Lecture 7: Domain Name Service (DNS) Reading: Section 9.1 ? CMSC 23300/33300 Computer Networks

2 Goals of Today’s Lecture l Computer science concepts underlying DNS u Indirection: names in place of addresses u Hierarchy: in names, addresses, and servers u Caching: of mappings from names to/from addresses l Inner workings of DNS u DNS resolvers and servers u Iterative and recursive queries u TTL-based caching l Web and DNS u Influence of DNS queries on Web performance u Server selection and load balancing

3 Host Names vs. IP addresses l Host names u Mnemonic name appreciated by humans u Variable length, alpha-numeric characters u Provide little (if any) information about location u Examples: and ftp.eurocom.fr l IP addresses u Numerical address appreciated by routers u Fixed length, binary number u Hierarchical, related to host location u Examples: and

4 Separating Naming and Addressing l Names are easier to remember u vs l Addresses can change underneath u Move to u E.g., renumbering when changing providers l Name could map to multiple IP addresses u to multiple replicas of the Web site l Map to different addresses in different places u Address of a nearby copy of the Web site u E.g., to reduce latency, or return different content l Multiple names for the same address u E.g., aliases like ee.mit.edu and cs.mit.edu

5 Strawman Solution: Local File l Original name to address mapping u Flat namespace u /etc/hosts u SRI kept main copy u Downloaded regularly l Count of hosts was increasing: moving from a machine per domain to machine per user u Many more downloads u Many more updates

6 Strawman Solution #2: Central Server l Central server u One place where all mappings are stored u All queries go to the central server l Many practical problems u Single point of failure u High traffic volume u Distant centralized database u Single point of update u Does not scale Need a distributed, hierarchical collection of servers

7 Domain Name System (DNS) l Properties of DNS u Hierarchical name space divided into zones u Distributed over a collection of DNS servers l Hierarchy of DNS servers u Root servers u Top-level domain (TLD) servers u Authoritative DNS servers l Performing the translations u Local DNS servers u Resolver software

8 DNS Root Servers l 13 root servers (see l Labeled A through M B USC-ISI Marina del Rey, CA L ICANN Los Angeles, CA E NASA Mt View, CA F Internet Software C. Palo Alto, CA (and 36 other locations) I Autonomica, Stockholm (plus 28 other locations) K RIPE (17 locations) M WIDE Tokyo (also Seoul, Paris) A Verisign, Dulles, VA C Cogent, Herndon, VA (also Los Angeles, Chicago, NYC) D U Maryland College Park, MD G US DoD Vienna, VA H ARL Aberdeen, MD J Verisign (17 locations)

9 TLD and Authoritative DNS Servers l Top-level domain (TLD) servers u Generic domains (e.g., com, org, edu) u Country domains (e.g., uk, fr, ca, jp) u Typically managed professionally l Network Solutions maintains servers for “com” l Educause maintains servers for “edu” l Authoritative DNS servers u Provide public records for hosts at an organization u For the organization’s servers (e.g., Web and mail) u Can be maintained locally or by a service provider

10 Distributed Hierarchical Database comeduorgac uk zw arpa unnamed root bar westeast foomy ac cam usr in- addr generic domainscountry domains my.east.bar.edu usr.cam.ac.uk /24

11 Using DNS l Local DNS server (“default name server”) u Usually near the end hosts who use it u Local hosts configured with local server (e.g., /etc/resolv.conf) or learn the server via DHCP l Client application u Extract server name (e.g., from the URL) u Do gethostbyname() to trigger resolver code l Server application u Extract client IP address from socket u Optional gethostbyaddr() to translate into name

12 requesting host cis.poly.edu gaia.cs.umass.edu root DNS server local DNS server dns.poly.edu authoritative DNS server dns.cs.umass.edu 7 8 TLD DNS server (for edu) Example Host at cis.poly.edu wants IP address for gaia.cs.umass.edu

13 Recursive vs. Iterative Queries l Recursive query u Ask server to get answer for you u E.g., request 1 and response 8 l Iterative query u Ask server who to ask next u E.g., all other request- response pairs requesting host cis.poly.edu root DNS server local DNS server dns.poly.edu authoritative DNS server dns.cs.umass.edu 7 8 TLD DNS server

14 DNS Caching l Performing all these queries take time u And all this before the actual communication takes place u E.g., 1-second latency before starting Web download l Caching can substantially reduce overhead u The top-level servers very rarely change u Popular sites (e.g., visited often u Local DNS server often has the information cached l How DNS caching works u DNS servers cache responses to queries u Responses include a “time to live” (TTL) field u Server deletes the cached entry after TTL expires

15 Negative Caching l Remember things that don’t work u Misspellings like & u These can take a long time to fail the first time u Good to remember that they don’t work u … so the failure takes less time the next time around

16 DNS Resource Records DNS: distributed database storing resource records (RR) l Type=NS  name is domain (e.g. foo.com)  value is hostname of authoritative name server for this domain RR format: (name, value, type, ttl) l Type=A  name is hostname  value is IP address l Type=CNAME  name is alias name for some “canonical” (the real) name is really servereast.backup2.ibm.com  value is canonical name l Type=MX  value is name of mailserver associated with name

17 DNS Protocol DNS protocol: query and reply messages, both with same message format Message header: l Identification: 16 bit # for query, reply to query uses same # l Flags: u Query or reply u Recursion desired u Recursion available u Reply is authoritative

18 Reliability l DNS servers are replicated u Name service available if at least one replica is up u Queries can be load balanced between replicas l UDP used for queries u Need reliability: must implement this on top of UDP l Try alternate servers on timeout u Exponential backoff when retrying same server l Same identifier for all queries u Don’t care which server responds

19 Inserting Resource Records into DNS l Example: just created startup “FooBar” l Register foobar.com at Network Solutions u Provide registrar with names and IP addresses of your authoritative name server (primary and secondary) u Registrar inserts two RRs into the com TLD server: l (foobar.com, dns1.foobar.com, NS) l (dns1.foobar.com, , A) l Put in authoritative server dns1.foobar.com u Type A record for u Type MX record for foobar.com

20 Playing With DIG on UNIX l DIG (domain information grouper) program u Allows querying of DNS system u Use flags to find name server (NS) u Disable recursion so that operates one step at a time unix> dig NS ;; AUTHORITY SECTION: edu. 2D IN NS L3.NSTLD.COM. edu. 2D IN NS D3.NSTLD.COM. edu. 2D IN NS A3.NSTLD.COM. edu. 2D IN NS E3.NSTLD.COM. edu. 2D IN NS C3.NSTLD.COM. edu. 2D IN NS G3.NSTLD.COM. edu. 2D IN NS M3.NSTLD.COM. edu. 2D IN NS H3.NSTLD.COM.

DNS and the Web

22 DNS Query in Web Download l User types or clicks on a URL u E.g., l Browser extracts the site name u E.g., l Browser calls gethostbyname() to learn IP address u Triggers resolver code to query the local DNS server l Eventually, the resolver gets a reply u Resolver returns the IP address to the browser l Then, the browser contacts the Web server u Creates and connects socket, and sends HTTP request

23 Multiple DNS Queries l Often a Web page has embedded objects u E.g., HTML file with embedded images l Each embedded object has its own URL u … and potentially lives on a different Web server u E.g., l Browser downloads embedded objects u Usually done automatically, unless configured otherwise u Requires learning the address for

24 When are DNS Queries Unnecessary? l Browser is configured to use a proxy u E.g., browser sends all HTTP requests through a proxy u Then, the proxy takes care of issuing the DNS request l Requested Web resource is locally cached u E.g., cache has u No need to fetch the resource, so no need to query l Browser recently queried for this host name u E.g., user recently visited u So, the browser already called gethostbyname() u … and may be locally caching the resulting IP address

25 Web Server Replicas l Popular Web sites can be easily overloaded u Web site often runs on multiple server machines Internet

26 Directing Web Clients to Replicas l Simple approach: different names u www1.cnn.com, www2.cnn.com, www3.cnn.com u But, this requires users to select specific replicas l More elegant approach: different IP addresses u Single name (e.g., multiple addresses u E.g., , , , … l Authoritative DNS server returns many addresses u And the local DNS server selects one address u Authoritative server may vary the order of addresses

27 Clever Load Balancing Schemes l Selecting the “best” IP address to return u Based on server performance u Based on geographic proximity u Based on network load u … l Example policies u Round-robin scheduling to balance server load u U.S. queries get one address, Europe another u Tracking the current load on each of the replicas

28 Challenge: What About DNS Caching? l Problem: DNS caching u What if performance properties change? u Web clients still learning old “best” Web server u … until the cached information expires l Solution: Small Time-to-Live values u Setting artificially small TTL values u … so replicas picked based on fresh information l Disadvantages: abuse of DNS? u Many more DNS request/response messages u Longer latency in initiating the Web requests

29 Summary l Domain Name System u Distributed, hierarchical database u Distributed collection of servers u Caching to improve performance l Next class: Internet Control Protocols ( ) u Address Resolution Protocol (ARP) u Dynamic Host Configuration Protocol (DHCP) u (Internet Control Message Protocol—ICMP—Lect. 2)