9080 02246 0684 3 MIT LIBRARIES
advertisement
MIT LIBRARIES 3 9080 02246 0684 I LIBRARIES J k^ DEWEY HD28 ,M414 Oi MIT Sloan School of Management Sloan Working Paper 4213-01 August 2001 A SELF-CONFIGURING AND SELF-ADMINISTERING NAME SYSTEM WITH DYNAMIC ADDRESS ASSIGNMENT Paul Huck, Michael Butler, Amar Gupta, Michael Feng This paper also can be downloaded without charge from the Social Science Research Network Electronic Paper Collection: http://papers.ssm.coni/paper. taf?abstract_id=289254 A Self-Configuring and Self-Administering Name System with Dynamic Address Assignment Paul Huck Oracle Corporation Michael Butler MITRE Corporation Amar Gupta Massachusetts Institute of Technology Michael Feng Oracle Corporation Abstract A distributed system that stores name-to-address bindings and provides name resolution to a network of computers is presented in this paper. This name system najTie service consists (DNS). The DNS consists of a network of name services of an agent program that in offers high scalability and feult-tolerance Name Domain (BIND) BIND process based on the changing capabilities and conjunction with the current implementation of the agent program automatically configures a Berkeley Intemet dynamically reconfigures and administers the 1 works that are individually self-configuring state The self-administering. Domain Name System process during start up and of the network. The proposed name system and communicates using standard Intemet protocols. Introduction As we approach protocol suite, has shown the close of their second decade of use, the underlying technology of the a tremendous resilience that attests to the fiamers' foresight. Their achievement one considers that this architecture was conceived and few types of digital transactions. relatively Internet, specifically the at a time when there were remarkably few network is TCP/IP even more remaikable when hosts, very low bandwidth Computer mobility was unheard of and corporations and campuses were links, generally centralized at a single geographic location. Today, the Intemet is rapidly approaching a billion hosts; link bandwidths vary irom paltry himdred bits per second to per second; links carry real-time voice, video, and data trafBc including financial, medical, criminal records, which place privacy as well as performance; host mobility virtual private fluidity is commonplace, and organizations networks. With the advent of "titemet Ready" of the Intemet to continue. are now gigabits demands on geographically distributed are connected by embedded processors, we can expect these increases in size, diversity, and The underlying One such expected as the hitemet continues to evolve. networks (e.g., home state all hosts would have unique, permanently assigned IP addresses' into three classes. saw among the participating A fit. few years ago —displace IPv4 and its One of the ways this . a conscious effort or masquerading it presence of host mobility, micro on address tlie ftiture. It was envisioned that all interfaces Thus, large blocks of addresses were assigned to an institution or a of the allocated block was determined by the organizations expected needs and size them both it distributed the the responsibility management of address space inefficient was being management of the and authority for fell four billion available managing a portion of the address rapidly exhausted One of the lead to a short-term crisis; it appeared that the then solutions, IPv6, offered a presently "inconceivably large" Although several IPv6 implementations are now available, IPv6 has not—and in feet might paltry address space. that the "address desire tor a globally unique, in the were wastefiil^, the perception was that the available 32-bit address space was inconceivably large. 128-bit address space as an alternative. DHCP, The organizations giving "inconceivably large" address space was for management the discussion with a brief historical perspective A, B, and C. This approach worked exceptionally well since space. Although such allocations never We begin as ever, but weaknesses (growing pains?) are to be of the hitemet, address space management was deceptively simple. corporation to administer as they addresses area involves address space of things today, and explore an alternative In the infancy stages now sound Internet are as networks), and network reconfiguration. management, recap the on of the architectural concepts space crisis" in IPv4 was averted was the rethinking of one of IP's permanent address assignment for every host occurred accidentally, but address space firewalls, and VPNs. interface. It is initial assumptions—the arguable whether this change in assumptions management changed fijndamentally with the introduction of We now routinely violate the permanency and even the uniqueness of address assignment by recycling IP addresses both temporally and spatially. Such of a connection loss of a Q^ansient assignments have, is DHCP work around for integrally lease (e.g., by a dropped PPP connection) on the changes Excepting experimental subnets A effectively severs TCP's dependence on address permanence. packets are transiently tunneled to the "care Class artifacts in other protocols; specifically, TCP's concept coupled to the invariance of source and destination address as presented in the packet header. Hence, the providing routing changes based A however, exposed some undesirable in in It offers any open TCP the illusion TCP connections. Mobile-IP 1 in large part, a of a permanent IP address while simultaneously IP address. (With MobilelP, Mobile hosts retain their permanent addresses but their of address of a mobile agent at their point of attachment to the network.) the is, 92. 1 68. x.y address space address allocation contains 16 million host addresses Dynamic address assignment is, however, an exceedingly powerful technique address space problem, but the larger address space example, could be optimized dynamic address assignment if management and network to the logical conclusion making concept of trunking, and thereby avoiding the address space problem One might ask why conplementary and address fixed-size, short space is the concepts of different problems. explicitly supporting the and host names are both preserved Internet addresses, the 32-bit values that tiierefore, prescribe its appear in The two techniques of the address, which greatly reduces the bits compact and very convenient for size of routing tables in are IP packets, provide a convenient, migration through tiie When the address network. carefijUy administered, addresses also provide sufficient information for route aggregation or "trunking", routing traffic based only a few on both hosts and routers. This shorthand representation is machine processing. However, numeric addresses, whether permanently or for and in its entirety. interface addresses hand indication of a packet's destination and, shrinking (Asynchronous Transfer Mode) protocols took such interfece addresses locally assigned all tlie configuration problems as well. Route aggregatioa for ATM address reassignment were possible. only that offers solutions to not transiently assigned, are an exceptionally inconvenient representation humans. Dynamically assigned addresses only exacerbate the problem Host names provide much better mnemonics—as well as a much larger total address space and tlie opportunity for many-to-many name-to-address mappings as well as dynamic address assignment Presently in the Internet, Mobile IP, and IP masquerading is dynamic address assignment has been applied primarily to end-user machines using either used in firewalls at the enterprise boundaries. Virtual servers (where a single virtual of several physical hosts) offer another example of dynamic address binding, though the implementation such uses have shown the power of dynamic address binding, management in dynamic address assignment The mnemonic name space and address space; still do not exploit URL maps to one differs in details. dynamic address binding Although to obviate address networt: design. Setendipitously, the early inclusion for we DHCP or of this mnemonic "cmtch" which allowed named hosts has also provided hierarchically organized the smaller tiie cornerstone DNS servers universally accomplish the mapping between the large and and compact addresses space, b order to reap the benefits of a more dynamically assigned we will need a more fluid name-to-address mapping than in presently available. This paper addresses the key issues associated with modifying DNS to enable more dynamic address assignment. 2 Overview The Autonomous Network Management attenpts to develop a collection of protocols and software tools initiative enable networks to be rapidly configured and maintained by untrained personnel. Industry efforts such as ZeroConf Working Group have attempted on providing a solution for endhosts planning and management to address some issues related to problem into four inter-related subtasks: address assignment; host augmentation; and resource redistribution for load balancing. In providing dynamic interface address assignment for renegotiate addresses each time the network scheme must be is network all extended. To implementations [28]. Nearly In fact, specification it is BIND In particular, intervention after focus on the first two to automate the network name aspects. registration; Our approach network focuses on so that the network components can themselves efficiently facilitate the latter, a more flexible DNS it has Name Domain (BIND) hostname to address bitiding new DNS it interoperability and thus permit and encourage desirable if a TTie current implementation added or removed fi-om the network, these files tell files BIND the zone turned on and or as network boundanes. In In a new this architecture. The DNS implementation. DNS Thus, responsible addition, if the significant This it is for, is for user to write several configuration the location of other DNS servers on configuration can be a tedious process, as every time a must be updated. In DNS zones and ownership of the zones may have changed too. clients. each of BIND requires a network administrator removing name servers or by merging two networks togetha), mobile or wireless flexibility in DNS DNS service could be run with no lengthy configuration process and no need and the location of the root name server Setting up off, iinplementation or commercial products derived fi'om implementations with added features, while remaining compliant with existing standards. would be started. DNS has been the de facto standard for has become virtually synonymous with the industry standards that define the order to fijnction correctly. These configuration the network, assets, we modem networks use the public domain BIND all was written to allow product possible to develop files in paper, and the lETF's incorporated. For more than a decade, the Berkeley Internet BIND. this will automated configuratioa but these are focused exclusively and they ignore other network conponents. TTie approach taken by us task splits the DHCP tliat new host is network topology changes (such as by adding or changes are required to the configuration of BIND as the certainly not ideal for home networks or networks consisting of home-networked environment, hosts are frequently leaving and entering the network as appliances are hosts are added. Mobile clients also will join and leave networks often as they are transported across an ideal environment, hosts should be &ee to join and leave the network, and should immediately gain access to the services; this requires that tiie DNS be able to configure itself on a dynamic basis. DNS 3 TTiis section describes the hierarchical naming system and examines the operations involved for performing updates DNS was developed in the network [22]. files was created It 1 resided on every host in the networic, and become a woridwide network, the process ASCI] if a DNS of the current standard. It also to the network. 984 by Paul Mockapetris to replace the distributed architecture host as a distributed database that could resolve the address files that name was not associated host names with listed in the file, that of maintaining the host files became of any computer on their respective IP addresses. host could not be reached As These host the internet grew to increasingly unwieldy, leading to a growing need for the DNS. The identified the DNS and located directory can in the tree domain name from riglit to by left, be thought of as a its tree, with each node on the tree representing a "domain" domain name, which uses we can follow the path down one of many top-level domains; others include "com", "gov", is the sequence The the familiar dotted notation the "org", (www.mitedu, flill Each domain for example.). DNS tree to the correct node (See Figure and "uk". The [1], I ). is As we read The "edu" domain and unique domain name of any node is in the tree of labels on the path from that node to the root liierarchical tree associated with it of domain names can be These host data are defined referred to as the in resource records. domain name There are many space. Eiach domain different types common being the address-record (A-record), which associates the domain name with an IP address. in the space has host data of resource records, the most Figure The of one or more DNS domains autiiority over a zone particular DNS server. 3.1 Name Each zone Authoritative name on the the zone that when owns a domaia Each tliat share the the network Therefore, the same DNS DNS Hierarchy architecture is its distributed implementatioa DNS servers may be DNS server is given authority for one or more "zones". A zone is a collection parent domain, along with the associated resource records. manager responsible for the domain that contains that A DNS server receives zone delegates the authority to that DNS infrastructure is distributed both geographically and administratively [28]. Servers in the name domain name space has servers are the only Internet, is of the other distinguishing characteristic operated by any organization that 1 - two name servers authoritative for a resolver can only be assured that the address entry has time-to-live to prevent staleness server is A secondary name server is 2). is correct if the a primary one and a secondary one. answer comes from an authoritative name server for To improve performance, other name servers may cache resource records, but each cached A name server stores all the resource records for the zone for which of data an authoritative server for its zone(s) and reads to the zone's resource records, they it, name servers guaranteed to contain the correct resource records for their zone. When querying a being queried (See Figure The primary name at least must be made also authoritative for to the primary's its zone zone(s); however, it its file. zone data from frie zone This data obtains its is files [ 1 ] sent to secondary set the two or more different zones. period of this interrogatioa is authoritative. When changes are made name servers upon request zone data via data transfers from other name A secondary name server interrogates the primary or other secondary servers periodically to determine if network administrator can . it its servers. zone's data have changed. A A single name server can act as both the primary and secondary server for Query for address www.mit.edu Local Name name Referral to .ecfu Name of server server Server Query for address www.mit.edu of ^ i Name Referral to mit.edu name server server Query for address of w\Nw. mit.edu Name server Address S Figure 2 3.2 - The original DNS RFC 2136 DNS specification sent to the primary name (from |12|) written with static networks in DNS it can use the It was assumed changing networks, several extensions to Update protocol server, It that allows for can be sent by a which receives the dynamic updates that hosts would join and leave notifi' signal to inform its DNS to the have been implemented DNS. A dynamic update DNS client, DNS server, or a DHCP server (see Section 4). signal and permanently updates primary server directly or passed through one or more secondary servers update request mind the modem networks, computers are fiw to join and leave the network, and many new devices are being in addition of resource records to a zone. is was In order to deal with dynamically [34] defines the DNS and Zone Transfers network infrequently. However, connected. mit www mit.edu ^ Resolution of www.mit.edu through Dynamic Stanford of secondary servers until it that the its zone file. reaches the primary. The signal Specifically, is a deletion or The iipdaie signal may be sent to the When a primary server fiJfills zone information has changed. an . In order for multiple zone transfer when all is the transfer name servers to maintain consistency of their records, zone transfers are performed of resource records from a primary name serva resource records are sent inaemental zone Instead of sending all the resource records, an incremental zone transfer and a primary server chooses whether fiill zone TTie following authoritative 1 is transfers editing the pass it to a brief example of file, 3. will how the current version is illustrated in Figure primary server The primary name if it knows its A server. possible for the primary last zone perform a of name BIND zone flill name transfer or at least fiiU zone server to perfonn an incremental one. once every 24 hours [3]. all 3. of a host This may come from is administrator manually received at a secondary server, is continued until the it will primary server Once the zone file is changed, the serial number of the file is incremented server reads the edited zone file. The fiiequency at which the server rereads its zone file and checks for a configurable parameter of BIND. is The primary server will send a notify message to all known secondary secondary server(s) support(s) the notify signal, a zone transfer will discard the notify and wait until the next scheduled 5. an It is propagates changes to the resource records to locatioa or to another secondary server. This zone changes If the A transfer occurs servers. The primary server will wait some time between sending each notifi.' to reduce the chance of multiple secondary servers requesting zone transfers at the same 4. basis. A secondary name server requests transfer. or through an update message received. If the update message receives the update signal. 2. it server receives a request for the addition or deletion zone tfie is it be performed no more than once every 1 5 minutes and name servers. The process The primary a secondary This will transfer only those records updated since the transfer. recommended that to on a periodic The secondary serva then notifies level transfa is continued until all is immediately initiated. time. Otherwise, the secondary server zone transfer time. any other secondary servers that may be dependent on secondary servers have received the changed records. it for zone ttansfers. This multi- Secondary DNS Figure 3 While the dynamic update system Each name server administrator free. secondary DNS servers for its network, either die primary name serva added so tiiat in its place, primary DNS zone. DNS die primary may in tine - lessen the BIND Updates Server (from [28|) amount of administrative work network must be configured witii tiie for the DNS DNS must be configured server can receive updates propaly. server. In addition, the current extensive knowledge and specific primary eflfort The above problems does not make them it DNS secondary to recognize Also, if tiie primary name server presence of the ttie name server is server or other is added new to the secondary removed and another tiiat it is informed of tiie DNS system requires extensive initialization effort to ensure proper operation. and secondary servers and a clear domain hierarchy must be defined. These new Zones must tasks all require fiom an administrator. are addressed monitoring BIND and dynamic by tiie system described in the next section. It uses a combination of an agent program DNS protocols to maintain a tme self-configuring and self-administrating naming system. 4 Self-Configuring and Self-Administering Name System Network Overview The naming system described company codenamed hosts If a an administrator mtist manually change the configuration of every secondary server so be properly allocated with 4.1 servers, address of either the primary Name servers are not tree to join and leave the network. server or otiier secondary name on die in this section as Research Corporation in network This is done widi virtually tiiis was conceived as part of a larger network system that document The proposed design provides a fiill is under development array of network services to no manual configuration and no administration. The network design allows at a tiie for a groiqj 9 of computers be physically connected together (through Ethernet or other network media) and to properly configured in a working network. Figure tlie Managers form 4). name the On this be network there will be two types of nodes: managers and hosts (See Figure 3 and backbone of the network and provide to address resolution service, the after a short time, they will all services, such as name to address resolution, to the hosts. managers also provide dynamic IP configuration new for hosts, discovery Besides mechanisms for new managers, packet routing, and a database of all hosts in the system. The services directly related to the naming service are automatic IP configuration and manager discovery, network system allow any conputer, either a host or a manager, the to is external administration. The with either type of change gracefiiUy with the in as these will of services that the name system will directly interact with. fiwdom to join or leave the network, new node networi< should be able to detect the presence of a an appropriate manner, hi addition, the network system, and without The flie goal of the need for any or the absence of an existing one, and deal in particular the name system, should deal merging of two networks. Conflicts should be detected and resolved quickly. In order to provide the self-configuring three types be the and services: the IP configuration service, tiie Manager name service, each manager in the system manager discovery service, and the agent based name self-administrating Manager 1 Name Service is designed to run service. The IP 2 <^=^ Name Service 7\ 7\ — < J^^fcsauT iz iz Manager 4 Manager Name Service 3 <^=o Name Service M Figure 4 - Sample Network 10 configuration service protocol specified is by handled by a standard implementation of tlie dynamic host configuration protocol (DHCP). the IETF with configuration parameters for their IP interface that provides hosts domain name, a subnet mask, a default gateway, and a location of Manager DNS server. DHCP [6]. DHCP is a network This includes an IP address, a also allows a host to retain a previously 1 Manager 2 Primary Internal Secondary Root Root Internal Server Server Managers Domain Manager 4 Domain 2 1 Primary Server Primary Server Figure 5-Name Space View of Systems shown in Figure 4 configured domain name while receiving an IP address. After receiving the necessary information finm a unconfigured host's IP interface has requires no all the necessary parameters in order to begin transmitting a host locates a prior configuration; as operating systems and even most DHCP server, a previously and receiving on the network. DHCP server by broadcasting discover messages on the local network. embedded devices support DHCP. Overall, DHCP All DHCP modem meets the goals and design objectives of the desired self-configuring and self-administrating network. The process of manager discovery packets" to each interface. other is accomplished by having the manager discovery process These packets contain the source address and a unique network number managCT discovery processes will receive the packet, and the network number the network number for the managers The that is unknown, new that manager will respond if the network number to the source of the is known, p)eriodically broadcast "discover manager that the the packet will resides on. be dropped ]f, All however, "discovei^' with a "discover reply". This reply includes manager. This allows the manager discovery process to inform the local name service of any new appear on the network. design and the operation of the name service are discussed in the next subsection. 11 4.2 Name Service Interface The name service runs on every manager system and consists of two concurrently running processes. The in the first is the BIND implementation of DNS. As stated before, BIND is currently used in the overwhelming majority of name servers on the Internet. It provides a scalable, stable, and fault-tolerant basis for the conditions and configures BIND automatically. name service. The second process It two acts as a filter for the configuration process. different formats DNS communication between details XNS of both is reacts to of messages. network BIND, The agent program uses Berkeley the UDP On port 53, the standard DNS port the agent program listens for DNS messages. messages, sending queries directly to the BIND process, and processing update messages from the IP On port 54, the agent program listens for any agent messages coming fi'om either the manager discovery service, or other agents in the system because an agent program that Figure 6 shows the relationship and manner of communication between agent program, the other local manager processes, as well as other managers in the network. sockets to listen for is The agent messages allow an agent process agents. The IETF has designated uncommon on modem servers. port 54 to to gain be used for knowledge of other agents and XNS If this service is needed, another port Clearinghouse [27]. offer a method of We chose to use port 54 may be specified for agent communication. The DNS and agent message processing are discussed in following sections. 12 Agent Program Pnrt ifc;-^ Manager Name Manager Service AgenI Message # 54 Port Discovery Service Agent Program IP Configuration Service BIND ^ DNS Message (update) Process DNS Host Resolver \dNS Agent Program Pnrt UR'^ Figure 6 - Relationship between agent, |12|) Internal Root Servers 4.3 The name system. servers in the system are only authoritative for the IP addresses If the networi; servers. Certain serviced name on name by name must be queried. With services in the the self-configuring manager network naming system this in network's knows name sub-domain the location TTiese are not tnie least one to mediamitedu). This host know will the IP address query any local internal root server of a computer name is is name and are authoritative for the entire the self-configuring service will DNS implemented using the idea of internal root domain root servers as they are not authoritative for every domain serviced by mitedu domain be able naming service. to provide name that is domain So, as long as a resolution for the using the self-configuring naming system, a host in the Ics.mitedu in another sub-domain serviced by the naming system (such as system, and since the manager is not authoritative for the mediamitedu domain, of the mit.edu domain. This server may resolve any domain name the resolver to the proper media.mit.edu authoritative the Intemet root servers inay DNS internal root server, the space. For example, if the entire may wish query the of at mind, the name system act as the internal root servers the Internet, but only for those that exist inside the service of the subset of hosts configured by the naming connected to a larger network, such as the Internet or other networks serviced by the naming system, is servers outside the local network will BIND, and other processes (from in tine mitedu domain by name server. For resolving names outside the domain, such as it directing Intemet host names, be queried. 13 DNS 4.4 Messages DNS messages that the agent program processes directly are DNS updates. The only to the local BIND process on port 55. which to the agent process, These messages will simply be forward the response to in turn will BIND process. To all hosts on the network, DNS 4.4.1 it appears as if All other messages are simply directed DNS queries and BEND will process the query, retum an answer tlie inquirer. The agent process is the only entity with access to the BIND is running on the normal port. Update DNS updates, however, reqtiire special processing by the agent DNS updates only occur when the IP configuration service or manager discovery service detects the addition or deletion then assembles the appropriate program. to the agent As forward it Although stated earlier, standard directly to the primary master To [34]. try to RR in tine zone that primary master as primary master authoritative for, this is part receiving the update, then Start of Authority (SOA) particiilar zone. zone exists, it it is the only server that has the definitive set of resource records for a particular DNS implementations specify that any secondary server which receives a DNS update message must if its The secondary servers is manager service DNS updates may be sent to any DNS server that is authoritative for a zone, they will always end up location will is known, or alternatively through the of its state must search it will secondary serva chain until it reaches the only learn of the update through notify signals originating fi-om the primary master. improve the efSciency of this mechanism, the agent program it local DNS update message containing the resource record that must be added, modified, or deleted and sends being processed by the primary master for the zone, as that zone. of a host or manager on the network. The respective send it directiy the will examine the update message, and if it applies to primary master for that zone. Each agent process has knowledge of its information described in Section 4.6. for the primary master for that DNS query to the local BIND process. The When the agent program zone on the network. SOA asks the DNS is To do this, not authoritative for the zone the agent for the address Upon receipt of the SOA, BINfD will perform standard DNS resolution to find the program will send a of tiie primary master for a information on the zone name. If the BIND wiU return to the agent process the IP address of the primary master for the requested zone, and the agent process will forward the update to that address. If however, the retum the non-existent domain error flag authoritative for the of zones and is new zone. The (NX_DOMAIN), and reconfigured especially usefiol at resolving DNS iqxiate message ^plies to a zone that does not exist on the network, BIND will all the agent program will configure the local BIND process will then process the update request BESID process to be This allows for dynamic creation naming conflicts when two networks are merged 14 4.5 Agent Messages Agent messages are used structure of an agent message. Table The payload holds 1. are explained in more Message It consists the data detail in tlie I D; for inter-agent communication and as a mechanism of a three-tield header followed by a payload section. Tlie header from the message. The data are Opcode ;S/R flag Figure 7 1 - Agent Message Header Fields Header Field specific to I Header Payload - Figure 7 shows the fields are explained in each Opcode. The data sent with each agent message following sections. Opcode specific Data Table for agent discovery. Agent Message Format Table 2 - Opcode Opcode Values Primary Master for Primary IVIasterfor zone a.mit.edu zone a.mit.edu Primary Master Primary Master for zone a.mit.edu Figure 8(a) - for zone a.mit.edu Merging of two previously unconnected networks with name conflicts begin witii new physical connection joining the two. Figure 8(b) - Agent programs in both networlts receive discover messages informing them of the newly discovered managers. The becomeslave message can also be used to make an agent a slave for a zone. However, while theforceslave message only used between two competing primary servers, the becomeslave can be sent to any agent but only to notify agents of new primary becomeslave message passed to is all servers. the old slaves becomeslave message informs them of the The getroot message agent is is If a new primary in the system. server for a zone leaves the network of the former primary server and to the slaves It is not used for elections, and a new one of the is is elected, the loser in the electioa The new primary server and allows the agents to reconfigure themselves accordingly. used by agents to share the introduced to the system and wishes to know internal root server information. the internal root server. The This is usefiil when a new unconfigured getroot fimction operates on the basis that any 17 configured DNS server that is queried with the getroot message will have a reference to a root server, server or the root server itself TTiis assumption is valid because the server \n the tbnner case, the authoritative root server will simply return have a root server reference that will Figure 8(c) - The for a. Figure 8(d) for information to the querying server. In the other case, Primary Master it will for a. mit.edu Primary Master for zone mit.edu conflicting - either authoritative or not authoritative for the particular root zone a. mit.edu Primary Master zone own can be anotha be used to query for the relevant zone information. Primary Master zone its is this root server a. mit.edu primary master servers send each other negotiatemaster messages. The winner of the election sends a forceslave message to the loser. 18 Primary Master Slave for for zone a.mit.edu zone a.mit.edu Figure 8(e) -The new slave performs a zone transfer with the master. State Information 4.6 To assist log of all messages with the agent tasks, each agent stores state information about it itself and other has received In particular, the agent will keep a record for all managers that server record contains the name, IP address, a uniqiie server ID, and a status flag that (See Table 3). Each server record is it in the network, as well as a knows to exist on the network. This server is configured or just starting up placed into one or more of the following categories: • Own Servers - contains the agent program' s own server information. • Known Servers - list of server records for every managCT on the network. • Root Servers - server records • Newly Discovered record will be tells if the managers Serveis for every - list domain root server on the network of recently discovered managers. Once the agent processes the discover message, the server moved to one of the above categories. 19 Table 3 - Server Record Fields Server Record Field No discovers received / Configure as Internal Roi Own Server ID is lower than Server of a discovered server / Walt for a Figure 9 4.7.2 have the requested name When the agent is in its database, in the it Configured it is every zone, the agent is ready to handle any state, it listens for queries, random server out will of the fimction is Servers does not it is a primary used to find more slaves for a primary master. For check tie zone information to see Known if it down the DNS DNS updates, discover and leave messages, and (if The getSlave a primary master for the getSlave fimction slaves are needed, the agent picks a name resolution query on the network. Even can query the internal root server and find an answer by working recursively master for a zone) periodically runs the getSlave functioa more Startup Scenario Configured Once an agent has entensd the Configured state, tree. - list if more slaves are that is not already needed. If a slave for the zone. It then sends a becomeslave message to that server. The behavior of the agent in response to both DNS queries and updates is described leave message signals a change in network topology, as managers have either joined or in left Section 4.4, The the network. arrival of a discover or In the case of a discover message, there are two options: the discovery of a configured manager, or the discovery of an unconfigured inanager. The case of the 21 discovered unconfigured manager any gettvot messages it is an agent need only record the seirer record of the rather simple as when two configured networks are joined. Network unions are revealed by the inanager discovery process as two managers will have different network IDs that were previously unknown to possible to have a conflict where two managers are primary masters for the same is initiated when message to the newly discovered server with highest ID (the server ID be used as well). Only primary masters need and transfer the new network information Zone root server, conflicts it can only occur would be impossible primary masters. in if the for a fiiture tliis case, it is mechanism message indicating that then no conflict exists. However, it can still it is new configured When an agent is a managers, the agent will send a getroot used so that only one server is contacted, any other metric could scheme, as any slave's master will detect the conflict zone transfer. different internal root servers. DNS conflicts to occur as a single If both networks shared the same root tree will not allow flie same zone to internal have two When the two internal root servers are different, an agent must make sure diat it is the only primary master for SOA query to die differing root server for every zone that differing root server will then respond with the address exists In zone. Therefore an agent needs to have a to participate in the conflict detection two networks have zone zone. Tlierefore, the agent will send a If, otha manager. a configured agent receives discover messages. primary master for a zone and receives a discover message with information on its tlie and resolve this conflict Figure 10 iUustrates the procedure that different respond to may receive. When a configured manager is discovered, the process is slightly more complex. Configured managers are discovered to detect new manager and is not aware of the zone. If the If the resolve of the manager SOA names message in that is an serves as primary master for. The considers to be the primary master for that zone, or an error SOA response is an error message or if the address matches the querying agent, zone by recursing is it error, this indicates the other root server is however, the diiiering root serva indicates and must be resolved. The conflict that it that it down the DNS tree believes another not aware of the zone on the network. from the top node. managa to be the primary master for the zone, a conflict resolved by the negotiatanaster master message described in Section 4.5. 22 No No discovers received getroot response within timeout / Resend getroot Discover from least one Configured at configured server Received getroot response / / Root getroot response 'Configured^ Compare Wait on Compare Servers root servers Discover received from unconfigured server Root servers are the same Root Servers are different server database A a slave or master for that zone. is file for each zone can be sent to the in the database namedconff\is. named process. This signal tells The agent program controls BEND through will use a Peri script to generate a program the agent 4.9 to the the all name namd process to reread the use of the its information for a zone, and there will be a separate files are configuration namedconf&e and the appropriate database database Once files. changed files. During files name service will SIGHUP signal files. start-up, the agent program are generated, the agent need to handle another zone. The agent program namedconf&e, create the appropriate database file, and send a SIGHUP in control, any way, a and database files these in program BIND is then ready to answer queries and to handle updates to the name database. Once tlie has started, the possibility exists that the zone information that tie contains namedcotf file or the database If the nconedconf&e and will automatically start the «a?wec/ process. namedpmcess file signal to the will append named process. With BIND will always be configured properly to store names and to handle all the network name resolutions. Implementation Notes The agent program was implemented using Gnu C++ on that control the state class controls the of the agent and network information. The main class for this flow of the program and handles the input and output of agent and send and receive agent and sockets. store Unix operating system. The program the DNS messages, and the standard The Agent class retrieved messages by using a UNIX DNS messages. Bericeley socket library on each socket select call agent program to check the is of a Agent class. the set of classes The Agent UDP protocol was used to The was used consists to create the necessary availability UDP of data on the socket Also, callback flmctions were used to perform time-dependent and periodic events. The Agent class uses a number of storage classes that store the state of the network. These storage classes class, the Doinains class, network. The Domains messages that and the MsgLog class. class helps to store The Servers class helps to store what other managers and what zones the agent is authoritative over. The C++ have been received by the agent program. implementation of these storage classes. In particular, the map, the list, The MsgLog standard template library name include the Servers services exist in the class stores information on the (STL) was used extensively in the and the vector template classes proved to be very usefiil in storing information. To generate the configuration and database files to call Perl file commands and called agent.pl, files subroutines. All of the Peri for named, embedded Perl was used. Embedded commands and subroutines required to and the agent program used embedded generate the Peri allows a C++ program named files were placed Perl to call the subroutines in agent.pl every time the in a named configuration needed to be changed 24 4.10 Security Concerns The current implementation of the system has no security mechanisms built mechanism configuration-iTee and administrator-free creates a conflict, as any meaningful security configuration [37]. The best that anyone can hope to accomplish For a closed environment such as a corporate secure. physical security mechanisms to control access to the where one can physically control access to tiie Ethernet, it is intranet, to is [32]. is to have none the network. If a corporation only allows approved to at all, This will work well for an environment that is some of sort keep tlie system simply relying on well controlled and machines and approved users to plug into impossible for an outside intruder to gain access to the network. However, as wireless networks become increasingly popular, [14]. require will minimize the configuration overhead necessary perhaps the easiest security model machines Securing a network designed to be in. controlling physical access to networks becomes impossible Insecure wireless networks allow anyone in range to send and iieceive data This allows for theft of services (such as an individual using his or her neighbor's internet connection), as well as the potential for malicious hosts to be introduced to the systera Another reason to for incorporative security capabifities another larger network, such as the Internet If the system security is when the network managed by the agent-naming system insecure, is left agent naming system should not open up any insecure, relying only new holes into the on redundancy and physical throughout the network. Normal it world could atterrpt to violate the network's should be at least as secure as a standard IP network. That DNS systera security [35]. DNS However, because the agent naming system allows other agents The managers in the agent hosts that join the network, fiilly it [19]. The second is DNS implementations are completely servers are kept in a trusted, safe location to change and distributed its configuration, it is prone to attacks from outside. If fimctions. First they provide IP configuration information to to address resolution service for the network. Each of these new services is secure network, both must be secured. There are two possible methodologies for securing the managers. The traffic most the could do significant damage. naming system have two main and second they provide the name vulnerable to attack, and for a Currently, is, DNS servers only allow administrators at the physical machine to change the configuration of the DNS a malicious user could introduce a "rogue agent" into the system, all in the connected mechanisms. When a network is managed by the agent naming system, server. any host is first is to use IPSec to provide network layer security for to secure the individual protocols that provide IP configuration and name to address resolution [7][16][35][36]. 25 Using IPSec, all traffic between managers can place a rogue manager into the network, tor that otlier option is to utilize secure versions DNS server authentication [10], while RFC Authentication for DHCP messages IPSec; however, they do not provide is 3007 be able to authenticate itself a broad solution covering is When IPSec. IPSec is all of DNS and confidentiality is it In addition, hosts by of data. This desired, is IETF [7]. inalicious user came from a known managa. DHCP. RFC 2535 the no can authenticate inanagers, so defines DNS extensions that allow for host and specifies extensions to [10] that will provide authentication for currently being proposed data to be public [10]. If confidentiality of data it will not when they receive their IP configmatioa they can make sure it is correct and that The as it authenticated and optionally encrypted [19]; this ensures that is These protocols may prove a deliberate design decision by the IPSec must be used to encrypt all data. to update messages be lighter [36]. weight than EETF because they believe DNS may also be easier to implement, IPSec network traffic. The only reqtoirement is that the TCP/IP stacks of both the host and manager support not used for security, any additional services added to the system must provide their own mechanism and protocol tor authentication. 5 Related Work ZEROCONF 5.1 The Intemet Engineering Task networking in the specification Force's (IETF) absence of configuration and administiation of the protocols, they have set communicate using IP without requiring any paper is the name preconfigured ZEROCONF a list DNS or DHCP servers. However, when these services are for ZEROCONF prior configuration or the presence to address resolution problem. The In fact, the present, the ZEROCONF ZEROCONF ZEROCONF requirements offer temporary and inferior solutions to the is currently proposing a protocol to enable Although they have yet to propose a [38]. of requirements Working Groip protocols [15]. of network services. specific implementation or The goal is to allow hosts to Of particular relevance requirements specifically state that there should be no need for protocols are required to work absence of in the requirements direct that hosts should use tliem. Thus, the name to diis resolution problem until a complete name resolver is DNS servers. ZEROCONF located, such as a DNS server. ZEROCONF protocols lace two challenges when determining name to address bindings. and/or hostname on the network. This is handled extremely well in ZERCONF protocols must not rely on the presence of DHCP server. IPv4 auto-configuration mechanisms (useflil [14]. IPv6 auto configuration is modem The first is obtaining a unique address networks by the use of a Therefore, the working group vastly superior as it DHCP server, recommends using however, either IPv6 or allows hosts to obtain a link local address only on a single network) using address auto configuration [14] and a routable address by discovering routei? using Neighbor 26 Discovery [24]. IPv4 auto configuration is still in the research state by the IETF, but the initial specifications allow a host to only get a This will prevent the host Irom communicating with any device not directly on the same network as link-local address [4]. while IFV6 provides nearly all-necessary network parameters such an address, domain name, default router, and present), liave a offers IPv4 provides only an address. Thus, new address, while a host configured more advantages, it is exjjected if will have a permanent method of contact, to IPv4 will dominate for some more time [4]. and the lack of fiilly complaint IPv6 routers and hosts on most networks has prevented Once a names. The ZEROCONF DNS server location (if a host configured with IPv4 auto configuration leaves a network and by tPv6 host has obtained an address on the network, it still it This is its rejoins, domain name. While IPv6 because IfV6 is relatively new an IP host will also need to listen for each case, aU hosts will run a "stub" name service that only responds multicast when it clearly standard needs to discover other hosts and resolve domain such requests and to respond own name. The IETF currentiy has two ongoing activities in this area: may it fiom gaining widespread acceptance. ZEROCONF requirements state that hosts should use multicast to resolve names in the absence of a DNS server. to support this requirement, Also, it In order when the request corresponds to the host's DNS [II] and "IFV6 Node Information Queries" [5]. fields a request for its In hostname. The stub service does not provide any name to address resolution for other hosts on the network. While several tiie naming service proposed in this paper key differences. The most obvious one entirely client devices, with manager, and provides configuration, they ZEROCONF the problem rely that the agent that the on more complete solutions such no requirements program attenpts and managers that runs the agent to solve. the DNS broad goals of the Zero Configuration Working Group, as DNS In a By network. it has design, the agent program is run on a network ZEROCONF requirements specify that hosts need no previous and DHCP that these servers are administrator free and program on in the While the services for the entire network. set into the ZEROCONF requirements are designed to work with a network composed of no service providers or managers Working Group has paper, both hosts network do DNS is may fit for long-term operation be self-configuring and and scalability. self-administrating. However, the This is precisely network managed by the self-configuring naming service described may join and servers leave the network fieely. and also meets the ZEROCONF protocols to obtain an address until the discovery of a manager. ZEROCONF Once a manager is Therefore it is requirements. found, the host in this possible to have a Hosts could use the is flee to resolve any name on the network using standard DNS calls. 5.2 Non-IP Networks The requirements together "just work" in the laid out by the ZEROCONF Working Group absence of service providers such as stress the DNS and DHCP [15]. importance of having computers networked Two protocols in use today provide this level of 27 The AppleTalk functionality. will get of protocols suite one a working AppleTalk network networks can be used in is simple to operate in small networks. Plugging a group of Macs into an Ethernet hub witliout the need homes, schoolrooms, and small too complicated and costly to administer. to setup specialized servers like offices - environments where DNS [14]. As a consequence, AppleTalk IP networks have been absent because they are NetBIOS provides similar fimctionality and ease of use on Microsoft Windows machines. However, because nearly all computers used today are connected to the Intemet, they also require TCP/IP is of the hitemeL Therefore, the benefits of AppleTalk and NetBIOS are overshadowed as application developers the protocol to siqjport two TCP/IP protocols: more either AppleTalk or NetBIOS efficient In addition, both protocols have issues name resolution, alphanumeric when thus creating a large NetBIOS network can be designed such need will This is the that will scaling to networks the size make application development simpler and of the Intemet AppleTalk number of unnecessary packets being relies on broadcast A properly configured sent to each host. However, NetBIOS no broadcasts are necessary. relies on a flat sixteen-chaiacter name space, which will undoubtedly lead to naming conflicts, particularly when networks are merged Easing DNS The above Administration solutions were all over IP or by using different protocols replacements for a altogetiier. network systems, there have been other repetitive tasks through automation fiill DNS system; eidier by using other methods of name to address mapping However, because IP networks and efforts to ease the configuration [13]. DNS have been integrated into nearly all modem and administration of DNS. DNS administration problems by simplifying configuration tasks and eliminating Researchers in Japan have attempted to tackle They developed a program with a graphical interface that reduced the administrator. Their tool, called nssetiip, automates repetitive tasks such as generation a keeping the root cache file up-to-date, nssetiip contained a feature that for configuring the resolver configure a to access the local network. tliis ZEROCONF Woridng Group and other efforts to make the IP suite of protocols simple to Allowing developers to concentrate on one protocol for all communications packets to perform 5.3 and to access the Intemet, motivation behind our research as well as the configure. be configured, as to name and maintaining the reverse address lookup checked if the name and adding new hosts server was up and into the database. server using nssetiip than without it. They table. work of a DNS DNS database file from the machine's host file, To check the correctness of the configuration, running. In addition, nssetiip provides a graphical user interface was considerably faster to have reduced the configuration time from two hours to three The state tiiey nssetiip developers showed that it minutes. However, nssetiip does not truly reach the goal of zero administtation. default configuration values for BIND. Every time new DNS It simply provides a nice user interface and a good servers are added, an administrator set of must configure them as well as every 28 DNS server already running on the network so that they are properly integrated into tlie network. configuration DNS when servers are added. managers on the network and they program 5.4 to configure a name service Simply will configure is less program themselves accordingly, ail is all that is needed to be done; without user intervention. than the time using msehip, and does not require a it The rime requires no prior will locate other it takes the agent human administrator. Commercial Solutions Tliere are several Most provide commercial products available today solurions that include both DHCP corporations that run a large intranet with their fieely join and dynamic own DNS DHCP aim DNS By DHCP in to simplify the operation dynamic including both will assign the new it commercial solutions with the addition of remote administration. Check Point Meta IP 4. 1 and , NTS IP Server. Remote Commercial Product Administration through and administrarion of DNS web browser DNS at and DHCP, they allow hosts to host an IP address, and send Figure Some 1 1 servers. These products are aimed a single software package. DNS server of the new host so that may be located on the network. in the Enterprise 5.0, that servers. and leave network with no manual configuration. signals to notify and starting the agait The agent program shows the integration DNS update between DNS popular products include Lucent QIP It is Specifically, the developers agent name service runs BIND, The NTS IP Server IP includes some changes main The server. other DNS protocol to allow for additional functionality. it of zone also supports this feature. is built These are Essentially, "peer to notify other slaves irrplementations support the notify message which provides similar functionality [33]. Because the finm the ground up and developers to implement two proprietary extensions into the to Iiave "peer backups". to the standard of Meta IP developed a proprietary way for primary and secondary servers BIND However, recent updates. Meta important to note that essentially duplicates backup" allows for is not based on any previous implementation of DNS protocol. of the server, The first server. the DNS extension developed by NTS allows servers and unlike secondary more than one primary BIND. This allowed Thus servers, they are always consistent with the if one fails, the other is available for updates. DNS extension allows for zone "co-serving". A zone can be split into a number of pieces each served by a different server. However, any of the servers may be queried and may appear to be primary master other and return the correct answer to the resolver. For larger zones, this may for the zone. They will communicate amongst each lead to a performance improvement as the load can be balanced amongst a number of different servers. However, these extensions are not Internet standards, and only those servers runnuig the NTS IP Server will be able to use them S.4.1 Comparisons to the agent name system In addition the products described above, there exist other similar solutions to ease the administration and operation of [ 1 8][25]. Nearly all of these vendor products support, directory services, and remote they do not pertain directly to the oflFer features that administration. name system DNS appeal to the corporate environment These features include user profile While these features are certainly advantageous in the corporate environment, In addition, the goal of these commercial solutions is to provide a central point of administration for the entire network. In contrast, the agent name system takes a decentralized approach to the administration of the network. charge of the entire management and most network operations, such as creating a communication amongst multiple managers. The decentralized approach allows in the decision electing a for the relevant portions one manager new of the network is in master require to be involved making process. Anotiier key difference between the agent name new zone and No servers into the systeriL name system and those described in this section is required the procedure for introducing Both the commercial systems and the agent name system require no administrative input when and leave the network. However, only the agent name system allows servers reconfiguration is to do the same. In all new hosts join of the above products, extensive when a server exits or joins the network. 30 While most of the commercial products provide a method them provides a pennanent solution like the agent name allow the secondary server to process them. However, new system quickly promotes a commercial solutions must be to handle update messages while the primary server They simply system. secondary also if the server to primary allowing all store the fails, updates the updates will In the best case, the administrator a nice graphical user interface for performing the necessary configuration. necessary files is Whatever the case needed. be lost planned so that the master/slave server relationship exists for carefiilly is, name system provides the agent down, none of primary comes back on updates to be recorded permanently. configured so that they are aware of the locations of the other servers. configuration until the is In contrast the agent line or name Networks managed by all zones. the Servers must be commercial products provide a human In the worst case, a simpler solutioa manual editing of the No human administration is when name servers exit or join the network, as the managers will communicate amongst themselves and adapt dynamically to the changing network topology. In addition, name system the agent solution works usually existing DNS standards and implementations. This ensures compatibility and takes advantage of the proven stability of the existing implementations. Performance Comparison 5.5 The agent program is able to autonomously configure a service configuratioa multiple agent programs communicate with each other and exchange information, and based on information fi-om other agents, an agent will generate the named.conff\e and call services, and configuration is done DNS process without any human intervention. To accomplish name in a decentralized inanner. tiie This named command. No human is is required to configure the name different fi^om existing configuration solutions in industry and research. Name service solutions name server For example, there system to [20]. In order for the in industry require is much QIP system humans to manually install the server software and configure the server to act as a planning and modeling involved in the configuration process of the Lucent to work effectively, physical be determined. This can be a time-consuming process for a and logical relationships QIP Enterprise between network objects and users have network administrator. With the agent program, the only thing to do is to run the agent program. 5.6 Memory Usage of Name System The two components of the name memory of the machines used with 128 Megabytes of RAM. service, the agent for testing the name system. program and the BIND process, took up approximately 2.4% of the total The machines used To show the memory usage of the programs, for testing the agent all had Intel Pentium 450 MHz processors program was run on a machine, and the program 31 lop was run to give a memory and CPU agent program occupied 1 .7 report. The Megabytes of memory and the Table 4 - Output of top: Size usage Memory usage of name output of the lop program is shown BIND process, nanied, occupied service 1 .4 in Table 4. As shown Megabytes of memory. in Table 4, the , [5] M. Crawford, "IPv6 Node Information Queries", draft-ietf-ipngwg-icmp-name-lookups-07.txt, August 2000. Droms, "Dynamic Host Configuration Protocol", [6] R. [7] R. Droms, ed., "Authentication (work in progress) [8] "Dynamic DNS, for DHCP RFC 213 March 1, 1 997. Messages", draft-ietf-dhc-authentication-I6.txt, January 2001. Infrastructure essential for today's intranets", http://www.nts.com/collateral/ddnstcchpaper.pdf [9] D. Eastlake, "DNS [10] D. Eastlake, "Domain Name System [11] L Esibov, B. Aboba, and D. Thaler, "Multicast DNS", draft-ietf-dnsext-mdns-OO.txt, November 2000. [12] M. Feng, "A Self-Configuring and Self-Administering Name System", http://scannergroup.mit.edu/PDFS/FengM.pdf, Master's Thesis, Massachusetts Institute of Technology, 2001. [13] Security Operational Considerations", RFC 2541, March 1999. RFC Security Extensions", 2535, March 1999. C.S. Giap, Y. Kadobayashi, S. Yamaguchi, "Zero Internet Administration Approach: the case of Proc. of 12"' Int. DNS", Conf. on Information Net\ivrking (ICOIN), pp. 350-355, 1998. Guttman, "Zero Configuration Networking", Proceedings ofINET2000, 2000. [14] E. [15] M. [16] K. Homstein, [17] P. Huck, "Zero Configuration Name Services for IP Networks", http://scannergroup.mit.edu/PDFS/HuckP.pdf Master's Thesis, Massachusetts Institute ofTechnology, 2001. [18] "JOIN DDNS". http://www.ioin.com/ddns.htmI [19] S. [20] "Lucent QIP Enterprise Hattig, ed., Zeroconf Requirements, et al, "DHCP draft-ietf-zeroconf-reqts-07.txt, Authentication Via Kerberos V", March 200 . (work in progress) November 2000. Kent and R. Atkinson, "Security Architecture for the Internet Protocol", 5.0: 1 RFC 2401, November 1998. Automating IP Services Management", http://www.qip.lucent.com/products/qipcnt 6093.pdf [2 1 ] "Meta IP Technical White Paper", htrp://www. checkpoint.com/products/metaip/whitepaper.pdf [22] P.V. Mockapetris, "Domain Names - Concepts and [23] P.V. Mockapetris, "Domains Names - Implementation and [24] T. Narton, [25] "Optivity NetID", Facilities", RFC 1034, Specification", E Nordmark, and W. Simpson, "Neighbor Discovery December 1998. November RFC 1987. 1035 November 1987. for IP Version 6 (IPv6)", RFC 2461, http://www.nortelnetworks.com/products/01/unifiedmanagement/collateral/onetid_brief.pdf [26] "Protocol Standard for a NetBIOS Service on a TCP/UDP Transport: Concepts and M ethods", RFC 1 00 1 March 1987. [27] J. Reynolds and J. Postel, "Assigned Numbers", RFC 1700, October 1994. 33 [28] "Shadow [29] G.S. Sidhu, R.F. Andrews, A.B. Oppenheimer, Inside Appletalk, Second Edition, Addison-Wesley IPserver", http://www.nts.com/collateral/ipserverdatasheet.pdf . Publishing [30] M . Company, Y Stapp and 2001. (work in . Inc., Rekhter, 1990. "The DHCP Client FQDN Option", draft-ietf-dhc-fqdn-option-0 1 March .txt, progress) Doraswamy, and Document Roadmap", RFC 241 [31] R. Thayer, N. [32] H. Toivanen, "Secure Zero Configuration", http://citeseer.ni.nec.com/401221.html [33] P. Vixie, "A Mechanism for R. Glenn, "IP Security: Prompt Notification of Zone Changes 1, November 1998. . (DNS NOTIFY)", RFC 1996, August 1996. "Dynamic Updates Domain Name System (DNS Update)", RFC 2136, [34] P. Vixie, et.al [35] P. Vixie, et al, [36] B. Wellington, "Secure [37] A. Williams, "Securing Zeroconf Networks", draft-williams-zeroconf-securiry-OO.txt, (work [38] ., "Secret in the Key Transaction Authentication for DNS (TSIG)", RFC 2845, May April 1 997. 2000. Domain Name System (DNS) Dynamic Update", RFC 3007, November 2000. November 2000. in progress) "Zero Configuration Networking (zeroconO Charter, http://www.ietf org/html. charter.s/zeroconfcharter.html A Appendix A.l Name Service Information The agent program stores information about all the name services messages from the manager and by asking other agents below. Server Record Field in the in the system. system The agent obtains The information this information through discover stored for an individual name service is shown agent program uses these four server groups to quickly look up information about the other servers in the network and to exchange intbrmation with other agent programs. Server Record List Type The four groups can have overlapping serva records and are shown below. Name IP Address Server ID Status Flag Discover Message Msgjd Send/Response Flag 2-2 /Vjif Date Due iCC^. MIT LIBRARIES DUPL 3 9080 02246 0684
