The Domain Name System
|
|
- Barnaby Thornton
- 5 years ago
- Views:
Transcription
1 The Domain Name System Stefano Vissicchio UCL Computer Science COMP0023
2 Today 1. The Domain Name System (DNS) 2. A Brief Word on DNS Security
3 A name indicates what we seek. An address indicates where it is. A route indicates how we get there. Jon Postel 3
4 Hostnames vs. IP Addresses Hostnames Mnemonic name used by humans Variable length, full alphabet of characters Provide little (if any) information about location Examples: and IP addresses Numerical address used by routers Fixed length, binary number (e.g., ) Hierarchical, related to host location 4
5 ARPAnet,
6 Looking Up IP Addresses Before the DNS Per-host file named hosts.txt Flat namespace: each line is an IP address and a name SRI (Menlo Park, California) kept the master copy Everyone else downloads regularly But a single server, manually updated, doesn t scale Always a little out of date name collisions! Traffic implosion (lookups and updates) Single point of failure Need a distributed and hierarchical collection of servers
7 DNS is a Wide-Area Distributed Database Goals: Scalability and decentralized maintenance DNS is the biggest DB in the world! Robustness Global scope names mean the same thing everywhere Don t need all of ACID Atomicity Strong consistency Do need: Performance for queries and distributed updates
8 Default answer to all systems problems: If it doesn t scale, add hierarchy. If it doesn t go fast enough, add a cache. 8
9 Domain Name System (DNS) Hierarchical name space divided into zones Zones distributed over a collection of DNS servers Hierarchy of DNS servers Root servers (identity hardwired into other servers) Top-level domain (TLD) servers Authoritative DNS servers To perform translations of names from/to IP addresses Local DNS servers located near clients (for caching!) Resolver software running on clients
10 DNS Namespace is Hierarchical Root:. Top-level Domains (TLDs): com. uk. edu. ac.uk. cmu.edu. mit.edu. ucl.ac.uk. Hierarchy of servers follows hierarchy of DNS zones Zone is contiguous section of namespace e.g., complete tree, single node, or subtree Set of nameservers answers queries for names within zone Nameservers must store names and links to other servers in tree
11 DNS has Many Uses Hostname to IP address translation IP address to hostname translation (reverse lookup) Host name aliasing allows other names for a host Can be arbitrarily many aliases Alias host names point to canonical hostname Mail server location Lookup zone s mail server based on zone name Content distribution networks Load balancing among many servers with different IP addresses Complex, hierarchical arrangements are possible
12 DNS Root Nameservers 13 root servers (see h4p:// Named A through M Does this scale? E NASA Mt View, CA F Internet SoPware ConsorQum, Palo Alto, CA (and 37 other locaqons) A Verisign, Dulles, VA C Cogent, Herndon, VA (also Los Angeles, NY, Chicago) D U Maryland College Park, MD K RIPE London (plus 16 other locaqons) G US DoD Vienna, VA H ARL Aberdeen, MD J Verisign (21 locaqons) I Autonomica, Stockholm (plus 29 other locaqons) M WIDE Tokyo plus Seoul, Paris, San Francisco B USC-ISI Marina del Rey, CA L ICANN Los Angeles, CA
13 DNS Root Nameservers 13 root servers (see h4p:// Named A through M Each server really cluster of servers (some geographically distributed), replication via IP anycast E NASA Mt View, CA F Internet SoPware ConsorQum, Palo Alto, CA (and 37 other locaqons) A Verisign, Dulles, VA C Cogent, Herndon, VA (also Los Angeles, NY, Chicago) D U Maryland College Park, MD K RIPE London (plus 16 other locaqons) G US DoD Vienna, VA H ARL Aberdeen, MD J Verisign (21 locaqons) I Autonomica, Stockholm (plus 29 other locaqons) M WIDE Tokyo plus Seoul, Paris, San Francisco B USC-ISI Marina del Rey, CA L ICANN Los Angeles, CA
14 TLD and Authoritative Servers Top-level domain (TLD) servers Responsible for com, org, net, edu, etc, and all toplevel country domains: uk, fr, ca, jp Network Solutions maintains servers for com TLD Educause for edu TLD Authoritative DNS servers An organization s DNS servers, providing authoritative information for organization s servers Can be maintained by organization or service provider
15 Local Name Servers Do not strictly belong to hierarchy Each ISP (company, university) has one Also called default or caching name server Any local DNS server does work for hosts Receives queries from end hosts Forwards each query into hierarchy Acting as proxy Return the query s response to the hosts
16 DNS in Operation Most queries and responses are UDP datagrams Two types of queries: Recursive: Client NS server may ask other servers if it doesn t know the answer Answer: A Iterative: Client NS server will reply with what it does know Referral:.edu NS
17 Local NS Does Clients Work Root NS TLD NS 1. Client s resolver makes recursive query to local NS 2. Local NS processing: Local NS sends iterative queries to other NS s Local NS Clients Authorita9ve NS or finds answer in cache 3. Local NS responds with answer to client s request
18 Local NS Does Clients Work Root NS Local NS TLD NS Authorita9ve NS 1. Client s resolver makes recursive query to local NS 2. Local NS processing: Local NS sends iterative queries to other NS s or finds answer in cache Local NS responds with answer to client s request Clients
19 Local NS Does Clients Work Root NS Local NS TLD NS Authorita9ve NS 1. Client s resolver makes recursive query to local NS 2. Local NS processing: Local NS sends iterative queries to other NS s or finds answer in cache 3. Local NS responds to client s request Clients
20 Example: Lookup for Client Local NS. (root): NS
21 Example: Lookup for (root) authority edu.: NS no.: NS uk.: NS Client Local NS. (root): NS
22 Example: Lookup for (root) authority edu.: NS no.: NS uk.: NS Contact for edu. Client Local NS. (root): NS
23 Example: Lookup for (root) authority edu.: NS no.: NS uk.: NS Contact for edu. Client Local NS. (root): NS edu.: NS
24 Example: Lookup for (root) authority edu.: NS no.: NS uk.: NS edu. authority scholarly.edu.: NS pedanqc.edu.: NS Client Local NS. (root): NS edu.: NS
25 Example: Lookup for Client. (root) authority edu.: NS no.: NS uk.: NS edu. authority scholarly.edu.: NS pedanqc.edu.: NS Contact for scholarly.edu. Local NS. (root): NS edu.: NS scholarly.edu.: NS
26 Example: Lookup for (root) authority edu.: NS no.: NS uk.: NS edu. authority scholarly.edu.: NS pedanqc.edu.: NS Client Local NS. (root): NS edu.: NS scholarly.edu.: NS scholarly.edu. authority A imap.scholarly.edu.: A
27 Example: Lookup for (root) authority edu.: NS no.: NS uk.: NS edu. authority scholarly.edu.: NS pedanqc.edu.: NS Client Local NS. (root): NS edu.: NS scholarly.edu.: NS scholarly.edu. authority A imap.scholarly.edu.: A A
28 Example: Lookup for Client. (root) authority edu.: NS no.: NS uk.: NS A edu. authority scholarly.edu.: NS pedanqc.edu.: NS Local NS. (root): NS edu.: NS scholarly.edu.: NS scholarly.edu. authority A imap.scholarly.edu.: A
29 Recursive vs. Iterative Queries Recursive query Less burden on client More burden on nameserver has to return answer to query Iterative query More burden on client Less burden on nameserver simply refers query to another server Most root and TLD servers will not answer Local name server answers recursive query 29
30 DNS Stores Resource Records RR includes: (name, type, value, time-to-live) Type = A (address) name is hostname value is IP address Type = NS (name server) name is domain (e.g. cs.ucl.ac.uk) value is hostname of authoritative name server for this domain Type = CNAME name is an alias for some canonical (real) name e.g. is really cms.cs.ucl.ac.uk value is canonical name Type = MX (mail exchange) value is name of mail server associated with domain name pref field discriminates between multiple MX records 30
31 Example: Recursive Query, Step 1 Glue record
32 Example: Recursive Query, Step 2 Glue record
33 Example: Recursive Query, Step 3
34 DNS Caching Performing all these queries takes time And all this before actual communication takes place e.g., one-second latency before starting Web download Caching can greatly reduce overhead TLD servers very rarely change Local DNS server often has the information cached for popular sites, as they are visited often How DNS caching works DNS servers cache responses to queries Responses include a Time-To-Live (TTL) field Server deletes cached entry after TTL expires
35 Reverse Mapping (IP to Hostname) How do we translate IP addresses into corresponding hostnames? Why do we care to? Troubleshooting, security, spam IP address already has natural quad hierarchy: But: IP address has most significant hierarchy element on the left, while has it on the right Idea: reverse the quads = , and look that up in the DNS Top-level domain convention: in-addr.arpa So lookup is for in-addr.arpa
36 DNS Protocol Most queries and responses via UDP, server port 53 Source port UDP length Query ID Source IP DesQnaQon IP Dest port UDP cksum Q A T R R R opcode A C D A Z rcode IP header UDP header DNS payload
37 DNS Server State UDP socket listening on port 53 Client UDP length 11 UDP cksum QopcoATRR R de A C D A Z rcod e TLD NS Client UDP length 22 UDP cksum QopcoATRR R de A C D A Z rcod e Local NS TLD NS
38 DNS Server State UDP socket listening on port 53 Client UDP length 11 UDP cksum QopcoATRR R de A C D A Z rcod e UDP length UDP cksum QopcoATRR R de A C D A Z rcod e TLD NS Client UDP length 22 UDP cksum QopcoATRR R de A C D A Z rcod e Local NS UDP length UDP cksum QopcoATRR R de A C D A Z rcod e TLD NS
39 DNS Server State UDP socket listening on port 53 Client UDP length 11 UDP cksum QopcoATRR R de A C D A Z rcod e UDP length UDP cksum UDP length UDP cksum QopcoATRR de C Z rcod R A D A QopcoATRR e R de A C D A Z rcod e TLD NS Client UDP length 22 UDP cksum QopcoATRR R de A C D A Z rcod e Local NS UDP length 53 QopcoATRR UDP R de cksum A C D A QopcoATRR de C Z rcod R A D A e UDP length UDP cksum Z rcod e TLD NS Local NS at least needs to keep state associating Query ID à which query (if any)
40 DNS Resource Record (RR) in Detail type: determines the meaning of rdata class: always IN (Internet) rdata: data associated with the RR name (variable length) type class 4l rdlength rdata (variable length)
41 DNS Protocol Message Query and reply messages have identical format Question section: query for name server Answer section: RRs answering the question Authority section: RRs that point to an authoritative NS Additional section: glue RRs Header QuesQon secqon Answer secqon Authority secqon AddiQonal secqon RR RR RR RR RR RR
42 DNS Protocol Header Query ID: 16-bit identifier shared between query, reply Flags word QR: query (0) or response (1) opcode: standard query (0) AA: authoritative answer TC: truncation RD: Recursion desired RA: Recursion available Z: (reserved and zeroed) rcode: response code; ok (0) Q R opcode A A Query ID T R R C D A Z rcode qdcount 1 ancount 0 nscount arcount qdcount: number of question entries (QEs) in message ancount: number of RRs in the answer section nscount: number of RRs in the authority section arcount: number of RRs in the additional section
43 All problems in computer science can be solved by another level of indirection... Except for the problem of too many layers of indirection. David Wheeler 45
44 DNS Load Balancing Essentially, DNS is the Internet s indirection infrastructure Big companies want to load balance requests across many servers or datacentres. Can reply with lots of IP addresses in one A record. Only gets you so far. DNS is not required to be globally consistent! Give different answers depending on who asks. Ugly hack, but very widely used. 46
45 Today 1. The Domain Name System (DNS) 2. A Brief Word on DNS Security
46 Open Recursive Servers DNS servers should not recurse except for local clients. used to not be a problem. got misused DNS amplification attack Attacker sends small query to DNS server: Spoofs source address of request to be that of intended victim DNS server recurses, builds big response packet, sends it to victim repeat from many bots, thousands of times per second 48
47 Implications of Subverting DNS 1. Redirect victim s web traffic to rogue servers 2. Redirect victim s to rogue servers (MX records in DNS)
48 Security Problem #1: Coffee Shop As you sip your latte and surf the Web, how does your laptop find google.com? Answer: it asks the local DNS nameserver Which is run by the coffee shop or their contractor And can return to you any answer they please Including a man in the middle site that forwards your query to Google, gets the reply to forward back to you, yet can change anything they wish in either direction How can you know you re getting correct data?
49 Security Problem #1: Coffee Shop As you sip your latte and surf the Web, how does your laptop find google.com? Answer: it asks the local DNS nameserver Which is run by the coffee shop or their contractor And can return to you any answer they please Including a man in the middle site that forwards your query How to can Google, you know gets you re the reply getting to forward correct back data? to you, yet can change anything they wish in either direction Today, you can t (though if site is HTTPS, that helps). One day, hopefully: DNSSEC extensions to DNS How can you know you re getting correct data?
50 Security Problem #2: Cache Poisoning Suppose you are evil and you control the name server for foobar.com. You receive a request to resolve and reply: ;; QUESTION SECTION: ; IN A ;; ANSWER SECTION: IN A ;; AUTHORITY SECTION: foobar.com. 600 IN NS dns1.foobar.com. foobar.com. 600 IN NS google.com. ;; ADDITIONAL SECTION: google.com. 5 IN A Evidence of the aqack disappears 5 seconds later! A foobar.com machine, not google.com
51 DNS Cache Poisoning (cont d) OK, but how do you get the victim to look up in the first place? Perhaps you connect to their mail server and send HELO Which their mail server then looks up to see if it corresponds to your source address (anti-spam measure) Note, with compromised name server we can also lie about PTR records (address name mapping) e.g., for = in-addr.arpa return google.com (or whitehouse.gov, or whatever) If our ISP lets us manage those records as we see fit, or we happen to directly manage them
52 (Partial) Fix: Bailiwick Checking DNS resolver ignores all RRs not in or under the same zone as the question Widely deployed since ca Other attacks remain (e.g., Kaminsky s poisoining) ;; QUESTION SECTION: ; IN A ;; ANSWER SECTION: IN A ;; AUTHORITY SECTION: foobar.com. 600 IN NS dns1.foobar.com. foobar.com. 600 IN NS google.com. ;; ADDITIONAL SECTION: google.com. 5 IN A
IP ADDRESSES, NAMING, AND DNS
IP ADDRESSES, NAMING, AND DNS George Porter Apr 9, 2018 ATTRIBUTION These slides are released under an Attribution-NonCommercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0) Creative Commons license These
More informationDomain Name Service. DNS Overview. October 2009 Computer Networking 1
Domain Name Service DNS Overview October 2009 Computer Networking 1 Why DNS? Addresses are used to locate objects (contain routing information) Names are easier to remember and use than numbers DNS provides
More informationChapter 2 Application Layer. Lecture 5 DNS. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012
Chapter 2 Application Layer Lecture 5 DNS Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Application Layer 2-1 Chapter 2: outline 2.1 principles
More informationCSEN 503 Introduction to Communication Networks
CSEN 503 Introduction to Communication Networks 1-1 Mervat AbuElkheir Hana Medhat Ayman Dayf ** Slides are attributed to J. F. Kurose Roadmap: Application layer Cookies and User-Server State Web caches
More informationCSEN 404 Introduction to Networks. Mervat AbuElkheir Mohamed Abdelrazik. ** Slides are attributed to J. F. Kurose
CSEN 404 Introduction to Networks Mervat AbuElkheir Mohamed Abdelrazik ** Slides are attributed to J. F. Kurose HTTP Method Types HTTP/1.0 GET POST HEAD asks server to leave requested object out of response
More informationCSCI-1680 DNS Rodrigo Fonseca
CSCI-1680 DNS Rodrigo Fonseca Based partly on lecture notes by Sco2 Shenker and John Janno6 Host names and IP Addresses Host names Mnemonics appreciated by humans Variable length, ASCII characters Provide
More informationCSE561 Naming and DNS. David Wetherall
CSE561 Naming and DNS David Wetherall djw@cs.washington.edu Naming and DNS Focus: How do we resolve names to addresses Names and addresses Application DNS as a system design Transport Network Link Physical
More informationLecture 05: Application Layer (Part 02) Domain Name System. Dr. Anis Koubaa
NET 331 Computer Networks Lecture 05: Application Layer (Part 02) Domain Name System Dr. Anis Koubaa Reformatted slides from textbook Computer Networking a top-down appraoch, Fifth Edition by Kurose and
More informationComputer Networks. Domain Name System. Jianping Pan Spring /25/17 CSC361 1
Computer Networks Domain Name System Jianping Pan Spring 2017 1/25/17 CSC361 1 Review: Web/HTTP Web URI/URL, HTML tags embedded/linked objects HTTP request and response persistence, statefulness web caching,
More informationEE 122: Domain Name System
EE 122: Domain Name System Ion Stoica (and Brighten Godfrey) TAs: Lucian Popa, David Zats and Ganesh Ananthanarayanan http://inst.eecs.berkeley.edu/~ee122/ Materials with thanks to Vern Paxson, Jennifer
More informationReminders. EE 122: Domain Name System. Goals of Today!s Lecture. Host Names vs. IP addresses. Separating Naming and Addressing
Reminders EE 122: Domain Name System Homework 2 due Oct 1 @ 3:50 pm Oct 1 is this Wednesday Project 1 checkpoint due Oct 6 @ 11:59:59 pm Ion Stoica (and Brighten Godfrey) TAs: Lucian Popa, David Zats and
More informationCSc 450/550 Computer Networks Domain Name System
CSc 450/550 Computer Networks Domain Name System Jianping Pan Summer 2007 5/28/07 CSc 450/550 1 Review: Web/HTTP Web URI/URL, HTML tags, embedded objects HTTP request and response persistence, statefulness
More informationCSE 124: IP ADDRESSES, NAMING, AND DNS. George Porter Oct 4, 2017
CSE 124: IP ADDRESSES, NAMING, AND DNS George Porter Oct 4, 2017 ATTRIBUTION These slides are released under an Attribution-NonCommercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0) Creative Commons license
More informationELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition
ELEC / COMP 177 Fall 2013 Some slides from Kurose and Ross, Computer Networking, 5 th Edition Project 1 Python HTTP Server Work day: Next Tuesday (Sept 24 th ) Due Thursday, September 26 th by 11:55pm
More informationDNS. dr. C. P. J. Koymans. September 16, Informatics Institute University of Amsterdam. dr. C. P. J. Koymans (UvA) DNS September 16, / 46
DNS dr. C. P. J. Koymans Informatics Institute University of Amsterdam September 16, 2008 dr. C. P. J. Koymans (UvA) DNS September 16, 2008 1 / 46 DNS and BIND DNS (Domain Name System) concepts theory
More informationCS 43: Computer Networks. 10: Naming and DNS September 24, 2018
CS 43: Computer Networks 10: Naming and DNS September 24, 2018 Last class Distributed systems architectures Client-Server Peer-to-Peer Challenges in design Partial failures Event ordering Lecture 10 -
More informationDomain Name System (DNS) 김현철 ( 화 ) 정보통신융합서울대학교컴퓨터공학부
Domain Name System (DNS) 김현철 2010.09.29 ( 화 ) 정보통신융합서울대학교컴퓨터공학부 Chapter 2 Application Layer A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students,
More informationLecture 7: Application Layer Domain Name System
Lecture 7: Application Layer Domain Name System COMP 332, Spring 2018 Victoria Manfredi Acknowledgements: materials adapted from Computer Networking: A Top Down Approach 7 th edition: 1996-2016, J.F Kurose
More informationChapter 2: Application layer
Chapter 2: Application layer 2.1 Principles of network applications 2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail SMTP, POP3, IMAP 2.5 DNS 2.6 P2P applications 2.7 Socket programming with TCP 2.8 Socket
More informationTable of Contents DNS. Short history of DNS (1) DNS and BIND. Specification and implementation. A short history of DNS.
Table of Contents Specification and implementation DNS dr. C. P. J. Koymans Informatics Institute University of Amsterdam September 14, 2009 A short history of DNS Root servers Basic concepts Delegation
More informationCSE 486/586 Distributed Systems
CSE 486/586 Distributed Systems The Domain Name System Slides by Steve Ko Computer Sciences and Engineering University at Buffalo CSE 486/586 Domain Name System (DNS) Proposed in 1983 by Paul Mockapetris
More informationDomain Name System (DNS)
Domain Name System (DNS) Smith College, CSC 249 Feb 6, 2017 1 TODAY: Domain Name System qthe directory system for the Internet v Used by other application layer protocols v via socket programming qmaps
More informationCS 3516: Advanced Computer Networks
Welcome to CS 3516: Adanced Computer Networks Prof. Yanhua Li Time: 9:00am 9:50am M, T, R, and F Location: Fuller 320 Fall 2017 A-term 1 Some slides are originally from the course materials of the textbook
More informationComputer Networking Introduction
Computer Networking Introduction Halgurd S. Maghdid Software Engineering Department Koya University-Koya, Kurdistan-Iraq Lecture No.5 Chapter 2: outline 2.1 principles of network applications app architectures
More informationApplications & Application-Layer Protocols: (SMTP) and DNS
CS 312 Internet Concepts Applications & Application-Layer Protocols: E (SMTP) and DNS Dr. Michele Weigle Department of Computer Science Old Dominion University mweigle@cs.odu.edu http://www.cs.odu.edu/~mweigle/cs312-f11
More informationChapter 2 part B: outline
Chapter 2 part B: outline 2.3 FTP 2.4 electronic, POP3, IMAP 2.5 DNS Application Layer 2-1 FTP: the file transfer protocol at host FTP interface FTP client local file system file transfer FTP remote file
More informationTable of Contents DNS. Short history of DNS (1) DNS and BIND. Specification and implementation. A short history of DNS. Root servers.
Table of Contents Specification and implementation DNS Karst Koymans Informatics Institute University of Amsterdam (version 1.11, 2010/10/04 10:03:37) Tuesday, September 14, 2010 A short history of DNS
More informationCSCI-1680 DNS Rodrigo Fonseca
CSCI-1680 DNS Rodrigo Fonseca Based partly on lecture notes by Scott Shenker and John Jannotti We know how to open TCP connections to a server/port: E.g., 128.148.32.110, port 80 Host names and IP Addresses
More informationDNS and CDNs : Fundamentals of Computer Networks Bill Nace
DNS and CDNs 14-740: Fundamentals of Computer Networks Bill Nace Material from Computer Networking: A Top Down Approach, 6 th edition. J.F. Kurose and K.W. Ross Administrivia HW #1 is posted Mission: Learn
More informationApplication Layer: , DNS
Application Layer: E-mail, DNS EECS 3214 Slides courtesy of J.F Kurose and K.W. Ross, All Rights Reserved 22-Jan-18 1-1 Chapter 2: outline 2.1 principles of network applications 2.2 Web and HTTP 2.3 electronic
More informationPage 1. TCP Flow Control" TCP Flow Control" TCP Flow Control" CS162 Operating Systems and Systems Programming Lecture 16. Flow Control, DNS"
CS162 Operating Systems and Systems Programming Lecture 16 Flow Control, DNS" March 28, 2011! Ion Stoica! http://inst.eecs.berkeley.edu/~cs162! TCP: stream oriented protocol! Sender sends a stream of bytes,
More informationCSCE 463/612 Networks and Distributed Processing Spring 2018
CSCE 463/612 Networks and Distributed Processing Spring 2018 Application Layer III Dmitri Loguinov Texas A&M University February 8, 2018 Original slides copyright 1996-2004 J.F Kurose and K.W. Ross 1 Chapter
More informationApplication-layer Protocols
Application-layer Protocols Kai Shen application transport data link physical Network Applications and Application-Layer Protocols application transport data link physical application transport data link
More informationCS519: Computer Networks. Lecture 6: Apr 5, 2004 Naming and DNS
: Computer Networks Lecture 6: Apr 5, 2004 Naming and DNS Any problem in computer science can be solved with another layer of indirection David Wheeler Naming is a layer of indirection What problems does
More informationChapter 2 Application Layer
Chapter 2 Application Layer A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and
More informationThe Domain Name System (DNS) and its security. CSU CS557, Spring 2018 Instructor: Lorenzo De Carli Partly based on the CS457 slides by Indrajit Ray
The Domain Name System (DNS) and its security CSU CS557, Spring 2018 Instructor: Lorenzo De Carli Partly based on the CS457 slides by Indrajit Ray 1 What is the domain name system? Internet use 4- (or
More informationCSCD 330 Network Programming Winter 2015
CSCD 330 Network Programming Winter 2015 Lecture 5 Application Layer Reading: Chapter 2 Still Some Material in these slides from J.F Kurose and K.W. Ross All material copyright 1996-2007 1 More Network
More informationAnnouncements. Transport Protocols & DNS. Goals for Today s Lecture, Part 1. Goals of Today s Lecture, Part 2. Transport Protocols
Announcements Transport Protocols & DNS EE 122: Intro to Communication Networks Fall 2006 (MW 4-5:30 in Donner 155) We re soliciting feedback What s not working? What s working well? Send via email or
More informationNAMING, DNS, AND CHORD
NAMING, DNS, AND CHORD George Porter Oct 30 and Nov 1, 2018 ATTRIBUTION These slides are released under an Attribution-NonCommercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0) Creative Commons license These
More informationApplication Layer. Pure P2P architecture. Client-server architecture. Processes communicating. Hybrid of client-server and P2P. Creating a network app
Application Layer e- web instant messaging remote login P2P file sharing multi- network games streaming stored video (YouTube) voice over IP real-time video conferencing cloud computing Creating a network
More informationpage 1 Plain Old DNS WACREN, DNS/DNSSEC Regional Workshop Ouagadougou, October 2016
page 1 Plain Old DNS WACREN, DNS/DNSSEC Regional Workshop Ouagadougou, 10-14 October 2016 page 2 IP: Identifiers on the Internet The fundamental identifier on the internet is an IP address. Each host connected
More informationTable of Contents DNS. Short history of DNS (1) DNS and BIND. Specification and implementation. A short history of DNS. Root servers.
Table of Contents Specification and implementation DNS Karst Koymans Informatics Institute University of Amsterdam (version 1.20, 2011/09/26 13:56:09) Tuesday, September 13, 2011 A short history of DNS
More informationApplication Layer. Goals: Service models. Conceptual aspects of network application protocols Client server paradigm
Application Layer Goals: Conceptual aspects of network application protocols Client server paradigm Service models Review protocols by examining popular application-level protocols HTTP DNS 1 Applications
More informationCSC 401 Data and Computer Communications Networks
CSC 401 Data and Computer Communications Networks Application Layer DNS and P2P Sec 2.4 2.5 Prof. Lina Battestilli Fall 2017 Outline Application Layer (ch 2) 2.1 principles of network applications 2.2
More informationCSCD 330 Network Programming Spring 2018 Lecture 5 Application Layer. Reading: Chapter 2 Still
CSCD 330 Network Programming Spring 2018 Lecture 5 Application Layer Reading: Chapter 2 Still Some Material in these slides from J.F Kurose and K.W. Ross All material copyright 1996-2007 1 More Network
More informationApplication Layer. Pure P2P architecture. Client-server architecture. Processes communicating. Hybrid of client-server and P2P. Creating a network app
Application Layer e- web instant messaging remote login PP file sharing multi- network games streaming stored video (YouTube) voice over IP real-time video conferencing cloud computing Creating a network
More informationProject 3a is out! Goal: implement a basic network firewall. Due: Nov noon. l We give you the VM & framework. l You implement the firewall logic.
Project 3a is out! Goal: implement a basic network firewall l We give you the VM & framework. l You implement the firewall logic. Due: Nov 17 @ noon 1 What Is Firewall? Blocks malicious traffic Blocks
More informationDomain Name System.
Domain Name System http://xkcd.com/302/ CSCI 466: Networks Keith Vertanen Fall 2011 Overview Final project + presentation Some TCP and UDP experiments Domain Name System (DNS) Hierarchical name space Maps
More informationTranslating Addresses
Translating Addresses Reading: Sections 9.3.1, 3.2.6. 3.2.7 Slides by Rexford @ Princeton, slightly altered by M.D. Context Application DNS DHCP Transport TCP UDP Network ICMP IP ARP Physical Physical
More informationDNS Basics BUPT/QMUL
DNS Basics BUPT/QMUL 2018-04-16 Related Information Basic function of DNS Host entry structure in Unix Two system calls for DNS database retrieving gethostbyname () gethostbyaddr () 2 Agenda Brief introduction
More informationThis time. Digging into. Networking. Protocols. Naming DNS & DHCP
This time Digging into Networking Protocols Naming DNS & DHCP Naming IP addresses allow global connectivity But they re pretty useless for humans! Can t be expected to pick their own IP address Can t be
More informationEECS 122: Introduction to Computer Networks DNS and WWW. Internet Names & Addresses
EECS 122: Introduction to Computer Networks DNS and WWW Computer Science Division Department of Electrical Engineering and Computer Sciences University of California, Berkeley Berkeley, CA 94720-1776 Internet
More informationSection 2: Application layer
Section 2: Application layer 2.1 Principles of network applications 2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail SMTP, POP3, IMAP 2.5 DNS 2.6 P2P applications 2.7 Socket programming with UDP 2.8 Socket
More informationLight at the end of the tunnel Final Lecture: Course Overview
Light at the end of the tunnel Final Lecture: Course Overview Acknowledgments: Lecture slides are from Computer networks course thought by Jennifer Rexford at Princeton University. When slides are obtained
More informationInternet applications. 2: Application Layer 1
Internet applications 2: Application Layer 1 Recall Internet architecture Intelligence at end systems e.g., web server software communicates with browser software No need to write software for network-core
More informationThe Application Layer: Sockets, DNS
The Application Layer: Sockets, DNS CS 352, Lecture 3 http://www.cs.rutgers.edu/~sn624/352-s19 Srinivas Narayana 1 App-layer protocol Types of messages exchanged, e.g., request, response Message format:
More informationDNS. Karst Koymans & Niels Sijm. Tuesday, September 7, Informatics Institute University of Amsterdam
DNS Karst Koymans & Niels Sijm Informatics Institute University of Amsterdam Tuesday, September 7, 2012 Karst Koymans & Niels Sijm (UvA) DNS Tuesday, September 7, 2012 1 / 62 1 DNS: what does it do and
More informationChapter II: Application Layer
Chapter II: Application Layer UG3 Computer Communications & Networks (COMN) MAHESH MARINA mahesh@ed.ac.uk Slides thanks to Myungjin Lee, and copyright of Kurose and Ross First, a review Web and HTTP web
More informationObjectives. Upon completion you will be able to:
Domain Name System: DNS Objectives Upon completion you will be able to: Understand how the DNS is organized Know the domains in the DNS Know how a name or address is resolved Be familiar with the query
More informationCSCD 330 Network Programming Spring 2017
CSCD 330 Network Programming Spring 2017 Lecture 5 Application Layer Reading: Chapter 2 Still Some Material in these slides from J.F Kurose and K.W. Ross All material copyright 1996-2007 1 More Network
More informationAnnouncements! Midterm Review! General Guidelines! My General Philosophy on Tests! Outline of Review! Things You Don t Need to Know!
Announcements! Extended office hours after class As long as line lasts!. Midterm Review! EE 122 Intro to Communication Networks Fall 2010 (MW 4-530 in 101 Barker) Scott Shenker TAs Sameer Agarwal, Sara
More informationELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition
ELEC / COMP 177 Fall 2011 Some slides from Kurose and Ross, Computer Networking, 5 th Edition Homework #1 Due Thursday Submit PDF file online via Sakai Questions? Office Hours Tue 1:30-3pm, Wed 1:30-3pm
More informationDNS & Iodine. Christian Grothoff.
DNS & Iodine christian@grothoff.org http://grothoff.org/christian/ The Domain Name System is the Achilles heel of the Web. Tim Berners-Lee 1 DNS: Domain Name System Unique Distributed Database Application-layer
More informationCS4/MSc Computer Networking. Lecture 3: The Application Layer
CS4/MSc Computer Networking Lecture 3: The Application Layer Computer Networking, Copyright University of Edinburgh 2005 Network Applications Examine a popular network application: Web Client-server architecture
More informationApplication layer. Some network apps. Client-server architecture. Hybrid of client-server and P2P. Pure P2P architecture. Creating a network app
Application layer Some network apps e- web instant messaging remote login P2P file sharing multi- network games streaming stored video (YouTube) voice over IP real-time video conferencing cloud computing
More informationELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition
ELEC / COMP 177 Fall 2016 Some slides from Kurose and Ross, Computer Networking, 5 th Edition Presentation 1 Application-Layer Protocol Topic Approval PAST DUE Presentations Sept 22 nd, Sept 29 th, Oct
More information2.5 DNS The Internet s Directory Service
130 CHAPTER 2 APPLICATION LAYER e-mail is also provided by Google, Yahoo!, as well as just about every major university and corporation. With this service, the user agent is an ordinary Web browser, and
More information0 0& Basic Background. Now let s get into how things really work!
+,&&-# Department of Electrical Engineering and Computer Sciences University of California Berkeley Basic Background General Overview of different kinds of networks General Design Principles Architecture
More informationELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition
ELEC / COMP 177 Fall 2012 Some slides from Kurose and Ross, Computer Networking, 5 th Edition Midterm Exam Tuesday, October 16 th Format Short answer problems No questions on programming Closed notes Closed
More informationSOFTWARE ARCHITECTURE 9. NAME RESOLUTION.
1 SOFTWARE ARCHITECTURE 9. NAME RESOLUTION Tatsuya Hagino hagino@sfc.keio.ac.jp lecture URL https://vu5.sfc.keio.ac.jp/slide/ 2 OSI Reference Model Open Systems Interconnect ISO defined around 1984. Application
More informationThe basics. Karst Koymans. Tuesday, September 9, 2014
.. DNS The basics Karst Koymans Informatics Institute University of Amsterdam (version 4.7, 2014/09/11 13:54:31) Tuesday, September 9, 2014 Karst Koymans (UvA) DNS Tuesday, September 9, 2014 1 / 64 .1
More informationChapter 2 Application Layer
Chapter 2 Application Layer A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see the animations;
More informationApplication Layer Protocols
Application Layer Protocols Dr. Ihsan Ullah Department of Computer Science & IT University of Balochistan, Quetta Pakistan Email: ihsan.ullah.cs@gmail.com These slides are adapted from the slides accompanying
More informationDNS. A Massively Distributed Database. Justin Scott December 12, 2018
DNS A Massively Distributed Database Justin Scott December 12, 2018 What is DNS? Translates Hostnames to IP Addresses What is DNS? Example: www.serverlogic.com 23.185.0.4 What is DNS? Example: www.serverlogic.com
More informationCMPE 150/L : Introduction to Computer Networks. Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 5
CMPE 150/L : Introduction to Computer Networks Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 5 1 Any problem of your lab? Due by next Monday (Jan 29) Using Canvas? Email me cqian12@ucsc.edu
More informationDNS Hierarchical Name Space. BIND Terminology and DNS Name Servers. Distributed Hierarchical Database (1st Approx) Domain Name System (DNS)
Domain Name System (DNS) DNS consists of 1. an hierarchical name space name allocation decentralized to domains host.sub-subdomain.....subdomain.domain[.root] host machine name, can be an alias sub-subdomain
More informationECE 435 Network Engineering Lecture 7
ECE 435 Network Engineering Lecture 7 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 25 September 2018 HW#3 was Posted Announcements 1 HW#2 Review C code will be discussed next
More informationComputer Networking: Applications George Blankenship. Applications George Blankenship 1
CSCI 232 Computer Networking: Applications i George Blankenship Applications George Blankenship 1 TCP/IP Applications The user of TCP/IP transport (TCP/UDP) is an application, the top level lof the TCP/IP
More informationApplication Layer. Goals:
Application Layer Goals: Conceptual aspects of network application protocols Client server paradigm Service models Learn about protocols by examining popular applicationlevel protocols HTTP DNS SMTP, POP3,
More informationApplication Layer. Applications and application-layer protocols. Goals:
Application Layer Goals: Conceptual aspects of network application protocols Client server paradigm Service models Learn about protocols by examining popular applicationlevel protocols HTTP DNS SMTP, POP3,
More informationAdvanced Networking. Domain Name System
Advanced Networking Domain Name System Purpose of DNS servers Human being has many identifications: 1) Our name can be used for identification Problem: Two differenet people may have same name. 2) Mobile
More informationAdvanced Networking. Domain Name System. Purpose of DNS servers. Purpose of DNS servers. Purpose of DNS servers
Purpose of DNS servers Advanced Networking Domain Name System Human being has many identifications: 1) Our name can be used for identification Problem: Two differenet people may have same name. 2) Mobile
More informationCS 3640: Introduction to Networks and Their Applications
CS 3640: Introduction to Networks and Their Applications Fall 2018, Lecture 18: The Application Layer II (Credit: Christo Wilson @ NEU) Instructor: Rishab Nithyanand Teaching Assistant: Md. Kowsar Hossain
More informationf.root-servers.net ISOC cctld Workshop Nairobi, Kenya, 2005
f.root-servers.net ISOC cctld Workshop Nairobi, Kenya, 2005 The Basics DNS The Domain Name System is a huge database of resource records globally distributed, loosely coherent, scaleable, reliable, dynamic
More informationNetworking Applications
Networking Dr. Ayman A. Abdel-Hamid College of Computing and Information Technology Arab Academy for Science & Technology and Maritime Transport 1 Outline Introduction Name Space concepts Domain Name Space
More informationCommunications Software. CSE 123b. CSE 123b. Spring Lecture 11: Domain Name System (DNS) Stefan Savage. Some pictures courtesy David Wetherall
CSE 123b CSE 123b Communications Software Spring 2003 Lecture 11: Domain Name System (DNS) Stefan Savage Some pictures courtesy David Wetherall & Srini Seshan Where we ve been & where we re going Low-level
More informationCSE 123b Communications Software. Overview for today. Names and Addresses. Goals for a naming system. Internet Hostnames
CSE 123b Communications Software Spring 2003 Lecture 11: Domain Name System (DNS) Stefan Savage Where we ve been & where we re going Low-level networking (so far) Internetworking architecture Packet Forwarding
More informationMore Internet Support Protocols
More Internet Support Protocols Domain Name System (DNS) Ch 2.5 Problem statement: Average brain can easily remember 7 digits On average, IP addresses have 10.28 digits We need an easier way to remember
More informationCompSci 356: Computer Network Architectures. Lecture 20: Domain Name System (DNS) and Content distribution networks Chapter 9.3.1
CompSci 356: Computer Network Architectures Lecture 20: Domain Name System (DNS) and Content distribution networks Chapter 9.3.1 Xiaowei Yang xwy@cs.duke.edu Overview Domain Name System Content Distribution
More informationNaming Computer Networking. Overview. DNS: Domain Name System. Obvious Solutions (1) Obvious Solutions (2)
Naming 15-441 Computer Networking DNS How do we efficiently locate resources? DNS: name IP address Service location: description host Other issues How do we scale these to the wide area? How to choose
More informationDomain Name System (DNS) Session-1: Fundamentals. Joe Abley AfNOG Workshop, AIS 2017, Nairobi
Domain Name System (DNS) Session-1: Fundamentals Joe Abley AfNOG Workshop, AIS 2017, Nairobi Computers use IP addresses. Why do we need names? Names are easier for people to remember Computers may be moved
More informationDomain Name System (DNS) DNS Fundamentals. Computers use IP addresses. Why do we need names? hosts.txt does not scale. The old solution: HOSTS.
Domain Name System (DNS) Computers use IP addresses. Why do we need names? Names are easier for people to remember DNS Fundamentals Computers may be moved between networks, in which case their IP address
More informationlogical link name logical link name name logical link address physical address path
http://mosaic.cnfolio.com/b101cw2011article581 RelaDonship Between Layers logical link name Discovery Mike Freedman COS 461: Computer Networks h?p://www.cs.princeton.edu/courses/archive/spr14/cos461/ 2
More informationDiscovery. RelaKonship Between Layers. Discovery: Mapping Name to Address. RouKng: Mapping Link to Path. What s in a Name? Naming
RelaKonship Between Layers Discovery Mike Freedman COS 461: Computer Networks Lectures: MW 10-10:50am in Architecture N101 logical link name hep://www.cs.princeton.edu/courses/archive/spr13/cos461/ 2 Discovery:
More informationChapter 2 outline. 2.1 Principles of app layer protocols
Chapter 2 outline 2.1 Principles of app layer protocols clients and servers app requirements 2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail SMTP, POP3, IMAP 2.5 DNS 2.6 Socket programming with TCP 2.7 Socket
More informationOutline NET 412 NETWORK SECURITY PROTOCOLS. Reference: Lecture 7: DNS Security 3/28/2016
Networks and Communication Department NET 412 NETWORK SECURITY PROTOCOLS Lecture 7: DNS Security 2 Outline Part I: DNS Overview of DNS DNS Components DNS Transactions Attack on DNS Part II: DNS Security
More informationDNS and HTTP. A High-Level Overview of how the Internet works
DNS and HTTP A High-Level Overview of how the Internet works Adam Portier Fall 2017 How do I Google? Smaller problems you need to solve 1. Where is Google? 2. How do I access the Google webpage? 3. How
More informationAPNIC elearning: DNS Concepts
APNIC elearning: DNS Concepts 27 MAY 2015 11:00 AM AEST Brisbane (UTC+10) Issue Date: Revision: Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security IPv6
More informationDNS and SMTP. James Walden CIT 485: Advanced Cybersecurity. James WaldenCIT 485: Advanced Cybersecurity DNS and SMTP 1 / 31
DNS and SMTP James Walden CIT 485: Advanced Cybersecurity James WaldenCIT 485: Advanced Cybersecurity DNS and SMTP 1 / 31 Table of contents 1. DNS 2. DNS Protocol Packets 3. DNS Caching 4. DNS Cache Poisoning
More informationConfiguring DNS. Finding Feature Information. Prerequisites for Configuring DNS
The Domain Name System (DNS) is a distributed database in which you can map host names to IP addresses through the DNS protocol from a DNS server. Each unique IP address can have an associated host name.
More information