RES24 0 / RES22 4
TD DNS:
Architecture Performanc e
D.Rossi
Ressource s: http:/ / w w w . e n s t.fr / ~ d r o s s i
Note:
Due to historical reasons, this document is written in english; sorry for the inconvenience.
Preliminary questions
o
o
o
o
o
o
o
o
What are the most important properties that define DNS ?
What is the essence of DNS functionalities, and why are so important ?
In which case is DNS used by users ?
In which case is DNS directly used by users ?
What is the most common DNS server (on *nix machines) ?
What protocol and port pair does DNS listen to ?
What is the most common DNS resolver program (on *nix machines) ?
What is the standard DNS resolver library call?
True or false ?
1.
2.
3.
4.
5.
6.
DNS is a hierarchical naming scheme DNS is defined in a IEEE informational standard DNS is a distributed database DNS database is implemented in a logical hierarchy of servers DNS is an application layer protocol to query the distributed database DNS can be considered a network layer protocol as it has to handle network layer address translation (to application layer names) 7. DNS stands for Distributed Naming System 8. DNS needs to be a distributed system for scalability purposes 9. DNS needs to be a distributed system mainly for robustness against failure (i.e., avoid single point of failure) 10. DNS uses only UDP at the transport layer 11. DNS uses TCP at the transport layer only if the application requiring the address conversion uses TCP 12. DNS can use TCP, although rarely, depending on the size of the query 13. DNS queries for separate hosts need to be carried over separate packets 14. DNS queries for separate hosts can be carried in the same packet only if the hosts have a common prefix 15. Originally, DNS top­level domain were seven (.com, .edu, .gov, .int, .mil, .org, .net) 16. DNS root servers know all the top­level domain servers 17. Nowadays, there are about a dozen root servers 18. Nowadays, there are more than 100 DNS top­level domains 19. Nowadays, there are more than 100 top­level servers 20. DNS top­level domain names are managed by IANA 21. DNS domain name are case sensitive 22. The leaf domain must be a single host 23. Leaf domain names cannot be longer than 16 characters 24. Full domain names cannot be longer than 255 characters 25. DNS limits the number of valid sub­domains 26. DNS subdomains are 4, one per each byte of the IP address 27. No organization can use more than two sub­domains (e.g., infres.enst, cs.yale) 28. Only public organizations can use more than two sub­domains 29. Domain names can be absolute or relative 30. Relative domain names always end with a dot “.” 31. Relative domain names always start with a dot “.” 32. To avoid database inconsistence, an organization cannot register under two distinct top level domains (e.g., sony.com, sony.biz) 33. DNS defines formal rules that dictates how sub­domain of top­level domains should be allocated (so, only for the first level) 34. DNS is used to map host names to IP addresses 35. DNS is used to map email addresses to IP addresses of the mail server 36. DNS is used to map MAC addresses to IP addresses 37. DNS can be used to map host names to MAC addresses 38. DNS resource records include a Time To Live field 39. The time to leave field is normally expressed in minutes 40. The time to leave information is usually tied to the DHCP lease information 41. Each host has at most one type A resource record 42. Some host (e.g. multi­homed) may have more type A record 43. The MX record specify the name of the server that accepts incoming mail for the domain 44. A cached record cannot be out of date because of the Time to Live field 45. An authoritative record cannot be out of date by design 46. The PTR field contain an alias of the host name used to perform reverse lookup (i.e., query for an IP address and return the corresponding domain name) 47. The HINFO field contains the hardware (i.e. MAC) address of the host 48. DNS is also used to perform load distribution among replicated servers 49. The CNAME field enable the load distribution by providing an alias to the hostname 50. The CNAME field of the DNS database contains the canonical name, that is, the name of the host without spaces and control characters 51. The use of the CNAME field is discouraged 52. DNS queries must be either recursive or iterative 53. DNS prefers iterative queries because they minimize the delay 54. DNS lookups cannot mix recursive and iterative queries 55. DNS caching is used to reduce the network load at the expense of the lookup latency 56. DNS caching rules forbid to cache top­level domain server queries 57. DNS non­authoritative server for a host may contains a Type A record of that host due to caching 58. Applications (e.g., Web browsers) can cache DNS query and response too Strange Correlations
(this question is heavily inspired by J. Rexford question “A rose by any other name”)
 Before the 9/11 attacks, the top­level domain (TLD) server for South Africa was located in New York City. Explain why the physical destruction on 9/11 disrupted Internet communication within South Africa (e.g., for a Web user in South Africa accessing a Web site in South Africa)?

Following up on the previous question, explain why the effects in South Africa took place gradually, disrupting progressively more communication within the country in the hours (and even days) after connectivity to NYC was lost.
Thoughts on Root Servers
How do the local DNS servers know the identity of the root servers?  Do you think root servers have to be treated differently from the other servers ?
 Why do you think that there are exactly 13 root servers?  How do you think a resolver chooses between the different root servers ?
 Imagine sending a DNS query to your local resolver that will surely end up to a DNS root server: how does such a query possible look like (I.e., what are you querying ?)
 What should happen if you repeated the same query above ?
 How many DNS questions do you think a root­server receives on a typical day ?
hint: see Wessel et al. “Wow, that's a lot of packets” in Passive and Active Measurement 2003, http://www.caida.org/outreach/papers/2003/dnspackets/wessels­pam2003.pdf

Caching (again, courtesy of J. Rexford)


Who determines the value of the time­to­live field that determines how long DNS servers cache a name­to­address mapping? What are the pros and cons of using a small value?
A local DNS server typically discards cached name­to­address mappings when the time­to­live expires. Alternatively, the local DNS server could optimistically issue a new query for the cached domain name. Given one advantage and one disadvantage of that approach.
Get your hands dirty
Comment the output of these lookup commands, and infer what DNS lookup command has been sent (i.e., what type A/NS/... of question and for what host). You can actually play with DNS using nslookup and dig commands on the Linux/Unix shell. (sorry for those of you who still use Windows, no help provided in this case.
ssh.enst.fr is an alias for ares.enst.fr
ares.enst.fr has no HINFO record
;; ANSWER SECTION:
1.86.192.130.in­addr.arpa. 86400 IN PTR serverlipar.polito.it.
;; ANSWER SECTION:
enst.fr. 170229 IN MX 10 smtp2.enst.fr.
;; AUTHORITY SECTION:
enst.fr. 141710 IN NS minos.enst.fr.
enst.fr. 141710 IN NS enst.enst.fr.
enst.fr. 141710 IN NS phoenix.uneec.eurocontrol.fr.
enst.fr. 141710 IN NS ns3.enst.fr.
enst.fr. 141710 IN NS infres.enst.fr.
;; ADDITIONAL SECTION:
smtp2.enst.fr. 955 IN A 137.194.2.14
infres.enst.fr. 12885 IN A 137.194.160.3
infres.enst.fr. 12885 IN A 137.194.192.1
ns3.enst.fr. 12885 IN A 137.194.32.84
ns3.enst.fr. 12885 IN AAAA 2001:660:330f:20::54
enst.enst.fr. 12885 IN A 137.194.2.16
;; ANSWER SECTION:
www.l.google.com. 250 IN A 209.85.135.103
www.l.google.com. 250 IN A 209.85.135.104
www.l.google.com. 250 IN A 209.85.135.147
www.l.google.com. 250 IN A 209.85.135.99
;; AUTHORITY SECTION:
l.google.com. 77445 IN NS g.l.google.com.
l.google.com. 77445 IN NS f.l.google.com.
l.google.com. 77445 IN NS e.l.google.com.
l.google.com. 77445 IN NS c.l.google.com.
l.google.com. 77445 IN NS d.l.google.com.
l.google.com. 77445 IN NS a.l.google.com.
l.google.com. 77445 IN NS b.l.google.com.
;; ADDITIONAL SECTION:
b.l.google.com. 79531 IN A 64.233.179.9
c.l.google.com. 79531 IN A 64.233.161.9
d.l.google.com. 79531 IN A 66.249.93.9
e.l.google.com. 79531 IN A 209.85.137.9
f.l.google.com. 79531 IN A 72.14.235.9
g.l.google.com. 79531 IN A 64.233.167.9
a.l.google.com. 79531 IN A 209.85.139.9
;; Query time: 2 msec
;; SERVER: 130.192.3.24#53(130.192.3.24)
;; WHEN: Mon Oct 1 18:15:16 2007
;; MSG SIZE rcvd: 322
Geeky stuff with DNS DNS can also be fun... at least, if you are a geek. Below, some examples of « creative » ways to use DNS functionalities that system administrators around the world have found. 
Helpful hints (1)
> quit
Server: rns1.earthlink.net
Address: 207.217.126.81
Name: type­exit­you­idiot.it.earthlink.net
Address: 206.149.249.11
Aliases: quit.it.earthlink.net
> exit
Helpful hints (2)

10:52pm ~/ARIN/CRC>nslookup quit
Server: nic1.concentric.net
Address: 205.158.16.5
Name: use­exit­to­quit.or­is­your­brain.missing.to
Address: 207.88.46.254
Aliases: quit.internex.net
Helpful hints (3)

lion$ nslookup 192.168.1.1 Server: nic1.concentric.net
Address: 205.158.16.5
Name: read­rfc1918­for­details.iana.net
Address: 192.168.1.1
You can find a few more others at http://www.netgeek.net/ If you like the kind of humor, you may consider reading the adventures of the BoFH http://
members.iinet.net.au/~bofh/ (this won't be in the exam however)
Case study: birth of a new domain
1. Assume you and your mates, of the Computer Science department of the recently founded Miskatonic University, want to start a Lovecraft fan­club webpage lovecraft.cs.miskatonic.edu . What is the logical chain and which are the entities involved in the process of domain name assignment (supposing that CS department maintains its own server) ? Describe the Resource Records (Name, Value, Type) at each server in the chain at the end of the process.
2. Now, the university decides to change its name in Kadath College. What should you and your mates have to do to reflect the correct change to lovecraft.cs.kadath.edu ?
3. Assuming all caches are empty, describes a DNS query from lovecraft.cs.kadath.edu for hp,cs.kadath.edu. Do the same for a DNS query from your home machine (assuming you leave out of the Kadath campus). 4. Assume the webpage at lovecraft.cs.kadath.edu contains the words “Work in progress’’. Assume again that you are at a geek­party and want to show to your nerd­mate this wonderful webpage you clearly are proud of. Assume further that your mate has never visited the page before, so his web browser start a recursive DNS query. Assume that, during the query, n distinct DNS servers must be contacted prior in order to obtain the IP of lovecraft.cs.kadath.edu . Denoting with RTTi the round trip delay between server i and server i+1, write an expression of the time that it takes before the webpage starts to be loaded. Assuming that the query is non­recursive and that RTTi denotes this time the round trip delay between the party machine and server i, how does the expression need to be changed ?
5. What happens when you misspell
lovecraft.cs.kadath.edu as lovecrqft.cs.kqdqth.edu (which is what happen when you’re using a QWERTY keyboard as an AZERTY and vice­versa) ? And what is the misspell is lovecrqft.cs.kadath.edu
6. Suddenly, the server where your webpage was hosted stop working. What should you do in case that the Ethernet card of the previous server was not damaged and can be reused ? What should you do if the Ethernet card has been damaged and cannot be reused ?
7. The IT staff decides to physically move all the servers from CS to EE department. What should you do to keep your lovecraft.cs.kadath.edu working ? Is it better to change the domain name into lovecraft.kadath.edu to avoid such problems ? In the latter case, what would you need to do ?