管理才能考核表Title

1、Lecture on DHCP, DNS & SNMPDebashis SahaDHCP, DNS, SNMPDebashis SahaMIS Group, IIM Calcuttadsiimcal.ac.in1Lecture on DHCP, DNS & SNMPDebashis SahaFirst QuestionThursday, May 17, 20072Lecture on DHCP, DNS & SNMPDebashis SahaThe Internet and Addressing All machines on the Internet are acce

2、ssed via their IP addressDotted quad: xxx.xxx.xxx.xxx Problem: IP addresses are hard to remember and hard to statically assign on large networks Solution: Need to come up with a way to automatically assign IP addresses and a text based representation of machine addresses instead of just 4 numbersThu

3、rsday, May 17, 20073Lecture on DHCP, DNS & SNMPDebashis SahaAddressing Solutions Two protocols have been developed to solve these problems DHCP automatic network configuration (including IP address) DNS translates textual based names into IP addresses and vice versaThursday, May 17, 20074Lecture

4、 on DHCP, DNS & SNMPDebashis SahaDHCP Dynamic Host Configuration ProtocolThursday, May 17, 20075Lecture on DHCP, DNS & SNMPDebashis SahaDHCP Allows client machines to receive an IP address, DNS information, etc automatically Before DHCP came into use, users had to type in all this informatio

5、n by hand, which is bad: Easy to mistype something when entering by hand Manually changing network configuration every time you move your laptop is a pain Bootp resolved some of these issues and DHCP still uses the same port as bootpThursday, May 17, 20076Lecture on DHCP, DNS & SNMPDebashis Saha

6、Purpose of DHCPFrom RFC-2131 (the Internet standard): The Dynamic Host Configuration Protocol (DHCP) provides a framework for passing configuration information to hosts on a TCP/IP network. DHCP consists of two components: a protocol for delivering host-specific configuration parameters from a DHCP

7、server to a host and a mechanism for allocation of network addresses to hosts.Thursday, May 17, 20077Lecture on DHCP, DNS & SNMPDebashis SahaDHCP functional goals A host without a valid IP address locates and communicates with a DHCP server A DHCP server passes configuration parameters, includin

8、g an IP address, to the host The DHCP server may dynamically allocate addresses to hosts and reuse addresses Hosts can detect when they require a new IP address Unavailability of DHCP server has minimal effect on operation of hostsThursday, May 17, 20078Lecture on DHCP, DNS & SNMPDebashis SahaDH

9、CP: Basics A client leases an IP address from a DHCP server for a given amount of time When lease expires, the client must ask DHCP server for a new address (clients attempt to renew lease after 50% of the lease time has expired) Typical leases may last for from 30 seconds to 24 hours, or even longe

10、r.Thursday, May 17, 20079Lecture on DHCP, DNS & SNMPDebashis SahaWhat does DHCP do? Provides protocol stack, application and other configuration parameters to hosts Eliminates need for individual, manual configuration for hosts Includes administrative controls for network administrators Backward

11、 compatible packet format for BOOTP interoperation (RFC 1542) Can coexist with hosts that have pre-assigned IP addresses and hosts that do not participate in DHCPThursday, May 17, 200710Lecture on DHCP, DNS & SNMPDebashis SahaDesign Goals Eliminate manual configuration of hosts Prevent use of an

12、y IP address by more than one host Should not require a server on every subnet Allow for multiple DHCP servers Provide a mechanism, not a policy Provide the same configuration - including IP address - to a host whenever possibleThursday, May 17, 200711Lecture on DHCP, DNS & SNMPDebashis SahaWhat

13、 can you do with DHCP Plug-and-play Move desktop PCs between offices Renumber Other restructuring - change subnet masks Mobile IP - laptops Moving equipment - cartableThursday, May 17, 200712Lecture on DHCP, DNS & SNMPDebashis SahaWhat DHCP doesnt do Support multiple addresses per interface Info

14、rm running host that parameters have changed Propagate new addresses to DNS Support inter-server communication Provide authenticated message delivery Configure routers and other network equipment Design network addressing plan Determine other configuration parameters Locate other serversThursday, Ma

15、y 17, 200713Lecture on DHCP, DNS & SNMPDebashis SahaDHCP: Messages Overview Several messages are sent back and forth between a client and the DHCP server before it can successfully obtain an IP addressThursday, May 17, 200714Lecture on DHCP, DNS & SNMPDebashis SahaDHCP: DISCOVER Hardcoding t

16、he addresses of DHCP servers kind of defeats the purpose of automatic configuration Solution: A client using DHCP will broadcast a DISCOVER message to all computers on its subnet (addr 55) to figure out the IP address of any DHCP servers Most routers are configured to pass this request

17、within the campus or enterpriseThursday, May 17, 200715Lecture on DHCP, DNS & SNMPDebashis SahaDHCP: OFFER (Optionally) sent from server in response to a DISCOVER Contains an IP address, other configuration information as well (subnet mask, DNS servers, default gateway, search domains, etc) Note

18、 that all DHCP servers that receive a DISCOVER request may send an OFFER; since a client typically does not need more than one IP address, more messages needed to zero on one IPThursday, May 17, 200716Lecture on DHCP, DNS & SNMPDebashis SahaDHCP: REQUEST Sent by client to request a certain IP ad

19、dressUsually the one sent by an OFFER, but also used to renew leases. Also can be sent to try to get same address after a reboot This message is broadcast Most OSs by default will send a REQUEST for the first OFFER they receive this means that if there is a rogue DHCP server on your subnet, most cli

20、ents will ignore the OFFERs from the campus DHCP servers (since the OFFER from the rogue server gets to the users PC first)!Thursday, May 17, 200717Lecture on DHCP, DNS & SNMPDebashis SahaDHCP: ACK/NACK Sent by server in response to a REQUEST ACK: Request accepted, client can start using the IP

21、it REQUESTed NACK: Something is wrong with the clients REQUEST (for example they requested an IP address theyre not supposed to have)Thursday, May 17, 200718Lecture on DHCP, DNS & SNMPDebashis SahaDHCP: RELEASE Sent by client to end a lease Not strictly required, but is the “polite” thing to do

22、if done with the IP (could just let the lease expire) Some clients may not send RELEASEs in an attempt to keep the same IP address for as long as possibleThursday, May 17, 200719Lecture on DHCP, DNS & SNMPDebashis SahaDHCP: Big PictureThursday, May 17, 200720Lecture on DHCP, DNS & SNMPDebash

23、is SahaSummary DHCP works today as a tool for automatic configuration of TCP/IP hosts It is an open Internet standard and interoperable client implementations are widely available Provides automation for routine configuration tasks, once network architect has configured network and addressing plan O

24、ngoing work will extend DHCP with authentication, DHCP-DNS interaction and inter-server communicationThursday, May 17, 200721Lecture on DHCP, DNS & SNMPDebashis SahaDHCP: Conclusion Efficient way of assigning computers IP addresses and delivering configuration information to those computers Does

25、 not solve other problem of addressing that IP addresses are hard to rememberThursday, May 17, 200722Lecture on DHCP, DNS & SNMPDebashis SahaIETF standards Formal process for development, review and acceptance of TCP/IP protocol suite standards Initial specifications published as Internet Drafts

26、 (I-Ds) Accepted specifications published as Request for Comments (RFCs)Thursday, May 17, 200723Lecture on DHCP, DNS & SNMPDebashis SahaProtocol status DHCP has been accepted as a Draft Standard; the specifications are published in: RFC 2131: Dynamic Host Configuration Protocol RFC 2132: DHCP Op

27、tions and BOOTP Vendor Extensions Several additional options are in developmentThursday, May 17, 200724Lecture on DHCP, DNS & SNMPDebashis SahaImplementation status DHCP is an open standard, with freely available specifications Can be (and has been) implemented entirely from the specification Co

28、mmercial implementations are widely available Non-commerical implementations are also availableThursday, May 17, 200725Lecture on DHCP, DNS & SNMPDebashis SahaDHCP ResourcesThursday, May 17, 200726Lecture on DHCP, DNS & SNMPDebashis SahaDNS Domain Name SystemThursday, May 17, 200727Lecture o

29、n DHCP, DNS & SNMPDebashis SahaSecond QuestionThursday, May 17, 200728Lecture on DHCP, DNS & SNMPDebashis SahaDomain Name System (DNS)Thursday, May 17, 200729Lecture on DHCP, DNS & SNMPDebashis SahaHostnamesThursday, May 17, 200730Lecture on DHCP, DNS & SNMPDebashis SahaDNS: Basics H

30、ierarchical namespace Distributed system very few core servers Stores other information than simple hostname IP mappings Request/response protocolThursday, May 17, 200731Lecture on DHCP, DNS & SNMPDebashis SahaDNS Hierarchyeducomorginrpi albanyaciimcalThursday, May 17, 200732Lecture on DHCP, DNS

31、 & SNMPDebashis SahaHost name structure Each host name is made up of a sequence of labels separated by periods. Each label can be up to 63 characters The total name can be at most 255 characters. Examples: Thursday, May 17, 200733Lecture on DHCP, DNS & SNMPDeb

32、ashis SahaDomain Name The domain name for a host is the sequence of labels that lead from the host (leaf node in the naming tree) to the top of the worldwide naming tree. A domain is a subtree of the worldwide naming tree.Thursday, May 17, 200734Lecture on DHCP, DNS & SNMPDebashis SahaHierarchic

33、al NThursday, May 17, 200735Lecture on DHCP, DNS & SNMPDebashis SahaTop level domains edu, gov, com, net, org, mil, Countries each have a top level domain (2 letter domain name). Such as .in, .uk, .it, etc. New top level domains

34、include:.aero .biz .coop .info .name .proThursday, May 17, 200736Lecture on DHCP, DNS & SNMPDebashis SahaDomain Naming Systemeducomharvard mithbseewwwphysicscisco yahoonasa nsf arpa navy acm ieeegovmilorgnetukfrThursday, May 17, 200737Lecture on DHCP, DNS & SNMPDebashis SahaDNS: Architecture

35、 DNS servers are responsible for one or more domains of any level “Root servers” are maintained throughout the world (one is in Palo Alto) and are responsible for all of the top-level domainsWhen you register a domain, an entry for that domain is added to the appropriate root server Owners of each r

36、egular domain or subdomain maintain (or outsource) their own DNS servers containing the correct informationThursday, May 17, 200738Lecture on DHCP, DNS & SNMPDebashis SahaName Servers Partition hierarchy into zoneseducomprinceton mitcseeux01 ux04physicscisco yahoo nasa nsfarpa navyacm ieeegovmil

37、orgnetukfrRootname serverPrincetonname serverCisconame serverCSname serverEEname serverEach zone implements two or more name servers 1.Primary2. secondaryThursday, May 17, 200739Lecture on DHCP, DNS & SNMPDebashis SahaHierarchical Administration - “Zones”arpacomingovmilnetorgusarpaaciimcalwwwThu

38、rsday, May 17, 200740Lecture on DHCP, DNS & SNMPDebashis SahaAdministration - Zones A zone is a subtree of the DNS tree that is independently managed Second-level domains (“ac.in”) are usually an independent zone Most sub-domains (“iimcal.ac.in”) are also independent. A zone must provide multipl

39、e name servers. This server records the members in the domain. You typically need a primary name server and one or more secondary name servers. Secondary retrieves information from primary using a zone transfer.Thursday, May 17, 200741Lecture on DHCP, DNS & SNMPDebashis SahaResolving an address

40、A.C.D wants to know about F.E.DACDEGBFHHost “A.C.D” asks “B.C.D” (the local name server) to resolve “F.E.D”Name serversThursday, May 17, 200742Lecture on DHCP, DNS & SNMPDebashis SahaResolving an address B.C.D doesnt know the answer. It wants to ask the primary domain server for the “E.D” domain

41、, so it asks the parent of the “B.C” domain (“D” in this example) to resolve “E.D”. D asks H, the root server. H doesnt know the answer, but its the top-level domain and knows that “G.E.D” is the primary domain server for the “E.D” domain B.C.D now knows the primary domain server for the E.D domain,

42、 and can now ask “G.E.D” about “F.E.D”Thursday, May 17, 200743Lecture on DHCP, DNS & SNMPDebashis SahaDomain servers What kind of records can be requested for a given domain?Address translationCaching informationMail server informationAuthoritative nameserver information How is this data request

43、ed?Each record has a type and certain data associated with it clients request records of a certain type from a serverThursday, May 17, 200744Lecture on DHCP, DNS & SNMPDebashis SahaDNS Organization Distributed Database The organization that owns a domain name is responsible for running a DNS ser

44、ver that can provide the mapping between hostnames within the domain to IP addresses. So - some machine run by RPI is responsible for everything within the domain.Thursday, May 17, 200745Lecture on DHCP, DNS & SNMPDebashis SDNS DBDNS DBDNS Distributed Database There is o

45、ne primary server for a domain, and typically a number of secondary servers containing replicated DNS DBADNS DBR DNS serverThursday, May 17, 200746Lecture on DHCP, DNS & SNMPDebashis SahaDNS Clients A DNS client is called a resolver. A call to ge

46、thostbyname()is handled by a resolver (typically part of the client). Most Unix workstations have the file /etc/resolv.conf that contains the local domain and the addresses of DNS servers for that domain.Thursday, May 17, 200747Lecture on DHCP, DNS & SNMPDebashis Saha/etc/resolv.confdomain rpi.e

47、duThursday, May 17, 200748Lecture on DHCP, DNS & SNMPDebashis Sahanslookup nslookup is an interactive resolver that allows the user to communicate directly with a DNS server. nslookup is usually available on Unix workstations. (dig and host are also DNS clients).Thursday, M

48、ay 17, 200749Lecture on DHCP, DNS & SNMPDebashis SahaDNS Servers Servers handle requests for their domain directly. Servers handle requests for other domains by contacting remote DNS server(s). Servers cache external mappings.Thursday, May 17, 200750Lecture on DHCP, DNS & SNMPDebashis SahaSe

49、rver - Server Communication If a server is asked to provide the mapping for a host outside its domain (and the mapping is not in the server cache): The server finds a nameserver for the target domain. The server asks the nameserver to provide the host name to IP translation. To find the right namese

50、rver, use DNS!Thursday, May 17, 200751Lecture on DHCP, DNS & SNMPDebashis SahaDNS Data DNS databases contain more than just hostname-to-address records: Name server recordsNS Hostname aliases CNAME Mail ExchangersMX Host InformationHINFOThursday, May 17, 200752Lecture on DHCP, DNS & SNMPDeba

51、shis SahaThe Root DNS Server The root server needs to know the address of 1st (and many 2nd) level domain comorgjpalbanyrpiThursday, May 17, 200753Lecture on DHCP, DNS & SNMPDebashis SahaServer Operation If a server has no clue about where to find the address for a hostname, ask t

52、he root server. The root server will tell you what nameserver to contact. A request may get forwarded a few times.Thursday, May 17, 200754Lecture on DHCP, DNS & SNMPDebashis SahaDNS Message FormatThursday, May 17, 200755Lecture on DHCP, DNS & SNMPDebashis SahaDNS Message Header query identif

53、ier flags # of questions # of RRs # of authority RRs # of additional RRs16 bit fieldsResponseThursday, May 17, 200756Lecture on DHCP, DNS & SNMPDebashis SahaMessage Flags QR: Query=0, Response=1 AA: Authoritative Answer TC: response truncated ( 512 bytes) RD: recursion desired RA: recursion avai

54、lable rcode: return codeThursday, May 17, 200757Lecture on DHCP, DNS & SNMPDebashis SahaRecursion A request can indicate that recursion is desired - this tells the server to find out the answer (possibly by contacting other servers). If recursion is not requested - the response may be a list of

55、other name servers to contact.Thursday, May 17, 200758Lecture on DHCP, DNS & SNMPDebashis SahaQuestion Format Name: domain name (or IP address) Query type (A, NS, MX, ) Query class (1 for IP)Thursday, May 17, 200759Lecture on DHCP, DNS & SNMPDebashis SahaResponse Resource Record Domain Name

56、Response type Class (IP) Time to live (in seconds) Length of resource data Resource dataThursday, May 17, 200760Lecture on DHCP, DNS & SNMPDebashis SahaUDP & TCP Both UDP and TCP are used: TCP for transfers of entire database to secondary servers (replication). UDP for lookups If more than 5

57、12 bytes in response - requestor resubmits request using TCP.Thursday, May 17, 200761Lecture on DHCP, DNS & SNMPDebashis SahaLots more This is not a complete description ! If interested - look at: RFC 1034: DNS concepts and facilities. RFC 1035: DNS implementation and protocol specification. pla

58、y with nslookup. Look at code for BIND (DNS server code).Thursday, May 17, 200762Lecture on DHCP, DNS & SNMPDebashis SahaName to Address Conversion There is a library of functions that act as DNS client (resolver). you dont need to write DNS client code to use DNS! With some OSs you need to expl

59、icitly link with the DNS resolver library:-lnsl (nsl is “Name Server Library”)Suns (Solaris) need this!Thursday, May 17, 200763Lecture on DHCP, DNS & SNMPDebashis SahaDNS library functionsgethostbynamegethostbyaddrgethostbyname2IPV6!Thursday, May 17, 200764Lecture on DHCP, DNS & SNMPDebashis

60、 Sahagethostbynamestruct hostent *gethostbyname( const char *hostname);struct hostent is defined in netdb.h:#include Thursday, May 17, 200765Lecture on DHCP, DNS & SNMPDebashis Sahastruct hostentstruct hostent char *h_name;char *h_aliases; int h_addrtype;int h_length;char *h_addr_list;official name (canonical)other namesAF_INET or AF_INET6address length (4 or 16) array of ptrs to addressesThursday, May 17, 200766Lecture on DHCP, DNS & SNMPDebashis Sahahostent pictureh_nameh_aliasesh_addrtypeh_lengthh_addr_listOfficial Namealias 1alias 2nullIP address 1IP address 2nullThurs