CS 3640: Introduction to Networks and Their Applications

Similar documents
CS 3640: Introduction to Networks and Their Applications

CS Networks and Distributed Systems. Lecture 11: DNS + NAT. Revised 3/10/14

Lecture 11: Middleboxes and NAT (Duct tape for IPv4)

EECS 122: Introduction to Computer Networks DNS and WWW. Internet Names & Addresses

CS4700/5700: Network fundamentals

IP ADDRESSES, NAMING, AND DNS

CS519: Computer Networks. Lecture 6: Apr 5, 2004 Naming and DNS

Domain Name System.

Domain Name System (DNS) Session-1: Fundamentals. Joe Abley AfNOG Workshop, AIS 2017, Nairobi

Advanced Networking. Domain Name System

Advanced Networking. Domain Name System. Purpose of DNS servers. Purpose of DNS servers. Purpose of DNS servers

Domain Name System (DNS) DNS Fundamentals. Computers use IP addresses. Why do we need names? hosts.txt does not scale. The old solution: HOSTS.

Domain Name System (DNS)

page 1 Plain Old DNS WACREN, DNS/DNSSEC Regional Workshop Ouagadougou, October 2016

Overview General network terminology. Chapter 9.1: DNS

Domain Name Service. DNS Overview. October 2009 Computer Networking 1

This time. Digging into. Networking. Protocols. Naming DNS & DHCP

ECE 435 Network Engineering Lecture 7

Domain Name System (DNS) Session-1: Fundamentals. Computers use IP addresses. Why do we need names? hosts.txt does not scale

CS 3640: Introduction to Networks and Their Applications

The Application Layer: Sockets, DNS

Network layer: Overview. Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing

Network layer: Overview. Network Layer Functions

DNS Basics BUPT/QMUL

0 0& Basic Background. Now let s get into how things really work!

ECE 650 Systems Programming & Engineering. Spring 2018

CSCE 463/612 Networks and Distributed Processing Spring 2018

Domain Name System (DNS)

ECE 4450:427/527 - Computer Networks Spring 2017

Client Server Concepts, DNS, DHCP

S Computer Networks - Spring What and why? Structure of DNS Management of Domain Names Name Service in Practice

DNS and HTTP. A High-Level Overview of how the Internet works

Computer Networks. Domain Name System. Jianping Pan Spring /25/17 CSC361 1

CS118 Discussion 1A, Week 3. Zengwen Yuan Dodd Hall 78, Friday 10:00 11:50 a.m.

Communications Software. CSE 123b. CSE 123b. Spring Lecture 11: Domain Name System (DNS) Stefan Savage. Some pictures courtesy David Wetherall

CSE 123b Communications Software. Overview for today. Names and Addresses. Goals for a naming system. Internet Hostnames

DNS. A Massively Distributed Database. Justin Scott December 12, 2018

Applications & Application-Layer Protocols: The Domain Name System and Peerto-Peer

DNS & Iodine. Christian Grothoff.

CS 43: Computer Networks. 10: Naming and DNS September 24, 2018

More Internet Support Protocols

Naming. CS 475, Spring 2018 Concurrent & Distributed Systems. Slides by Luís Pina

Information Network I: The Application Layer. Doudou Fall Internet Engineering Laboratory Nara Institute of Science and Technique

DNS Review Quiz. Match the term to the description: A. Transfer of authority for/to a subdomain. Domain name DNS zone Delegation C B A

Domain Name System (DNS)

CSc 450/550 Computer Networks Domain Name System

Writing Assignment #1. A Technical Description for Two Different Audiences. Yuji Shimojo WRTG 393. Instructor: Claudia M. Caruana

The Domain Name System

CSE561 Naming and DNS. David Wetherall

Lecture 05: Application Layer (Part 02) Domain Name System. Dr. Anis Koubaa

DNS. Introduction To. everything you never wanted to know about IP directory services

Lecture 7: Application Layer Domain Name System

CS155b: E-Commerce. Lecture 3: Jan 16, How Does the Internet Work? Acknowledgements: S. Bradner and R. Wang

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

Name Services and DNS

Chapter 2 Application Layer. Lecture 5 DNS. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Protocol Classification

Page 1. CS162 Operating Systems and Systems Programming Lecture 22. Networking III. Automatic Repeat Request

Subnets. IP datagram format. The Internet Network layer. IP Fragmentation and Reassembly. IP Fragmentation & Reassembly. IP Addressing: introduction

Application Layer Protocols

DNS and BGP. CS642: Computer Security. Professor Ristenpart h9p:// rist at cs dot wisc dot edu. University of Wisconsin CS 642

Introduction to Network. Topics

CS4/MSc Computer Networking. Lecture 3: The Application Layer

DNS Concepts. Acknowledgements July 2005, Thimphu, Bhutan. In conjunction with SANOG VI. Bill Manning Ed Lewis Joe Abley Olaf M.

Implementing DNSSEC with DynDNS and GoDaddy

RSA and ECDSA. Geoff Huston APNIC. #apricot2017

EEC-684/584 Computer Networks

CIS 551 / TCOM 401 Computer and Network Security. Spring 2006 Lecture 16

Applications & Application-Layer Protocols: (SMTP) and DNS

The Internet. Overview. Network building blocks

CSE 124 January 27, Winter 2017, UCSD Prof. George Porter

Chapter 4: outline. 4.5 routing algorithms link state distance vector hierarchical routing. 4.6 routing in the Internet RIP OSPF BGP

DNS and CDNs : Fundamentals of Computer Networks Bill Nace

Network+ Guide to Networks 6 th Edition. Chapter 4 Introduction to TCP/IP Protocols

Outline Applications. Central Server Hierarchical Peer-to-peer. 31-Jan-02 Ubiquitous Computing 1

Distributed Systems. Distributed Systems Within the Internet Nov. 9, 2011

Objectives. Upon completion you will be able to:

Internet Load Balancing Guide. Peplink Balance Series. Peplink Balance. Internet Load Balancing Solution Guide

APNIC elearning: DNS Concepts

Lecture 17: Network Layer Addressing, Control Plane, and Routing

Testing IPv6 address records in the DNS root

DNS and SMTP. James Walden CIT 485: Advanced Cybersecurity. James WaldenCIT 485: Advanced Cybersecurity DNS and SMTP 1 / 31

CSE 265: System & Network Administration

Computer Security CS 426

Introduction to Internetworking

A DNS Tutorial

The Domain Name System

IP Addresses. An IPv4 address looks like this

Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin,

CSC 4900 Computer Networks: Network Layer

DNS and BGP. CS642: Computer Security. Professor Ristenpart h9p:// rist at cs dot wisc dot edu. University of Wisconsin CS 642

Lecture 18 Overview. Last Lecture. This Lecture. Next Lecture. Internet Protocol (1) Internet Protocol (2)

IPv4 addressing, NAT. Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley.

Attacks on DNS: Risks of Caching

ECE 435 Network Engineering Lecture 14

CSEN 404 Introduction to Networks. Mervat AbuElkheir Mohamed Abdelrazik. ** Slides are attributed to J. F. Kurose

CSEN 503 Introduction to Communication Networks

CMPE 150/L : Introduction to Computer Networks. Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 13

CSE 124 January 12, Winter 2016, UCSD Prof. George Porter

CS 356: Computer Network Architectures. Lecture 15: DHCP, NAT, and IPv6. [PD] chapter 3.2.7, 3.2.9, 4.1.3, 4.3.3

Transcription:

CS 3640: Introduction to Networks and Their Applications Fall 2018, Lecture 18: The Application Layer II (Credit: Christo Wilson @ NEU) Instructor: Rishab Nithyanand Teaching Assistant: Md. Kowsar Hossain 1

You should Be working on Assignment 3: Network layer addressing and BGP Due tomorrow at 11:59 pm! Get ready for the mid-term In class on Tuesday, October 23 rd. Know and understand: The three Internet design principles and components of the Internet. Circuit- vs. packet- switched networks. Components of end-to-end delay. The link layer: error detection, MAC, local addressing/routing. The network layer: addressing, fragmentation, IPv4 vs. IPv6, Ases, Interdomain and Intradomain routing. The transport layer: core functionality, TCP vs. UDP, flow control vs. congestion control, TCP fast retransmit and recovery. 2

This week in class 1. Intro to Distributed Systems 2. 3. Network Address Translation Domain Name System 3

The IPv4 address shortage Problem: consumer ISPs typically only give one IP address perhousehold Additional IPs cost extra More IPs may not be available Today s households have more networked devices than ever Laptops and desktops TV, blu-ray players, game consoles Tablets, smartphones, ereaders Discuss: How to get all these devices online? How should we give them IP addresses? 4

Working around the IPv4 address shortage Idea: create a range of private IPs that are separate from the rest of the network Use the private IPs for internal routing Use a special router to bridge the LAN and the WAN Properties of private IPs Not globally unique Usually taken from non-routable IP ranges Typical private IP ranges 10.0.0.0 10.255.255.255 172.16.0.0 172.31.255.255 192.168.0.0 192.168.255.255 5

Working around the IPv4 address shortage 192.168.0.1 192.168.0.1 Private Network 192.168.0.2 192.168.0.2 Private Network NAT Internet NAT 192.168.0.0 66.31.210.69 71.2.33.56 192.168.0.0 6

Network Address Translation (NAT) NAT allows hosts on a private network to communicate with the Internet Special router at the boundary of a private network Replaces internal IPs with external IP by modifying packet headers This is Network Address Translation May also replace TCP/UDP port numbers Maintains a table of active flows Outgoing packets initialize a table entry Incoming packets are rewritten based on the table 7

Basic NAT operation Private Network Source: 192.168.0.1:2345 Dest: 74.125.228.67:80 Internet Source: 66.31.210.69:2345 Dest: 74.125.228.67:80 Private Address Public Address 192.168.0.1:2345 74.125.228.67:80 192.168.0.1 66.31.210.69 74.125.228.67 Source: 74.125.228.67:80 Dest: 192.168.0.1:2345 Source: 74.125.228.67:80 Dest: 66.31.210.69:2345 8

Discuss: Advantages of NAT Allow multiple hosts to share a single public IP Allow migration between ISPs Even if the public IP address changes, you don t need to reconfigure the machines on the LAN Load balancing Forward traffic from a single public IP to multiple private hosts 9

Discuss: Problems with NAT Performance/scalability issues Per flow state! Modifying IP and Port numbers means NAT must recompute IP and TCP checksums Breaks the layered network abstraction Breaks end-to-end Internet connectivity 192.168.*.* addresses are private Cannot be routed to on the Internet Problem is worse when both hosts are behind NATs What about IPs embedded in data payloads? 10

Enabling outside connectivity through NATs Discuss: How do 2 hosts behind a NAT communicate? NAT 1 NAT 2 192.168.0.1 192.168.0.2 66.31.210.69 59.1.72.13 11

Enabling outside connectivity through NATs The TURN (Traversal Using Relays around NAT) protocol NAT 1 NAT 2 192.168.0.1 Please connect to me on 66.31.210.69:7000 192.168.0.1:7000 192.168.0.2:7000 66.31.210.69 59.1.72.13 192.168.0.2 TURN Server 12

This week in class 1. Intro to Distributed Systems 2. 3. Network Address Translation Domain Name System 13

The Internet is for humans If you want to Call someone, you need to ask for their phone number You can t just dial R O B Y N Mail someone, you need to get their address first Discuss: What about the Internet? If you need to reach Google, you need their IP Does anyone know Google s IP? Problem: People can t remember IP addresses Need human readable names that map to IPs 14

DNS makes the Internet suitable for humans Addresses, e.g. 129.10.117.100 Computer usable labels for machines Conform to structure of the network Names, e.g. www.uiowa.edu Human usable labels for machines Conform to organizational structure How do you map from one to the other? Domain Name System (DNS) 15

Once upon a time Before DNS, all mappings were in hosts.txt /etc/hosts on Linux C:\Windows\System32\drivers\etc\hosts on Windows Centralized, manual system Changes were submitted to SRI via email Machines periodically FTP new copies of hosts.txt Administrators could pick names at their discretion my_server_will_pwn_joo_lol_kthxbye Discuss: Why did this system fall apart? Not scalable Hard to enforce uniqueness of name and resolve collisions Machines often ended up with out-of-date hosts.txt files 16

DNS at a high-level DNS: Domain Name System Distributed database No centralization. Work of mapping IPs domains shared by many servers. Simple client/server architecture UDP port 53, some implementations also use TCP Hierarchical namespace As opposed to original, flat namespace.com google.com mail.google.com 17

Domain naming hierarchy Root net edu com gov mil org uk fr etc. uiowa mit cs ece physics www login mail Top Level Domains (TLDs) are at the top Each Domain Name is a subtree.edu uiowa.edu cs.uiowa.edu www.cs.uiowa.edu Maximum tree depth: 128 Name collisions are avoided uiowa.com vs. uiowa.edu 18

Domain naming hierarchy Verisign Root ICANN UIowa net edu com gov mil org uk fr etc. uiowa mit cs www login mail Tree is divided into zones Each zone has an administrator Responsible for the part of the hierarchy Example: CS controls *.cs.uiowa.edu UIowa controls *.uiowa.edu Verisign controls *.edu ICANN controls.* 19

DNS servers Functions of each DNS server: Authority over a portion of the hierarchy No need to store all DNS names Store all the records for hosts/domains in its zone May be replicated for robustness Know the addresses of the root servers Resolve queries for unknown names Root servers know about all TLDs The buck stops at the root servers 20

DNS servers: Local nameservers and authoritative nameservers Where is www.google.com? www.google.com Local nameserver Local nameserver handles queries on behalf of clients Authoritative nameservers know the zone mappings for a subset of the hierarchy toutatis.cs.uiowa.edu Root nameserver Root ns1.google.com com Authority for *google.com Authority for *.com 21

Basic domain name resolution Every host knows a local DNS server Sends all queries to the local DNS server If the local DNS can answer the query, then you re done Local server is also the authoritative server for that name Local server has cached the record for that name Otherwise, go down the hierarchy and search for the authoritative name server Every local DNS server knows the root servers Use cache to skip steps if possible e.g. skip the root and go directly to.edu if the root file is cached 22

DNS packets DNS is a UDP-based protocol on port 53 No TCP means no connections TxIDs are needed to correlate requests and responses Serves as authentication for responses ID number used to match requests and responses Query/response? Authoritative/non-authoritative response? Success/failure? 0 16 32 TxID Flags Question Count Answer Count Authority Count Additional Record Count Question and answer data (Resource Records, variable length) How many records are there of each type in the response payload? 23

Iterative DNS Query Example Where is www.google.com? www.google.com TxID: 12347 TxID: 12345 12346 12347 Q: 1 A: 0 Auth: 0 Addl: 0 Q: Where is www.google.com? asgard.ccs.neu.edu ns1.google.com Q: 1 A: 1 Auth: 0 Addl: 0 Q: Where is www.google.com? A www.google.com 182.0.7.34 TxID: 12345 Q: 1 A: 0 Auth: 1 Addl: 1 Q: Where is www.google.com? Auth: NS a.gtld-server.com Addl: A a.gtld-server.com 12.56.10.1 Root a.gtld-server.com TxID: 12346 Q: 1 A: 0 Auth: 1 Addl: 1 Q: Where is www.google.com? Auth: NS ns1.google.com Addl: A ns1.google.com 8.8.0.1

[cbw@ativ9 ~] dig google.com Header info from the response The original question Answers(s) Authority information ; <<>> DiG 9.9.5-3ubuntu0.1-Ubuntu <<>> google.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39348 ;; flags: qr rd ra; QUERY: 1, ANSWER: 16, AUTHORITY: 4, ADDITIONAL: 5 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 161 IN A 4.53.56.93 google.com. 161 IN A 4.53.56.94 google.com. 161 IN A 4.53.56.104 google.com. 161 IN A 4.53.56.109 google.com. 161 IN A 4.53.56.99 google.com. 161 IN A 4.53.56.113 ;; AUTHORITY SECTION: google.com. 156797 IN NS ns2.google.com. google.com. 156797 IN NS ns1.google.com. ;; ADDITIONAL SECTION: ns2.google.com. 330052 IN A 216.239.34.10 ns1.google.com. 330052 IN A 216.239.32.10

DNS Queries and Resource Records DNS queries have two fields: name and type Resource record is the response to a query Four fields: (name, value, type, TTL) There may be multiple records returned for one query What are do the name and value mean? Depends on the type of query and response 26

Resp. Query Resp. Query DNS Types Type = A / AAAA Name = domain name Value = IP address A is IPv4, AAAA is IPv6 Name: www.ccs.neu.edu Type: A Name: www.ccs.neu.edu Value: 129.10.116.81 Type = NS Name = partial domain Value = name of DNS server for this domain Go send your query to this other server Name: ccs.neu.edu Type: NS Name: ccs.neu.edu Value: 129.10.116.51 27

Resp. Query Resp. Query DNS Types Type = CNAME Name = hostname Value = canonical hostname Useful for aliasing CDNs use this Type = MX Name = domain in email address Value = canonical name of mail server Name: foo.mysite.com Type: CNAME Name: foo.mysite.com Value: bar.mysite.com Name: ccs.neu.edu Type: MX Name: ccs.neu.edu Value: amber.ccs.neu.edu 28

DNS as an indirection service Discuss: DNS gives us very powerful capabilities. What are they? Not only easier for humans to reference machines! Changing the IPs of machines becomes trivial e.g. you want to move your web server to a new host Just change the DNS record! Censorship is easier to implement. 29

Aliasing and load balancing One machine can have many aliases www.reddit.com christo.blogspot.com www.foursquare.com www.huffingtonpost.com sandi.blogspot.com *.blogspot.com One domain can map to multiple machines www.google.com 30

DNS and Content Delivery Networks (CDNs) DNS responses may vary based on geography, ISP, etc

DNS delays How many of you have purchased a domain name? Did you notice that it took ~72 hours for your name to become accessible? This delay is called DNS Propagation Discuss: Why would this process fail for a new website? www.my-new-site.com Root com asgard.ccs.neu.edu ns.godaddy.com 32

DNS caching (efficiency) vs. freshness (correctness) DNS Propagation delay is caused by caching Where is That name www.my-new-site.com? does not exist. asgard.ccs.neu.edu Cached Root Zone File Cached.com Zone File Cached.net Zone File Etc. Zone files may be cached for 1-72 hours Root com www.my-new-site.com ns.godaddy.com 33

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback