Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Naming (2) DISTRIBUTED.

Published byValentine Lester Modified over 9 years ago

Similar presentations

Presentation on theme: "Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Naming (2) DISTRIBUTED."— Presentation transcript:

1 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Naming (2) DISTRIBUTED SYSTEMS (dDist) 2014

2 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Plan Terminology Types of naming –Flat naming –Structured naming –Attribute-based naming

3 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Structured Naming Flat naming convenient is for machines, not for humans We would like to support names composed from simple, human- readable names –/users/jbn/public_html_cs/index.html –www.cs.au.dk

4 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Name Space Can be represented as a directed graph –Leaf node represents named entity –Directory nodes store pointers to other nodes

5 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Path Name Entities are uniquely named by giving a start node and names of edges to follow, called path names –n0:  home, steen, keys  –root:  dk, au, cs, www 

6 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Name Resolution Given path name, locate the entity being named –n0:  home, steen, keys   an inode For a Unix file system –root:  dk, au, cs, www   A 130.225.12.1 For the DNS system

7 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Name Space Implementation (1/2) Need distributed solution for large-scale networks Convenient that one directory node is fully handled by one organization/machine –Processes that need information on the node know who to contact Each machine can of course handle many nodes Zone: A sub-graph handled by a single machine

8 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Name Space Implementation (2/2) Logical layers –Global layer Handles the root node and nodes logically close to it Handles nodes with highly stable assignment –Administrational layer Handles nodes which have a fairly stable assignment Typically by a single enterprise –Managerial layer Maintained also by users Unstable assignment

9 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Name Space Distribution Figure 5-13. An example partitioning of the DNS name space, including Internet-accessible files, into three layers.

10 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Domain Name System (DNS) How to map structured names to IP addresses in the Internet? –“Back in the days”: HOSTS.TXT file FTP’ed among hosts Now a distributed name service –Hierarchical name space –Each level separated by ‘.’ Analogous to ‘/’ separator in file systems –One global root Replicated across 13 root servers There have been Denial of Service (DoS) attacks on these root servers, none successful Because of caching, queries to root servers relatively rare DNS is the only really global directory/name service –The true backbone of the Internet –The Internet = DNS + TCP/IP,UDP/IP

11 DNS is simple but powerful Three major components –Domain Name Space and Resource Records Specification for a tree-structured name space and small databases associated with nodes (both internal nodes and leaf nodes) –Name Servers Servers which hold the databases associated with some nodes and references to other name servers –Resolvers Client programs that extract information from name servers Name servers can be resolvers –Will be so in so-called recursive lookup Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5

12 Resource Records (1/3) Each name server holds a set of resource records which for each path specifies, e.g., what is the name server for the path and what is the address of the machine at the path path type data cs.au.dk.MX mx.nfit.au.dk means that mx.nfit.au.dk is mail server for the domain cs.au.dk

13 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Resource Records (2/3) path type data Some types of records –NS:Name server for the path –A:IP address for the path, if any Not all partial paths, like dk, correspond to machines –MX:Name of the mail server for path, if any (Mail eXchange) –AAAA:IPv6 address

14 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Resource Records (3/3) Examples of resource records: pathtype data dk.NSa.nic.dk. a.nic.dk.A212.88.78.122 au.dk. NS ns.au.dk ns.au.dkA130.225.9.11 cs.au.dkA130.225.16.1 cs.au.dkA130.225.16.42 cs.au.dkMXmx.nfit.au.dk. mx.nfit.au.dkA130.225.31.136

15 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Glue If a name server holds a record like pathtype data au.dk. NS ns.au.dk then it also holds a record like pathtype data ns.au.dkA130.225.9.11 And, it sends it along with the NS record

16 Path name resolved:  dk, au  Name server: ns.au.dk. 130.225.9.11 Knows: “cs.au.dk.” A  130.225.16.1 Knows: “cs.au.dk.” NS  130.225.9.11 au Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Looking up cs.au.dk Path name resolved:   Name server: a.root-servers.net. 198.41.0.4 Knows: “dk.” NS  212.88.78.122 Path name resolved:  dk  Name server: a.nic.dk 212.88.78.122 Knows: “au.dk.” NS  130.225.9.11 dk com org aau Path name resolved:  dk, au, cs  DNS name: cs.au.dk. IP: 130.225.16.1 cs science

17 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 DiG Let us ask the NS for “dk.” what the NS for “au.dk.” is?

18 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Replication “au.dk.” had three name servers: ns.au.dk. (130.225.9.11) ns2.au.dk(130.225.9.2) ns-soa.darenet.dk(130.226.1.4) They are kept identical and during lookup clients are requested to contact a random one Load balancing No single point of error

19 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Implementation of Name Resolution Figure 5-15. The principle of iterative name resolution.

20 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Implementation of Name Resolution Figure 5-16. The principle of recursive name resolution.

21 Caching DNS resolvers are allowed to cache entries –This speeds up lookup immensely The root servers are not receiving a lot of traffic when they are not under attack Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5

22 The Internet, Example The access a resource you need to: Name the resource (URL) –http://www.cs.au.dk/~jbn/index.html Resolve the name (DNS) –IP Address, then file server, file on disk Access the resource (TCP/IP): –And the rest of ISO OSI Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5

23 DNS is Insecure DNS is implemented over UDP/IP (switching to TCP/IP for large packets) UDP and TCP are insecure in that you have no guarantee who sent a given package –Anyone can therefore play DNS server to you!! When a resolver asks for the IP address of your.bank.dk, it might be a Russian hacker sending back the reply –And the provided IP address is then probably going to be for his machine

24 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Cache Poisoning (1/2) Caching makes the problem even worse A hacker finds a resolver used by many clients, like the resolver of your service provider She asks it to resolve “au.dk.” The resolver asks “dk.” for NS of “au.dk.” The hacker returns his own IP address Now the hacker is the name server for “au.dk.” for all clients using that resolver, as long as the address sits in the cache –Can then, e.g, direct messages for mx.nfit.au.dk to his own IP to read your e-mail from inside the service provider (and forward to mx.nfit.au.dk to not be detected)

25 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Cache Poisoning (2/2) You can read more about Cache poisoning in a note found on the homepage This note is also a nice walk through of the DNS system

26 Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Summary Naming is fundamental to distributed systems Different types of names may be used –Flat naming E.g., DHT –Structured naming E.g, DNS –Attribute-based naming E.g., LDAP

Download ppt "Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 Naming (2) DISTRIBUTED."

Similar presentations

Network Attack via DNS Fagpakke: IT Sikkerhed Modul: Introduktion til IT Sikkerhed 17-02-2012 Jesper Buus Nielsen.

Network Attack via DNS Fagpakke: IT Sikkerhed Modul: Introduktion til IT Sikkerhed Jesper Buus Nielsen.
Dr. Kalpakis CMSC621 Advanced Operating Systems Naming.

Dr. Kalpakis CMSC621 Advanced Operating Systems Naming.
Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.

Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
Spring 2006CS 3321 Name Service (DNS) Outline Terminology Domain Naming System.

Spring 2006CS 3321 Name Service (DNS) Outline Terminology Domain Naming System.
Naming Computer Engineering Department Distributed Systems Course Asst. Prof. Dr. Ahmet Sayar Kocaeli University - Fall 2014.

Naming Computer Engineering Department Distributed Systems Course Asst. Prof. Dr. Ahmet Sayar Kocaeli University - Fall 2014.
Distributed Systems Principles and Paradigms Chapter 04 Naming.

Distributed Systems Principles and Paradigms Chapter 04 Naming.
The implementation of a name space

The implementation of a name space
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 DISTRIBUTED SYSTEMS.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Election AlgorithmsCS-4513 D-term 20081 Election Algorithms CS-4513 Distributed Computing Systems (Slides include materials from Operating System Concepts,

Election AlgorithmsCS-4513 D-term Election Algorithms CS-4513 Distributed Computing Systems (Slides include materials from Operating System Concepts,
Computer Science Lecture 9, page 1 CS677: Distributed OS Today: Naming Names are used to share resources, uniquely identify entities and refer to locations.

Computer Science Lecture 9, page 1 CS677: Distributed OS Today: Naming Names are used to share resources, uniquely identify entities and refer to locations.
Naming Names in computer systems are used to share resources, to uniquely identify entities, to refer to locations and so on. An important issue with naming.

Naming Names in computer systems are used to share resources, to uniquely identify entities, to refer to locations and so on. An important issue with naming.
NamingCS-4513, D-Term 20071 Naming CS-4513 Distributed Computing Systems (Slides include materials from Operating System Concepts, 7 th ed., by Silbershatz,

NamingCS-4513, D-Term Naming CS-4513 Distributed Computing Systems (Slides include materials from Operating System Concepts, 7 th ed., by Silbershatz,
Application Layer At long last we can ask the question - how does the user interface with the network?

Application Layer At long last we can ask the question - how does the user interface with the network?
Distributed Systems CS 15-440 Naming – Part II Lecture 6, Sep 26, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.

Distributed Systems CS Naming – Part II Lecture 6, Sep 26, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.
DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S

DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S
Reliable Distributed Systems Naming (Communication Basics Part II) Slide set based on one by Prof. Paul Francis, Cornell University. Updated by Bina Ramamurthy.

Reliable Distributed Systems Naming (Communication Basics Part II) Slide set based on one by Prof. Paul Francis, Cornell University. Updated by Bina Ramamurthy.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)
NamingCS-4513, D-Term 20081 Naming CS-4513 Distributed Computing Systems (Slides include materials from Operating System Concepts, 7 th ed., by Silbershatz,

NamingCS-4513, D-Term Naming CS-4513 Distributed Computing Systems (Slides include materials from Operating System Concepts, 7 th ed., by Silbershatz,
Naming Names in computer systems are used to share resources, to uniquely identify entities, to refer to locations and so on. An important issue with naming.

Naming Names in computer systems are used to share resources, to uniquely identify entities, to refer to locations and so on. An important issue with naming.
25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Similar presentations

Ads by Google