[컴퓨터네트워크] 2. Application Layer (4)

2.4 DNS (Domain Name System)

DNS (Domain Name System)

DNS: services, structure

▶ DNS services

: Hostname --> IP address

• Host aliasing: alias names --> canonical --> IP address
• Mail server aliasing
• Load distribution: 여러 서버 간에 트래픽을 분산하여, 하나의 서버로 모든 요청이 집중되지 않도록 하는 것
  --> hostname에 server를 할당한다.

 

Q. Why not centralize DNS?

A. 확장성이 없다! 

-- single point of failuire, traffic volume, distant centralized database (delay ↑), maintenance

 

DNS: a distributed, hierarchical database

DNS: a distributed, hierarchical database

• Root DNS servers
• Top-Level Domain (TLD) servers
• Authoritative domain servers

예) client wants IP for www.amazon.com;  

1. Client queries root server to find .com DNS server.
2. Client queries .com DNS server (TLD server) to get amazon.com DNS server.
3. Client queries amazon.com DNS server (Authoritative domain server) to get IP address for www.amazon.com.

 

 

DNS hierarchy in Korea

DNS hierarchy in Korea

 

 

DNS servers

1) Root DNS servers

Root DNS servers

• DNSSEC: DNS 보안 protocol --> DNS 레코드가 변경, 위조되지 않도록 DNS 레코드에 디지털 서명을 한다.
• ICANN(Internet Corporation for Assigned Names and Numbers): root DNS server들을 관리하는 기관

 

2) TLD (Top-Level Domain) servers

: Responsible for .com, .org, .net, .edu, .aero, .jobs, .museums, and all top-level country domains (.cn, .uk, .fr, .ca, .jp)

• Network Solutions, Educause, .kr: TLD를 관리한다.

 

3) Authoritative DNS servers

: Organization's own DNS servers, providing authoritative hostname to IP mappings for organization's named hosts.

--> Can be maintained by organization or service provider.

 

Local DNS name servers (= default name server)

=/= Authoritative DNS servers

• Does not strictly belong to hierarchy.
• Each ISP (residential, company, university) has one.
• When host makes DNS query, query is sent to its local DNS server.
  - caching: Local DNS server has local cache of recent name-to-address translation pairs (but may be out of date!).
  --> Acts as proxy, forwards query into hierarchy.

 

 

Local DNS servers --> DNS name resolution (Local DNS server를 포함한 방법)

1) Iterated query 

1) Iterated query

예) Host at cis.poly.edu wants IP address for gaia.cs.umass.edu.

--> requesting host (cis.poly.edu)가 query to local DNS server (dns.poly.edu).

• Local DNS server로 query가 집중된다.

 

2) Recursive query

2) Recursive query

예) Host at cis.poly.edu wants IP address for gaia.cs.umass.edu.

• Heavy load at upper levels of hierarchy!

 

 

Caching, Updating DNS records

▷ Once any name server learns mapping, it caches mapping.

• Cache entries timeout (disappear) after some time (TTL).
• TLD server는 주로 Local DNS server에 cached된다.

▷ Problem: out-of-date (cached entries may be out-of-date)

: If name host changes IP address, TTL이 다 끝날 때까지 it may not be known Internet-wide.

--> Solution: update/notify machanisms proposed IETF standard.

 

 

DNS records

▶ DNS: distributed database storing resource records (RR).

▶ RR format (DNS 저장 형식): (name, value, type, ttl)

 

▷ type: name-value의 관계

• type = A
  - name: hostname
  - value: IP address
• type = NS
  - name: domain
  - value: hostname of authoritative name server for this domain.
• type = CNAME
  - name: alias name for some canonical(진짜) name
  - value: canonical(진짜) name
• type = MX
  - value: mailserver의 name

 

 

DNS protocol, messages

DNS protocol, messages

: DNS query and reply messages, both with same message format:

▶ message header:

• identification
• flags

flags: !!!

▶ questions

▶ answers

▶ authority

▶ additional information

 

 

Inserting records into DNS

예) new startup Network Utopia(NU)

!!!

1. DNS register에 domain name(networkutopia.com)을 등록한다.

• names, IP address of authoritative name server 제공한다.
• two RRs (type NA, A) into .com TLD server.
  예) dns1.nu.com, 21.21.21.2, A

2. Create authoritative server locally with IP address(21.21.21.2)

• type A: www.nu.com (웹 서버)
• type MX: nu.com (메일 서버)

 

Accessing Web Page of Network Utopia(NU)

: Alice in Australia wants to view www.nu.com.  

Accessing Web Page of Network Utopia(NU)

1. Alice's host: sends DNS query to Alice's LDNS.
2. Alice's LDNS: contact .com TLD server.
   .com TLD server - contains type NS and A RR for the authoritative server of Network Utopia because register had them inserted into all of TLD .com servers. (.com TLD server가 이미 authoritative name server를 알고 있음)
3. .com TLD server: sends DNS reply containing type NS and A RR of authoritative server for Network Utopia to Alice's LDNS.
4. Alice's LDNS: sends DNS query to 21.21.21.2 (authoritative server of Network Utopia) asking for the IP address of the web server www.nu.com.
5. Authoritative DNS of Network Utopia: sends DNS reply containing 21.21.21.4 (IP address of www.nu.com) to Alice's LDNS.
6. Alice's LDNS: returns 21.21.21.4 (IP address of www.nu.com) to Alice's host.
7. Alice's browser can now initiate TCP connection to 21.21.21.4 and send HTTP request!