T. S. Eugene Ngeugeneng at cs.rice.edu Rice University1 COMP/ELEC 429 Introduction to Computer Networks Lecture 18: Domain Name System Slides used with.

Slides:



Advertisements
Similar presentations
EECS122 - UCB 1 CS 194: Distributed Systems: Naming Computer Science Division Department of Electrical Engineering and Computer Sciences University of.
Advertisements

Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.
Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.
1 DNS. 2 BIND DNS –Resolve names to IP address –Resolve IP address to names (reverse DNS) BIND –Berkeley Internet Name Domain system Version 4 is still.
Domain Name System (or Service) (DNS) Computer Networks Computer Networks Term B10.
TDC375 Autumn 03/04 John Kristoff - DePaul University 1 Network Protocols Domain Name System (DNS) largely based on slides from D. Comer.
20101 The Application Layer Domain Name System Chapter 7.
Application Layer At long last we can ask the question - how does the user interface with the network?
T. S. Eugene Ngeugeneng at cs.rice.edu Rice University1 COMP/ELEC 429 Introduction to Computer Networks Domain Name System Some slides used with permissions.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
CPSC 441: DNS1 Instructor: Anirban Mahanti Office: ICT Class Location: ICT 121 Lectures: MWF 12:00 – 12:50 Notes derived.
25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Domain Name System ( DNS )  DNS is the system that provides name to address mapping for the internet.
DNS. Outline r Domain Name System r DNS Hierarchy r Resolution.
Chapter 25 Domain Name System
Domain Name Services Oakton Community College CIS 238.
NET0183 Networks and Communications Lecture 25 DNS Domain Name System 8/25/20091 NET0183 Networks and Communications by Dr Andy Brooks.
CS 4396 Computer Networks Lab
1 Domain Name System (DNS). 2 DNS: Domain Name System Internet hosts: – IP address (32 bit) - used for addressing datagrams – “name”, e.g.,
Data Communications and Computer Networks Chapter 2 CS 3830 Lecture 10 Omar Meqdadi Department of Computer Science and Software Engineering University.
1 Naming with the Domain Name System. 2 Internet Applications Domain Name System Electronic mail IP telephony Remote login File transfer All use client-server.
Internet Address and Domain Name Service (DNS) CS587x Lecture Department of Computer Science Iowa State University.
TELE 301 Lecture 11: DNS 1 Overview Last Lecture –Scheduled tasks and log management This Lecture –DNS Next Lecture –Address assignment (DHCP)
Ch-9: NAME SERVICES By Srinivasa R. Gudipati. To be discussed.. Fundamentals of Naming Services Naming Resolution The Domain Name System (DNS) Directory.
Chapter 16 – DNS. DNS Domain Name Service This service allows client machines to resolve computer names (domain names) to IP addresses DNS works at the.
DNS and HTTP CS 168. Domain Name Service Host addresses: e.g., – a number used by protocols – conforms to network structure (the “where”)
IIT Indore © Neminath Hubballi
Domain names and IP addresses Resolver and name server DNS Name hierarchy Domain name system Domain names Top-level domains Hierarchy of name servers.
Computer Networks. IP Addresses Before we communicate with a computer on the network we have to be able to identify it. Every computer on a network must.
DNS: Domain Name System
1 DNS: Domain Name System People: many identifiers: m SSN, name, Passport # Internet hosts, routers: m IP address (32 bit) - used for addressing datagrams.
Architecture of DNS CS 718 Activity 4 Submitted by Parag Abhyankar Anup S. Kunte
25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Network Protocols Chapter 25 (Data Communication & Networking Book): Domain Name System (DNS) 1.
1 Application Layer Lecture 6 Imran Ahmed University of Management & Technology.
25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Paper Presentation – CAP Page 2 Outline Review - DNS Proposed Solution Simulation Results / Evaluation Discussion.
Chapter 29 Domain Name System (DNS) Allows users to reference computer names via symbolic names translates symbolic host names into associated IP addresses.
Domain Name System CH 25 Aseel Alturki
October 8, 2015 University of Tulsa - Center for Information Security Microsoft Windows 2000 DNS October 8, 2015.
Internet and Intranet Protocols and Applications Lecture 5 Application Protocols: DNS February 20, 2002 Joseph Conron Computer Science Department New York.
1 Kyung Hee University Chapter 18 Domain Name System.
Domain Name System Refs: Chapter 9 RFC 1034 RFC 1035.
CPSC 441: DNS 1. DNS: Domain Name System Internet hosts: m IP address (32 bit) - used for addressing datagrams m “name”, e.g., - used by.
Configuring Name Resolution and Additional Services Lesson 12.
Internet Address and Domain Name Service (DNS)
CS 3830 Day 10 Introduction 1-1. Announcements r Quiz #2 this Friday r Program 2 posted yesterday 2: Application Layer 2.
EE 122: Lecture 20 (Domain Name Server - DNS) Ion Stoica Nov 15, 2001 (* based on the some on-line slides of J. Kurose & K. Rose and of Raj Jain)
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)
CS 4700 / CS 5700 Network Fundamentals Lecture 12: DNS (What’s in a Name?) Revised 10/8/14.
DNS DNS overview DNS operation DNS zones. DNS Overview Name to IP address lookup service based on Domain Names Some DNS servers hold name and address.
T. S. Eugene Ngeugeneng at cs.rice.edu Rice University1 COMP/ELEC 429/556 Introduction to Computer Networks Domain Name System Some slides used with permissions.
Internet Address and Domain Name Service (DNS) CS587x Lecture 5 Department of Computer Science Iowa State University.
Linux Operations and Administration
Web Server Administration Chapter 4 Name Resolution.
1. Internet hosts:  IP address (32 bit) - used for addressing datagrams  “name”, e.g., ww.yahoo.com - used by humans DNS: provides translation between.
COMP 431 Internet Services & Protocols
Internet Naming Service: DNS* Chapter 5. The Name Space The name space is the structure of the DNS database –An inverted tree with the root node at the.
Domain Name System INTRODUCTION to Eng. Yasser Al-eimad
So DNS is A client-server application that maps domain names into their corresponding IP addresses with the help of name servers. Mapping domain names.
Basics of the Domain Name System (DNS) By : AMMY- DRISS Mohamed Amine KADDARI Zakaria MAHMOUDI Soufiane Oujda Med I University National College of Applied.
Short Intro to DNS (part of Tirgul 9) Nir Gazit. What is DNS? DNS = Domain Name System. For translation of host names to IPs. A Distributed Database System.
CSE 461 Section. Port numbers for applications MAC addresses for hardware IP addresses for a way to send data in a smart, routable way.
Chapter 9: Domain Name Servers
DNS.
EE 122: Domain Name Server (DNS)
CRC Example (I) C(x) = x2 + 1 (k = 2) data
DNS: Domain Name System
Domain Name System Refs: Chapter 9 RFC 1034 RFC 1035.
Presentation transcript:

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University1 COMP/ELEC 429 Introduction to Computer Networks Lecture 18: Domain Name System Slides used with permissions from Edward W. Knightly, T. S. Eugene Ng, Ion Stoica, Hui Zhang

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University2 Human Involvement Just like your friend needs to tell you his phone number for you to call him Somehow, an application needs to know the IP address of the communication peer There is no magic, some out-of-band mechanism is needed –Word of mouth –Read it in the advertisement in the paper –Etc. But IP addresses are bad for humans to remember and tell each other So need names that makes some sense to humans

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University3 Internet Names & Addresses Names: e.g. –human-usable labels for machines –conforms to “organizational” structure Addresses: e.g –router-usable labels for machines –conforms to “network” structure How do you map from one to another? –Domain Name System (DNS)

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University4 DNS: History Initially all host-addess mappings were in a file called hosts.txt (in /etc/hosts) –Changes were submitted to SRI by –New versions of hosts.txt ftp’d periodically from SRI –An administrator could pick names at their discretion –Any name is allowed: eugenesdesktopatrice As the Internet grew this system broke down because: –SRI couldn’t handled the load –Hard to enforce uniqueness of names –Many hosts had inaccurate copies of hosts.txt Domain Name System (DNS) was born

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University5 Basic DNS Features Hierarchical namespace –as opposed to original flat namespace Distributed storage architecture –as opposed to centralized storage (plus replication) Client--server interaction on UDP Port 53 –but can use TCP if desired

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University6 Naming Hierarchy “Top Level Domains” are at the top Depth of tree is arbitrary (limit 128) Domains are subtrees –E.g:.edu, rice.edu, ece.rice.edu Name collisions avoided –E.g. rice.edu and rice.com can coexist, but uniqueness is job of domain root edu com govmil org netukfr rice mit cs ece look etc. owlnet

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University7 Host names are administered hierarchically A zone corresponds to an administrative authority that is responsible for that portion of the hierarchy E.g. Eugene controls names: x.cs.rice.edu and y.ece.rice.edu E.g. The President controls names: x.rice.edu and y.owlnet.rice.edu root edu com govmil org netukfr rice mit cs ece look etc. owlnet

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University8 Server Hierarchy Each server has authority over a portion of the hierarchy –A server maintains only a subset of all names Each server contains all the records for the hosts or domains in its zone –might be replicated for robustness Every server knows the root Root server knows about all top-level domains

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University9 DNS Name Servers Local name servers: –Each ISP (company) has local default name server –Host DNS query first goes to local name server –Local DNS server IP address usually learned from DHCP –Frequently cache query results Authoritative name servers: –For a host: stores that host’s (name, IP address) –Can perform name/address translation for that host’s name

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University10 DNS: Root Name Servers Contacted by local name server that can not resolve name Root name server: –Contacts authoritative name server if name mapping not known –Gets mapping –Returns mapping to local name server ~ Dozen root name servers worldwide

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University11 Basic Domain Name Resolution Every host knows a local DNS server –Through DHCP, for example –Sends all queries to a local DNS server Every local DNS server knows the ROOT servers –When no locally cached information exists about the query, talk to a root server, and go down the name hierarchy from the root –If we lookup and we have a cached entry for the.edu name server, then we can go directly to the.edu name server and bypass the root server

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University12 Example of Recursive DNS Query Root name server: May not know authoritative name server May know intermediate name server: who to contact to find authoritative name server? Recursive query: Puts burden of name resolution on contacted name server Heavy load? How does moe knows reply #7 is for frosty? requesting host frosty.cs.rice.edu root name server local name server moe.rice.edu authoritative name server ns1.google.com intermediate name server (com server) 7 8 Randomly choose an ID and use in all related messages to match replies to original queries

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University13 Example of Iterated DNS Query Iterated query: Contacted server replies with name of server to contact “I don’t know this name, but ask this server” This is how today’s DNS system behaves requesting host frosty.cs.rice.edu root name server local name server moe.rice.edu authoritative name server ns1.google.com intermediate name server (com server) 5 8 iterated query

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University14 DNS Resource Records DNS Query: –Two fields:(name, type) Resource record is the response to a query –Four fields:(name, value, type, TTL) –There can be multiple valid responses to a query Type = A: –name = hostname –value = IP address

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University15 DNS Resource Records (cont’d) Type = NS: –name = domain –value = name of dns server for domain Type = CNAME: –name = hostname –value = canonical name Type = MX: –name = domain in address –value = canonical name of mail server and priority

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University16 DNS as Indirection Service Can refer to machines by name, not address –Not only easier for humans –Also allows machines to change IP addresses without having to change way you refer to machine Can refer to machines by alias – can be generic web server –But DNS can point this to particular machine that can change over time Can refer to a set of machines by alias –Return IP address of least-loaded server

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University17 DNS Security Man-in-the-middle Spoofing responses –eavesdrop on requests and race the real DNS server to respond Name Chaining –AKA cache poisoning –Attacker waits for a query, injects possibly unrelated response resource record (frequently NS or CNAME record) –Bogus record is cached for later use

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University18 Cache Poisoning Attack Until the TTL expires, queries to moe.rice.edu for ebay.com’s nameserver will return the poison entry from the cache local name server moe.rice.edu remote name server ns1.google.com Query: (A, google.com) Response: (A, google.com, ) Additional Response: (NS, ebay.com, ) Attacker

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University19 Solution: DNSSEC Cryptographically sign critical resource records –Resolver can verify the cryptographic signature Two New resource record type: Type = KEY: –name = Zone domain name –value = Public key for the zone Type = SIG: –name = (type, name) tuple (i.e. a query) –value = Cryptographic signature of query result

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University20 Security 2: Denial of Service Caching can mitigate the effect of a large-scale denial of service attack October 2002: root name servers subjected to massive DoS attack –By and large, users didn’t notice –Locally cached records used More directed denial of service can be effective –DoS local name server  cannot access DNS –DoS authoritative names server  cannot access domain

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University21 Special Topics DNS caching –Improve performance by saving results of previous lookups –E.g. results of address records and name server records (e.g. if.edu name server is cached, then can bypass root server the second time looking for a.edu host) DNS “hacks” –Return records based on requesting IP address –Round-robin DNS Dynamic DNS –Allows remote updating of IP address for mobile hosts DNS politics (ICANN) and branding battles

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University22 More Special Topics Suppose you want your own top-level domain… AlterNIC, OpenNIC et al. –“Alternative” DNS hierarchies, with their own top-level domains (.glue,.geek,.fur,.indy, …) –Can return results from the “regular” DNS hierarchy where there is no collision (.biz)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.