DNS servers

advertisement
ISP Services
Working at a Small-to-Medium Business or ISP – Chapter 7
Copyleft 2012 Vincenzo Bruno (www.vincenzobruno.it)
Released under Crative Commons License 3.0 By-Sa
Cisco name, logo and materials are Copyright Cisco Systems Inc. 1
Overview
Customer Requirements
Scenarios
Customer Requirements
Scenarios
Scenario 1 - The customer owns and manages all their own network equipment
and services. These customers only need reliable Internet connectivity from the
ISP.
Scenario 2 - The ISP provides Internet connectivity. The ISP also owns and
manages the network connecting equipment installed at the customer site. ISP
responsibilities include setting up, maintaining, and administering the
equipment for the customer. The customer is responsible for monitoring the
status of the network and the applications, and receives regular reports on the
performance of the network.
Scenario 3 - The customer owns the network equipment, but the applications
that the business relies on are hosted by the ISP. The actual servers that run the
applications are located at the ISP facility. These servers may be owned by the
customer or the ISP, although the ISP maintains both the servers and the
applications. Servers are normally kept in server farms in the ISP network
operations center (NOC), and are connected to the ISP network with a highspeed switch.
Reliability, Availability, SLA
●
Reliability can be measured in two ways:
●
●
●
●
●
mean time between failure (MTBF): Equipment manufacturers specify MTBF based on
tests they perform as part of manufacturing. The measure of equipment robustness is fault
tolerance. The longer the MTBF, the greater the fault tolerance.
mean time to repair (MTTR): is established by warranty or service agreements.
An equipment failure impacts the ability of the ISP to meet the terms of the SLA. To
prevent this, an ISP may purchase expensive service agreements for critical
hardware to ensure rapid manufacturer or vendor response. An ISP may also choose
to purchase redundant hardware and keep spare parts on site.
Availability is normally measured in the percentage of time that a resource is
accessible. Traditionally, telephone services are expected to be available 99.999% of
the time. This is called the five-9s standard of availability.
As ISPs offer more critical business services, such as IP telephony or high-volume
retail sale transactions, ISPs must meet the higher expectations of their customers.
ISPs ensure accessibility by doubling up on network devices and servers using
technologies designed for high availability. In redundant configurations, if one device
fails, the other one can take over the functions automatically.
Redundance
TCP/IP transport protocols
TCP/IP Layers
OSI and TCP/IP
The TCP/IP model and the OSI model have similarities and differences.
●
●
Similarities
●
Use of layers to visualize the interaction of protocols and services
●
Comparable Transport and Network layers
●
Used in the networking field when referring to protocol interaction
Differences
●
●
OSI model breaks the function of the TCP/IP Application Layer into
distinct layers. The upper three layers of the OSI model specify the same
functionality as the Application Layer of the TCP/IP model.
The TCP/IP suite does not specify protocols for the physical network
interconnection. The two lower layers of the OSI model are concerned
with access to the physical network and the delivery of bits between hosts
on a local network.
TCP and UDP
●
●
●
●
●
●
●
●
●
TCP is a reliable, guaranteed-delivery protocol.
TCP specifies the methods hosts use to acknowledge the receipt of packets, and requires
the source host to resend packets that are not acknowledged.
TCP also governs the exchange of messages between the source and destination hosts to
create a communication session.
TCP is often compared to a pipeline, or a persistent connection, between hosts. Because
of this, TCP is referred to as a connection-oriented protocol.
TCP requires overhead, which includes extra bandwidth and increased processing, to
keep track of the individual conversations between the source and destination hosts and to
process acknowledgements and retransmissions
UDP is a very simple, connectionless protocol. It provides low overhead data delivery.
UDP is considered a "best effort" Transport Layer protocol because it does not provide
error checking, guaranteed data delivery, or flow control.
Because UDP is a "best effort" protocol, UDP datagrams may arrive at the destination out
of order, or may even be lost all together.
Applications that use UDP can tolerate small amounts of missing data. An example of a
UDP application is Internet radio. If a piece of data is not delivered, there may only be a
minor effect on the quality of the broadcast.
TCP and UDP
Encapsulations
Three Way Handshake
●
●
Before a TCP session can be used, the source and destination hosts exchange
messages to set up the connection over which data segments can be sent. The
two hosts use a three step process to set up the connection.
In the first step, the source host sends a type of message, called a
Synchronization Message, or SYN, to begin the TCP session establishment
process. The message serves two purposes:
●
●
●
●
●
It indicates the intention of the source host to establish a connection with the
destination host over which to send the data.
It synchronizes the TCP sequence numbers between the two hosts, so that each host
can keep track of the segments sent and received during the conversation.
For the second step, the destination host replies to the SYN message with a
synchronization acknowledgement, or SYN-ACK, message.
In the last step, the sending host receives the SYN-ACK and it sends an ACK
message back to complete the connection setup. Data segments can now be
reliably sent.
This SYN, SYN-ACK, ACK activity between the TCP processes on the two hosts
is called a three-way handshake
TCP Timer and Order
●
●
The timer allows sufficient time for the message to reach the destination
host and for an acknowledgement to be returned.
If the source host does not receive an acknowledgement from the
destination within the allotted time, the timer expires, and the source
assumes the message is lost.
●
The portion of the message that was not acknowledged is then re-sent.
●
TCP also specifies how messages are reassembled at the destination host.
●
Each TCP segment contains a sequence number.
●
●
At the destination host, the TCP process stores received segments in a
buffer. By evaluating the segment sequence numbers, the TCP process
can confirm that there are no gaps in the received data.
When data is received out of order, TCP can also reorder the segments as
necessary.
UDP uses
●
Although the total amount of UDP traffic found on a typical
network is often relatively low, Application Layer protocols that
do use UDP include:
●
Domain Name System (DNS)
●
Simple Network Management Protocol (SNMP)
●
Dynamic Host Configuration Protocol (DHCP)
●
RIP routing protocol
●
Trivial File Transfer Protocol (TFTP)
●
Online games
●
Audio and video streaming
TCP and UDP datagrams
Multiple Services with Ports
Host Names
●
●
●
●
Virtually all computer systems still maintain a local HOSTS file.
A local HOSTS file is created when TCP/IP is loaded on a host
device.
As part of the name resolution process on a computer system,
the HOSTS file is scanned even before the more robust DNS
service is queried.
A local HOSTS file can be used for troubleshooting or to
override records found in a DNS server
DNS Hierarchy
●
●
●
●
DNS uses domain names to form the hierarchy.
The naming structure is broken down into small, manageable
zones.
Each DNS server maintains a specific database file and is only
responsible for managing name-to-IP mappings for that small
portion of the entire DNS structure.
When a DNS server receives a request for a name translation
that is not within its DNS zone, the DNS server forwards the
request to another DNS server within the proper zone for
translation
DNS Process
Resolvers
●
●
●
●
●
Resolvers are applications or operating system functions that
run on DNS clients and DNS servers.
When a domain name is used, the resolver queries the DNS
server to translate that name to an IP address.
A resolver is loaded on a DNS client, and is used to create the
DNS name query that is sent to a DNS server.
Resolvers are also loaded on DNS servers.
If the DNS server does not have the name-to-IP mapping
requested, it uses the resolver to forward the request to
another DNS server.
DNS Hierarchy and FQDN
●
●
●
●
●
●
The root DNS server may not know exactly where the host
H1.cisco.com is located, but it does have a record for the .com toplevel domain.
Likewise, the servers within the .com domain may not have a
record for H1.cisco.com either, but they do have a record for the
cisco.com domain
The DNS servers within the cisco.com domain do have the
record for H1.cisco.com and can resolve the address
DNS relies on this hierarchy of decentralized servers to store and
maintain the resource records.
The resource records contain domain names that the server can
resolve, and alternate servers that can also process requests.
The name H1.cisco.com is referred to as a fully qualified domain
name (FQDN) or DNS name, because it defines the exact location
of the computer within the hierarchical DNS namespace.
DNS Name Resolution
Dynamic DNS Updates
●
●
●
●
●
To make updating the DNS zone information easier, the DNS
protocol was changed to allow computer systems to update
their own record in the DNS zone through dynamic updates.
Dynamic updates enable DNS client computers to register and
dynamically update their resource records with a DNS server
whenever changes occur.
To use dynamic update, the DNS server and the DNS clients, or
DHCP server, must support the dynamic update feature.
Dynamic updates on the DNS server are not enabled by default,
and must be explicitly enabled. Most current operating systems
support the use of dynamic updates
Two methods: client update or DHCP server update
1: The Client updates DNS
2: DHCP Server updates DNS
DNS Zones
●
●
●
●
●
DNS servers maintain the zone database for a given portion of
the overall DNS hierarchy.
Resource records are stored within that DNS zone.
DNS zones can be either a forward lookup or reverse lookup
zone.
They can also be either a primary or a secondary forward or
reverse lookup zone.
Each zone type has a specific role within the overall DNS
infrastructure.
Forward and Reverse Lookup
Zones
●
A forward lookup zone is a standard DNS zone that resolves fully
qualified domain names to IP addresses.
●
●
●
This is the zone type that is most commonly found when surfing the
Internet.
When typing a website address, such as www.cisco.com, a recursive
query is sent to the local DNS server to resolve that name to an IP
address to connect to the remote web server.
A reverse lookup zone is a special zone type that resolves an IP
address to a fully qualified domain name.
●
●
●
Some applications use reverse lookups to identify computer systems
that are actively communicating with them.
There is an entire reverse lookup DNS hierarchy on the Internet that
enables any publicly registered IP address to be resolved.
Many private networks choose to implement their own local reverse
lookup zones to help identify computer systems within their network.
Reverse lookup commands
●
●
●
Reverse lookups on IP addresses can be found using the
ping -a [ip_address] command (only on windows).
In Gnu/Linux add -x to the dig command:
●
dig www.fis.unical.it (forward lookup)
●
dig -x 192.167.201.212 (reverse lookup)
The most common uses of the reverse DNS are:
●
Anti-spam
●
Network troubleshooting
●
Avoid spammers and phishers using a forward confirmed reverse
DNS etc
Primary and Secondary Zones
●
Primary Zones: A primary DNS zone is a zone that can be modified.
●
●
●
●
When a new resource record needs to be added or an existing record needs
to be updated or deleted, the change is made on a primary DNS zone.
When you have a primary zone on a DNS server, that server is said to be
authoritative for that DNS zone, since it will have the answer for DNS queries
for records within that zone.
There can only be one primary DNS zone for any given DNS domain;
however, you can have a primary forward and primary reverse lookup zone.
A secondary zone is a read-only backup zone maintained on a separate
DNS server than the primary zone.
●
●
●
The secondary zone is a copy of the primary zone and receives updates to
the zone information from the primary server.
Since the secondary zone is a read-only copy of the zone, all updates to the
records need to be done on the corresponding primary zone.
You can also have secondary zones for both forward and reverse lookup
zones. Depending on the availability requirements for a DNS zone, you may
have many secondary DNS zones spread across many DNS servers.
End of lesson
Download