatics Institute University of Amsterdam September 16, 2008 dr. C. P. J. Koymans (UvA) DNS September 16, 2008 1 / 46 DNS and BIND DNS (Domain Name System) concepts theory
More informationChapter 2 Application Layer
Chapter 2 Application Layer A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and
More informationCSCI-1680 DNS Rodrigo Fonseca
CSCI-1680 DNS Rodrigo Fonseca Based partly on lecture notes by Scott Shenker and John Jannotti We know how to open TCP connections to a server/port: E.g., 128.148.32.110, port 80 Host names and IP Addresses
More informationDNS Hierarchical Name Space. BIND Terminology and DNS Name Servers. Distributed Hierarchical Database (1st Approx) Domain Name System (DNS)
Domain Name System (DNS) DNS consists of 1. an hierarchical name space name allocation decentralized to domains host.sub-subdomain.....subdomain.domain[.root] host machine name, can be an alias sub-subdomain
More informationCSCD 330 Network Programming Winter 2015
CSCD 330 Network Programming Winter 2015 Lecture 5 Application Layer Reading: Chapter 2 Still Some Material in these slides from J.F Kurose and K.W. Ross All material copyright 1996-2007 1 More Network
More informationECE 650 Systems Programming & Engineering. Spring 2018
ECE 650 Systems Programming & Engineering Spring 2018 Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) Tyler Bletsch Duke University Slides are adapted from Brian Rogers (Duke) Dynamic
More informationPage 1. CS162 Operating Systems and Systems Programming Lecture 22. Networking III. Automatic Repeat Request
Review CS162 Operating Systems and Systems Programming Lecture 22 Networking III April 22, 2010 Ion Stoica http://inst.eecs.berkeley.edu/~cs162 Link (link) layer: Broadcast network; frames sent by one
More informationApplication Layer. Goals: Service models. Conceptual aspects of network application protocols Client server paradigm
Application Layer Goals: Conceptual aspects of network application protocols Client server paradigm Service models Review protocols by examining popular application-level protocols HTTP DNS 1 Applications
More informationDomain Name System (DNS)
Domain Name System (DNS) Smith College, CSC 249 Feb 6, 2017 1 TODAY: Domain Name System qthe directory system for the Internet v Used by other application layer protocols v via socket programming qmaps
More informationNAMING, DNS, AND CHORD
NAMING, DNS, AND CHORD George Porter Oct 30 and Nov 1, 2018 ATTRIBUTION These slides are released under an Attribution-NonCommercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0) Creative Commons license These
More informationThe Domain Name System (DNS) and its security. CSU CS557, Spring 2018 Instructor: Lorenzo De Carli Partly based on the CS457 slides by Indrajit Ray
The Domain Name System (DNS) and its security CSU CS557, Spring 2018 Instructor: Lorenzo De Carli Partly based on the CS457 slides by Indrajit Ray 1 What is the domain name system? Internet use 4- (or
More informationELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition
ELEC / COMP 177 Fall 2012 Some slides from Kurose and Ross, Computer Networking, 5 th Edition Midterm Exam Tuesday, October 16 th Format Short answer problems No questions on programming Closed notes Closed
More informationProtocol Classification
DNS and DHCP TCP/IP Suite Suite of protocols (not just TCP and IP) Main protocols TCP and UDP at the Transport Layer, and IP at the Network Layer Other protocols ICMP, ARP, Telnet, Ftp, HTTP, SMTP, SNMP
More informationCS519: Computer Networks. Lecture 6: Apr 5, 2004 Naming and DNS
: Computer Networks Lecture 6: Apr 5, 2004 Naming and DNS Any problem in computer science can be solved with another layer of indirection David Wheeler Naming is a layer of indirection What problems does
More informationCS 3640: Introduction to Networks and Their Applications
CS 3640: Introduction to Networks and Their Applications Fall 2018, Lecture 18: The Application Layer II (Credit: Christo Wilson @ NEU) Instructor: Rishab Nithyanand Teaching Assistant: Md. Kowsar Hossain
More informationAnnouncements! Midterm Review! General Guidelines! My General Philosophy on Tests! Outline of Review! Things You Don t Need to Know!
Announcements! Extended office hours after class As long as line lasts!. Midterm Review! EE 122 Intro to Communication Networks Fall 2010 (MW 4-530 in 101 Barker) Scott Shenker TAs Sameer Agarwal, Sara
More informationTable of Contents DNS. Short history of DNS (1) DNS and BIND. Specification and implementation. A short history of DNS.
Table of Contents Specification and implementation DNS dr. C. P. J. Koymans Informatics Institute University of Amsterdam September 14, 2009 A short history of DNS Root servers Basic concepts Delegation
More informationApplication layer. Some network apps. Client-server architecture. Hybrid of client-server and P2P. Pure P2P architecture. Creating a network app
Application layer Some network apps e- web instant messaging remote login P2P file sharing multi- network games streaming stored video (YouTube) voice over IP real-time video conferencing cloud computing
More informationCSC 401 Data and Computer Communications Networks
CSC 401 Data and Computer Communications Networks Application Layer DNS and P2P Sec 2.4 2.5 Prof. Lina Battestilli Fall 2017 Outline Application Layer (ch 2) 2.1 principles of network applications 2.2
More informationSection 2: Application layer
Section 2: Application layer 2.1 Principles of network applications 2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail SMTP, POP3, IMAP 2.5 DNS 2.6 P2P applications 2.7 Socket programming with UDP 2.8 Socket
More informationTable of Contents DNS. Short history of DNS (1) DNS and BIND. Specification and implementation. A short history of DNS. Root servers.
Table of Contents Specification and implementation DNS Karst Koymans Informatics Institute University of Amsterdam (version 1.11, 2010/10/04 10:03:37) Tuesday, September 14, 2010 A short history of DNS
More informationApplication Layer. Goals:
Application Layer Goals: Conceptual aspects of network application protocols Client server paradigm Service models Learn about protocols by examining popular applicationlevel protocols HTTP DNS SMTP, POP3,
More informationApplication Layer. Applications and application-layer protocols. Goals:
Application Layer Goals: Conceptual aspects of network application protocols Client server paradigm Service models Learn about protocols by examining popular applicationlevel protocols HTTP DNS SMTP, POP3,
More informationCSCD 330 Network Programming Spring 2018 Lecture 5 Application Layer. Reading: Chapter 2 Still
CSCD 330 Network Programming Spring 2018 Lecture 5 Application Layer Reading: Chapter 2 Still Some Material in these slides from J.F Kurose and K.W. Ross All material copyright 1996-2007 1 More Network
More informationInternet applications. 2: Application Layer 1
Internet applications 2: Application Layer 1 Recall Internet architecture Intelligence at end systems e.g., web server software communicates with browser software No need to write software for network-core
More informationELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition
ELEC / COMP 177 Fall 2011 Some slides from Kurose and Ross, Computer Networking, 5 th Edition Homework #1 Due Thursday Submit PDF file online via Sakai Questions? Office Hours Tue 1:30-3pm, Wed 1:30-3pm
More informationMissing pieces + Putting the pieces together
Missing pieces + Putting the pieces together CS 168, Fall 2014 Sylvia Ratnasamy Material thanks to Ion Stoica, Scott Shenker, Jennifer Rexford, Nick McKeown, and many other colleagues Today Switched Ethernet
More informationNetworking Overview. CS Computer Security Profs. Vern Paxson & David Wagner
Networking Overview CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs: John Bethencourt, Erika Chin, Matthew Finifter, Cynthia Sturton, Joel Weinberger http://inst.eecs.berkeley.edu/~cs161/
More informationApplication Layer Protocols
Application Layer Protocols Dr. Ihsan Ullah Department of Computer Science & IT University of Balochistan, Quetta Pakistan Email: ihsan.ullah.cs@gmail.com These slides are adapted from the slides accompanying
More informationlogical link name logical link name name logical link address physical address path
http://mosaic.cnfolio.com/b101cw2011article581 RelaDonship Between Layers logical link name Discovery Mike Freedman COS 461: Computer Networks h?p://www.cs.princeton.edu/courses/archive/spr14/cos461/ 2
More informationComputer Networks. More on Standards & Protocols Quality of Service. Week 10. College of Information Science and Engineering Ritsumeikan University
Computer Networks More on Standards & Protocols Quality of Service Week 10 College of Information Science and Engineering Ritsumeikan University Introduction to Protocols l A protocol is a set of rules
More informationCSCE 463/612 Networks and Distributed Processing Spring 2018
CSCE 463/612 Networks and Distributed Processing Spring 2018 Application Layer III Dmitri Loguinov Texas A&M University February 8, 2018 Original slides copyright 1996-2004 J.F Kurose and K.W. Ross 1 Chapter
More informationDiscovery. RelaKonship Between Layers. Discovery: Mapping Name to Address. RouKng: Mapping Link to Path. What s in a Name? Naming
RelaKonship Between Layers Discovery Mike Freedman COS 461: Computer Networks Lectures: MW 10-10:50am in Architecture N101 logical link name hep://www.cs.princeton.edu/courses/archive/spr13/cos461/ 2 Discovery:
More informationOverview General network terminology. Chapter 9.1: DNS
Overview General network terminology Chapter 9.1: DNS Jan-29-04 4/598N: Computer Networks 1 Connection mechanisms Connectionless or packet switching Each packet carries with it the source and destination
More informationf.root-servers.net ISOC cctld Workshop Nairobi, Kenya, 2005
f.root-servers.net ISOC cctld Workshop Nairobi, Kenya, 2005 The Basics DNS The Domain Name System is a huge database of resource records globally distributed, loosely coherent, scaleable, reliable, dynamic
More informationAdvanced Networking. Domain Name System
Advanced Networking Domain Name System Purpose of DNS servers Human being has many identifications: 1) Our name can be used for identification Problem: Two differenet people may have same name. 2) Mobile
More informationAdvanced Networking. Domain Name System. Purpose of DNS servers. Purpose of DNS servers. Purpose of DNS servers
Purpose of DNS servers Advanced Networking Domain Name System Human being has many identifications: 1) Our name can be used for identification Problem: Two differenet people may have same name. 2) Mobile
More informationChapter II: Application Layer
Chapter II: Application Layer UG3 Computer Communications & Networks (COMN) MAHESH MARINA mahesh@ed.ac.uk Slides thanks to Myungjin Lee, and copyright of Kurose and Ross First, a review Web and HTTP web
More informationpage 1 Plain Old DNS WACREN, DNS/DNSSEC Regional Workshop Ouagadougou, October 2016
page 1 Plain Old DNS WACREN, DNS/DNSSEC Regional Workshop Ouagadougou, 10-14 October 2016 page 2 IP: Identifiers on the Internet The fundamental identifier on the internet is an IP address. Each host connected
More informationNaming Computer Networking. Overview. DNS: Domain Name System. Obvious Solutions (1) Obvious Solutions (2)
Naming 15-441 Computer Networking DNS How do we efficiently locate resources? DNS: name IP address Service location: description host Other issues How do we scale these to the wide area? How to choose
More informationNetworking Acronym Smorgasbord: , DVMRP, CBT, WFQ
Networking Acronym Smorgasbord: 802.11, DVMRP, CBT, WFQ EE122 Fall 2011 Scott Shenker http://inst.eecs.berkeley.edu/~ee122/ Materials with thanks to Jennifer Rexford, Ion Stoica, Vern Paxson and other
More informationCMPE 150/L : Introduction to Computer Networks. Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 5
CMPE 150/L : Introduction to Computer Networks Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 5 1 Any problem of your lab? Due by next Monday (Jan 29) Using Canvas? Email me cqian12@ucsc.edu
More informationCommunications Software. CSE 123b. CSE 123b. Spring Lecture 11: Domain Name System (DNS) Stefan Savage. Some pictures courtesy David Wetherall
CSE 123b CSE 123b Communications Software Spring 2003 Lecture 11: Domain Name System (DNS) Stefan Savage Some pictures courtesy David Wetherall & Srini Seshan Where we ve been & where we re going Low-level
More informationCSE 123b Communications Software. Overview for today. Names and Addresses. Goals for a naming system. Internet Hostnames
CSE 123b Communications Software Spring 2003 Lecture 11: Domain Name System (DNS) Stefan Savage Where we ve been & where we re going Low-level networking (so far) Internetworking architecture Packet Forwarding
More informationPotential Name Syntax. Properties of Naming. Naming and system components. Naming and layering. Replicated storage, consistency
Naming and layering Naming and system components Replicated storage, consistency Caller Callee How to design interface between components? COS 518: Advanced Computer Systems Lecture 2 Mike Freedman Many
More informationThe Application Layer: Sockets, DNS
The Application Layer: Sockets, DNS CS 352, Lecture 3 http://www.cs.rutgers.edu/~sn624/352-s19 Srinivas Narayana 1 App-layer protocol Types of messages exchanged, e.g., request, response Message format:
More informationDNS. A Massively Distributed Database. Justin Scott December 12, 2018
DNS A Massively Distributed Database Justin Scott December 12, 2018 What is DNS? Translates Hostnames to IP Addresses What is DNS? Example: www.serverlogic.com 23.185.0.4 What is DNS? Example: www.serverlogic.com
More informationApplications Layer Protocols. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806
Applications Layer Protocols Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806 1 Acknowledgements Some pictures used in this presentation were obtained
More informationCS268: Beyond TCP Congestion Control
TCP Problems CS68: Beyond TCP Congestion Control Ion Stoica February 9, 004 When TCP congestion control was originally designed in 1988: - Key applications: FTP, E-mail - Maximum link bandwidth: 10Mb/s
More informationChapter 2 Application Layer
Chapter 2 Application Layer A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see the animations;
More informationMore Internet Support Protocols
More Internet Support Protocols Domain Name System (DNS) Ch 2.5 Problem statement: Average brain can easily remember 7 digits On average, IP addresses have 10.28 digits We need an easier way to remember
More informationCIS 551 / TCOM 401 Computer and Network Security
CIS 551 / TCOM 401 Computer and Network Security Spring 2008 Lecture 12 2/28/08 CIS/TCOM 551 1 Announcements Reminder: Project 2 is due Friday, March 7th at 11:59 pm 2/28/08 CIS/TCOM 551 2 Internet Protocol
More informationHomework 3 1 DNS. A root. A com. A google.com
Homework 3 1 DNS Suppose you have a Host C, a local name server L, and authoritative name servers A root, A com, and A google.com, where the naming convention A x means that the name server knows about
More informationADVANCED TOPICS FOR CONGESTION CONTROL
ADVANCED TOPICS FOR CONGESTION CONTROL Congestion Control The Internet only functions because TCP s congestion control does an effective job of matching traffic demand to available capacity. TCP s Window
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 18: Network Attacks Department of Computer Science and Engineering University at Buffalo 1 Lecture Overview Network attacks denial-of-service (DoS) attacks SYN
More informationCMPE 150/L : Introduction to Computer Networks. Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 6
CMPE 150/L : Introduction to Computer Networks Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 6 1 Midterm room for overflow students The students who used my registration code to enroll
More informationDNS/DNSSEC Workshop. In Collaboration with APNIC and HKIRC Hong Kong. Champika Wijayatunga Regional Security Engagement Manager Asia Pacific
DNS/DNSSEC Workshop In Collaboration with APNIC and HKIRC Hong Kong Champika Wijayatunga Regional Security Engagement Manager Asia Pacific 22-24 January 2018 1 Agenda 1 2 3 Introduction to DNS DNS Features
More information416 Distributed Systems. Networks review; Day 1 of 2 Jan 5 + 8, 2018
416 Distributed Systems Networks review; Day 1 of 2 Jan 5 + 8, 2018 1 Distributed Systems vs. Networks Low level (c/go) Run forever Support others Adversarial environment Distributed & concurrent Resources
More informationThis time. Digging into. Networking. Protocols. Naming DNS & DHCP
This time Digging into Networking Protocols Naming DNS & DHCP Naming IP addresses allow global connectivity But they re pretty useless for humans! Can t be expected to pick their own IP address Can t be
More informationEECS 122: Introduction to Computer Networks Switch and Router Architectures. Today s Lecture
EECS : Introduction to Computer Networks Switch and Router Architectures Computer Science Division Department of Electrical Engineering and Computer Sciences University of California, Berkeley Berkeley,
More informationDNS. Karst Koymans & Niels Sijm. Tuesday, September 7, Informatics Institute University of Amsterdam
DNS Karst Koymans & Niels Sijm Informatics Institute University of Amsterdam Tuesday, September 7, 2012 Karst Koymans & Niels Sijm (UvA) DNS Tuesday, September 7, 2012 1 / 62 1 DNS: what does it do and
More informationCSCD 330 Network Programming Spring 2017
CSCD 330 Network Programming Spring 2017 Lecture 5 Application Layer Reading: Chapter 2 Still Some Material in these slides from J.F Kurose and K.W. Ross All material copyright 1996-2007 1 More Network
More informationGeneric Architecture. EECS 122: Introduction to Computer Networks Switch and Router Architectures. Shared Memory (1 st Generation) Today s Lecture
Generic Architecture EECS : Introduction to Computer Networks Switch and Router Architectures Computer Science Division Department of Electrical Engineering and Computer Sciences University of California,
More informationDNS Concepts. Acknowledgements July 2005, Thimphu, Bhutan. In conjunction with SANOG VI. Bill Manning Ed Lewis Joe Abley Olaf M.
16-20 July 2005, Thimphu, Bhutan In conjunction with SANOG VI DNS Concepts Acknowledgements Bill Manning Ed Lewis Joe Abley Olaf M. Kolkman NeuStar 1 Purpose of naming Addresses are used to locate objects
More information