lecture05 email dns
TRANSCRIPT
-
8/3/2019 Lecture05 Email DNS
1/32
GeorgiaTech
CS 3251- Computer
Networking I:Email and DNS
Revised from Professor Patrick TraynorsLecture 059/1/2009
-
8/3/2019 Lecture05 Email DNS
2/32
GeorgiaTech
Review
Last week we talked about design principles, and theapplication protocols HTTP and FTP
Text commands sent over a port (recall telnet example)
Difference in statefulness (HTTP is not and FTP is)
HTTP and FTP are primarily pullprotocols
2
-
8/3/2019 Lecture05 Email DNS
3/32
GeorgiaTech
3
Chapter 2: Application layer
2.1 Principles of network applications
2.2 Web and HTTP
2.3 FTP
2.4 Electronic Mail
2.5 DNS
2.6 P2P Applications
-
8/3/2019 Lecture05 Email DNS
4/32
GeorgiaTech
4
Electronic Mail
Three major components:
user agents
mail servers
simple mail transfer protocol:SMTP
User Agent
a.k.a. mail reader
composing, editing, reading mailmessages
e.g., Eudora, Outlook, elm,Netscape Messenger
outgoing, incoming messagesstored on server
user mailbox
outgoing message queue
mailserver
user
agent
user
agent
user
agentmail
server
user
agentuser
agent
mail
server
user
agent
SMTP
SMTP
SMTP
-
8/3/2019 Lecture05 Email DNS
5/32
GeorgiaTech
5
Electronic Mail: mail servers
Mail Servers
mailbox contains incomingmessages for user
messagequeue of outgoing (tobe sent) mail messages
SMTP protocol between mailservers to send email messages
client: sending mail server
server: receiving mail server
mailserver
user
agent
user
agent
user
agentmail
serveruser
agentuser
agent
mail
server
user
agent
SMTP
SMTP
SMTP
-
8/3/2019 Lecture05 Email DNS
6/32
GeorgiaTech
6
Electronic Mail: SMTP [RFC 2821]
uses TCP to reliably transfer email message from client to server, port 25
direct transfer: sending server to receiving server
three phases of transfer handshaking (greeting)
transfer of messages
closure
command/response interaction commands:ASCII text
response: status code and phrase
messages must be in 7-bit ASCII
-
8/3/2019 Lecture05 Email DNS
7/32
GeorgiaTech
7
Scenario: Alice sends message to Bob
1) Alice uses UA to composemessage and [email protected]
2) Alices UA sends message toher mail server; message
placed in message queue3) Client side of SMTP opens TCP
connection with Bobs mailserver
4) SMTP client sends Alices messageover the TCP connection
5) Bobs mail server places themessage in Bobs mailbox
6) Bob invokes his user agent toread message
user
agent
mail
server
mail
serveruser
agent
1
2 3 4 56
-
8/3/2019 Lecture05 Email DNS
8/32
GeorgiaTech
8
Sample SMTP interaction
S: 220 hamburger.eduC: HELO crepes.frS: 250 Hello crepes.fr, pleased to meet youC: MAIL FROM: S: 250 [email protected]... Sender okC: RCPT TO:
S: 250 [email protected] ... Recipient okC: DATAS: 354 Enter mail, end with "." on a line by itselfC: Do you like ketchup?C: How about pickles?C: .
S: 250 Message accepted for deliveryC: QUITS: 221 hamburger.edu closing connection
-
8/3/2019 Lecture05 Email DNS
9/32
GeorgiaTech
9
Try SMTP interaction for yourself:
telnet servername 25
see 220 reply from server
enter HELO, MAIL FROM, RCPT TO, DATA, QUITcommands
above lets you send email without using email client (reader)
-
8/3/2019 Lecture05 Email DNS
10/32
GeorgiaTech
10
SMTP: final words
SMTP uses persistentconnections Just like...?
SMTP requires message (header& body) to be in 7-bit ASCII
SMTP server uses CRLF.CRLFto determine end of message
Comparison with HTTP:
HTTP: pull SMTP: push both have ASCII command/
response interaction, statuscodes
HTTP: each object encapsulatedin its own response msg
SMTP: multiple objects sent inmultipart msg
-
8/3/2019 Lecture05 Email DNS
11/32
GeorgiaTech
11
Mail message format
SMTP: protocol for exchangingemail msgs
RFC 822: standard for textmessage format:
header lines, e.g.,
To:
From:
Subject:
differentfrom SMTPcommands!
body the message, ASCII characters
only
header
body
blank
line
-
8/3/2019 Lecture05 Email DNS
12/32
GeorgiaTech
12
Message format: multimedia extensions
MIME: multimedia mail extension, RFC 2045, 2056
additional lines in msg header declare MIME content type
From: [email protected]: [email protected]: Picture of yummy crepe.MIME-Version: 1.0Content-Transfer-Encoding: base64Content-Type: image/jpeg
base64 encoded data ....................................base64 encoded data
multimedia data
type, subtype,parameter declaration
method usedto encode data
MIME version
encoded data
-
8/3/2019 Lecture05 Email DNS
13/32
GeorgiaTech
13
Mail access protocols
SMTP: delivery/storage to receivers server
Mail access protocol: retrieval from server POP: Post Office Protocol [RFC 1939]
authorization (agent server) and download IMAP: Internet Mail Access Protocol [RFC 1730]
more features (more complex)
manipulation of stored msgs on server HTTP: Hotmail , Yahoo! Mail, etc.
user
agent
senders mail
server
user
agent
SMTP SMTP access
protocol
receivers mail
server
-
8/3/2019 Lecture05 Email DNS
14/32
GeorgiaTech
14
POP3 protocol
authorization phase client commands:
user: declare username
pass: password
server responses
+OK
-ERR
transaction phase, client:
list: list message numbers
retr: retrieve message by number
dele: delete
quit
C: list
S: 1 498S: 2 912S: .C: retr 1S: S: .C: dele 1
C: retr 2S: S: .C: dele 2C: quitS: +OKPOP3 server signing off
S: +OK POP3 server readyC: user bobS: +OKC: pass hungryS: +OKuser successfully logged on
-
8/3/2019 Lecture05 Email DNS
15/32
GeorgiaTech
15
POP3 (more) and IMAP
More about POP3
Previous example usesdownload and deletemode.
Bob cannot re-read e-mail if he changes client
Download-and-keep:copies of messages on
different clients
POP3 is stateless acrosssessions
IMAP
Keep all messages in oneplace: the server
Allows user to organizemessages in folders
IMAP keeps user stateacross sessions:
names of folders andmappings between message
IDs and folder name
-
8/3/2019 Lecture05 Email DNS
16/32
GeorgiaTech
16
Chapter 2: Application layer
2.1 Principles of networkapplications
2.2 Web and HTTP
2.3 FTP 2.4 Electronic Mail
2.5 DNS
2.6 P2P Applications
-
8/3/2019 Lecture05 Email DNS
17/32
GeorgiaTech
17
DNS: Domain Name System
People: many identifiers:
SSN, name, passport #
Internet hosts, routers:
IP address (32 bit) - used foraddressing datagrams
name, e.g., www.yahoo.com- used by humans
Q: map between IPaddresses and name ?
Domain Name System:
distributed databaseimplemented in hierarchy ofmany name servers
application-layer protocol host,routers, name servers tocommunicate to resolve names(address/name translation)
note: core Internet function,implemented as application-layerprotocol
complexity at networks edge
-
8/3/2019 Lecture05 Email DNS
18/32
GeorgiaTech
18
DNS
Why not centralize DNS?
single point of failure
traffic volume
distant centralized database maintenance
doesnt scale!
DNS services Hostname to IP address
translation
Host aliasing Canonical and alias names
Mail server aliasing Load distribution
Replicated Web servers: setof IP addresses for onecanonical name
-
8/3/2019 Lecture05 Email DNS
19/32
GeorgiaTech
19
Root DNS Servers
com DNS servers org DNS servers edu DNS servers
poly.edu
DNS servers
umass.edu
DNS serversyahoo.comDNS servers
amazon.comDNS servers
pbs.orgDNS servers
Distributed, Hierarchical Database
Client wants IP for www.amazon.com; 1st approx:
Client queries a root server to find com DNS server
Client queries com DNS server to get amazon.com DNSserver
Client queries amazon.com DNS server to get IP addressfor www.amazon.com
-
8/3/2019 Lecture05 Email DNS
20/32
GeorgiaTech
20
DNS: Root name servers
contacted by local name server that can not resolve name root name server:
contacts authoritative name server if name mapping not known
gets mapping
returns mapping to local name server
13 root name serversworldwide
b USC-ISI Marina del Rey, CAl ICANN Los Angeles, CA
e NASA Mt View, CAf Internet Software C. Palo Alto,CA (and 17 other locations)
i Autonomica, Stockholm (plus 3 other locations)
k RIPE London (also Amsterdam, Frankfurt)
m WIDE Tokyo
a Verisign, Dulles, VAc Cogent, Herndon, VA (also Los Angeles)d U Maryland College Park, MDg US DoD Vienna, VAh ARL Aberdeen, MD j Verisign, ( 11 locations)
-
8/3/2019 Lecture05 Email DNS
21/32
GeorgiaTech
21
TLD and Authoritative Servers
Top-level domain (TLD) servers: responsible for com,org, net, edu, etc, and all top-level country domains uk,fr, ca, jp.
Network solutions maintains servers for com TLD
Educause for edu TLD
Authoritative DNS servers: organizations DNS servers,providing authoritative hostname to IP mappings fororganizations servers (e.g., Web and
mail). Can be maintained by organization or
service provider
-
8/3/2019 Lecture05 Email DNS
22/32
GeorgiaTech
22
Local Name Server
Does not strictly belong to hierarchy
Each ISP (residential ISP, company, university) has one. Also called default name server
When a host makes a DNS query, query is sent to itslocal DNS server
Acts as a proxy, forwards query into hierarchy.
-
8/3/2019 Lecture05 Email DNS
23/32
GeorgiaTech
23
requesting hostcis.poly.edu
gaia.cs.umass.edu
root DNS server
local DNS serverdns.poly.edu
1
23
4
5
6
authoritative DNS serverdns.cs.umass.edu
78
TLD DNS server
Example
Host at cis.poly.eduwants IP address forgaia.cs.umass.edu
-
8/3/2019 Lecture05 Email DNS
24/32
GeorgiaTech
24
requesting hostcis.poly.edu
gaia.cs.umass.edu
root DNS server
local DNS serverdns.poly.edu
1
2
45
6
authoritative DNS serverdns.cs.umass.edu
7
8
TLD DNS server
3
Recursive queries
recursive query:
puts burden of nameresolution oncontacted name server
heavy load?iterated query:
contacted serverreplies with name of
server to contact I dont know this
name, but ask thisserver
-
8/3/2019 Lecture05 Email DNS
25/32
GeorgiaTech
25
DNS: caching and updating records
once (any) name server learns mapping, it caches the mapping cache entries timeout (disappear) after some time
TLD servers typically cached in local name servers
Thus root name servers not often visited update/notify mechanisms under design by IETF
RFC 2136
http://www.ietf.org/html.charters/dnsind-charter.html
-
8/3/2019 Lecture05 Email DNS
26/32
GeorgiaTech
26
DNS records
DNS: distributed db storing resource records (RR)
Type=NS name is domain (e.g.
foo.com)
value is hostname ofauthoritative nameserver for this domain
RR format:(name, value, type, ttl)
Type=A name is hostnamevalue is IP address
Type=CNAME name is alias name for some
canonical (the real) name
www.ibm.comis reallyservereast.backup2.ibm.com
value is canonical name
Type=MXvalue is name of mailserver
associated with name
-
8/3/2019 Lecture05 Email DNS
27/32
GeorgiaTech
27
DNS protocol, messages
DNS protocol :query and reply messages, both with same message format
msg header
identification:16 bit # forquery, reply to query usessame #
flags: query or reply recursion desired
recursion available reply is authoritative
-
8/3/2019 Lecture05 Email DNS
28/32
GeorgiaTech
28
DNS protocol, messages
Name, type fieldsfor a query
RRs in responseto query
records forauthoritative servers
additional helpfulinfo that may be used
-
8/3/2019 Lecture05 Email DNS
29/32
GeorgiaTech
29
Inserting records into DNS
Example: just created startup Network Utopia Register name networkuptopia.com at a registrar (e.g.,
Network Solutions)
Need to provide registrar with names and IP addresses of yourauthoritative name server (primary and secondary)
Registrar inserts two RRs into the com TLD server:
(networkutopia.com, dns1.networkutopia.com, NS)
(dns1.networkutopia.com, 212.212.212.1, A)
Put in authoritative server Type A record forwww.networkuptopia.com and Type MX record fornetworkutopia.com
How do people get the IP address of your Web site?
-
8/3/2019 Lecture05 Email DNS
30/32
GeorgiaTechDNS Security Issues
Given that so many different servers can respond toyour request, how do you know that what you get back iscorrect?
Are you sure that you spoke to the resolver you think youspoke to?
What happens if you manage to give a resolver falselook-up information?
30
-
8/3/2019 Lecture05 Email DNS
31/32
GeorgiaTechDNS Cache Poisoning
31
Victim
nameserver
Root
Servers
evil.net
neighborhoodbank.com
1
QID=
599
IPforwww.neighborhoodbank.com
2
QID=599
referraltoneighborhoodbank.com
ns.neighborhoodbank.com
www.neighborhoodbank.com
www.neighborhoodbank.comfake!
evil client
3QID=600
IP for www.neighborhoodbank.com
4QID=600
IP: 192.168.1.100
QID=600QID=601
QID=599
1a - IP: 192.188.42.18
Client
0
IPforwww.neighborhoodbank.com5
Transaction
-
8/3/2019 Lecture05 Email DNS
32/32
GeorgiaTechSame Bat Time...
Peer-to-Peer architectures/applications Read Section 2.6
Socket Programming The book uses Java, we are going
to use C
If you havent looked at the PocketSockets Guide.
32