© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.1 Computer Networks and Internets with Internet Applications, 4e By Douglas E. Comer Lecture PowerPoints By Lami Kaya,
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.2 Chapter 31 Naming With The Domain Name System
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.3 Topics Covered 31.1 Introduction 31.2 Structure Of Computer Names 31.3 Geographic Structure 31.4 Domain Names Within An Organization 31.5 Domain Names That Begin With www 31.6 The DNS Client-Server Model 31.7 The DNS Server Hierarchy 31.8 Server Architectures 31.9 Locality Of Reference And Multiple Servers
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.4 Topics Covered (cont.) Links Among Servers Resolving A Name Optimization Of DNS Performance Types Of DNS Entries Aliases Using The CNAME Type An Important Consequence Of Multiple Types Abbreviations And The DNS
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Introduction This chapter describes the naming hierarchy, the organization of name servers shows the details of client-server interaction among them explains how caching improves efficiency of the naming system and makes it possible for a large-scale distributed system to function
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Structure Of Computer Names (1) The naming scheme used in the Internet –is called the Domain Name System (DNS) Each computer name consists of a sequence of alpha-numeric segments separated by periods Domain names (DN) are hierarchical, with the most significant part of the name on the right How many segments does a name have, and how are they assigned? –The answer is that beyond specifying how the most significant segments are chosen –the domain name system does not specify an exact number of segments in each name nor does it specify what those segments represent –Instead, each organization can choose how many segments to use for computers inside the organization and what those segments represent
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Structure Of Computer Names (2) The domain name system does specify values for the most significant segment –which is called a top-level domain (TLD) Figure 31.1 lists the top-level domains of the DNS Top-level domains are controlled by an organization –Internet Corporation for Assigned Names and Numbers (ICANN) ICANN designates one or more “domain registrars” –to administer a given top-level domain and approve specific names Top-level domains are important –because each organization that chooses to participate in the DNS must apply for a name under one of the existing top-level domains Once an organization has been assigned a domain, the suffix is reserved for the organization
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.8
Geographic Structure DNS allows organizations to use a geographic registration. cnri.reston.va.us Some foreign countries have adopted a combination of geographic and organizational domain names. –where –“ac” is an abbreviation for “academic” –“uk” is the official country code for the United Kingdom
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Domain Names Within An Organization Once an organization owns a particular domain, the organization can decide whether to introduce additional hierarchical structure A small corporation can choose no additional hierarchy A large organization can choose many levels computer.foobar.com computer.location.foobar.com computer.division.location.foobar.com Because DNs are logical concepts –they do not need to conform to physical location Freedom to choose a DN hierarchy extends to groups An example is given in Figure 31.2
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.11
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Domain Names That Begin With www Although a DN denotes a computer, many organizations assign DNs that reflect the service –File Transfer Protocol (FTP) ftp.foobar.com –Web server (WWW) Although descriptive names are easy for humans to remember and use, they are not required –In particular, the use of www to name computers that run a Web server is merely a convention –An arbitrary computer can run a Web server –the computer's DN does not need to contain www
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved The DNS Client-Server Model (1) One of the main features of the DNS is autonomy, the system is designed –to allow each organization to assign names to computers –or to change those names without informing a central authority The naming hierarchy helps achieve autonomy –by allowing an organization to control all names with a particular suffix –Exp: Purdue University is free to create or change any name that ends with purdue.edu –Exp: IBM Corporation is free to create or change names that end with ibm.com
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved The DNS Client-Server Model (2) In addition to hierarchical names, the DNS uses client-server interaction to aid autonomy In essence, the entire naming system operates as a large, distributed database Most organizations that have an Internet connection run a DNS –Each server contains links the server to other DNS –the resulting set of servers functions as a large –coordinated database of names Whenever an application needs to translate a name to an IP address –the application becomes a client of the DNS –the client places the name to be translated in a DNS request message –and sends the request to a DNS server –the server extracts the name from the request –translates the name to an equivalent IP address –and returns the resulting address to the application in a reply message
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved The DNS Server Hierarchy DNS servers are arranged in a hierarchy that matches the naming hierarchy, with each being the “naming authority” Root Server –occupies the top of the hierarchy, and is an authority for the top-level domains (e.g.,. com ) –Although it does not contain all possible DNs, a root server contains information about how to reach other servers Although the hierarchy of DNS servers follows the naming hierarchy –the structure is not identical a corporation can choose to place all its DNs in a single server or can choose to run several servers –Figure 31.3 illustrates two ways Foobar corporation might choose to allocate its naming hierarchy to two servers
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.16
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Server Architectures (1) How should a DN server architecture be chosen? When does an organization need more than one server? In general, an architecture in which an organization uses a single server is the simplest –a small organization can minimize cost by placing all its domain information in a single server –The smallest organizations do not run a server themselves –Instead, the organization contracts with an ISP that runs a DN server on behalf of its customers
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Server Architectures (2) Larger organizations usually find that a single, centralized server does not suffice for two reasons. –First, a single server and the computer on which it runs cannot handle arbitrary requests at high speed –Second, often it’s difficult to administer a central database The problem is especially severe because most DNS SW does not provide automated update –a human must enter changes and additions in the server's database –the group of people who are responsible for administering a centralized server must coordinate to ensure that only one manager attempts to make changes at a given time If the organization runs multiple servers –each group can manage a server that is an authority for the group's computers –each group can make changes to its server database without centralized coordination
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Locality Of Reference And Multiple Servers The DNS follows the locality of reference principle in two ways –First, a user tends to look up the names of local computers more often than the names of remote computers. –Second, a user tends to look up the same set of DNs repeatedly Having multiple servers within an organization works well –because a server can be placed within each group The local server is an authority for names of computers in the group Because the DNS obeys the locality principle –the local server can handle most requests Multiple servers help balance the load –and thereby reduce the problems of contention a centralized server may cause
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Links Among Servers Although the DNS allows the freedom to use multiple servers –a domain hierarchy cannot be split into servers arbitrarily A server must be responsible for all computers that having a common suffix In terms of the graphical representation –subtrees can be moved to a separate server, but a given node cannot be split Servers in the DNS are linked together –making it possible for a client to find the correct server by following links –each server should know the locations of servers of subparts Figure 31.3, the server for. com must be configured to know the location of the server for foobar.com –the server for foobar.com must know the location of other servers –Exp: Server in Figure 31.3b for foobar.com would be configured to know the location of the server for walnut.candy.foobar.com Finally, each DNS server is configured to know the location of a root server
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Resolving A Name (1) The translation of a DN into an equivalent IP address –is called “name resolution” SW to perform the translation is known as “name resolver” Many OS provide name resolver SW as a library routine that an application can call. –Exp: on UNIX systems, an application can call library routine “gethostbyname” to resolve a name. Gethostbyname takes a single argument and returns a structure
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Resolving A Name (2) How does resolver SW work? Each resolver is configured with the address of a local DN server Some resolvers are configured with a list of servers –allowing the resolver to try alternatives in case a server is temporarily unavailable To become a client of the DNS server –the resolver places the specified name in a DNS request message –and sends the message to the local server The resolver then waits for the server to send a DNS reply message that contains the answer A client can choose to use either UDP or TCP –But most resolvers are configured to use UDP because it requires less overhead for a single request
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Resolving A Name (3) When an incoming request specifies a name for which a server is an authority –the server answers the request directly –the server looks up the name in its local database –and sends a reply to the resolver However, when a request arrives for a name outside the set for which the server is an authority –further client-server interaction results –the server temporarily becomes a client of another name server –when the other server returns an answer –the original server sends a copy of the answer back to the resolver from which the request arrived
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Resolving A Name (4) How does a DNS server know which other DNS server is the authority for a given name? –It does not However, each server knows the address of a root server –Knowing the location of a root server is sufficient because the name can be resolved from there –Exp: suppose the servers for Foobar Corporation are organized as in Figure 31.3b –A resolver at a remote site (e.g., at a university) sends a request to its local server, L, for the name: venus.walnut.candy.foobar.com
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Resolving A Name (5) Server L is not an authority for the name, so it proceeds to act as a client of other servers –In the first step, L sends a request to the root server –the root server is not an authority for the name but the response from the root server gives the location of a server for foobar.com –when it receives the response from the root server server L contacts the server for foobar. com. –the main server at Foobar knows the location of the server for walnut –thus, it returns a response to inform L –finally, L contacts the server that is the authority for names of the form: computer.walnut.candy.foobar.com That server returns an authoritative answer to L –either the IP address for the name –or an indication that no such name exists
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Resolving A Name (6) Stepping through the hierarchy of servers to find the server that is an authority for a name –is called “iterative query resolution” –and is used only when a server needs to resolve a name The resolvers that applications call always request recursive query resolution That is, they request complete resolution –the reply to a recursive request is either the IP address being sought or an authoritative statement that no such name exists
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Optimization Of DNS Performance (1) Without optimizations, traffic at a root server would be intolerable –because the root server would receive a request each time someone mentioned the name of a remote computer Furthermore, the principle of locality suggests that a given computer will emit the same requests repeatedly –if a user enters the name of a remote computer, the user is likely to specify the same name again There are two primary optimizations used in the DNS –replication and caching Replication caching –Each root server is replicated many copies of the server exist around the world –When a new site joins the Internet the site configures its local DNS server with a list of root servers the server uses whichever root server is most responsive at a given time In practice, the geographically closest server usually responds best
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Optimization Of DNS Performance (2) DNS caching –is more important than replication because caching affects most of the system –each server maintains a cache of names –whenever it looks up a new name the server places a copy of the binding in its cache –Before contacting another server to request a binding the server checks its cache if the cache contains the answer –the server uses the cached answer to generate a reply Caching works well –because name resolution shows a strong tendency toward temporal locality of reference
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Types Of DNS Entries Each entry in a DNS database consists of three items: –a DN –a record type specifies how the value is to be interpreted –a value the type used for a binding between a DN and an equivalent IP address classified as type A –(A stands for address type ) –Type A are common because they are used by most apps. DNS supports several other types: –One popular type is MX (an abbreviation for Mail eXchanger ) –which is used to map the computer name found in an address to an IP address
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Aliases Using The CNAME Type (1) Another type, CNAME is especially useful –CNAME entries are analogous to a symbolic link in a file system the entry provides an “alias” for another DNS entry Suppose Foobar has two computers named: hobbes.foobar.com calvin.foobar.com Suppose that Foobar decides to run a Web server –and wants to follow the convention of using the name www for the computer that runs the Web server –organization could choose to rename one of their computers (hobbes) –a much easier solution exists –the organization can create a CNAME entry for www. foobar. com that points to hobbes Whenever a resolver sends a request for the server returns the address of computer hobbeswww.foobar.com
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Aliases Using The CNAME Type (2) The use of aliases is especially convenient –because it permits to change the computer used for a particular service without changing the names or addresses Exp: Foobar can move its Web service from computer “hobbes” to computer “calvin” –by moving the server and changing the CNAME record in the DNS server –the two computers retain their original names and IP addresses The use of aliases also allows an organization to associate multiple aliases with a single computer –We can assign the following names to a single computer
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved An Important Consequence Of Multiple Types (1) The type system in the DNS is convenient because it permits a manager to use a single name for multiple purposes –(e.g., to direct Web traffic to one computer, while sending to a different computer) However, users are sometimes surprised at the consequence of having specific types in DNS requests –a name that works with one application may not work with another
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved An Important Consequence Of Multiple Types (2) For example, –it may be possible to send to a computer –while an attempt to communicate with the computer using a program a “ping” or “traceroute” –results in a message that no such computer exists The apparent inconsistency arises –because the DNS type requested by differs from the type requested by other applications –If the domain database contains a type MX record for the name a request from the system will succeed –However, if the database does not also contain a type A record a request from programs like ping will result in a negative reply The type system that the DNS uses can produce unexpected results –because some applications are configured to use multiple types
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved Abbreviations And The DNS Users tend to enter names for local computers more often than they enter names for remote computers –abbreviations for local names are convenient –Exp: Foobar might choose to allow users to omit the suffix foobar.com when entering a DN –with such an abbreviation in effect, a user could enter the name venus.walnut.candy to refer to computer –venus in the walnut subdivision of the candy division DN servers do not understand abbreviations –a server only responds to a full name –to handle abbreviations resolvers are programmed to try a set of suffixes