dns domain name system
play

DNS Domain Name System Seminar in distributed Computing 2007/08 - PowerPoint PPT Presentation

Dec 02, 2022 •122 likes •427 views

DNS Domain Name System Seminar in distributed Computing 2007/08 Lucien Hansen - lhansen@ethz.ch Overview Naming and Binding of Network Destinations Terminology Examples Interpretation Development of the Domain Name System

  1. DNS – Domain Name System Seminar in distributed Computing 2007/08 Lucien Hansen - lhansen@ethz.ch

  2. Overview � Naming and Binding of Network Destinations � Terminology � Examples � Interpretation � Development of the Domain Name System � Design � Surprises � Successes / Shortcomings � Conclusions � Link between papers � Things change 1988 <-> 2007 2 24.10.2007

  3. Naming and Binding � Confusion about terminology � Analogy to operating systems 3 24.10.2007

  4. What are we looking at… � 4 Objects: � 3 Bindings: � Services � Service to node � Nodes � Node to attachment point � Attachment Point � Attachment point to route � Routes 4 24.10.2007

  5. 5 Via della Pace 11 (Piazza Navona) 24.10.2007 Terminology � Address � Name � Route

  6. Types of Network Destinations � Service and users � Time of day, Notebook � Nodes � PC on which a service runs, forwarding node � Network attachment points � Ports of a network � Paths � Run between network attachment points 6 24.10.2007

  7. Name != Name “A-real-good-name” � Print name � Machine Name � often called address � Name – broad sense “01010010” 7 24.10.2007

  8. Binding among network destinations � Service and Node � Node and network attachment point � Attachment points and paths Preserve identity 8 24.10.2007

  9. Concrete Examples my-service.ch 128.12.4.6 08:00:00:3a:12:80 file storage region physical location � Bind network attachment point to path? 9 24.10.2007

  10. Send data packet to Service � Find node � Service name resolution � Find net. att. Point � Node name resolution � Find path � Route service 10 24.10.2007

  11. Example: ARPANET NCP protocol Node “Mail-Service” “ E mail-Service” IMP 18,port 1 IMP 18,port 0 Network attachment point Confusion: • Different Name 11 24.10.2007

  12. Authors Interpretation of terminology � Name – human readable character string � Address : Service Node Network attachment point � Route Path 12 24.10.2007

  13. Development of the DNS The following slides summarize the paper 'Development of the Domain Name System, Mockapetris, Dunlap, SIGCOMM 1988' � Today – largest name service in operation � History with hosts.txt 13 24.10.2007

  14. DNS Design assumptions � Same information as hosts.txt � Distribution � No size limits � Interoperate in many environments � Performance 14 24.10.2007

  15. “Leanness Criterion” Lean service general distributed database � More implementation � More applications effort and early availability � Greater functionality � Operate in more environments The following was omitted: • Dynamic updates with atomicity • Backup considerations 15 24.10.2007

  16. Quick “Refresher” root name server local name server dns.ethz.ch authoritive name server dns.delivery.it Student within ETH pizza.delivery.it 16 24.10.2007

  17. Design points � Architecture � Name servers (Source: wikipedia.org) � Resolvers Resource Record � Hierarchical name space � Database distribution � Zones � Caching 17 24.10.2007

  18. Surprises for developers � Semantics well-understood? � Example: multiple addr. for single host � Performance of underlying network � Response time 30-60 sec (worst case) � Negative caching 18 24.10.2007

  19. Successes � Datagram access � 512 byte restriction, better performance than TCP � Develop/Refine retransmission strategies � Additional section processing � Caching 19 24.10.2007

  20. Shortcomings � Type and class growth � Easy upgrading of applications � Transient failure of a distributed naming system � Distribution of control vs. distribution of expertise 20 24.10.2007

  21. Conclusions � What the “dns-team” learned: � Caching and also negative caching � Difficulty of removing fkt. vs. adding new fkt. � Implementers don’t like optimizing … 21 24.10.2007

  22. Link between the two papers � DNS provides binding between Service and Node � Remove DNS ?? � Address the host directly with IP � “google” for it � Problems: � Moving service to another node 22 24.10.2007

  23. 23 24.10.2007 Paper(1988) : 20 000 hosts Figures …

  24. 1988 <-> 2007 : things change… � DDos attack (distributed denial of service) � October 2002 – 9 of 13 root servers down � February 2007 – 2 root servers down � Phishing attacks: � DNS-spoofing � Cache poisoning � Networks change: � Mobility ( WLAN, GSM, ad-hoc, P2P, …) 24 24.10.2007

  25. DNS Extensions to support IPv6 � New resource record type (AAAA) � New domain to support lookups based on addr. � 4321:0:…:89ab -> b.a.9.8 … 0.1.2.3.4.IP6.INT � Additional section processing redefined for processing both IPv4 and IPv6 25 24.10.2007

  26. The papers… � On The Naming and Binding of Network Destinations. Jerome H. Saltzer, in Pier Ravasio et al. � Development of the domain name system. Mockapetris, P. and Dunlap, K. J. 26 24.10.2007

  27. Additional papers … � RFC 1886, S.Thomson and C.Huitema � GSEC Paper Practical Assignment Version 1.4b, David Hinshelwood – DNS,DNSSEC and the Future 27 24.10.2007

  28. 28 Burning Questions at this moment? 24.10.2007

  29. Discussion inputs … � Bindings (more/less – examples?) � What about an open name space? (whatever.I.want) � Future: DNSSec (secure DNS) � Alternative root servers � Politics: � VeriSign … “SiteFinder” � ICANN … “influenced by …” (.xxx discussion) 29 24.10.2007

  30. 30 Thanks for your attention…. 24.10.2007

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Domain Name System (DNS) Smith College, CSC 249 Feb 6, 2017 1 TODAY: Domain Name System q The

Domain Name System (DNS) Smith College, CSC 249 Feb 6, 2017 1 TODAY: Domain Name System q The

Domain Name System (DNS) Smith College, CSC 249 Feb 6, 2017 1 TODAY: Domain Name System q The directory system for the Internet v Used by other application layer protocols v via socket programming q Maps a hostname to an IP address v Host

431 views • 19 slides
CS 557 Domain Name System Development of the Domain Name System Mockapetris and Dunlap, 1988

CS 557 Domain Name System Development of the Domain Name System Mockapetris and Dunlap, 1988

CS 557 Domain Name System Development of the Domain Name System Mockapetris and Dunlap, 1988 Impact of Configuration Errors on DNS Robustness V. Pappas, Z. Xu, S. Lu, D. Massey, A. Terzis, and L. Zhang, 2004 Spring 2013 The Story So Far .

481 views • 29 slides
Name service Domain Name System (DNS) Name : identifier Need a system: Name IP

Name service Domain Name System (DNS) Name : identifier Need a system: Name IP

Name service Domain Name System (DNS) Name : identifier Need a system: Name IP address computers, services, remote objects, files, users, When the size of Internet was small, . a host file: two columns. a

375 views • 10 slides
Chapter 24 Chapter 24 Chapter 24 The Domain Name System The Domain Name System The Domain Name

Chapter 24 Chapter 24 Chapter 24 The Domain Name System The Domain Name System The Domain Name

Chapter 24 Chapter 24 Chapter 24 The Domain Name System The Domain Name System The Domain Name System (DNS) (DNS) (DNS) Raj Jain The Ohio State University Columbus, OH 43210 Jain@CIS.Ohio-State.Edu http://www.cis.ohio-state.edu/~jain/

812 views • 35 slides
About domain controllers Interaction diagrams Not usually a domain concept Dynamic

About domain controllers Interaction diagrams Not usually a domain concept Dynamic

About domain controllers Interaction diagrams Not usually a domain concept Dynamic views of interacting objects Added to the model during design Starts by system event ( external message ) They tie the system to external

75 views • 5 slides
A Censorship Resistant and Fully Decentralized Name System The GNU Alternative Domain System

A Censorship Resistant and Fully Decentralized Name System The GNU Alternative Domain System

A Censorship Resistant and Fully Decentralized Name System The GNU Alternative Domain System Martin Schanzenbach Masters Thesis October 5, 2012 Martin Schanzenbach (TUM) GNU Alternative Domain System 1 Secure, Memorable, Global:

387 views • 19 slides
Naming Domain Name System Guevara Noubir Fundamentals of

Naming Domain Name System Guevara Noubir Fundamentals of

Naming Domain Name System Guevara Noubir Fundamentals of Computer Networks Northeastern University DNS 1 Domain Name System DNS is a fundamental

179 views • 15 slides
Domain-specific front-end for virtual Domain-specific front-end for virtual system modeling

Domain-specific front-end for virtual Domain-specific front-end for virtual system modeling

Domain-specific front-end for virtual Domain-specific front-end for virtual system modeling Workshop on Graphical Modeling Language Development at ECMFA 2012 Janne Vatjus-Anttila, Jari Kreku, Kari Tiensyrj VTT Technical Research Centre of

320 views • 20 slides
Resilience of the Domain Name System: A case study for .nl Lars Bade | Radboud University

Resilience of the Domain Name System: A case study for .nl Lars Bade | Radboud University

Resilience of the Domain Name System: A case study for .nl Lars Bade | Radboud University Nijmegen, SIDN 21 March 2016, ICT.Open Agenda 1. Research question 2. Domain Name System 3. Methodology &amp; Results 4. Conclusion 5. Time for asking

525 views • 38 slides
CompSci 356: Computer Network Architectures Lecture 20: Domain Name System (DNS) and Content

CompSci 356: Computer Network Architectures Lecture 20: Domain Name System (DNS) and Content

CompSci 356: Computer Network Architectures Lecture 20: Domain Name System (DNS) and Content distribution networks Chapter 9.3.1 Xiaowei Yang xwy@cs.duke.edu Overview Domain Name System Content Distribution Networks Domain Name

777 views • 50 slides
Using the Domain Name System for System Break-ins Steven M. Bellovin Presented by: Thomas

Using the Domain Name System for System Break-ins Steven M. Bellovin Presented by: Thomas

Using the Domain Name System for System Break-ins Steven M. Bellovin Presented by: Thomas Repantis trep@cs.ucr.edu CS255-Computer Security, Winter 2004 p.1/37 Overview Using DNS to spoof a hosts name and access network services that

639 views • 37 slides
Domain Name System http://xkcd.com/302/ CSCI 466: Networks Keith Vertanen Fall 2011

Domain Name System http://xkcd.com/302/ CSCI 466: Networks Keith Vertanen Fall 2011

Domain Name System http://xkcd.com/302/ CSCI 466: Networks Keith Vertanen Fall 2011 Overview Final project + presentation Some TCP and UDP experiments Domain Name System (DNS) Hierarchical name space Maps friendly

1.02k views • 40 slides
Domain Name System (DNS) Learning Goal Foundations of DNS Security in DNS: Integrity

Domain Name System (DNS) Learning Goal Foundations of DNS Security in DNS: Integrity

IN3210 Network Security Domain Name System (DNS) Learning Goal Foundations of DNS Security in DNS: Integrity and Authenticity Confidentiality 2 Foundations of DNS 3 Domain Name System Directory services for name

727 views • 51 slides
CompSci 356: Computer Network Architectures Lecture 23: Domain Name System (DNS) and Content

CompSci 356: Computer Network Architectures Lecture 23: Domain Name System (DNS) and Content

CompSci 356: Computer Network Architectures Lecture 23: Domain Name System (DNS) and Content distribution networks Chapter 9.3.1 Xiaowei Yang xwy@cs.duke.edu Overview Domain Name System Content Distribution Networks DNS attacks

610 views • 57 slides
ARM Reference Kernel of Tizen 3 MyungJoo Ham, Ph.D. MyungJoo Ham Tizen System Domain &amp;

ARM Reference Kernel of Tizen 3 MyungJoo Ham, Ph.D. MyungJoo Ham Tizen System Domain &amp;

ARM Reference Kernel of Tizen 3 MyungJoo Ham, Ph.D. MyungJoo Ham Tizen System Domain &amp; Base Domain Architect System SW Lab SW Platform Team SWC Samsung Electronics ARM Reference Kernel of Tizen 3 1. What is it? 2. Idea

576 views • 35 slides
The Contribution of Domain-independent Robust Pronominal Anaphora Resolution to Open-Domain

The Contribution of Domain-independent Robust Pronominal Anaphora Resolution to Open-Domain

The Contribution of Domain-independent Robust Pronominal Anaphora Resolution to Open-Domain Question-Answering Rebecca Watson, Judita Preiss, Ted Briscoe Computer Laboratory University of Cambridge OD QA and Anaphora Baseline QA System

680 views • 11 slides
Semantics 1 / 21 Outline What is semantics? Denotational semantics Semantics of naming What

Semantics 1 / 21 Outline What is semantics? Denotational semantics Semantics of naming What

Semantics 1 / 21 Outline What is semantics? Denotational semantics Semantics of naming What is semantics? 2 / 21 What is the meaning of a program? Recall: aspects of a language syntax : the structure of its programs semantics : the

551 views • 21 slides
Services Stephen James Clients vs Servers Clients consume services Servers provide

Services Stephen James Clients vs Servers Clients consume services Servers provide

Services Stephen James Clients vs Servers Clients consume services Servers provide services However, there will typically be services running on both clients and servers What are protocols? Rules that define a common

524 views • 30 slides
Networking: Application Layer Summer 2013 Cornell University 1 Today DNS End-to-End

Networking: Application Layer Summer 2013 Cornell University 1 Today DNS End-to-End

CS 4410 Operating Systems Networking: Application Layer Summer 2013 Cornell University 1 Today DNS End-to-End Argument 2 DNS When a user wants to communicate with a remote node, is it easier to remember 69.63.176.13 or

538 views • 8 slides
Scanning (and some other no-tech hacking) Todays Class Scanning the Internet for research

Scanning (and some other no-tech hacking) Todays Class Scanning the Internet for research

Scanning (and some other no-tech hacking) Todays Class Scanning the Internet for research Scanning the Internet for research Other no-tech hacking Definitions: domain name: google.com unm.edu a registrable

542 views • 19 slides
Computing graphs on an HPC cluster: working with distributed unstructured data in Chapel A LEX R

Computing graphs on an HPC cluster: working with distributed unstructured data in Chapel A LEX R

Intro Rectangular Sparse Associative Opaque Graphs Summary Computing graphs on an HPC cluster: working with distributed unstructured data in Chapel A LEX R AZOUMOV alex.razoumov@westgrid.ca WestGrid webinar - ZIP file with slides and codes

482 views • 27 slides
Deactivating Endpoint Protection Software in an Unauthorized Manner November 19, 2015 November

Deactivating Endpoint Protection Software in an Unauthorized Manner November 19, 2015 November

Deactivating Endpoint Protection Software in an Unauthorized Manner November 19, 2015 November 19, 2015 Matthias Deeg | DeepSec 2015 1 Who am I? Dipl.-Inf. Matthias Deeg Expert IT Security Consultant CISSP, CISA, OSCP, OSCE especially IT

653 views • 39 slides
A Runtime Environment for Online Processing of Operating System Kernel Events Michael Schbel,

A Runtime Environment for Online Processing of Operating System Kernel Events Michael Schbel,

A Runtime Environment for Online Processing of Operating System Kernel Events Michael Schbel, Andreas Polze 7th Intl. Workshop on Dynamic Analysis (WODA) 20. July 2009 Chicago, IL OS Kernel Event Tracing 2 Dynamic Analysis Usage

889 views • 20 slides
3GPP All IP Network Outline Wireless Technology Evolution GPRS Overview 3GPP All IP

3GPP All IP Network Outline Wireless Technology Evolution GPRS Overview 3GPP All IP

3GPP All IP Network Outline Wireless Technology Evolution GPRS Overview 3GPP All IP Network 3GPP IP Multimedia Subsystem Vision of Comm. System 3G/4G/ Source: DoCoMo Wireless Technology Evolution 1G Analog System

564 views • 54 slides

More recommend