Internet Address and Domain Name Service (DNS)

CS587x Lecture 5Department of Computer Science

Iowa State University

What to cover today

Internet Address IPv4 CIDR

Domain Name Service Name Resolution Load Balancing

Internet Addressing

IPv4 Each address is represented by 4 bytes Four numbers, 0-255, separated by dots

Classified IP address Class+Network ID+Host ID

0

byte 0 byte 1 byte 2 byte 3

A

1 0B

1 1 0C

1 1 1 0D

1 1 1 1 0E

Network ID Host ID

Network ID Host ID

Network ID Host ID

Multicast

Reserved

Special IP Addresses

Some special addresses 0.0.0.0 - “this host” 255.255.255.255 - “all hosts” 127.0.0.1 - “localhost”

Reserved addresses Can be used locally (behind Network Address

Translator, for example) 192.168.0.0-192.168.255.255 172.16.0.0-172.31.255.255 10.0.0.0-10.255.255.255

Not routed through the Internet

IP Address Space Exhaustion

Restricting IP addresses to 32 bits imposes a major limitation in the number of hosts on the Internet

IPv6 calls for 128 bits address, but requires significant changes throughout much of the Internet

Some solutions Assign IP to machines dynamically

For an ISP, at any given time, only a small percentage of its customers are connected to the network

Computers not visible to the Internet can share the same block of IP address

Classless Interdomain Routing (CIDR)

CIDR uses flexible block sizes for address allocation CIDR allows the division between the network

and host portions of the IP addresses to occur at any point in the 32-bit number

The size of a block of IP addresses could be any power of 2

A CIDR network is identified by a network address and a mask length that indicates how many bits are devoted to the network part of the address 204.70.2.0/23: the 23-bit network address leaves 9 of

the 32 bits for representing 512 hosts on that network 129.186.0.0/16 (ISU), 192.188.162.0/24 (ISU Research

Park), 63.224.0.0/13 (USWest)

Compatibility with Existing Addresses

The addresses allocated with class can be extended with mask Class A address, a#.b#.c#.d# can be

recognized as a#.b#.c#.d#/8 Class B address, a#.b#.c#.d# can be

recognized as a#.b#.c#.d#/16 Class C address, a#.b#.c#.d# can be

recognized as a#.b#.c#.d#/24

Advantages of CIDR

Flexible allocation of IP address blocks allows more efficient use of 32-bit address space

An organization needing 512 addresses could be assigned with a 23-bit mask, rather than an entire class B network (65536 addresses)

ISPs can now aggregate their networks into larger blocks for the purpose of routing

Suppose an ISP is assigned the 12.0.0.0/8 network. This block of addresses could be divided into smaller blocks and allocated to specific customers of this ISP

E.g., one customer can have 12.45.0.0/16 and another might have 12.194.34.0/23 network

The allocation of address blocks may depend on the size of the customer

Routing with CIDR

Routers normally do not remember each individual IP Given an IP packet, routers determine the

block it belongs to and send the packet to the ISP who are responsible for this block

The ISP needs to know how to reach each of its own separate networks

Advantage: Internet routers need only to know how to reach ISPs Hierarchical addressing Similar to postal office

Domain Name Service

Routers need an address to route while people need a host name to remember Host Names yield information to people IP addresses yield information to routers

Solution: give each IP address a name popeye.cs.iastate.edu 129.186.3.1 www.myown.com 111.222.333.444

Questions: Given an IP, how to find out its hostname? Given a hostname, how to find out its IP?

DNS: History

1970’s ARPANET All host-address mappings were in hosts.txt (in

/etc/hosts) Changes were submitted to SRI-NIC by email New versions of hosts.txt were updated periodically from

SRI Administrators could pick names at their discretion

As the internet grew this system broke down because of

Traffic and load: SRI couldn’t handled the load Reliability: The system was unreliable since there was a

single point of contact Consistency and confliction: Names were not unique and

many hosts had inaccurate copies of hosts.txtInternet growth was threatened

DNS was created in 1983 (RFCs 1034 and 1035), modified, updated, and enhanced by subsequent RFCs

DNS Concepts

Provide a lookup mechanism for object translation (IP address hostname)DNS is implemented as a globally distributed, loosely coherent, scalable, reliable, dynamic databaseDNS consists of three components Namespace Domain Name Servers DNS queries (issued by clients)

gethostbyname() gethostbyaddr()

DNS Namespace

The namespace must be able to scaleSolution: make namespace hierarchical by naming objects based on location (within country, set of

organizations, set of companies, etc) unit within that location (company within

set of company, etc) object within unit (name of person in

company)

Hierarchical Organization of Host names

The first level names are called “Top Level Domains”Depth of tree is arbitrary (limit 128)No restriction on the amount of branchDomains are subtrees

e.g. iastate.edu and cs.iastate.edu

Name collision avoided e.g. iastate.edu and iastate.com

root

edu com gov mil org net fr cn

iastate mit

cs eece

popeye

Hierarchical Administration of Host Names

root

edu com gov mil org net fr cn

mit

cs

popeye

root

edu com gov mil org net

iastate

eece

Each zone corresponds to an administrative authority that is responsible for that portion of the hierarchy

• Zones are “administrative spaces”• Zone administrators are responsible for portion

of a domain’s name space• Authority is delegated from a parent and to a

child

Domain Name Servers

Name servers, who answer “DNS” questions, are organized in hierarchiesEach server has authority over a portion of the hierarchy

A server maintains only a subset of all names

Each server contains all the records for the hosts in its zoneEach server may know other servers who are responsible for the other portions of the hierarchy

Every server knows the root Root server knows about all top-level domains

DNS Protocol

Govern the communication between a DNS client and a DNS server

A DNS client sends a query to a DNS server, which returns a response with the requested information

DNS primarily uses UDP for sending queries and responses, although TCP may also be usedDNS queries can be Recursive : such queries request the receiving

DNS server resolve the entire request itself Iterative : such queries request the receiving DNS

server respond directly to the DNS client with the IP address of the next DNS server in the hierarchy Root server handles only iterative queries

Example of Recursive Query

popeye.cs.iastate.edu wants IP address of www.berkeley.edu

1. Contacts its local DNS server, 129.186.3.1

2. 129.186.3.1 contacts root name server, if necessary

3. Root name server contacts authoritative

name server, ns1.berkeley.edu, if

necessary requesting hostpopeye.cs.iastate.edu

www.berkeley.edu

root name server

authorititive name serverns1.berkeley.edu

local name server129.186.3.1

1

23

4

5

6

Example of Iterated Queries

Contacted server replies with name of server to contact“I don’t know this name, but you can ask this server”

requesting hostpopeye.cs.iastate.edu

www.sales.myown.com

root name server

local name server129.186.3.1

1

2

34

67

authoritative name serverwww.myown.com

intermediate name server(com server)

5

8

iterated queries

DNS query is expensive

Resolving an IP hostname may invoke several messagesSolution: caching previous query results The cached mapping can be used The cached results can be associated

with TTL to reduce the risk of using expired information

DNS-based Web Server Load Balancing

A popular web site can be replicated in different geographical locations in order to provide better service to a diverse set of clients One web site can be associated with

more than one IP addresses For example, all hosts in the acme.com may have

the same IP address The return of an IP address may depend on where a

query is sent from

Load Balancing (1)

DNS can return an IP address based on where queries come from Direct HTTP requests to a collection of

web servers that provide access to the same content

Example: www.akamai.com

From AmesC:\>ping www.akamai.comPinging a1440.g.akamai.net [209.152.119.232] with 32 bytes of data:

Request timed out.Request timed out.Request timed out.Request timed out.

Ping statistics for 209.152.119.232: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

From the NY area 63.240.15.146

From the UK 194.82.174.224

Load Balancing (2)A query to a host name may return several IP address e.g., www.big.com may correspond to four

machines with IP addresses 1.2.3.1, 1.2.3.2, 1.2.3.3, 1.2.3.4

By default, the requesting client uses the first IP address Heavy load on the server 1.2.3.1

DNS can vary the order of the IP addresses for each query The response to the second query could be

1.2.3.2, 1.2.3.3, 1.2.3,4, 1.2.3.1.

DNS Summary

Internet address and CIDRDNS is a crucial part of the internetNamespace is hierarchical Globally distributed and locally managedDNS performance is enhanced by cachingDNS can help balance web server workload