It’sinaformateasiertounderstand_read_rememberbypeople

1、EE 122: Domain Name Server (DNS)Ion StoicaNov 25, 2002(* based in part on on-line slides by J. Kurose & K. Rose and Raj Jain)1istoicaNames & AddressesWhat is a name?What is an address?What is the difference between names and addresses?2istoicaInternet Centric ViewAddresses: Says how to reach an obje

2、ct it has location semantics associated to itIts in a format easy to process by computers Name: Does not have any location semantics associated to itIts in a format easier to understand/read/remember by peopleExamples:IP address: 09Name: 3istoicaName ServiceName space: define the set of possible nam

3、esHierarchical (e.g., Unix and Windows file names)Flat Bindings: the mapping between names and values (e.g., addresses) Bindings can be implemented by using tablesResolution: procedure that, when invoked with a name, returns the corresponding valueName server: specific implementation of a resolution

4、 mechanism that is available on the network and that can be queried by sending messages4istoicaGeneral ViewIn general there are multiple mappingsHost name: IP address: 09 Ethernet MAC address: 8.90.12 DNS resolutionARP (Address Resolution Protocol)5istoicaMappingMultiple names can map onto the same

5、addressExample: and maps to the same machine (i.e., the same IP address)One name can map onto multiple addressesExample: can be mapped to multiple machines6istoicaName Hierarchyrooteducomgovmilorgnetukfrberkeleycmueecssimssonoma7istoicaName HierarchyUnique domain suffix is assigned by the Internet A

6、uthorityThe domain administrators have complete control over the domainNo limit on the number of subdomains or number of levelsName space is not related with the physical interconnection Geographical hierarchy is allowed (e.g., cnri.reston.va.us)A name could be a domain or an individual objects 8ist

7、oicaTop Level DomainsDomain Name AssignmentcomCommercialeduEducational govGovernment milMilitary netNetwork orgOther organizationscountry codeau, uk, ca, 9istoicaDNS Name ServersWhy not centralize DNS? Single point of failureTraffic volumeDistant centralized databaseMaintenanceDoesnt scale!10istoica

8、Server Hierarchy: ZonesA zone corresponds to an administrative authority that is responsible for that portion of the hierarchyrooteducomgovmilorgnetukfrberkeleycmueecssimsdivine11istoicaServer HierarchyServer are organized in hierarchiesEach server has authority over a portion of the hierarchyA sing

9、le node in the name hierarchy cannot be splitA server maintains only a subset of all namesIt needs to know other servers that are responsible for the other portions of the hierarchy12istoicaServer HierarchyAuthority: each server has the name to address translation table for all names in the name spa

10、ce it controlsEvery server knows the rootRoot server knows about all top-level domains13istoicaDNS Name ServersNo server has all name-to-IP address mappingsLocal name servers:Each ISP (company) has local (default) name serverHost DNS query first go to local name serverAuthoritative name servers:For

11、a host: stores that hosts (name, IP address)Can perform name/address translation for that hosts name 14istoicaDNS: Root Name ServersContacted by local name server that can not resolve nameRoot name server:Contacts authoritative name server if name mapping not knownGets mappingReturns mapping to loca

12、l name server Dozen root name servers worldwide15istoicaSimple DNS ExampleHost wants IP address of 1. Contacts its local DNS server, 2. contacts root name server, if necessary3. Root name server contacts authoritative name server, , if necessary requesting hostroot name serverauthorititive name serv

13、erlocal name server12345616istoicaDNS ExampleRoot name server:May not know authoritative name serverMay know intermediate name server: who to contact to find authoritative name server?requesting hostroot name serverlocal name server123456authoritative name serverintermediate name server(edu server)7

14、817istoicaDNS: Iterated QueriesRecursive query:Puts burden of name resolution on contacted name serverHeavy load?Iterated query:Contacted server replies with name of server to contact“I dont know this name, but ask this server”requesting hostroot name serverlocal name server123467authoritative name

15、serverintermediate name server(edu server)58iterated query18istoicaDiscussionRobustnessUse multiple replicas, butwhat if someone mounts a denial of service attack to all root servers?Performance:Use caching to speed-up subsequent queries to the same nameWhat about update/notify?Mechanisms under design by IETF (R