DNS Domain Name System Seminar in distributed Computing 2007/08 - - PowerPoint PPT Presentation

dns domain name system
SMART_READER_LITE
LIVE PREVIEW

DNS Domain Name System Seminar in distributed Computing 2007/08 - - PowerPoint PPT Presentation

Dec 02, 2022 122 likes •428 views

DNS Domain Name System Seminar in distributed Computing 2007/08 Lucien Hansen - lhansen@ethz.ch Overview Naming and Binding of Network Destinations Terminology Examples Interpretation Development of the Domain Name System

slide-1
SLIDE 1

DNS – Domain Name System

Seminar in distributed Computing 2007/08

Lucien Hansen - lhansen@ethz.ch

slide-2
SLIDE 2

2 24.10.2007

Overview

Naming and Binding of Network Destinations

Terminology Examples Interpretation

Development of the Domain Name System

Design Surprises Successes / Shortcomings Conclusions

Link between papers Things change 1988 <-> 2007

slide-3
SLIDE 3

3 24.10.2007

Naming and Binding

Confusion about terminology Analogy to operating systems

slide-4
SLIDE 4

4 24.10.2007

What are we looking at…

4 Objects:

Services Nodes Attachment Point Routes

3 Bindings:

Service to node Node to attachment point Attachment point to route

slide-5
SLIDE 5

5 24.10.2007

Terminology

Name Address Route

Via della Pace 11 (Piazza Navona)

slide-6
SLIDE 6

6 24.10.2007

Types of Network Destinations

Service and users

Time of day, Notebook

Nodes

PC on which a service runs, forwarding node

Network attachment points

Ports of a network

Paths

Run between network attachment points

slide-7
SLIDE 7

7 24.10.2007

Name != Name

Print name Machine Name

  • ften called address

Name – broad sense

“A-real-good-name” “01010010”

slide-8
SLIDE 8

8 24.10.2007

Binding among network destinations

Service and Node Node and network attachment point Attachment points and paths

Preserve identity

slide-9
SLIDE 9

9 24.10.2007

Concrete Examples

Bind network attachment point to path?

my-service.ch 128.12.4.6 08:00:00:3a:12:80 file storage region physical location

slide-10
SLIDE 10

10 24.10.2007

Send data packet to Service

Find node Find net. att. Point Find path Service name resolution Node name resolution Route service

slide-11
SLIDE 11

11 24.10.2007

Example: ARPANET NCP protocol

Node “Mail-Service” Network attachment point IMP 18,port 0 IMP 18,port 1 “Email-Service” Confusion:

  • Different Name
slide-12
SLIDE 12

12 24.10.2007

Authors Interpretation of terminology

Name – human readable character string Address:

Service Node Network attachment point

Route

Path

slide-13
SLIDE 13

13 24.10.2007

Development of the DNS

The following slides summarize the paper 'Development of the Domain Name System, Mockapetris, Dunlap, SIGCOMM 1988'

Today – largest name service in operation History with hosts.txt

slide-14
SLIDE 14

14 24.10.2007

DNS Design assumptions

Same information as hosts.txt Distribution No size limits Interoperate in many environments Performance

slide-15
SLIDE 15

15 24.10.2007

“Leanness Criterion”

Lean service general distributed database

More implementation

effort and early availability

More applications Greater functionality Operate in more

environments The following was omitted:

  • Dynamic updates with atomicity
  • Backup considerations
slide-16
SLIDE 16

16 24.10.2007

Quick “Refresher”

Student within ETH local name server dns.ethz.ch root name server authoritive name server pizza.delivery.it dns.delivery.it

slide-17
SLIDE 17

17 24.10.2007

Design points

Architecture

Name servers Resolvers

Hierarchical name space Database distribution

Zones Caching

(Source: wikipedia.org)

Resource Record

slide-18
SLIDE 18

18 24.10.2007

Surprises for developers

Semantics well-understood?

Example: multiple addr. for single host

Performance of underlying network

Response time 30-60 sec (worst case)

Negative caching

slide-19
SLIDE 19

19 24.10.2007

Successes

Datagram access

512 byte restriction, better performance than TCP Develop/Refine retransmission strategies

Additional section processing Caching

slide-20
SLIDE 20

20 24.10.2007

Shortcomings

Type and class growth Easy upgrading of applications

Transient failure of a distributed naming system

Distribution of control vs. distribution of expertise

slide-21
SLIDE 21

21 24.10.2007

Conclusions

What the “dns-team” learned:

Caching and also negative caching Difficulty of removing fkt. vs. adding new fkt. Implementers don’t like optimizing …

slide-22
SLIDE 22

22 24.10.2007

Link between the two papers

DNS provides binding between Service and

Node

Remove DNS ??

Address the host directly with IP “google” for it

Problems:

Moving service to another node

slide-23
SLIDE 23

23 24.10.2007

Figures …

Paper(1988) : 20 000 hosts

slide-24
SLIDE 24

24 24.10.2007

1988 <-> 2007 : things change…

DDos attack (distributed denial of service)

October 2002 – 9 of 13 root servers down February 2007 – 2 root servers down

Phishing attacks:

DNS-spoofing Cache poisoning

Networks change:

Mobility ( WLAN, GSM, ad-hoc, P2P, …)

slide-25
SLIDE 25

25 24.10.2007

DNS Extensions to support IPv6

New resource record type (AAAA) New domain to support lookups based on addr.

4321:0:…:89ab -> b.a.9.8 … 0.1.2.3.4.IP6.INT

Additional section processing redefined for

processing both IPv4 and IPv6

slide-26
SLIDE 26

26 24.10.2007

The papers…

On The Naming and Binding of Network

Destinations. Jerome H. Saltzer, in Pier Ravasio et al.

Development of the domain name system.

Mockapetris, P. and Dunlap, K. J.

slide-27
SLIDE 27

27 24.10.2007

Additional papers …

RFC 1886, S.Thomson and C.Huitema GSEC Paper Practical Assignment Version 1.4b,

David Hinshelwood – DNS,DNSSEC and the Future

slide-28
SLIDE 28

28 24.10.2007

Burning Questions at this moment?

slide-29
SLIDE 29

29 24.10.2007

Discussion inputs …

Bindings (more/less – examples?) What about an open name space? (whatever.I.want) Future: DNSSec (secure DNS) Alternative root servers Politics:

VeriSign … “SiteFinder” ICANN … “influenced by …” (.xxx discussion)

slide-30
SLIDE 30

30 24.10.2007

Thanks for your attention….