1 / 36

The Domain Name System

time.gov. yahoo.com. The Domain Name System. Vaibhav Puranik Abbey Areej Amit Shetty Heekyoung Vaibhav Kamath. nas.cl.uh.edu. hotmail.com. cricket.org. What is a name ?. A name is merely an identifier that consist of a sequence of characters chosen from a finite alphabet.

jiro
Télécharger la présentation

The Domain Name System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. time.gov yahoo.com The Domain Name System Vaibhav Puranik Abbey Areej Amit Shetty Heekyoung Vaibhav Kamath nas.cl.uh.edu hotmail.com cricket.org

  2. What is a name ? A name is merely an identifier that consist of a sequence of characters chosen from a finite alphabet - a kind of high level name Initial naming scheme - Flat Namespace e.g. Accounting, development, purdue Advantages # Short & convenient names Disadvantages # Cannot generalize to large sets of machines for following reasons Potential for conflict Administrative authority workload Cost of maintaining is high

  3. Hierarchical Naming System Works like a management of a large organization The topmost level of hierarchy divides the namespace and delegates authority for each division. It need not be bothered by changes within a division Example : local.site The authority may be further subdivided at each level e.g. local.group.site Example of hierarchical system - US telephone system

  4. Internet Domain Names The mechanism that implements a machine name hierarchy for TCP/IP internet is called the Domain Name System DNS has two conceptually independent aspects # The first specifies name syntax and rules for delegating authority over names # The second specifies implementation of a distributed computing system that efficiently maps names to addresses Example : cl.uh.edu contains three labels Domain names are written with the local label first and top domain last

  5. 24.8 Official and Unofficial Internet Domain Names

  6. Domain Names • Most users of the domain technology follow the hierarchical labels used by the official internet domain system. • Two reasons: • The internet scheme is both comprehensive and flexible. • Most sites follow the internet scheme so they can attach their TCP/IP installations to the global internet without changing names.

  7. Domain Name Meaning COM Commercial organizations EDU Educational institutions (4-year) GOV Government institutions MIL Military groups NET Major network support centers ORG Organizations other than those above ARPA Temporary ARPANET domain (obsolete) INT International organization country code Each country (geographic scheme) Top-level Internet Domains

  8. Domain Names • Top-level names permit two completely different naming hierarchies • Geographic • Divides the universe of machines by country • Two-letter identifiers (va.Us) • Organizational • Allows organizations to be grouped by organizational type

  9. unnamed root us com edu gov va purdue nsf reston cc cs ecn cnri Domain Name Hierarchy Tree

  10. 24.9Named Items And Syntax Of Names

  11. Named Items and Syntax of Names • Multiple naming hierarchies may be embedded in one system. • The system must assign a type to determine what the specific address maps to. • A machine. • A mailbox. • A user. • Etc. • A given name may map to more than one item in the domain system. The client specifies the type of object desired when resolving a name, and the server returns objects of that type.

  12. Named Items and Syntax of Names • The syntax of a name does not determine what type of object it names or the class of protocol suite. • The number of labels in a name does not determine whether the name refers to an individual object(machine) or a domain. • Machine: gwen.purdue.edu. • Subdomain: cs.purdue.edu.

  13. Named Items and Syntax of Names To summarize this point: One cannot distinguish the names of subdomains from the names of individual objects or the type of an object using only the domain name syntax.

  14. Mapping Domain Names to Addresses • The Domain name scheme includes an efficient , reliable, general purpose, distributed system for mapping names to address. • Efficient most name scan be mapped locally; only a few require internet traffic • Distributed a set of servers operating at multiple sites cooperatively solve the mapping problem . • General purpose it is not restricted to machine names. • Reliable no single machine failure will prevent the system from operating correctly.

  15. Mapping Domain Names to Address • The Domain mechanism for mapping names to address Consists of independent cooperative system “name server” • Name server is a server program that supplies name- to- address translation , mapping from domain names to IP addresses. • The client s/w , name resolver ,uses one or more name servers when translating name . • To under stand how domain serves work is to imagine them arranged in a tree structure that corresponds to the naming hierarchy .fig 24.3 each server knows the addresses of all lower_levels servers for all subdomain with in the domain it handles • In particular ,organization often collect information from all of their subdomain into single server .fig 24.4 show a more realistic organization of servers for the naming hierarchy of fig 24.2

  16. Domain Name Resolution • Conceptually ,domain name resolution proceeds top-down ,starting with the root name server & proceeding to servers located at leaves of the tree. • There are two way to use the domain name system - Contacting name servers one at a time . Or - Asking the name server system to perform the complete translation . • In either way the the client soft ware : - forms a domain name query that contains the name to be resolved , A declaration of the class of the name ,the type of answer desired ,and a code that specifies whether the name server should translate the name completely . -sends the query to a name server for resolution. • When the domain server receives a query checks to see if the name lies in the subdomain for which it is authority see the hand out & p471.

  17. Domain name Resolution • How does a client find a name server at which to begin the search? How does a name server find other name servers that can answer question when it cannot ? • a client must know how to contact at least one name server,to ensure that a domain name server can reach others . • The domain system requires that each server know the address of at least one root server. • a server may know the address of a server for the domain immediately above it ”the parent ”. • Domain name servers use a well-known protocol port for all communication ,so clients know how to communicate with a server once they know the IP @ of the m/c in which the server executes.

  18. Efficient Translation and Caching Amit Shetty

  19. Efficient Translation • Resolving queries by working down the tree of name servers, can lead to inefficiencies for three reasons: Tracing a path through the hierarchy to contact the local authority would be inefficient since most name resolution refers to local names. The machine at topmost level of the hierarchy, would become overloaded. Failure of machine at the topmost level of the hierarchy would prevent name resolution, even if the local authority could resolve the name.

  20. Two-Step name resolution process • In the two step name resolution process, resolution begins with the local name server. If the server cannot resolve a name, the query must then be sent to another server in the domain system.

  21. Caching: The Key To Efficiency • Each server maintains a cache of recently used names as well as a record of where the mapping information for that was obtained.

  22. When a client asks a server to resolve a name: • The server first checks to see if it has the authority for the the name according to standard procedure. • If not, the server checks its cache to see if the name has been resolved recently. • The local server also sends along additional information that tells the client the binding between between domain name of the server S and an IP address. • Servers do not apply a single fixed timeout to all entries, but allow the authority for an entry to configure its timeout.

  23. Timesharing Systems with Complex form of Resolver Code. • The host downloads the complete database of names and addresses from a local domain name server at startup, maintaining its own cache of recently used names, and uses the server only when names are not found. • Advantages: • Name resolution on local hosts is extremely fast. • Local site has protection in case the local name server fails. • It reduces computational load on the name server, and makes it possible for a given server to supply names to more machines.

  24. QR Query type AA TC RD RA (zero) Response type Domain Server Message Format • Fig 24.5 shows the message format • The DNS message defined for both queries and responses • The message has a fixed 12-byte header followed by four variable-length fields • Unique IDENTIFICATION - the client uses to match • responses to queries • PARAMATER - specifies the operation requested and response code (Fig. 24.6) • Bit of field 0 1- 4 5 6 7 8 9-11 12-15

  25. Domain Server Message Format (2) • Number of __ fields • Account of entries in the corresponding sections that occur later in the message • For query, the number of questions is normally 1 and the other three counts are 0 • Similarly, for a reply the number of answers is at least 1, and the remaining two counts can be 0 or nonzero

  26. Domain Server Message Format (3) • QUESTION SECTION • Fig. 24.7 shows • contains queries for which answers are desired • QUERY DOMAIN NAME: the name being looked up • Representation of the domain name • QUERY TYPE : Type of Question(Name or address) • A (1), MX(15) , CNAME (5) -canonical name • QUERY CLASS: allows domain names to be used for arbitrary objects • It is normally 1, meaning Internet address

  27. Domain Server Message Format (4) • The format of resource records -Fig. 24.8 • ANSWER, AUTHORITY, and ADDITIONAL INFORMATION fields share a common format called resource records • RESOURCE DOMAIN NAME : contains the domain name to which this resource record refers • TYPE, CLASS : the type of the data ; the data’s class • TIME TO LIVE : specifies the number of seconds that the RR can be cached by client . RRs often have a TTL of 2 days • RESTOURCE DATA LENGTH specifies the amount of RESOURCE DATA

  28. Domain Server Message Format (5) - Example

  29. Compressed Name Format When represented in a message, domain names are stored as a sequence of labels. Each label begins with an octet that specifies its length. Thus the receiver reconstructs a domain name by repeatedly reading a 1-octet length, n, and then reading a label n octets long. A length octet of zero, marks the end of the name. Most of the times Domain Name Servers return multiple answers to a query with some of the suffixes of the domain names overlapping. To conserve space in the reply packet, the name server compresses names by storing only one copy of each domain name. When extracting a domain name from a message, the client software must check each segment of the name to see whether it consists of a literal string (1 octet count followed by characters that form the name) or a pointer to a literal string.

  30. Check the first octet if the top two bits are 1 then the next 14 bits form a POINTER else if the top two bits are 0 then next 6 bits form a COUNT POINTERS always occur at the beginning of segment and points to a new place in the message to find the remainder of the name. COUNT on the other hand specify the number of characters in the label that follows the count octet.

  31. Abbreviation of Domain Names Given a name, the resolving process can assume that it lies on the same local authority and supply the missing part of the name automatically. Example diamond.rocks is equivalent to the full domain name diamond.rocks.cl.uh.edu The local network manager configures a list of possible suffixes to be appended to names during lookup. When a resolver encounters a name, it steps through the list, appending each suffix and trying to look-up the resulting name. The domain name system only maps full domain names into addresses. Abbreviations are not part of the domain name system itself, but are introduced by client software to make local names convenient for users.

  32. Inverse Mappings We have seen that Domain Name Systems are used to fetch the IP address for a given name. It might so happen that we want the Name, given the IP address. Different names might have the same IP address. Although inverse queries have been part of the domain system since it was first specified, they are generally not used because there is often no way to find the server that resolve the query without searching the entire set of servers. One form of inverse mapping that the domain system supports called pointer query.

  33. Pointer Queries In pointer query, the question presented to the domain name server specifies an IP address encoded as string in the form of a domain name. It requests the name server to return the correct domain name for the machine with the specified IP address. Pointer Queries are especially useful for diskless machines because they allow the system to obtain a high-level name given only an IP address. IP address as string:aaa.bbb.ccc.ddd Pointer Query by the client: aaa.bbb.ccc.ddd.in-addr.arpa Because the local name server may not have the authority for either arpa or in-addr.arpa it may need to contact other servers to complete the resolution. To make the resolution efficient the Internet root domain name servers maintain a database of valid IP addresses along with information about domain name servers that can resolve each address.

  34. Object Types and Resource Record Contents The domain system is quite general in that it can be used for arbitrary hierarchical names. The system accommodates a variety of mappings by including a type in each resource record. When sending a request, a client must specify the type in its query. The type determines the contents of the resource record according to the table in figure 24.9 on page 480. To make lookup efficient, a server always returns additional bindings that it knows in the ADDITIONAL INFORMATION SECTION of a response.

  35. Obtaining Authority for a Subdomain Before an institution is granted authority for an official second-level domain, it must agree to operate a domain name server that meets the Internet standards. The server must know the addresses of servers that handle each subdomain as well as the addresses of at least one root server. A subtree of names managed by a given name server forms a zone of authority. Problems The domain name system is much more complex than that we have seen so far. Servers must be able to handle many requests, some may take a long time to resolve. Server implementation is complicated because the Internet authority requires that the information in every domain name server be replicated.

  36. In Practice the requirements are quite stringent. The servers must have no single common point of failure. Avoiding common point of failure means that the two name servers cannot both attach to the same network; they cannot even obtain electrical power from the same source. To meet these requirements a site must find at least one other site that agrees to operate a backup name server. Hence at any point in the tree of servers, a server must know how to locate both the primary and backup name servers for sub-domains, and it must direct queries to a backup server if the primary server is unavailable.

More Related