Embed Size (px)
Citation preview
The Domain Name System Presented by: Presented by: BaolanBaolan Bo Bo LiangzhenLiangzhen
ShuguangShuguangWeihuaWeihuaYujunYujun
Instructor: Dr. Sharon P. HallInstructor: Dr. Sharon P. Hall
Introduction This chapter: --Considers a scheme for assigning
meaningful high-level name to a large set of machines
--discusses a mechanism that maps between high-level machine name and IP address
Names For Machine User needs meaningful, symbolic names
to identify multiple machines Distinction between address and name Name
an identifier useful if system can efficiently map them to
the object they denote
Names For Machines cont’d
IP address is a low-level name The form of high-level name is
important : determines how names are translated to
low-level names or bound to objects as well as how name assignments are authorized
Flat Namespace
Each name consisted a sequence of characters without any further structure
Advantage:name are short and convenient
Disadvantage:cannot generalize to large sets of machines for both technical and administrative reasons
Hierarchical Names
How can a naming system accommodate a large, rapidly expanding set of names without requiring a central site to administer it?
Decentralizing the name mechanism by delegating authority for part of the namespace and distributing responsibility for the mapping between names and addresses
Hierarchical Names Partitioning of a namespace must be
defined in a way that supports efficient name mapping and guarantees autonomous control of name assignment Optimizing only for efficient mapping :retain a
flat namespace and reduce traffic by dividing the names among multiple mapping machines
Optimizing only for administrative ease:make delegation of authority easy ,name mapping expensive and complex
Delegation Of Authority For Names
The namespace is partitioned at the top level, and authority for names in subdivision is passed to designated agents
Consider a namespace with names of the form:
local.site Site is the site name authorized by the central authority
Local is the part of a name controlled by a site Period is a delimiter used to separate them
Subset Authority
Adding a group subdivision to names local.group.site The idea is to keep subdivision is small
enough to be manageable
( group name do not have to agree among all sites)
Internet Domain Names
The domain name system uses a hierarchical naming scheme known as domain name
cs.purdue.edu
( contains three labels: cs, purdue and edu The lowest level domain is cs.purdue.edu The second level domain is purdue edu The top level domain is edu)
Official And Unofficial Domain Names
Most users of domain technology follow the hierarchical labels used by the official Internet domain system
Top-level names permit two naming hierarchies:geographic and organization
See figure 24.2
Name Items And Syntax Of Names Each named item stored in the system is
assigned a type that specifies whether it is the address of a machine, a mailbox, a user, and so on
A client must specify the type of answer and specify the protocol family to use when it asks the domain system to resolve a name
The syntax of a name does not determine what type of object it names or the class of protocol suite. For example: it is possible to have a machine named: gwen.purdue.edu and cs.purdue.edu names a subdomain
Mapping Domain Names To Address The domain name scheme includes an efficient,
reliable, general purpose, distributed system for mapping names to addresses
It consists of nameservers that is a server program and a client software called name resolver
Domain system is a tree structure that corresponds to the naming hierarchy. Given a name to resolve, the root can choose the correct server for that name. At next level a server knows which servers can resolve each of the subdomains under its domain. At third level of the tree, name servers provide answers for subdomains
Mapping Domain Names To Addresses
Server for
.com
root server
Server for
.edu
Server for
.gov Server for
.us
Server for dec,com
Server forpurdue.edu
Server for nsf.gov
Server for va.us
. . .
Mapping Domain Names To Addresses Links in the conceptual tree do not include physical
network connections. The tree of servers is an abstraction that uses an internet for communication
The tree of servers has few levels because a single physical server can contain all of the information for large parts of the naming hierarchy
Server forpurdue.com
Server fordec.com
Server fornsf.com
root server
Server for
reston.va,us
. . .
Domain Name Resolution Domain name resolution proceeds top-down,
starting with the root name server and proceeding to servers located at the leaves of the tree
Two ways to use the domain name system Contacting name servers one at the time Asking the name system to perform the complete
translation When a domain name server receives a query,
if the name lies in the subdomain, it translates the name to an address according to its database
Domain Name Resolution cont’d
if it cannot resolve the name completely, it checks to see what type of interaction the client specified. If the client requested complete translation, the server contacts a server that can resolve the name; if the client requested non-recursive resolution, the server generates the reply that specifies the name server the client should contact next to resolve the name
A client must know how to contact at least one name server and the domain system requires that each server know the address of at least one root server. It guarantees that a client can find a name server to begin the search and a name server can find other
name servers to answer questions when it cannot
Efficient Translation--Caching To resolve queries by working down the tree of name
servers can lead to inefficiencies most name resolution refers to local names, tracing a path
through the hierarchy to contact the local authority would be inefficient
the machine would be overload if each resolution always started at the topmost level
it would prevent name resolution if machines at the topmost level fail
Resolution begins with the local name server, if the local server cannot resolve, it must be sent to another server in the domain system
Efficient Translation --Caching Internet name servers use name caching to
optimize search efficiency To keep cache correct, servers time each entry
and dispose of entries that exceed a reasonable time. Servers do not apply a single fixed timeout to all entries, but allow the authority to include a TTL value in the response
Caching is also important in hosts
Domain Server Message Format Figure 24.5(P475): Header and Body Header (16-bit for each):
IDENTIFICATION: to match responses to query for client;
PARAMETER(Figure24.6): specify the operation request and a response code.
NUMBER OF fields: Number of Questions; Number of Answers;
Number of Authority; Number of Addition
Domain Server Message Format cont’d BODY (variable length):
QUESTION SECTION: Contains queries for which answers are desired; Consists of a QUERY DOMAIN NAME, QUERY TYPY
and QUERY CLASS. (Figure 24.7) ANSWER SECTION: AUTHOURITY SECTION: ADDITIONAL INFORMATION SECTION:
Consists of a set of RESURSE RECORDS (Fig24.8)
Domain Server Message Format cont’d Figure 24.8: Format of resource record:
RESOURCE DOMAIN NAME: contains the domain name to which this resource record refers;
TYPE: type of data; CLASS: data’s class; TIME TO LIVE: the number so seconds info in
this resource record can be in cached RESOURCE DATA LENGTH: count of octets of
data RESOUTCE DATA:
Compressed Name Format Domains are stored as a sequence of labels
in a message. Each label begins with an octet for length. To conserve space in reply packet, Servers
compress names by storing only one copy of each name.
Extracting Domain Name from message, client software must check:
Pointer to a literal string: if top two bits of the 8-bit segment count field are 1s, the next 14 bits as an integer pointer.
Literal string: if top two bits are zero, the next 6 bits for number of characters
Abbreviation of Domain Names Name Abbreviation: feature of local
resolution like telephone call Abbreviation: the resolver supplies
missing parts of the name automatically: e.g. nas nas.cl.uh.edu
Not a part of the domain name system Client takes responsibility for the
expansion of such abbreviation.
Inverse Mappings Part of domain system Have to searching the entire set of
servers to resolve the query, therefore, rarely used.
Inverse Mapping: client asks a server to map “backwards” by taking an answer and generating the question that would produce that answer.
Not all answers have a unique question.
Pointer Queries Pointer Query: form of question for
inverse mapping; In pointer query:
IP address are presented for correct domain name
Useful for diskless machines Internet root domain servers maintain a
database of valid IP address for resolution of pointer queries
Object Types and Resource Record Contents TYPE: data type for client’s query and
server’s response in all resource record
Figure 24.9: Domain name system resource record types Type A: most used data type, Host
address; MX: 2nd most used, assigned to names
used for electronic mail exchangers
Obtaining Authority For Subdomain Before an institution is granted authority
for an official second-level domain, it must agree to operate a domain name server that meets Internet standard.
The server must know the addresses of servers that handles each subdomain as well as the address of at least one root server.
A subtree of names managed by a given name server forms a zone of authority.
Summary Hierarchical naming systems allow
delegation of authority for names; Although name resolution is separate form
delegation of authority, it possible to create hierarchical naming system.
Delegation of authority always flows from top of the hierarchy downward.
Internet DNS: offers a hierarchical naming scheme and supports a variety of bindings.
DNS uses distributed lookup in which domain name servers map each domain name to an IP address or mail exchanger address.
