Internetworking II

Organizational Communications and Technologies

Prithvi RaoH. John Heinz III School of Public Policy and Management

Carnegie Mellon University

Objectives Understand how DNS works

Present a DNS scenario

Naming Hosts Nameserver is vehicle for mapping a name to

a network telnet akasha.tic.com vs telnet 192.135.128.129

Network object is passed to transport protocol interface

Naming evolved with other protocols

History of Naming Predecessor of Internet was ARPANET

Most important resource was IP address Used naming authority to assign IP addresses Most hosts had single network interfaces; hostname were

synonymous to interface

Central registry to maintained names and corresponding IP addresses

Administrator received a host and IP address for each new machine to be added to network

IP address known when network was established Name collision avoided by searching a host file

History of Naming Host files were copied to each machine

Unix systems consisted of /etc/hosts file

Operating systems supported lookup using library functions

gethostbyname() and gethostbyaddr() Worked well for small number of hosts (100s) Other operating systems used similar mechanisms but

basically the same Worked well because relatively few requests and table size

relatively small

History of Naming Exponential growth of the internet made static

host table impractical Load on servers hosting registry introduced delays in

access Names had to be unique to avoid name clashes

Solution to support growing internet was Domain Name System (DNS)

Domain Name System Internet’s official naming system

Distributed naming system Database is scattered across many hosts Maintained by many organizations (each has a small part)

Defines resource named and protocols used to communicate between nameservers that maintain the database

Domain Name System Delegation

Naming is delegated leaving central registry to register only naming authorities

Every host is not named by central authority

Dynamic Distribution Name lookup is dynamically distributed Site administrators did not have to copy host files

Redundancy Lookup algorithms were redundant; no single server Reliability was improved

Domain Name System Extensibility

Not necessarily restricted to IP addresses

Delegation Defines a name space that is a tree structure

Each node owned by single authority Child nodes can be created Each child node must have a unique name

Domain is any node and its descendant nodes Domain name uniquely indentifies single node within

domain Node names are written with separated period

Delegation

root

edu com org nz

co ac

…….

cmu

andrew

tic kiwilabs

unix5

akasha

Delegation Children of root are “top-level domains”

Domain name that traverses from node to root is called a Fully Qualified Domain Name (FQDN)

Always ends with a period cs.edu(.) Practically the period is dropped cs.edu Some applications (mail) do not permit the appending of a

period

Domain name traversing part of node is called a Relative Domain Name

Dynamic Distribution Descendants of a domain called subdomains

kiwilabs.com has authority for all names under kiwilabs.com Grant of authority is given when new subdomain is registered

Naming authority can assign subdomain names arbitrarily

Child node must be unique ux4.sp.cs.cmu.edu?

Hierarchy is broader than deeper

Extensibility Name gives resource a convenient reference;

name is mapped to resource

Can map DNS name to other resources DNS uses a typed resource record to identify resource

being named

<domain-name ttl IN resource_type resource_value)

domain_name is the FQDN for the resource that is key to identifying resource

Extensibility ttl is the time to live value

Time that the resource record can be cached before being discarded

Field is decremented every second and resource is discarded when ttl reaches zero

IN identifies resource as belonging to TCP/IP or INternet protocol

Extensibility resource_type is a unique identifier for type of

resource named During lookup resource_type is used to distinguish

between resource records mqpped to the domain name

resource_value is value of resource. Can be single value (IP address) or record with multiple values

DNS has standard set of resource record types

Resource Types IP addresses

domain_name A ip_addresses

Exampleticmac.tic.com A 192.135.128.131 and A is the record type corresponding to IP addresses

maps domain name ticmac.tic.com to 192.135.128.131

IP Address Multi-homed host or router has an A record for

each network interface

router.tic.com A 192.135.128.1

router.tic.com A 193.1.1.1

This illustrates mapping of name router.tic.com totwo IP addresses.

Machine has two interface cards

Host Information HINFO record indentifies and operating system

of host with given domain name

domain_name HINFO hardware os

Example

akasha.tic.com HINFO Sun SunOs

Alias Alias is CNAME record associating domain name

with another domain name

domain_name CNAME canonical_name

Example

mac.tic.com CNAME ticmac.tic.com says that namemac.tic.com is alias for ticmac.tic.com

DNS Operational Architecture

Server

Resolverlibrary

Application

Query or reply

Query or replyTo/from another server

query reply

function call function return

DNS Query Format

header

question

answer

authority

additional

DNS Operational Architecture question contains the target domain name and

the type and class of query Can match resource record type or be wildcarded to ask

for any resource

answer is completed by nameserver that replies to query

authority can name other authority that can answer query

DNS Operational Architecture additional completed by nameserver and

assists client with needed information

DNS Operational Steps Application sends DNS query to nameserver

and waits for response from resolver

Resolver generates query and and transmits it to nameserver and handles response and retransmits a query request

Examples of API for DNSgethostbyname() and gethostbyservice()

DNS Zones

root

edu com org nz

co ac

…….

cmu

andrew

tic kiwilabs

unix5

akasha

DNS Zones Each DNS zone has its own zone database

Primary name-server exists for each zone and maintains an up-to-date copy of zone database

Copies maintained in secondary nameservers (reliability)

DNS Scenario

1) Query from machine able.widget.com is sent to nameserveron ns.widget.com for the IP address for the domain namebaker.austin.tic.com: step 1

2) ns.widget.com has no cached resource records forbaker.austin.tic.com so the nameserver tries to find anNS record for the parent domain austin.tic.com

3) Finding no cached records for that domain it attempts tofind an NS record for the tic.com domain. It looks for thecom domain without success. It forwards original query toa root nameserver: step 2

DNS Scenario

4) Root nameserver repeats step 3 and finds an NS record for the com server and passes the query to that server

5) Nameserver for com domain once again repeats above algorithm and finds NS record and associated A record for the domain tic.com and returns information to nameserver on ns.widget.com: step 4

6) Information is cached on ns.widget.com (NS and A records) and sends original query to server for tic.com. Second server for that domain is contacted if timeout occurs: step 5

DNS Scenario

7) Server for tic.com receiving query forwards it to server for austin.tic.com domain: step 68) Destination server has answer desired by original node (baker.austin.tic.com) and returns answer to tic.com (7) which then sends answer to ns.widget.com (8) which in turn returns answer to able.widget.com (9) and this machine caches answer for later use

Query Example

ns.austin.tic.com

ns.widget.com rootserver

akasha.tic.com comserver

able.widget.com

1

9

2

6

7

8 5 4 3

Summary Presented a brief history of domains and host

naming

Examined the use of resource records

Presented DNS query example