The Design and Implementation of a Next Generation Name Service for the Internet V. Ramasubramanian, E. Gun Sirer Cornell Univ. SIGCOMM 2004 Ciprian Tutu.

Slides:

Advertisements

Similar presentations

Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.

Advertisements

Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.

Serverless Network File Systems. Network File Systems Allow sharing among independent file systems in a transparent manner Mounting a remote directory.

CoDoNs A High-Performance Alternative for the Domain Name System Emin Gün Sirer Venugopalan Ramasubramanian Computer Science, Cornell University.

A Peer-to-Peer DNS Ilya Sukhar Venugopalan Ramasubramanian Emin Gün Sirer Cornell University.

Information-Centric Networks03c-1 Week 3 / Paper 3 The design and implementation of a next generation name service for the Internet –Venugopalan Ramasubramanian.

Beehive: Achieving O(1) Lookup Performance in P2P Overlays for Zipf-like Query Distributions Venugopalan Ramasubramanian (Rama) and Emin Gün Sirer Cornell.

Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.

Vault: A Secure Binding Service Guor-Huar Lu, Changho Choi, Zhi-Li Zhang University of Minnesota.

Hitesh Ballani, Paul Francis(Cornell University) Presenter: Zhenhua Liu Date: Mar. 16 th, 2009.

Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.

Chord-over-Chord Overlay Sudhindra Rao Ph.D Qualifier Exam Department of ECECS.

Squirrel: A decentralized peer- to-peer web cache Paul Burstein 10/27/2003.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

DNS Security Extensions (DNSSEC) Ryan Dearing. Topics History What is DNS? DNS Stats Security DNSSEC DNSSEC Validation Deployment.

CPSC 441: DNS1 Instructor: Anirban Mahanti Office: ICT Class Location: ICT 121 Lectures: MWF 12:00 – 12:50 Notes derived.

Content Networking - CON Content Overlay Network Vishal Kumar Singh Eilon Yardeni April, 28 th 2005.

Domain Name System ( DNS )  DNS is the system that provides name to address mapping for the internet.

Domain Name Services Oakton Community College CIS 238.

Windows Server 2008 Chapter 8 Last Update

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,

Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.

DNS and Active Directory Integration

1 Domain Name System (DNS). 2 DNS: Domain Name System Internet hosts: – IP address (32 bit) - used for addressing datagrams – “name”, e.g.,

TELE 301 Lecture 11: DNS 1 Overview Last Lecture –Scheduled tasks and log management This Lecture –DNS Next Lecture –Address assignment (DHCP)

Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.

CSUF Chapter 6 1. Computer Networks: Domain Name System 2.

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 17 Domain Name System (DNS)

PIC: Practical Internet Coordinates for Distance Estimation Manuel Costa joint work with Miguel Castro, Ant Rowstron, Peter Key Microsoft Research Cambridge.

DNS: Domain Name System

Introduction to Peer-to-Peer Networks. What is a P2P network A P2P network is a large distributed system. It uses the vast resource of PCs distributed.

SAINT ‘01 Proactive DNS Caching: Addressing a Performance Bottleneck Edith Cohen AT&T Labs-Research Haim Kaplan Tel-Aviv University.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 7: Domain Name System.

Architecture of DNS CS 718 Activity 4 Submitted by Parag Abhyankar Anup S. Kunte

Module 5: Planning a DNS Strategy. Overview Planning DNS Servers Planning a Namespace Planning Zones Planning Zone Replication and Delegation Integrating.

Cooperative File System. So far we had… - Consistency BUT… - Availability - Partition tolerance ?

The Design and Implementation of a Next Generation Name Service for the Internet Leo Bhebhe

Paper Presentation – CAP Page 2 Outline Review - DNS Proposed Solution Simulation Results / Evaluation Discussion.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 6: Name Resolution.

October 8, 2015 University of Tulsa - Center for Information Security Microsoft Windows 2000 DNS October 8, 2015.

Information-Centric Networks06a-1 Week 6 / Paper 1 Untangling the Web from DNS –Michael Walfish, Hari Balakrishnan and Scott Shenker –Networked Systems.

1 Distributed Hash Tables (DHTs) Lars Jørgen Lillehovde Jo Grimstad Bang Distributed Hash Tables (DHTs)

Security Michael Foukarakis – 13/12/2004 A Survey of Peer-to-Peer Security Issues Dan S. Wallach Rice University,

Hongil Kim E. Chan-Tin, P. Wang, J. Tyra, T. Malchow, D. Foo Kune, N. Hopper, Y. Kim, "Attacking the Kad Network - Real World Evaluation and High.

Naming March 8, Networks What is naming?  Associations between some elements in a set of names and some elements in a set of values  Binding.

Perils of Transitive Trust in the Domain Name System Chen Xi Chen Xi.

CPSC 441: DNS 1. DNS: Domain Name System Internet hosts: m IP address (32 bit) - used for addressing datagrams m “name”, e.g., - used by.

An IP Address Based Caching Scheme for Peer-to-Peer Networks Ronaldo Alves Ferreira Joint work with Ananth Grama and Suresh Jagannathan Department of Computer.

Module 6: Designing Name Resolution. Module Overview Collecting Information for a Name Resolution Design Designing a DNS Server Strategy Designing a DNS.

Paper Survey of DHT Distributed Hash Table. Usages Directory service  Very little amount of information, such as URI, metadata, … Storage  Data, such.

How to use DNS during the evolution of ICN? Zhiwei Yan.

Security in DNS(DNSSEC) Yalda Edalat Pramodh Pallapothu.

Mitigating DNS DoS Attacks Hitesh Ballani, Paul Francis 1.

DNS DNS overview DNS operation DNS zones. DNS Overview Name to IP address lookup service based on Domain Names Some DNS servers hold name and address.

Plethora: Infrastructure and System Design. Introduction Peer-to-Peer (P2P) networks: –Self-organizing distributed systems –Nodes receive and provide.

A Comparative Study of the DNS Design with DHT-Based Alternatives 95/08/31 Chen Chih-Ming.

DNS Security Extension 1. Implication of Kaminsky Attack Dramatically reduces the complexity and increases the effectiveness of DNS cache poisoning –No.

Information-Centric Networks Section # 3.3: DNS Issues Instructor: George Xylomenos Department: Informatics.

BZUPAGES.COM. Presented to: Sir. Muizuddin sb Presented by: M.Sheraz Anjum Roll NO Atif Aneaq Roll NO Khurram Shehzad Roll NO Wasif.

Information-Centric Networks Section # 6.1: Evolved Naming & Resolution Instructor: George Xylomenos Department: Informatics.

Large Scale Sharing Marco F. Duarte COMP 520: Distributed Systems September 19, 2004.

TRUST Self-Organizing Systems Emin G ü n Sirer, Cornell University.

Grades update. Homework #1 Count35 Minimum Value47.00 Maximum Value Average

Using Digital Signature with DNS. DNS structure Virtually every application uses the Domain Name System (DNS). DNS database maps: –Name to IP address.

DNS Security Advanced Network Security Peter Reiher August, 2014

Early Measurements of a Cluster-based Architecture for P2P Systems

Providing Secure Storage on the Internet

Mitigating DNS DoS Attacks

Windows Name Resolution

Presentation transcript:

The Design and Implementation of a Next Generation Name Service for the Internet V. Ramasubramanian, E. Gun Sirer Cornell Univ. SIGCOMM 2004 Ciprian Tutu – Systems Seminar 8/4/04 Johns Hopkins University

DNS: Current Operation and Issues High latency in query resolve (low cache hit- rates) High load on root and TLD servers Slow update propagation (40% have TTL > 1 day) Lame delegations Implementation errors (?)

Current DNS: bottlenecks

CoDoNS Goals High Performance Low latency, increased lookup performance Resilience to Attacks Decentralization Dynamic load balancing Fast Update Propagation Support secure delegation

Beehive Prefix-matching DHT O(logN) lookup Pastry, Tapestry Proactive caching O(1) lookup C=0.5 hops x i =fraction of objects replicated at level I b=DHT base

CoDoNS: Architecture Decouples namespace management from query resolution Domain names mapped to 128bit unique identifiers Direct caching for locality Home node stores permanent copies of RR’s No TTL associated with records inside CoDoNS Supports negative caching (NXDOMAIN)

CoDoNS (cont.) Supports DNSSEC signatures Caches certificates Insert/Update use version number to prevent replay attacks. (!! not Dynamic DNS compliant) Allows multiple operators to manage the same part of the name hierarchy If conflicting records, clients “simply” pick records signed by an operator they trust (?!) CoDoNS uses its own centralized authority to sign resource records fetched from legacy DNS (!!)

CoDoNS Evaluation MIT trace 12 hours; 281,943 queries; 47,230 unique domain names Deployed on 75 PlanetLab nodes Query Resolution Latency

CoDoNS Latency

CoDoNS: Flash-crowd Effect Avg bw: 12.2KB/s/node AvgRecords/node: 4217 (10% of total, 13MB storage)

CoDoNS: Update Propagation For 1 million node CoDoNS network it would take less than 1 minute to update 99% of replicas

Conclusions Decouple management from query resolution Reduce resolver latency Improve update propagation delay Reduce load on root servers Resistent to flash-crowd effect (?) Attempt to eliminate monopoly in namespace management

Questions/Issues Compatibility with dynamic DNS Giving RR signing authority to CoDoNS Not really great behaviour for flash-crowds CoDoNS caches any data that is queried (size issues) Selective caching? No TTL on CoDoNS nodes -> if home node becomes partitioned, then no expiration. Further issues related to CoDoNS network partitioning Is there enough incentive for cooperation?