Date post: | 01-Jan-2016 |
Category: |
Documents |
Upload: | zia-mcfadden |
View: | 25 times |
Download: | 0 times |
Internet Address and Domain Name Service (DNS)
CS587x LectureDepartment of Computer Science
Iowa State University
What to cover today
Internet Address IPv4 CIDR
Domain Name Service Name Resolution Load Balancing
Internet AddressingIPv4
Each address is represented by 4 bytes Four numbers, 0-255, separated by dots
Classified IP address (developed in 1970s) Class+Network ID+Host ID
0
byte 0 byte 1 byte 2 byte 3
A
1 0B
1 1 0C
1 1 1 0D
1 1 1 1 0E
Network ID Host ID
Network ID Host ID
Network ID Host ID
Multicast
Reserved
#nets #hosts
128
16,384
2,097,152
To minimize routing table entries•Given an IP packet, a router examines its first one to four bits to determine its class and then breaks it down into network and host bits. The network bits are used to find a route to the network. Once a packet reached its target network, its host field was examined for final delivery.
16,777,216
65,536
256
networks routes
12.0.0.0 XXX
123.0.0.0 XXX
:: ::
Special IP Addresses
Some special addresses 127.0.0.1 – loopback/localhost 255.255.255.255 – broadcast
Reserved addresses Can be used locally (behind Network Address Translator, for
example) 192.168.0.0-192.168.255.255 172.16.0.0-172.31.255.255 10.0.0.0-10.255.255.255
Not routed through the Internet
Space limitation of IP Address
32 bits IPv6 calls for 128-bit address, but
requires significant changes throughout much of the Internet
Classified not flexible and efficient in address
allocation While the Internet was running out of
unassigned addresses, only 3% of the assigned addresses were actually being used
Challenges
Represent more networks Need more network IDs, given the same 32-
bits address spaceGlobal routing tables at capacity
As the number of networks on the Internet increased, so did the number of routes
A few years back, it was forecasted that the global backbone Internet routers were fast approaching their limit on the number of routes they could support.
Even using the latest router technology, the maximum theoretical routing table size is approximately 60,000 routing table entries
If nothing was done, the global routing tables would have reached capacity by mid-1994 and all Internet growth would be halted
Solutions
Assign IP to machines dynamically For an ISP, at any given time, only a small percentage
of its customers are connected to the network Not effective for DSL/cable connections, where clients
are always on
Computers not visible to the Internet can share the same block of IP address
Use those special address blocks
Classless Inter-Domain Routing (CIDR) Restructuring IP address assignments to increase
efficiency Hierarchical routing aggregation to minimize route
table entries
CIDR
A CIDR address includes the standard 32-bit IP address and also information on how many bits are used for the network prefix, e.g.,
206.13.01.48/25, the "/25" indicates the first 25 bits are used to identify the unique network leaving the remaining bits to identify the specific host
129.186.0.0/16 (ISU), 192.188.162.0/24 (ISU Research Park), 63.224.0.0/13 (USWest)
CIDR allows the division between the network and host portions of the IP addresses to occur at any point in the 32-bit number
Mask length currently is anywhere from 13 to 27 bitsCompatibility with Existing Addresses
Class A address, a#.b#.c#.d# a#.b#.c#.d#/8 Class B address, a#.b#.c#.d# a#.b#.c#.d#/16 Class C address, a#.b#.c#.d# a#.b#.c#.d#/24
Advantages of CIDRMore network IDs -- Flexible allocation of IP address blocks allows more efficient use of 32-bit address space
The size of a block of IP addresses could be any power of 2 An organization needing 512 addresses could be assigned
with a 23-bit mask, rather than an entire class B network (65536 addresses)
Minimizing routing table entries -- ISPs can now aggregate their networks into larger blocks
Suppose an ISP is assigned the 12.0.0.0/8 network, the ISP can further divide this block of addresses into smaller blocks and allocate them to its customers
E.g., one customer can have 12.45.0.0/16 and another might have 12.194.34.0/23 network
The allocation of address blocks may depend on the size of the customer
Global routers need to remember only the routes to 12.0.0.0/8
Example of Address Aggregation
ISP/Router12.0.0.0/8
Organization112.1.0.0/16
Organization212.2.0.0/16
::
Organization25512.255.0.0/16
InternetPacket with IP 12.255.1.1
networks routes
12.0.0.0/8 XXX
13.0.0.0/20 XXX
:: ::
Example of Address Aggregation
ISP/Router12.0.0.0/8
Organization112.1.0.0/16
Organization212.2.0.0/16
::
Organization25512.255.0.0/16
Internet
Packet with IP 12.255.1.1
ISP/Router12.255.0.0/16
1. Which entry to use? • The entry with longest mask length
2. Which entry to drop? • A subnet entry with longest mask
length (a block <= 8192 most likely be dropped)
• The original ISP is still responsible for resolving all addresses in its block
networks routes
12.0.0.0/8 XXX
13.0.0.0/20 XXX
12.255.0.0/16 XXX
Routing with CIDR
Internet routers normally do not remember each individual IP
Internet routers need only to know how to reach ISPs Given an IP packet, routers determine the block it
belongs to and send the packet to the ISP who are responsible for this block
The ISP needs to know how to reach each of its own separate networks
CIDR significantly reduces the growth in the number of routing table entries at each level in the network hierarchy
Currently, the global routing tables have approximately 35,000 entries
Domain Name Service
Routers need an address to route while people need a host name to remember Host Names yield information to people IP addresses yield information to routers
Solution: give each IP address a name popeye.cs.iastate.edu 129.186.3.1 www.myown.com 111.222.333.444
Questions: Given an IP, how to find out its hostname? Given a hostname, how to find out its IP?
DNS: History
1970’s ARPANET All host-address mappings were in hosts.txt (in
/etc/hosts) Changes were submitted to SRI-NIC by email New versions of hosts.txt were updated periodically from
SRI Administrators could pick names at their discretion
As the internet grew this system broke down because of
Traffic and load: SRI couldn’t handled the load Reliability: The system was unreliable since there was a
single point of contact Consistency and confliction: Names were not unique and
many hosts had inaccurate copies of hosts.txtInternet growth was threatened
DNS was created in 1983 (RFCs 1034 and 1035), modified, updated, and enhanced by subsequent RFCs
DNS Concepts
Provide a lookup mechanism for object translation (IP address hostname)DNS is implemented as a globally distributed, loosely coherent, scalable, reliable, dynamic databaseDNS consists of three components Namespace Domain Name Servers DNS queries (issued by clients)
gethostbyname() gethostbyaddr()
DNS Namespace
The namespace must be able to scaleSolution: make namespace hierarchical by naming objects based on location (within country, set of
organizations, set of companies, etc) unit within that location (company within
set of company, etc) object within unit (name of person in
company)
Hierarchical Organization of Host names
The first level names are called “Top Level Domains”Depth of tree is arbitrary (limit 128)No restriction on the amount of branchDomains are subtrees
e.g. iastate.edu and cs.iastate.edu
Name collision avoided e.g. iastate.edu and iastate.com
root
edu com gov mil org net fr cn
iastate mit
cs eece
popeye
Hierarchical Administration of Host Names
root
edu com gov mil org net fr cn
mit
cs
popeye
root
edu com gov mil org net
iastate
eece
Each zone corresponds to an administrative authority that is responsible for that portion of the hierarchy
• Zones are “administrative spaces”• Zone administrators are responsible for portion
of a domain’s name space• Authority is delegated from a parent and to a
child
Domain Name Servers
Name servers, who answer “DNS” questions, are organized in hierarchiesEach server has authority over a portion of the hierarchy
A server maintains only a subset of all names
Each server contains all the records for the hosts in its zoneEach server may know other servers who are responsible for the other portions of the hierarchy
Every server knows the root Root server knows about all top-level domains
DNS Protocol
Govern the communication between a DNS client and a DNS server
A DNS client sends a query to a DNS server, which returns a response with the requested information
DNS primarily uses UDP for sending queries and responses, although TCP may also be used
DNS queries can be Recursive : such queries request the receiving
DNS server resolve the entire request itself Iterative : such queries request the receiving
DNS server respond directly to the DNS client with the IP address of the next DNS server in the hierarchy Root server handles only iterative queries
Example of Recursive Query
popeye.cs.iastate.edu wants IP address of www.berkeley.edu
1. Contacts its local DNS server, 129.186.3.1
2. 129.186.3.1 contacts root name server, if necessary
3. Root name server contacts authoritative
name server, ns1.berkeley.edu, if
necessary requesting hostpopeye.cs.iastate.edu
www.berkeley.edu
root name server
authorititive name serverns1.berkeley.edu
local name server129.186.3.1
1
23
4
5
6
Example of Iterated Queries
Contacted server replies with name of server to contact“I don’t know this name, but you can ask this server”
requesting hostpopeye.cs.iastate.edu
www.sales.myown.com
root name server
local name server129.186.3.1
1
2
34
67
authoritative name serverwww.myown.com
intermediate name server(com server)
5
8
iterated queries
DNS query is expensive
Resolving an IP hostname may invoke several messagesSolution: caching previous query results The cached mapping can be used The cached results can be associated
with TTL to reduce the risk of using expired information
DNS-based Web Server Load Balancing
A popular web site can be replicated in different geographical locations in order to provide better service to a diverse set of clients One web site can be associated with
more than one IP addresses For example, all hosts in the acme.com may have
the same IP address The return of an IP address may depend on where a
query is sent from
Load Balancing (1)
DNS can return an IP address based on where queries come from Direct HTTP requests to a collection of
web servers that provide access to the same content
Example: www.akamai.com
From AmesC:\>ping www.akamai.comPinging a1440.g.akamai.net [209.152.119.232] with 32 bytes of data:
Request timed out.Request timed out.Request timed out.Request timed out.
Ping statistics for 209.152.119.232: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
From the NY area 63.240.15.146
From the UK 194.82.174.224
Load Balancing (2)A query to a host name may return several IP address e.g., www.big.com may correspond to four
machines with IP addresses 1.2.3.1, 1.2.3.2, 1.2.3.3, 1.2.3.4
By default, the requesting client uses the first IP address Heavy load on the server 1.2.3.1
DNS can vary the order of the IP addresses for each query The response to the second query could be
1.2.3.2, 1.2.3.3, 1.2.3,4, 1.2.3.1.
DNS Summary
Internet address and CIDRDNS is a crucial part of the InternetNamespace is hierarchical Globally distributed and locally managedDNS performance is enhanced by cachingDNS can help balance web server workload