Untangling the Web from DNS Michael Walfish Hari Balakrishnan Massachusetts Institute of Technology Scott Shenker UC Berkeley/ICSI IRIS Project 30 March.

Slides:



Advertisements
Similar presentations
SkipNet: A Scalable Overlay Network with Practical Locality Properties Nick Harvey, Mike Jones, Stefan Saroiu, Marvin Theimer, Alec Wolman Microsoft Research.
Advertisements

Secure Naming structure and p2p application interaction IETF - PPSP WG July 2010 Christian Dannewitz, Teemu Rautio and Ove Strandberg.
Internet Indirection Infrastructure (i3 ) Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Surana UC Berkeley SIGCOMM 2002 Presented by:
1 Data-Oriented Network Architecture (DONA) Scott Shenker (M. Chowla, T. Koponen, K. Lakshminarayanan, A. Ramachandran, A. Tavakoli, I. Stoica)
Internet Applications INTERNET APPLICATIONS. Internet Applications Domain Name Service Proxy Service Mail Service Web Service.
Information-Centric Networks05c-1 Week 5 / Paper 3 Democratizing content publication with Coral –Michael J. Freedman, Eric Freudenthal, David Mazières.
Michael Walfish, Jeremy Stribling, Maxwell Krohn, Hari Balakrishnan, Robert Morris, and Scott Shenker * 7 December 2004 MIT Computer Science and AI Lab.
Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.
Peer-to-Peer (P2P) Distributed Storage 1Dennis Kafura – CS5204 – Operating Systems.
Flat Identifiers Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays 1:30pm-2:50pm.
Implementing Domain Name System
Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
1 Content Delivery Networks iBAND2 May 24, 1999 Dave Farber CTO Sandpiper Networks, Inc.
Information-Centric Networks03c-1 Week 3 / Paper 3 The design and implementation of a next generation name service for the Internet –Venugopalan Ramasubramanian.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved Naming (2) DISTRIBUTED.
Naming Computer Engineering Department Distributed Systems Course Asst. Prof. Dr. Ahmet Sayar Kocaeli University - Fall 2014.
1 Defragmenting DHT-based Distributed File Systems Jeffrey Pang, Srinivasan Seshan Carnegie Mellon University Phillip B. Gibbons, Michael Kaminsky Intel.
EEC-484/584 Computer Networks Lecture 6 Wenbing Zhao
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Cis e-commerce -- lecture #6: Content Distribution Networks and P2P (based on notes from Dr Peter McBurney © )
Topics in Reliable Distributed Systems Lecture 2, Fall Dr. Idit Keidar.
EEC-484/584 Computer Networks Discussion Session for HTTP and DNS Wenbing Zhao
What’s a Web Cache? Why do people use them? Web cache location Web cache purpose There are two main reasons that Web cache are used:  to reduce latency.
Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.
Squirrel: A decentralized peer- to-peer web cache Paul Burstein 10/27/2003.
Fixing the Embarrassing Slowness of OpenDHT on PlanetLab Sean Rhea, Byung-Gon Chun, John Kubiatowicz, and Scott Shenker UC Berkeley (and now MIT) December.
Topics in Reliable Distributed Systems Fall Dr. Idit Keidar.
Reliable Distributed Systems Naming (Communication Basics Part II) Slide set based on one by Prof. Paul Francis, Cornell University. Updated by Bina Ramamurthy.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
Lecture 10 Naming services for flat namespaces. EECE 411: Design of Distributed Software Applications Logistics / reminders Project Send Samer and me.
Internet Indirection Infrastructure (i3) Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Surana UC Berkeley SIGCOMM 2002.
DNS. Outline r Domain Name System r DNS Hierarchy r Resolution.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
Windows Server 2008 Chapter 8 Last Update
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.
1 Content Distribution Networks. 2 Replication Issues Request distribution: how to transparently distribute requests for content among replication servers.
A Layered Naming Architecture for the Internet Hari Balakrishnan, Karthik Lakshminarayanan, Sylvia Ratnasamy, Scott Shenker, Ion Stoica, Michael Walfish.
NAME SERVICES. Names and addresses File names /etc/passwd URLS Internet domain names—dcs.qmw.ac.uk Identifiers- ROR, NFS.
ICS362 Distributed Systems Dr Ken Cosh Week 5. Review Communication – Fundamentals – Remote Procedure Calls (RPC) – Message Oriented Communication – Stream.
Ch-9: NAME SERVICES By Srinivasa R. Gudipati. To be discussed.. Fundamentals of Naming Services Naming Resolution The Domain Name System (DNS) Directory.
Server tools. Site server tools can be utilised to build, host, track and monitor transactions on a business site. There are a wide range of possibilities.
Paper Presentation – CAP Page 2 Outline Review - DNS Proposed Solution Simulation Results / Evaluation Discussion.
5.1 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.
Overcast: Reliable Multicasting with an Overlay Network CS294 Paul Burstein 9/15/2003.
October 8, 2015 University of Tulsa - Center for Information Security Microsoft Windows 2000 DNS October 8, 2015.
2: Application Layer1 Chapter 2 outline r 2.1 Principles of app layer protocols r 2.2 Web and HTTP r 2.3 FTP r 2.4 Electronic Mail r 2.5 DNS r 2.6 Socket.
Database-Driven Web Sites, Second Edition1 Chapter 5 WEB SERVERS.
Information-Centric Networks06a-1 Week 6 / Paper 1 Untangling the Web from DNS –Michael Walfish, Hari Balakrishnan and Scott Shenker –Networked Systems.
Domain Name System. CONTENTS Definitions. DNS Naming Structure. DNS Components. How DNS Servers work. DNS Organizations. Summary.
DNS and Naming Aditya Akella 03/16/2007 Supplemental slides.
Hari Balakrishnan 24 February 2005 MIT CSAIL UC Berkeley / ICSI IRIS Project Peering Peer-to-Peer Providers Scott Shenker Michael Walfish.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
The Case for Semantic-Free Referencing Hari BalakrishnanScott Shenker Michael Walfish MIT & ICSI/UCB IRIS Project.
1 Secure Peer-to-Peer File Sharing Frans Kaashoek, David Karger, Robert Morris, Ion Stoica, Hari Balakrishnan MIT Laboratory.
DNS Security Extension 1. Implication of Kaminsky Attack Dramatically reduces the complexity and increases the effectiveness of DNS cache poisoning –No.
Information-Centric Networks Section # 6.1: Evolved Naming & Resolution Instructor: George Xylomenos Department: Informatics.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
The Design and Implementation of a Next Generation Name Service for the Internet V. Ramasubramanian, E. Gun Sirer Cornell Univ. SIGCOMM 2004 Ciprian Tutu.
Domain Name System INTRODUCTION to Eng. Yasser Al-eimad
Naming CSCI 6900/4900. Mounting Mounting – Merging different namespaces transparently File system example –Directory node of one namespace stores identifier.
Basics of the Domain Name System (DNS) By : AMMY- DRISS Mohamed Amine KADDARI Zakaria MAHMOUDI Soufiane Oujda Med I University National College of Applied.
John S. Otto Mario A. Sánchez John P. Rula Fabián E. Bustamante Northwestern, EECS.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Internet Indirection Infrastructure (i3)
IMPLEMENTING NAME RESOLUTION USING DNS
Overview i3 Layered naming DOA SFR.
Building Peer-to-Peer Systems with Chord, a Distributed Lookup Service
Consistent Hashing and Distributed Hash Table
Presentation transcript:

Untangling the Web from DNS Michael Walfish Hari Balakrishnan Massachusetts Institute of Technology Scott Shenker UC Berkeley/ICSI IRIS Project 30 March 2004

Introduction The Web depends on linking; links contain references Properties of DNS-based references encode administrative domain human-friendly click here These properties are problems!

Web Links Should Use Flat Identifiers <A HREF= >my friends dog <A HREF= >my friends dog <A HREF= >my friends dog <A HREF= >my friends dog Current Proposed This talk: That we should build this That we can build this

Outline I.Argue for flat tags instead of DNS-based URLs II.Resolution service for flat tags

Status Quo DNS IP addr a.com Browser HTTP GET: /dog.jpg <A HREF= >Spot <A HREF= >Spot Web Page Why not DNS? Reference Resolution Service

Goal #1: Stable References Stable=reference is invariant when object moves In other words, links shouldnt break DNS-based URLs are not stable...

Object Movement Breaks Links isp.com dog.jpg isp-2.com spot.jpg HTTP 404 HTTP GET: /dog.jpg Browser <A HREF= >Spot <A HREF= >Spot URLs hard-code a domain and a path

Object Movement Breaks Links, Contd isp.com dog.jpg isp-2.com spot.jpg HTTP 404 HTTP GET: /dog.jpg Browser <A HREF= >Spot <A HREF= >Spot Todays solutions not stable: HTTP redirects need cooperation of original host Vanity domains, e.g.: internetjoe.org now owner cant change

Goal #2: Supporting Object Replication Host replication relatively easy today But per-object replication requires: separate DNS name for each object virtual hosting so replica servers recognize names configuring DNS to refer to replica servers isp.com /docs/foo.ps mit.edu ~joe/foo.ps HTTP GET / host: object26.org HTTP GET / host: object26.org

What Should References Encode? Observe: if the object is allowed to change administrative domains, then the reference cant encode an administrative domain What can the reference encode? Nothing about the object that might change! Especially not the objects whereabouts! What kind of namespace should we use?

Goal #3: Automate Namespace Management Automated management implies no fighting over references DNS-based URLs do not satisfy this...

DNS is a Locus of Contention Used as a branding mechanism tremendous legal combat name squatting, typo squatting, reverse hijacking,... ICANN and WIPO politics technical coordinator inventing naming rights set-asides for misspelled trademarks Humans will always fight over names...

Separate References and User-level Handles So arent you just moving the problem? Yes. But. Let people fight over handles, not references Object Location Human- unfriendly References User Handles (AOL Keywords, New Services, etc.) tussle space [Clark et al., 2002]

Two Principles for References 1.References should not embed object or location semantics 2.References should be human-unfriendly Flat tags Minimal interface Natural choice:

Outline I.Argue for flat tags instead of DNS-based URLs II.Resolution service for flat tags: SFR Object Location Flat Tag User Handle (AOL Keyword, New Handle, etc.)

<A HREF= >Spot <A HREF= >Spot Managed DHT-based Infrastructure GET(0xf012c1d) ( , 80, /pics/dog.gif) o-record HTTP GET: /pics/dog.gif Web Server /pics/dog.gif SFR in a Nutshell orec API orec = get(tag); put(tag, orec); Anyone can put() or get()

Resilient Linking SFR <A HREF= >here is a paper <A HREF= >here is a paper HTTP GET: /docs/pub.pdf /docs/ HTTP GET: /~user/pubs/pub.pdf ( ,80, /docs/) ( ,80, /~user/pubs/) /~user/pubs/ tag abstracts all object reachability information objects: any granularity (files, directories, hosts)

(Doesnt address massive replication) Flexible Object Replication (IP1, port1, path1), (IP2, port2, path2), (IP3, port3, path3),... 0xf SFR o-record Grass-roots Replication People replicate each others content Does not require control over Web servers

Reference Management Requirements No collisions, even under network partition References must be human-unfriendly Only authorized updates to o-records Approach: randomness and self-certification tag = hash(pubkey, salt) o-record has pubkey, salt, signature anyone can check if tag and o-record match

Latency Problem: Lookups should be fast Solution: lots of TTL-based caching Clients and DHT nodes cache o-records DHT nodes cache each others locations In Chord, aggressive location caching 2 or 3 hops per lookup Could also use one-hop or Beehive

Outline I.Argue for flat tags instead of DNS-based URLs II.Resolution service for flat tags: SFR III.Related Work / Summary / Conclusion

Related Work URN (Universal Resource Name) DOI: an existing URN implementation PURL (Permanent URL) Globe Open Network Handles DNS over Chord

Summary Should we build flat references for the Web? Yes! Can we build flat references for the Web? Yes! (Our implementation is usable.) Lots of future work...

Conclusion DNS-based URLs certainly convenient! But flat tags better for linking Future: type DNS names, link with flat tags?

Appendix Slides

Implementation HTTP SFR Web Proxy SFR Client SFR Portal Chord DHash SFR Server Web Client Proxy allows: End-users to experience SFR latency Dynamic population of SFR infrastructure with o-records orec = get(tag) put(orec,tag) HTTP SFR Portal GetRequest GetResponse PlanetLab

Evaluation SFR data eight day trace 390 virtual hosts; 130 nodes in Chord ring on PlanetLab latency seen by SFR portal most queries are two hops informal feedback: generally indistinguishable from DNS Comparison meant to be suggestive not conclusive DNS data collected at MIT CSAIL, Feb. 2004

SFR Components Portal Relay Org Store SFR Infrastructure Organization Infrastructure stores (tag, o-record) pairs Caching throughout; o-record has TTL field SFR Client Application SFR Client Application SFR Client Application SFR Client Application

Portal Relay Org Store SFR Infrastructure Organization Fate Sharing put(tag,orec) get(tag) Fate sharing via write-locality Simple case... SFR Client Application SFR Client Application SFR Client Application SFR Client Application

Alternate SFR Design: SFR-- SFR stores only pointers to organizations Analogous to NS records in DNS GET(0xf012120) org ptr: x User SFR Infrastructure x GET(0xf012120) meta-data (IP addr, etc.) Organization

When Files Separate From Directories SFR <A HREF= >here is a paper <A HREF= >here is a paper HTTP GET: /doc/pub3.ps /doc/pub1.ps HTTP GET: /abc/pub3.ps ( ,80, /doc/) redirect ptr: x /abc/pub3.ps /doc/pub2.ps /doc/pub3.ps x GET(0xf012012)

Location Caching Simulate effect of location caching 20 lookups/sec; one failure and one birth per 10 sec. Timeout rate: 4% 1000 nodes

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.