Network Layer 4- density - A Top Down Approach

Similar documents
Chapter 4 Network Layer

Chapter 2 Application Layer

DNS: Domain Name System

Domain Name System (or Service) (DNS) Computer Networks Term B10

How To Map Between Ip Address And Name On A Domain Name System (Dns)

Domain Name System Richard T. B. Ma

CMPE 80N: Introduction to Networking and the Internet

internet technologies and standards

IP addressing and forwarding Network layer

The Application Layer: DNS

Cours du 22 novembre

CMPE 80N: Introduction to Networking and the Internet

DATA COMMUNICATOIN NETWORKING

Domain Name System (DNS)

CS 355. Computer Networking. Wei Lu, Ph.D., P.Eng.

Domain Name System (DNS) RFC 1034 RFC

DNS: Domain Name System

CS 43: Computer Networks Naming and DNS. Kevin Webb Swarthmore College September 17, 2015

DNS and P2P File Sharing

DNS: Distributed Name System

DHCP, ICMP, IPv6. Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley DHCP. DHCP UDP IP Eth Phy

Network layer" 1DT066! Distributed Information Systems!! Chapter 4" Network Layer!! goals: "

Distributed Systems. Naming

CS 43: Computer Networks IP. Kevin Webb Swarthmore College November 5, 2013

Network layer: Overview. Network layer functions IP Routing and forwarding

Chapter 4 Network Layer

Ch 6: Networking Services: NAT, DHCP, DNS, Multicasting

Ch 6: Networking Services: NAT, DHCP, DNS, Multicasting, NTP

FTP: the file transfer protocol

Domain Name System DNS

Names vs. Addresses. Flat vs. Hierarchical Space. Domain Name System (DNS) Computer Networks. Lecture 5: Domain Name System

DNS. Spring 2016 CS 438 Staff 1

Computer Networks & Security 2014/2015

Application Layer. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross

Naming and the DNS. Focus. How do we name hosts etc.? Application Presentation Topics. Session Domain Name System (DNS) /URLs

NET0183 Networks and Communications

2.5 DNS The Internet s Directory Service

Domain Name System (DNS)

Domain Name System (DNS) Reading: Section in Chapter 9

Classful IP Addressing. Classless Addressing: CIDR. Routing & Forwarding: Logical View of a Router. IP Addressing: Basics

Computer Networks. Instructor: Niklas Carlsson

Chapter 2: outline. 2.6 P2P applications 2.7 socket programming with UDP and TCP

8.2 The Internet Protocol

IP addressing. Interface: Connection between host, router and physical link. IP address: 32-bit identifier for host, router interface

DNS and electronic mail. DNS purposes

3. The Domain Name Service

Lecture 5: Network Attacks I. Course Admin

Network programming, DNS, and NAT. Copyright University of Illinois CS 241 Staff 1

Application-layer protocols

CS 348: Computer Networks. - DNS; 22 nd Oct Instructor: Sridhar Iyer IIT Bombay

Transport and Network Layer

Technical Support Information Belkin internal use only

Digital Communication in the Modern World Application Layer cont. DNS, SMTP

Internet Protocol: IP packet headers. vendredi 18 octobre 13

How do I get to

CS244A Review Session Routing and DNS

Internet Control Protocols Reading: Chapter 3

TCP/IP Fundamentals. OSI Seven Layer Model & Seminar Outline

Lecture 2 CS An example of a middleware service: DNS Domain Name System

Unix System Administration

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.

Chapter 8 Security Pt 2

IP - The Internet Protocol

Chapter 3. TCP/IP Networks. 3.1 Internet Protocol version 4 (IPv4)

Guide to Network Defense and Countermeasures Third Edition. Chapter 2 TCP/IP

Lecture Computer Networks

Application layer Protocols application transport

Internet Protocols Fall Lectures 7-8 Andreas Terzis

Internet-Praktikum I Lab 3: DNS

DNS: Domain Names. DNS: Domain Name System. DNS: Root name servers. DNS name servers

CS 457 Lecture 19 Global Internet - BGP. Fall 2011

Computer System Design: Laws, Principles, Trends - II

C 1. Last Time. CSE 486/586 Distributed Systems Domain Name System. Review: Causal Ordering. Review: Causally Ordered Multicast.

HW2 Grade. CS585: Applications. Traditional Applications SMTP SMTP HTTP 11/10/2009

The Internet. Internet Technologies and Applications

FTP: the file transfer protocol

Applications & Application-Layer Protocols: The Domain Name System and Peerto-Peer

VLAN und MPLS, Firewall und NAT,

IP Address Classes (Some are Obsolete) Computer Networking. Important Concepts. Subnetting Lecture 8 IP Addressing & Packets

Subnetting,Supernetting, VLSM & CIDR

HOST AUTO CONFIGURATION (BOOTP, DHCP)

Scaling the Network: Subnetting and Other Protocols. Networking CS 3470, Section 1

Networking Overview. (as usual, thanks to Dave Wagner and Vern Paxson)

Goals of Today s Lecture. Separating Naming and Addressing. Host Names vs. IP addresses. Domain Name System (DNS) EE 122: Domain Name System

Network Layer IPv4. Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS. School of Computing, UNF

Компјутерски Мрежи NAT & ICMP

Computer Networks. Lecture 3: IP Protocol. Marcin Bieńkowski. Institute of Computer Science University of Wrocław

IP Network Layer. Datagram ID FLAG Fragment Offset. IP Datagrams. IP Addresses. IP Addresses. CSCE 515: Computer Network Programming TCP/IP

Overview of Computer Networks

Efficient Addressing. Outline. Addressing Subnetting Supernetting CS 640 1

Internet Protocols Fall Outline

Gary Hecht Computer Networking (IP Addressing, Subnet Masks, and Packets)

Introduction to IP networking

Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme. Auxiliary Protocols

Introduction to TCP/IP

Internet and IP addressing

Troubleshooting Tools

NETWORK LAYER/INTERNET PROTOCOLS

Cisco Configuring Commonly Used IP ACLs

Address Resolution Protocol (ARP)

Transcription:

Internet-Technologien (CS262) 2. IP und DNS 11.3.2015 Christian Tschudin Departement Mathematik und Informatik, Universität Basel 4-1 Wiederholung/Einstiegsfragen Was ist ein Socket? Weshalb braucht es UDP? Was ist ein TCP segment? Was sind die Auswirkungen auf read()? Weshalb bietet UNIX einen select() Systemaufruf an? Network Layer 4-2

Chapter 4 Network Layer (original slides + UBasel modifs CS262, 2015) A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see the animations; and can add, modify, and delete slides (including this one) and slide content to suit your needs. They obviously represent a lot of work on our part. In return for use, we only ask the following: If you use these slides (e.g., in a class) that you mention their source (after all, we d like people to use our book!) If you post any slides on a www site, that you note that they are adapted from (or perhaps identical to) our slides, and note our copyright of this material. Thanks and enjoy! JFK/KWR Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2013 J.F Kurose and K.W. Ross, All Rights Reserved Network Layer 4-3 Chapter 4: layer chapter goals: understand principles behind layer services: layer service models forwarding versus routing how a router works routing (path selection) broadcast, multicast instantiation, implementation in the Internet Network Layer 4-4

Chapter 4: outline 4.1 introduction 4.2 virtual circuit and datagram s 4.3 what s inside a router 4.4 IP: Internet Protocol datagram format IPv4 addressing ICMP IPv6 4.5 routing algorithms link state distance vector hierarchical routing 4.6 routing in the Internet RIP OSPF BGP 4.7 broadcast and multicast routing Network Layer 4-5 Network layer transport segment from sending to receiving host on sending side encapsulates segments into datagrams on receiving side, delivers segments to transport layer layer protocols in every host, router router examines header fields in all IP datagrams passing through it application transport data link physical data link physical data link physical data link physical data link physical data link physical data link physical data link physical data link physical data link physical data link physical data link physical application transport data link physical Network Layer 4-6

Two key -layer functions forwarding: move packets from router s input to appropriate router output routing: determine route taken by packets from source to dest. routing algorithms analogy: routing: process of planning trip from source to dest forwarding: process of getting through single interchange Network Layer 4-7 Interplay between routing and forwarding routing algorithm local forwarding table header value output link 0100 0101 0111 1001 3 2 2 1 routing algorithm determines end-end-path through forwarding table determines local forwarding at this router value in arriving packet s header 0111 3 2 1 Network Layer 4-8

Chapter 4: outline 4.1 introduction 4.2 virtual circuit and datagram s 4.3 what s inside a router 4.4 IP: Internet Protocol datagram format IPv4 addressing ICMP IPv6 4.5 routing algorithms link state distance vector hierarchical routing 4.6 routing in the Internet RIP OSPF BGP 4.7 broadcast and multicast routing Network Layer 4-39 IP addressing: introduction IP address: 32-bit identifier for host, router interface interface: connection between host/router and physical link router s typically have multiple interfaces host typically has one or two interfaces (e.g., wired Ethernet, wireless 802.11) IP addresses associated with each interface 223.1.1.2 223.1.1.1 223.1.1.3 223.1.1.4 223.1.2.9 223.1.3.27 223.1.3.1 223.1.2.1 223.1.2.2 223.1.3.2 223.1.1.1 = 11011111 00000001 00000001 00000001 223 1 1 1 Network Layer 4-40

IP addressing: introduction Q: how are interfaces actually connected? A: we ll learn about that in chapter 5, 6. A: wired Ethernet interfaces connected by Ethernet switches 223.1.1.2 223.1.1.1 223.1.1.3 223.1.2.1 223.1.1.4 223.1.2.9 223.1.3.27 223.1.2.2 223.1.3.1 223.1.3.2 For now: don t need to worry about how one interface is connected to another (with no intervening router) A: wireless WiFi interfaces connected by WiFi base station Network Layer 4-41 Subnets IP address: subnet part - high order bits host part - low order bits what s a subnet? device interfaces with same subnet part of IP address can physically reach each other without intervening router 223.1.1.1 223.1.1.2 223.1.2.1 223.1.1.4 223.1.2.9 223.1.2.2 223.1.1.3 223.1.3.27 subnet 223.1.3.1 223.1.3.2 consisting of 3 subnets Network Layer 4-42

Subnets recipe to determine the subnets, detach each interface from its host or router, creating islands of isolated s each isolated is called a subnet 223.1.1.0/24 223.1.2.0/24 223.1.1.1 223.1.1.2 223.1.2.1 223.1.1.4 223.1.2.9 223.1.2.2 223.1.1.3 223.1.3.27 subnet 223.1.3.1 223.1.3.2 223.1.3.0/24 subnet mask: /24 Network Layer 4-43 Subnets 223.1.1.2 how many? 223.1.1.1 223.1.1.4 223.1.1.3 223.1.9.2 223.1.7.0 223.1.9.1 223.1.8.1 223.1.8.0 223.1.7.1 223.1.2.6 223.1.3.27 223.1.2.1 223.1.2.2 223.1.3.1 223.1.3.2 Network Layer 4-44

IP Addresses (classic split) given notion of, let s re-examine IP addresses: class-full addressing: class A 0 host B 10 host C 110 host 1.0.0.0 to 127.255.255.255 128.0.0.0 to 191.255.255.255 192.0.0.0 to 223.255.255.255 D 1110 multicast address 32 bits 224.0.0.0 to 239.255.255.255 Network Layer 4-45 IP addressing: CIDR CIDR: Classless InterDomain Routing subnet portion of address of arbitrary length address format: a.b.c.d/x, where x is # bits in subnet portion of address subnet part 11001000 00010111 00010000 00000000 200.23.16.0/23 host part Network Layer 4-46

IP addresses: how to get one? Q: How does a host get IP address? hard-coded by system admin in a file Windows: control-panel->->configuration- >tcp/ip->properties UNIX: /etc/rc.config : Dynamic Host Configuration Protocol: dynamically get address from as server plug-and-play Network Layer 4-47 : Dynamic Host Configuration Protocol goal: allow host to dynamically obtain its IP address from server when it joins can renew its lease on address in use allows reuse of addresses (only hold address while connected/ on ) support for mobile users who want to join (more shortly) overview: host broadcasts discover msg [optional] server responds with offer msg [optional] host requests IP address: request msg server sends address: ack msg Network Layer 4-48

client-server scenario 223.1.1.0/24 223.1.1.1 server 223.1.2.1 223.1.1.2 223.1.1.4 223.1.2.9 223.1.2.2 223.1.1.3 223.1.3.27 arriving client needs address in this 223.1.2.0/24 223.1.3.1 223.1.3.2 223.1.3.0/24 Network Layer 4-49 client-server scenario server: 223.1.2.5 discover src : 0.0.0.0, 68 dest.: 255.255.255.255,67 yiaddr: 0.0.0.0 transaction ID: 654 Broadcast: is there a server out there? arriving client request offer src: 0.0.0.0, 68 dest:: 255.255.255.255, 67 yiaddrr: 223.1.2.4 that transaction IP address! ID: 655 lifetime: 3600 secs Broadcast: OK. I ll take src: 223.1.2.5, 67 dest: 255.255.255.255, 68 yiaddrr: 223.1.2.4 transaction ID: 654 lifetime: 3600 secs Broadcast: I m a server! Here s an IP address you can use ACK src: 223.1.2.5, 67 dest: 255.255.255.255, 68 yiaddrr: 223.1.2.4 transaction ID: 655 lifetime: 3600 secs Broadcast: OK. You ve got that IP address! Network Layer 4-50

: more than IP addresses can return more than just allocated IP address on subnet: address of first-hop router for client name and IP address of DNS sever mask (indicating versus host portion of address) Network Layer 4-51 : example UDP IP Eth Phy UDP IP Eth Phy 168.1.1.1 router with server built into router connecting laptop needs its IP address, addr of first-hop router, addr of DNS server: use request encapsulated in UDP, encapsulated in IP, encapsulated in 802.1 Ethernet Ethernet frame broadcast (dest: FFFFFFFFFFFF) on LAN, received at router running server Ethernet demuxed to IP demuxed, UDP demuxed to Network Layer 4-52

: example UDP IP Eth Phy UDP IP Eth Phy router with server built into router DCP server formulates ACK containing client s IP address, IP address of first-hop router for client, name & IP address of DNS server encapsulation of server, frame forwarded to client, demuxing up to at client client now knows its IP address, name and IP address of DSN server, IP address of its first-hop router Network Layer 4-53 : Wireshark output (home LAN) Message type: Boot Request (1) Hardware type: Ethernet Hardware address length: 6 Hops: 0 request Transaction ID: 0x6b3a11b7 Seconds elapsed: 0 Bootp flags: 0x0000 (Unicast) Client IP address: 0.0.0.0 (0.0.0.0) Your (client) IP address: 0.0.0.0 (0.0.0.0) Next server IP address: 0.0.0.0 (0.0.0.0) Relay agent IP address: 0.0.0.0 (0.0.0.0) Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a) Server host name not given Boot file name not given Magic cookie: (OK) Option: (t=53,l=1) Message Type = Request Option: (61) Client identifier Length: 7; Value: 010016D323688A; Hardware type: Ethernet Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a) Option: (t=50,l=4) Requested IP Address = 192.168.1.101 Option: (t=12,l=5) Host Name = "nomad" Option: (55) Parameter Request List Length: 11; Value: 010F03062C2E2F1F21F92B 1 = Subnet Mask; 15 = Domain Name 3 = Router; 6 = Domain Name Server 44 = NetBIOS over TCP/IP Name Server Message type: Boot Reply (2) Hardware type: Ethernet reply Hardware address length: 6 Hops: 0 Transaction ID: 0x6b3a11b7 Seconds elapsed: 0 Bootp flags: 0x0000 (Unicast) Client IP address: 192.168.1.101 (192.168.1.101) Your (client) IP address: 0.0.0.0 (0.0.0.0) Next server IP address: 192.168.1.1 (192.168.1.1) Relay agent IP address: 0.0.0.0 (0.0.0.0) Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a) Server host name not given Boot file name not given Magic cookie: (OK) Option: (t=53,l=1) Message Type = ACK Option: (t=54,l=4) Server Identifier = 192.168.1.1 Option: (t=1,l=4) Subnet Mask = 255.255.255.0 Option: (t=3,l=4) Router = 192.168.1.1 Option: (6) Domain Name Server Length: 12; Value: 445747E2445749F244574092; IP Address: 68.87.71.226; IP Address: 68.87.73.242; IP Address: 68.87.64.146 Option: (t=15,l=20) Domain Name = "hsd1.ma.comcast.net." Network Layer 4-54

IP addresses: how to get one? Q: how does get subnet part of IP addr? A: gets allocated portion of its provider ISP s address space ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20 Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/23 Organization 1 11001000 00010111 00010010 00000000 200.23.18.0/23 Organization 2 11001000 00010111 00010100 00000000 200.23.20.0/23....... Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23 Network Layer 4-55 Hierarchical addressing: route aggregation hierarchical addressing allows efficient advertisement of routing information: Organization 0 200.23.16.0/23 Organization 1 200.23.18.0/23 Organization 2 200.23.20.0/23 Organization 7.... Fly-By-Night-ISP Send me anything with addresses beginning 200.23.16.0/20 Internet 200.23.30.0/23 ISPs-R-Us Send me anything with addresses beginning 199.31.0.0/16 Network Layer 4-56

Hierarchical addressing: more specific routes ISPs-R-Us has a more specific route to Organization 1 Organization 0 200.23.16.0/23 Organization 2 200.23.20.0/23 Organization 7 200.23.30.0/23.... Organization 1 200.23.18.0/23 Fly-By-Night-ISP ISPs-R-Us Send me anything with addresses beginning 200.23.16.0/20 Send me anything with addresses beginning 199.31.0.0/16 or 200.23.18.0/23 Internet Network Layer 4-57 IP addressing: the last word... Q: how does an ISP get block of addresses? A: ICANN: Internet Corporation for Assigned Names and Numbers http://www.icann.org/ allocates addresses manages DNS assigns domain names, resolves disputes Network Layer 4-58

Exhaustion of Ipv4 addresses Network Layer 4-59 Chapter 4: outline 4.1 introduction 4.2 virtual circuit and datagram s 4.3 what s inside a router 4.4 IP: Internet Protocol datagram format IPv4 addressing ICMP IPv6 4.5 routing algorithms link state distance vector hierarchical routing 4.6 routing in the Internet RIP OSPF BGP 4.7 broadcast and multicast routing Network Layer 4-68

The Internet layer host, router layer functions: transport layer: TCP, UDP layer routing protocols path selection RIP, OSPF, BGP forwarding table link layer physical layer IP protocol addressing conventions datagram format packet handling conventions ICMP protocol error reporting router signaling IP datagram format Network Layer 4-69 IP protocol version number header length (bytes) type of data max number remaining hops (decremented at each router) upper layer protocol to deliver payload to how much overhead? 20 bytes of TCP 20 bytes of IP = 40 bytes + app layer overhead ver head. len 16-bit identifier time to live type of service upper layer 32 bits flgs length fragment offset header checksum 32 bit source IP address 32 bit destination IP address options (if any) data (variable length, typically a TCP or UDP segment) total datagram length (bytes) for fragmentation/ reassembly e.g. timestamp, record route taken, specify list of routers to visit. Network Layer 4-70

ICMP: internet control message protocol used by hosts & routers to communicate level information error reporting: unreachable host,, port, protocol echo request/reply (used by ping) -layer above IP: ICMP msgs carried in IP datagrams ICMP message: type, code plus first 8 bytes of IP datagram causing error Type Code description 0 0 echo reply (ping) 3 0 dest. unreachable 3 1 dest host unreachable 3 2 dest protocol unreachable 3 3 dest port unreachable 3 6 dest unknown 3 7 dest host unknown 4 0 source quench (congestion control - not used) 8 0 echo request (ping) 9 0 route advertisement 10 0 router discovery 11 0 TTL expired 12 0 bad IP header Network Layer 4-71 Traceroute and ICMP source sends series of UDP segments to dest first set has TTL =1 second set has TTL=2, etc. unlikely port number when nth set of datagrams arrives to nth router: router discards datagrams and sends source ICMP messages (type 11, code 0) ICMP messages includes name of router & IP address when ICMP messages arrives, source records RTTs stopping criteria: UDP segment eventually arrives at destination host destination returns ICMP port unreachable message (type 3, code 3) source stops 3 probes 3 probes 3 probes Network Layer 4-72

IP fragmentation, reassembly links have MTU (max.transfer size) - largest possible link-level frame different link types, different MTUs large IP datagram divided ( fragmented ) within net one datagram becomes several datagrams reassembled only at final destination IP header bits used to identify, order related fragments reassembly fragmentation: in: one large datagram out: 3 smaller datagrams Network Layer 4-73 IP fragmentation, reassembly example: 4000 byte datagram MTU = 1500 bytes length =4000 ID =x fragflag =0 offset =0 one large datagram becomes several smaller datagrams 1480 bytes in data field length =1500 ID =x fragflag =1 offset =0 offset = 1480/8 length =1500 ID =x fragflag =1 offset =185 length =1040 ID =x fragflag =0 offset =370 Network Layer 4-74

Chapter 2: outline 2.1 principles of applications app architectures app requirements 2.2 Web and HTTP 2.3 FTP 2.4 electronic mail SMTP, POP3, IMAP 2.5 DNS 2.6 P2P applications 2.7 socket programming with UDP and TCP Application Layer 2-166 DNS: domain name system people: many identifiers: SSN, name, passport # Internet hosts, routers: IP address (32 bit) - used for addressing datagrams name, e.g., www.yahoo.com - used by humans Q: how to map between IP address and name, and vice versa? Domain Name System: distributed database implemented in hierarchy of many name servers application-layer protocol: hosts, name servers communicate to resolve names (address/name translation) note: core Internet function, implemented as applicationlayer protocol complexity at s edge Application Layer 2-167

DNS: services, structure DNS services hostname to IP address translation host aliasing canonical, alias names mail server aliasing load distribution replicated Web servers: many IP addresses correspond to one name why not centralize DNS? single point of failure traffic volume distant centralized database maintenance A: doesn t scale! Application Layer 2-168 DNS: a distributed, hierarchical database Root DNS Servers com DNS servers org DNS servers edu DNS servers yahoo.com DNS servers amazon.com DNS servers pbs.org DNS servers poly.edu umass.edu DNS serversdns servers client wants IP for www.amazon.com; 1 st approx: client queries root server to find com DNS server client queries.com DNS server to get amazon.com DNS server client queries amazon.com DNS server to get IP address for www.amazon.com Application Layer 2-169

DNS: root name servers contacted by local name server that can not resolve name root name server: contacts authoritative name server if name mapping not known gets mapping returns mapping to local name server e. NASA Mt View, CA f. Internet Software C. Palo Alto, CA (and 48 other sites) c. Cogent, Herndon, VA (5 other sites) d. U Maryland College Park, MD h. ARL Aberdeen, MD j. Verisign, Dulles VA (69 other sites ) a. Verisign, Los Angeles CA (5 other sites) b. USC-ISI Marina del Rey, CA l. ICANN Los Angeles, CA (41 other sites) g. US DoD Columbus, OH (5 other sites) k. RIPE London (17 other sites) i. Netnod, Stockholm (37 other sites) m. WIDE Tokyo (5 other sites) 13 root name servers worldwide Application Layer 2-170 TLD, authoritative servers top-level domain (TLD) servers: responsible for com, org, net, edu, aero, jobs, museums, and all top-level country domains, e.g.: uk, fr, ca, jp Network Solutions maintains servers for.com TLD Educause for.edu TLD authoritative DNS servers: organization s own DNS server(s), providing authoritative hostname to IP mappings for organization s named hosts can be maintained by organization or service provider Application Layer 2-171

Local DNS name server does not strictly belong to hierarchy each ISP (residential ISP, company, university) has one also called default name server when host makes DNS query, query is sent to its local DNS server has local cache of recent name-to-address translation pairs (but may be out of date!) acts as proxy, forwards query into hierarchy Application Layer 2-172 DNS name resolution example root DNS server host at cis.poly.edu wants IP address for gaia.cs.umass.edu 2 3 4 5 TLD DNS server iterated query: contacted server replies with name of server to contact I don t know this name, but ask this server local DNS server dns.poly.edu 1 8 requesting host cis.poly.edu 7 6 authoritative DNS server dns.cs.umass.edu gaia.cs.umass.edu Application Layer 2-173

DNS name resolution example root DNS server recursive query: puts burden of name resolution on contacted name server heavy load at upper levels of hierarchy? local DNS server dns.poly.edu 1 2 8 7 6 5 3 4 TLD DNS server requesting host cis.poly.edu authoritative DNS server dns.cs.umass.edu gaia.cs.umass.edu Application Layer 2-174 DNS: caching, updating records once (any) name server learns mapping, it caches mapping cache entries timeout (disappear) after some time (TTL) TLD servers typically cached in local name servers thus root name servers not often visited cached entries may be out-of-date (best effort name-to-address translation!) if name host changes IP address, may not be known Internet-wide until all TTLs expire update/notify mechanisms proposed IETF standard RFC 2136 Application Layer 2-175

DNS records DNS: distributed db storing resource records (RR) RR format: (name, value, type, ttl) type=a name is hostname value is IP address type=ns name is domain (e.g., foo.com) value is hostname of authoritative name server for this domain type=cname name is alias name for some canonical (the real) name www.ibm.com is really servereast.backup2.ibm.com value is canonical name type=mx value is name of mailserver associated with name Application Layer 2-176 DNS protocol, messages query and reply messages, both with same message format 2 bytes 2 bytes msg header identification: 16 bit # for query, reply to query uses same # flags: query or reply recursion desired recursion available reply is authoritative identification flags # questions # answer RRs # authority RRs # additional RRs questions (variable # of questions) answers (variable # of RRs) authority (variable # of RRs) additional info (variable # of RRs) Application Layer 2-177

DNS protocol, messages 2 bytes 2 bytes identification # questions flags # answer RRs name, type fields for a query RRs in response to query records for authoritative servers additional helpful info that may be used # authority RRs # additional RRs questions (variable # of questions) answers (variable # of RRs) authority (variable # of RRs) additional info (variable # of RRs) Application Layer 2-178 Inserting records into DNS example: new startup Network Utopia register name uptopia.com at DNS registrar (e.g., Network Solutions) provide names, IP addresses of authoritative name server (primary and secondary) registrar inserts two RRs into.com TLD server: (utopia.com, dns1.utopia.com, NS) (dns1.utopia.com, 212.212.212.1, A) create authoritative server type A record for www.uptopia.com; type MX record for utopia.com Application Layer 2-179

Attacking DNS DDoS attacks Bombard root servers with traffic Not successful to date Traffic Filtering Local DNS servers cache IPs of TLD servers, allowing root server bypass Bombard TLD servers Potentially more dangerous Redirect attacks Man-in-middle Intercept queries DNS poisoning Send bogus relies to DNS server, which caches Exploit DNS for DDoS Send queries with spoofed source address: target IP Requires amplification Application Layer 2-180

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information