CS514: Intermediate Course in Computer Systems

Similar documents
CS519: Computer Networks. Lecture 6: Apr 5, 2004 Naming and DNS

Chapter 5 Naming (2)

Distributed Naming. EECS 591 Farnam Jahanian University of Michigan. Reading List

June Gerd Liefländer System Architecture Group Universität Karlsruhe (TH), System Architecture Group

Chapter 5 Naming (2)

DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S. TANENBAUM MAARTEN VAN STEEN. Chapter 5 Naming

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration. Chapter 5 Introduction to DNS in Windows Server 2008

Networking: Application Layer

New Topic: Naming. Differences in naming in distributed and non-distributed systems. How to name mobile entities?

CS4/MSc Computer Networking. Lecture 3: The Application Layer

DNS & Iodine. Christian Grothoff.

Computing Parable. New Topic: Naming

ECE 650 Systems Programming & Engineering. Spring 2018

Naming. Naming. Naming versus Locating Entities. Flat Name-to-Address in a LAN

Lecture 4 Naming. Prof. Wilson Rivera. University of Puerto Rico at Mayaguez Electrical and Computer Engineering Department

Communications Software. CSE 123b. CSE 123b. Spring Lecture 11: Domain Name System (DNS) Stefan Savage. Some pictures courtesy David Wetherall

CSE 123b Communications Software. Overview for today. Names and Addresses. Goals for a naming system. Internet Hostnames

CS 356 Using Cryptographic Tools to Secure the Domain Name System (DNS) Spring 2017

SEVENMENTOR TRAINING PVT.LTD. MCSA Server 2016 Syllabus

New Topic: Naming. Approaches

Request for Comments: 3405 BCP: 65 October 2002 Category: Best Current Practice

The Application Layer: Sockets, DNS

Grandstream Networks, Inc. DNS SRV Guide

Managing Resource Records

How to Configure Authentication and Access Control (AAA)

Protocol Classification

CSE 5306 Distributed Systems

Today: Naming. Example: File Names

DNS. DNS is an example of a large scale client-server application.

Internet Content Distribution

CSE 5306 Distributed Systems. Naming

EECS 122: Introduction to Computer Networks DNS and WWW. Internet Names & Addresses

Security Impact of DNS Delegation Structure and Configuration Problems

DNS and CDNs : Fundamentals of Computer Networks Bill Nace

This time. Digging into. Networking. Protocols. Naming DNS & DHCP

Networking with Windows Server 2016 (741)

Application Layer Protocols

Naming in Distributed Systems

DISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Naming WHAT IS NAMING? Name: Entity: Slide 3. Slide 1. Address: Identifier:

Advanced Networking. Domain Name System

Advanced Networking. Domain Name System. Purpose of DNS servers. Purpose of DNS servers. Purpose of DNS servers

DNS. Introduction To. everything you never wanted to know about IP directory services

ENUM. Patrik FältstrF. ltström Consulting Engineer, Office of the CSO Area Director, Applications Area, IETF cisco.

Lesson 9: Configuring DNS Records. MOAC : Administering Windows Server 2012

Outline NET 412 NETWORK SECURITY PROTOCOLS. Reference: Lecture 7: DNS Security 3/28/2016

Information Network Systems The application layer. Stephan Sigg

June Gerd Liefländer System Architecture Group Universität Karlsruhe (TH), System Architecture Group

Higher layer protocols

Domain Name System.

CS454/654 Midterm Exam Fall 2004

DNS Basics BUPT/QMUL

Chapter 2 Application Layer. Lecture 5 DNS. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Computer Science 425 Distributed Systems CS 425 / ECE 428. Fall 2013

TECHNISCHE UNIVERSITEIT EINDHOVEN Faculteit Wiskunde en Informatica

04 Identifiers. UUID URI Format Characteristics. Coulouris, Ch 9 rfc3986 Ahmed, 2005 Subharthi, 2009

Domain Name System - Advanced Computer Networks

9.1 Introduction 9.2 Name services and the DNS 9.3 Discovery services 9.6 Summary

Applications. Chong-kwon Kim. Running in end systems (hosts) over transport layer protocols Ex: , Web, FTP, instant messaging

DNS/DNSSEC Workshop. In Collaboration with APNIC and HKIRC Hong Kong. Champika Wijayatunga Regional Security Engagement Manager Asia Pacific

Introduction to Information Science and Technology 2017 Networking II. Sören Schwertfeger 师泽仁

More Internet Support Protocols

Information Network I: The Application Layer. Doudou Fall Internet Engineering Laboratory Nara Institute of Science and Technique

Lecture 7: Application Layer Domain Name System

How to Configure DNS Zones

CSE 565 Computer Security Fall 2018

CS 3640: Introduction to Networks and Their Applications

CSC2231: DNS with DHTs

TECHNISCHE UNIVERSITEIT EINDHOVEN Faculteit Wiskunde en Informatica

HTTP Reading: Section and COS 461: Computer Networks Spring 2013

Naming. To do. q What s in a name q Flat naming q Structured naming q Attribute-based naming q Next: Content distribution networks

T Computer Networks II. Mobility Issues Contents. Mobility. Mobility. Classifying Mobility Protocols. Routing vs.

04 Identifiers UUID. Coulouris, Ch 9 URI. rfc3986 Format. Ahmed, 2005 Characteristics. Subharthi, 2009

Outline. CS5984 Mobile Computing. Host Mobility Problem 1/2. Host Mobility Problem 2/2. Host Mobility Problem Solutions. Network Layer Solutions Model

UDP-based Amplification Attacks and its Mitigations

Outline. CS6504 Mobile Computing. Host Mobility Problem 1/2. Host Mobility Problem 2/2. Dr. Ayman Abdel-Hamid. Mobile IPv4.

CS 3516: Advanced Computer Networks

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12

Configuring DNS. Finding Feature Information

The Domain Name System

Networking Applications

2. Introduction to Internet Applications

殷亚凤. Naming. Distributed Systems [5]

A DNS Tutorial

Computer Network laboratory (2015) Pattern TE Computer 1 (5)

CS 455 Internet Architecture, Page 3 ffl By 1985, the ARPANET was heavily used and congested; the National Science Foundation (NSF) initiated the NSFN

Lecture 08: Networking services: there s no place like

SAML-Based SSO Solution

ITTC Science of Communication Networks The University of Kansas EECS 784 Identifiers, Names, and Addressing

The Domain Name System

How to Add Domains and DNS Records

Domain Name System (DNS) Session-1: Fundamentals. Joe Abley AfNOG Workshop, AIS 2017, Nairobi

ICS 351: Today's plan. IPv6 routing protocols (summary) HTML HTTP web scripting languages certificates (review) cookies

Introduction to Network. Topics

IP ADDRESSES, NAMING, AND DNS

Naming in Distributed Systems

Root Servers. Root hints file come in many names (db.cache, named.root, named.cache, named.ca) See root-servers.org for more detail

How to Configure the DNS Server

Managing Caching DNS Server

Internet Technology. 06. Exam 1 Review Paul Krzyzanowski. Rutgers University. Spring 2016

0 0& Basic Background. Now let s get into how things really work!

Transcription:

CS514: Intermediate Course in Computer Systems Lecture 4: January 27, 2003 Introduction to Naming Any problem in computer science can be solved with another layer of indirection David Wheeler 1

Naming is a layer of indirection What problems does it solve? Makes objects human readable Hides complexity and dynamics Multiple lower-layer objects can have one name Changes in lower-layer objects hidden Allows an object to be found in different ways One object can have multiple names Names map to objects through a resolution service Distributed Name Resolution Service 2

Identifiers and Locators A name is always an identifier to a greater or lesser extent Can be persistent or non-persistent Can be globally unique, locally unique, or even non-unique If a name has structure that helps the resolution service, then the name is also a locator Naming in networks 3

DNS names map into addresses Domain Name System (DNS) Many-to-many Domain Name (www.cnn.com) Hierarchical User-friendly Location independent But not org independent Addresses map into routes IP address (128.94.2.17) Routing algorithm (BGP, OSPF, RIP) One-to-many Hierarchical Location Dependent Non-unique Can change often Refers to an interface, not a host 4

Routes get packets to interfaces A path Source dependent Can change often DNS names and IP addresses are identifiers and locators Both are typically non-persistent Private IP addresses identify only in the context of an IP realm Domain names are good identifiers woodstock.cs.cornell.edu identifies a host www.cnn.com identifies a service URLs are good identifiers 5

Domain Name System (DNS) Distributed directory service Hierarchical name space Each level separated by. Analogous to / separator in file systems One global root Replicated across <20 root servers! There have been Denial of Service (DoS) attacks on these root servers, none real successful Because of caching, queries to root servers relatively rare DNS maybe only global directory service??? DNS is simple but powerful Only one type of query Query(domain name, RR type) Resource Record (RR) type is like an attribute type Answer(values, additional RRs) Limited number of RR types Hard to make new RR types Not for technical reasons Rather because each requires global agreement 6

DNS is the core of the Internet Global name space Can be the core of a naming or identifying scheme Global directory service Can resolve a name to nearly every computer on the planet Important DNS RR types NS: Points to next Name Server down the tree A: Contains the IP address AAAA for IPv6 MX: Contains the name of the mail server Service-oriented RR types SRV: Contains addresses and ports of services on servers One way to learn what port number to use NAPTR: Essentially a generalized mapping from one name space (i.e. phone numbers) to another (i.e. SIP URL) 7

DNS tree structure. NS RR pointers edu. com. jp. us. cornell.edu. cmu.edu. mit.edu. cs.cornell.edu. eng.cornell.edu. foo.cs.cornell.edu A 10.1.1.1 bar.cs.cornell.edu A 10.1.1.1 Primary and secondary servers cornell.edu. NS RRs point to both primary and secondary servers cs.cornell.edu. RRs are initially configured into primary server Primary server replicates RRs onto secondary servers periodically (updates are incremental) 8

Resolver structure and configuration edu. com.. jp. Static configuration of root servers Stub resolver resides on client host, points to configured recursive server cornell.edu. cs.cornell.edu. cmu.edu. eng.cornell.edu. Resolver manages DNS queries on behalf of stub resolvers Resolver structure and configuration edu. com.. jp. 2,3,4 Resolver makes iterative queries to servers 1. Stub resolver sends recursive query cornell.edu. cs.cornell.edu. cmu.edu. eng.cornell.edu. Resolver caches results for efficiency N. Resolver returns final answer to stub resolver (which also caches result) 9

DNS cache management All RRs have Time-to-live (TTL) values When TTL expires, cache entries are removed NS RRs tend to have long TTLs Cached for a long time Reduces load on higher level servers A RRs may have very short TTLs Order one minute for some web services Order one day for typical hosts Why is DNS iterative and not recursive? AT/MvS teach that recursive is more efficient Better caching characteristics Caches in servers, not just resolvers Shorter paths However, high-performance recursive server much harder to implement Maintain state for thousands of concurrent queries Manage cache Recursive server prone to DoS attacks * AT/MvS = Andrew Tanenbaum/Martin van Steen text 10

LDAP is another popular distributed directory service Richer and more general than DNS Has generalized attribute/value scheme Can search on attribute, not just name Simpler and more efficient than a full relational database Not a global directory service, though namespace is global Its predecessor, X.500, was meant to be But local LDAP services can point to each other Commonly used for personnel RR databases, subscriber databases URLs, URNs, and URIs Uniform Resource <Locator, Name, Identifier> URL tells a computer where and how to reach a resource These came first URN is a true identifier Unique, persistent URI refers to both URLs and URNs Defines syntax for current and future URLs and URNs For now we only really care about URLs 11

URL Consists of: <scheme>:<scheme-specific-part> URL Consists of: <scheme>:<scheme-specific-part> A protocol Information the protocol needs 12

URL examples HTTP (web) http://www.cnn.com/news/story.html Email mailto://francis@cs.cornell.edu Newsgroups news:cornell/class/cs514 SIP (Session Initiation Protocol) sip://service@phone.verizon.com Note the central role of DNS HTTP (web) http://www.cnn.com/news/story.html Email mailto://francis@cs.cornell.edu Newsgroups news:cornell/class/cs514 SIP (Session Initiation Protocol) sip://service@phone.verizon.com 13

Locating mobile entities (section 4.2, AT/MvS) What is a mobile entity? From naming perspective, it is an entity whose address changes often This doesn t require physical mobility! Every time you dial up, you may get a new address So, mobility existed well before laptops became common Though laptops create more mobility Is mobility a problem for DNS? Not really Even though DNS was designed with relatively stable IP addresses in mind Because mobility only effects leaf DNS servers Recall: A RR TTL is short, but NS RR TTL is long Note: non-mobile web server s A RRs often have very short TTLs To allow quick failover to another web server 14

Is mobility a problem at all? Less than you d think Most mobile systems are clients; servers are rarely mobile Clients are initiators of connections, not recipients Therefore, there is not a client locating problem What about email, instant messaging, and VoIP (Voice over IP)? Clients receive emails, instant messages, and phone calls Application specific registration as a mobility solution To receive email, client connects to an email server To do instant messaging, client registers with an IM server To do VoIP, client registers with a SIP server This is an adequate solution to 90% of mobility issues This is why Mobile IP hasn t gotten traction (i.e. Microsoft has not implemented it) 15

Mobile IP uses an IP-level registration Mobile Node has a stable home address at its home network Home Agent Mobile Node Foreign Agent Internet Correspondent Node Mobile IP uses an IP-level registration Mobile Node moves to foreign network, gets a Care-of Address Home Agent Foreign Agent Internet Mobile Node Correspondent Node 16

Mobile IP uses an IP-level registration Mobile Node registers with Home Agent, creates IP tunnel Home Agent Foreign Agent Internet Mobile Node Correspondent Node Mobile IP uses an IP-level registration Connection initiated by Correspondent Node will be tunneled to Mobile Node Home Agent Foreign Agent Internet Mobile Node Correspondent Node 17

Mobile IP adds a layer of indirection DNS Mobile IP Home address is stable Care-of address changes Routing Client identification Servers cannot locate clients, but often must be able to identify them HTTP cookies serve this role HTTP cookies also contain many attributes about the client or session They also typically contain some kind of signature To prevent tampering 18

Identifiers must be made hard to spoof That is why driver s licenses have pictures and credit cards have signatures In networking, two ways: 1. Identifier is also a locator Reverse routability 2. Some kind of secret-protected signature Reverse routability: DoS and Mobile IP 20.1.1.1 I m 30.1.1.1 Internet Server 30.1.1.1 Ok, prove it by echo ing this number back to me! Since challenge doesn t go back to 20.1.1.1 (i.e. is not reverse routable), 20.1.1.1 cannot spoof 30.1.1.1 19

Summary of Lecture Introduction to Naming Naming basics: Names, Addresses, Routes Identifiers and Locators DNS is the global directory service LDAP is a popular local directory service URLs build on DNS (and also URIs and URNs) Mobility is not much of a problem Chapter 4 got this wrong Identifiers must be hard to spoof Reverse routability, cryptographic signatures 20

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback