Chapter 2 Application Layer. Lecture 5 DNS. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Similar documents
Lecture 05: Application Layer (Part 02) Domain Name System. Dr. Anis Koubaa

Lecture 7: Application Layer Domain Name System

Application Layer: , DNS

CS 3516: Advanced Computer Networks

Domain Name System (DNS) 김현철 ( 화 ) 정보통신융합서울대학교컴퓨터공학부

Computer Networking Introduction

Domain Name Service. DNS Overview. October 2009 Computer Networking 1

CS 43: Computer Networks. 10: Naming and DNS September 24, 2018

Chapter 2: Application layer

Chapter 2 part B: outline

Chapter II: Application Layer

Chapter 2 Application Layer

CSEN 503 Introduction to Communication Networks

CSC 401 Data and Computer Communications Networks

CSEN 404 Introduction to Networks. Mervat AbuElkheir Mohamed Abdelrazik. ** Slides are attributed to J. F. Kurose

Chapter 2 Application Layer

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

CS4/MSc Computer Networking. Lecture 3: The Application Layer

Application Layer Protocols

Section 2: Application layer

Domain Name System (DNS)

CMPE 150/L : Introduction to Computer Networks. Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 5

Application Layer. Goals:

Application Layer. Applications and application-layer protocols. Goals:

Chapter 1 Introduction

Web caches (proxy server)

Application Layer. Goals: Service models. Conceptual aspects of network application protocols Client server paradigm

internet technologies and standards

Applications & Application-Layer Protocols: (SMTP) and DNS

FTP. Mail. File Transfer Protocol (FTP) FTP commands, responses. Electronic Mail. TDTS06: Computer Networks

CSC358 Week 3. Adapted from slides by J.F. Kurose and K. W. Ross. All material copyright J.F Kurose and K.W. Ross, All Rights Reserved

CMPE 150/L : Introduction to Computer Networks. Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 6

Introduction to Computer Networking. Guy Leduc. Chapter 2 Application Layer. Chapter 2: outline

CSCE 463/612 Networks and Distributed Processing Spring 2018

Chapter 2 outline. 2.1 Principles of app layer protocols

Internet applications. 2: Application Layer 1

IP ADDRESSES, NAMING, AND DNS

2.5 DNS The Internet s Directory Service

CSc 450/550 Computer Networks Domain Name System

Application Layer. Pure P2P architecture. Client-server architecture. Processes communicating. Hybrid of client-server and P2P. Creating a network app

The Application Layer: Sockets, DNS

DNS Hierarchical Name Space. BIND Terminology and DNS Name Servers. Distributed Hierarchical Database (1st Approx) Domain Name System (DNS)

Introduction to Computer Networking. Guy Leduc. Chapter 2 Application Layer. Chapter 2: outline

CSCD 330 Network Programming Winter 2015

Computer Networks. Domain Name System. Jianping Pan Spring /25/17 CSC361 1

Application layer. Some network apps. Client-server architecture. Hybrid of client-server and P2P. Pure P2P architecture. Creating a network app

Application Layer. Pure P2P architecture. Client-server architecture. Processes communicating. Hybrid of client-server and P2P. Creating a network app

Chapter 2 Application Layer

Applications Layer Protocols. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806

DNS and CDNs : Fundamentals of Computer Networks Bill Nace

Web Caching and HTTPS

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

Application Layer. Applications and application-layer protocols. Goals:

The Domain Name System

CSE 486/586 Distributed Systems

Chapter 2 Application Layer

Course on Computer Communication and

CSCD 330 Network Programming Spring 2018 Lecture 5 Application Layer. Reading: Chapter 2 Still

CSE561 Naming and DNS. David Wetherall

Application-layer Protocols

Chapter 2: Application Layer

EE 122: Domain Name System

Reminders. EE 122: Domain Name System. Goals of Today!s Lecture. Host Names vs. IP addresses. Separating Naming and Addressing

Chapter II: Application Layer

Chapter 2: outline. 2.6 P2P applications 2.7 socket programming with UDP and TCP

Lecture 6 Application Layer. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it

Internet Services & Protocols. Application Layer and its Services

Translating Addresses

Chapter P2P file sharing network applications 2.22 Web and HTTP 2.3 FTP DNS

CSCD 330 Network Programming Spring 2017

CSE 124: IP ADDRESSES, NAMING, AND DNS. George Porter Oct 4, 2017

Chapter 2 Application Layer

Chapter 2. Application Layer. 2: Application Layer 1

Lecture 2 - Application Layer. Lecture 1 Review. Application Layer. Principles of network applications. Notes. Notes. Notes. Notes

DNS. dr. C. P. J. Koymans. September 16, Informatics Institute University of Amsterdam. dr. C. P. J. Koymans (UvA) DNS September 16, / 46

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

EECS 3214: Computer Network Protocols and Applications

Page 1. TCP Flow Control" TCP Flow Control" TCP Flow Control" CS162 Operating Systems and Systems Programming Lecture 16. Flow Control, DNS"

CC451 Computer Networks

Chapter 2. Computer Networking: A Top. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

DNS & Iodine. Christian Grothoff.

Announcements. Transport Protocols & DNS. Goals for Today s Lecture, Part 1. Goals of Today s Lecture, Part 2. Transport Protocols

Network Application. Topic. Principle of Network Application. Principle of Network Application

Computer Networks. Wenzhong Li. Nanjing University

Chapter 2 Application Layer

Introduction to Computer Networking. Gang Wang Fall 2016

Advanced Networking. Domain Name System

Advanced Networking. Domain Name System. Purpose of DNS servers. Purpose of DNS servers. Purpose of DNS servers

Applications & Application-Layer Protocols: The Domain Name System and Peerto-Peer

Communications Software. CSE 123b. CSE 123b. Spring Lecture 11: Domain Name System (DNS) Stefan Savage. Some pictures courtesy David Wetherall

CSE 123b Communications Software. Overview for today. Names and Addresses. Goals for a naming system. Internet Hostnames

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

Naming Computer Networking. Overview. DNS: Domain Name System. Obvious Solutions (1) Obvious Solutions (2)

Light at the end of the tunnel Final Lecture: Course Overview

Chapter 2 Application Layer

Chapter 2: application layer

The Domain Name System (DNS) and its security. CSU CS557, Spring 2018 Instructor: Lorenzo De Carli Partly based on the CS457 slides by Indrajit Ray

Protocol layers, example: Organization of air travel. ticket (complain) ticket (purchase) baggage (claim) baggage (check) gates (unload) gates (load)

CSCI-1680 DNS Rodrigo Fonseca

Chapter 2 Application Layer

Transcription:

Chapter 2 Application Layer Lecture 5 DNS Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Application Layer 2-1

Chapter 2: outline 2.1 principles of network applications app architectures app requirements 2.2 Web and HTTP 2.3 FTP 2.4 electronic mail SMTP, POP3, IMAP 2.5 DNS 2.6 P2P applications 2.7 socket programming with UDP and TCP Application Layer 2-2

DNS: domain name system people: many identifiers: SSN, name, passport # Internet hosts, routers: IP address (32 bit) - used for addressing datagrams name, e.g., www.yahoo.com - used by humans Q: how to map between IP address and name, and vice versa? Domain Name System: distributed database implemented in hierarchy of many name servers application-layer protocol: hosts, name servers communicate to resolve names (address/name translation) note: core Internet function, implemented as applicationlayer protocol complexity at network s edge Application Layer 2-3

DNS: services, structure DNS services hostname to IP address translation host aliasing canonical, alias names mail server aliasing load distribution replicated Web servers: many IP addresses correspond to one name why not centralize DNS? single point of failure traffic volume distant centralized database maintenance A: doesn t scale! Application Layer 2-4

DNS: a distributed, hierarchical database Root DNS Servers com DNS servers org DNS servers edu DNS servers yahoo.com DNS servers amazon.com DNS servers pbs.org DNS servers poly.edu clarkson.edu DNS servers DNS servers client wants IP for www.amazon.com; 1 st approx: client queries root server to find com DNS server client queries.com DNS server to get amazon.com DNS server client queries amazon.com DNS server to get IP address for www.amazon.com Application Layer 2-5

DNS: root name servers contacted by local name server that can not resolve name root name server: contacts authoritative name server if name mapping not known gets mapping returns mapping to local name server e. NASA Mt View, CA f. Internet Software C. Palo Alto, CA (and 48 other sites) c. Cogent, Herndon, VA (5 other sites) d. U Maryland College Park, MD h. ARL Aberdeen, MD j. Verisign, Dulles VA (69 other sites ) a. Verisign, Los Angeles CA (5 other sites) b. USC-ISI Marina del Rey, CA l. ICANN Los Angeles, CA (41 other sites) g. US DoD Columbus, OH (5 other sites) k. RIPE London (17 other sites) i. Netnod, Stockholm (37 other sites) m. WIDE Tokyo (5 other sites) 13 root name servers worldwide Application Layer 2-6

TLD, authoritative servers top-level domain (TLD) servers: responsible for com, org, net, edu, aero, jobs, museums, and all top-level country domains, e.g.: uk, fr, ca, jp Network Solutions maintains servers for.com TLD Educause for.edu TLD authoritative DNS servers: organization s own DNS server(s), providing authoritative hostname to IP mappings for organization s named hosts can be maintained by organization or service provider Application Layer 2-7

Local DNS name server does not strictly belong to hierarchy each ISP (residential ISP, company, university) has one also called default name server when host makes DNS query, query is sent to its local DNS server has local cache of recent name-to-address translation pairs (but may be out of date!) acts as proxy, forwards query into hierarchy Application Layer 2-8

DNS name resolution example root DNS server host at cis.poly.edu wants IP address for gaia.cs.umass.edu 2 3 4 5 TLD DNS server iterated query: contacted server replies with name of server to contact I don t know this name, but ask this server local DNS server dns.clarkson.edu 1 8 requesting host cs.clarkson.edu 7 6 authoritative DNS server dns.cs.umass.edu gaia.cs.umass.edu Application Layer 2-9

DNS name resolution example root DNS server recursive query: 2 7 6 3 puts burden of name resolution on contacted name server local DNS server dns.clarkson.edu 5 4 TLD DNS server heavy load at upper levels of hierarchy? 1 8 requesting host cs.clarkson.edu authoritative DNS server dns.cs.umass.edu gaia.cs.umass.edu Application Layer 2-10

DNS: caching, updating records once (any) name server learns mapping, it caches mapping cache entries timeout (disappear) after some time (TTL) TLD servers typically cached in local name servers thus root name servers not often visited cached entries may be out-of-date (best effort name-to-address translation!) if name host changes IP address, may not be known Internet-wide until all TTLs expire update/notify mechanisms proposed IETF standard RFC 2136 Application Layer 2-11

DNS records DNS: distributed db storing resource records (RR) RR format: (name, value, type, ttl) type=a name is hostname value is IP address type=ns name is domain (e.g., foo.com) value is hostname of authoritative name server for this domain type=cname name is alias name for some canonical (the real) name www.ibm.com is really servereast.backup2.ibm.com value is canonical name type=mx value is name of mailserver associated with name Application Layer 2-12

DNS protocol, messages query and reply messages, both with same message format 2 bytes 2 bytes msg header identification: 16 bit # for query, reply to query uses same # flags: query or reply recursion desired recursion available reply is authoritative identification flags # questions # answer RRs # authority RRs # additional RRs questions (variable # of questions) answers (variable # of RRs) authority (variable # of RRs) additional info (variable # of RRs) Application Layer 2-13

DNS protocol, messages 2 bytes 2 bytes identification # questions flags # answer RRs name, type fields for a query RRs in response to query records for authoritative servers additional helpful info that may be used # authority RRs # additional RRs questions (variable # of questions) answers (variable # of RRs) authority (variable # of RRs) additional info (variable # of RRs) Application Layer 2-14

Inserting records into DNS example: new startup Network Utopia register name networkuptopia.com at DNS registrar (e.g., Network Solutions) provide names, IP addresses of authoritative name server (primary and secondary) registrar inserts two RRs into.com TLD server: (networkutopia.com, dns1.networkutopia.com, NS) (dns1.networkutopia.com, 212.212.212.1, A) create authoritative server type A record for www.networkuptopia.com; type MX record for networkutopia.com Application Layer 2-15

Attacking DNS DDoS attacks Bombard root servers with traffic Not successful to date Traffic Filtering Local DNS servers cache IPs of TLD servers, allowing root server bypass Bombard TLD servers Potentially more dangerous Redirect attacks Man-in-middle Intercept queries DNS poisoning Send bogus relies to DNS server, which caches Exploit DNS for DDoS Send queries with spoofed source address: target IP Requires amplification Application Layer 2-16

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback