internet engineering course dhcp, dns. introduction client administration: ◦ ip address...
TRANSCRIPT
IntroductionClient administration:
◦ IP address management: They need to ease the process of joining the network
and they do not want users to do any special configuration
They want to network boot their workstations i.e. Diskless workstations or remote OS installation (acquiring
the network setting during boot process) Solution: Deploy a DHCP server
◦Machine names management: They need to be able to name machines and access
them by names instead of IP addresses Solution: Deploy A DNS server
So we discuss on DHCP and DNS in this session
DHCP Provides configuration parameters specific to the DHCP
client host to participate on an IP network Methods of IP allocation
◦ Manual Only requesting clients with a MAC address listed in the
table (MAC-IP pairs) get the IP address according to the table
◦ Automatic DHCP server permanently assigns to a requesting client a
free IP-address from a range given by the administrator◦ Dynamic
The only method which provides dynamic re-use of IP addresses
The request-and-grant process uses a lease concept with a controllable time period.
DHCP cont. DHCP server can provide optional configuration
◦ e.g. Subnet Mask, Name Server, …◦ RFC 2132 defines DHCP options Usage
DHCP relay agent (mostly in network routers/high-end switches)◦ Relays DHCP Discover broadcasts from a LAN
without DHCP to a network which has one Usage
◦ Cable Internet providers◦ DSL providers◦ broadband ISP networks◦ Office networks◦ public internet access◦ Places where there are mobile nodes that want to
access the net
DHCP Implementations Microsoft introduced DHCP on their servers with
Windows NT 3.5 in late 1994◦ DHCP did not originate from Microsoft
Internet Software Consortium published DHCP for Unix variants◦ Version 1.0.0 released on December 6, 1997◦ Version 2.0 on June, 1999 – A more RFC-compliant
one Novell included a DHCP server in NetWare OS since v.
5, 1999◦ It integrates with Novell eDirectory
Cisco since Cisco IOS 12.0 in February 1999 Sun added DHCP support in Solaris 8, July 2001
BOOTPBOOTstrap Protocol (RFC 951)UDPUsed to obtain IP address automatically
◦ Usually in booting process of computers or OSs Diskless workstations
Historically used for UNIX-like diskless workstations◦ Also obtains the locations of the boot image
Also can be used for installing a pre-configured OS
Protocol became embedded in the BIOS of some NICs◦ Allowing direct network booting without need for a
floppy
BOOTP cont.Recently is used for booting a Windows
OS in diskless standalone media center PCs
DHCP is a more advanced protocol base on BOOTP◦Far more complex to implement than BOOTP◦Most DHCP servers also offer BOOTP
support◦Duration based leases is the fundamental
addition in DHCP Dynamic in DHCP is for this
DHCP Anatomy Uses the same IANA assigned ports as BOOTP
◦ 67/udp for the server, 68/udp for the client DHCP Messages
◦ Discover Client broadcasts on the local physical subnet to find
servers UDP packet (broadcast dest. 255.255.255.255)
Also request last-known IP address (optional parameter)◦ Offer
Server determines the configuration based on the client’s MAC addr.
Server specifies the IP address and put optional parameters
◦ Request Client selects a configuration out the DHCP Offer
packet and broadcasts it again◦ Acknowledge
Server acknowledges the request and sends the ack to the client
DHCP Anatomy cont.◦Inform
Client requests more information than the server sent with the DHCPACK, or to repeat data for a particular application (e.g. to obtain web proxy settings by a browser)
◦Release Client requests the server to release the
DHCP and the client unconfigures its IP address
Sending this message is not mandatory (unplug or …)
RARP ARP
◦ Address Resolution Protocol◦ Resolve a hardware address from a given IP address◦ Try arp command in both Windows and Linux
RARP◦ Reverse Address Resolution Protocol (RFC 903)◦ Complement of ARP◦ Resolve an IP address from a given hardware
address◦ Needs manual configuration on a central server
Not scalable◦ Obsolete by BOOTP and the more modern DHCP◦ Try rarp command in Linux (if supported by Kernel),
and RARP daemon - RARPd
DNSDomain Name System (RFC 1034, 1035)
◦RFC 1034 and 1035 made RFC 882, 883 obsoleteA system that stores info associated with
domain names in a distributed database on networks (such as Internet)
Many types of information for the domain are provided by DNS◦Most important, IP address associated with
domain nameMainly UDP
◦TCP only when response data size exceeds 512 bytes or for things like zone transfer
DNS is DecentralizedNo single point of failureLess traffic volumeEasier maintenanceScalableLess distant (delay) issuesDelegation
ResolversClients that access name servers
◦Querying a name server◦ Interpreting responses◦Returning the information to the programs
that requested itIn BIND, the resolver is just a set of library
routines that is linked into programs◦Not even a separate process ◦Most of the overhead of finding an answer to
the query is placed on the name server ◦The DNS specs call this kind of resolver a stub
resolver
Types of DNS ServersPrimary master
◦ Reads the data for the zone from a file on its hostSecondary master (Slave)
◦ Gets the zone data from another ns that is authoritative for the zone (master server)
◦ Often, master server is the zone’s primary master Not always the case Secondary master may get the info from another secondary
server◦ Zone transfer
Contacting master ns and if necessary pulling the zone data◦ Redundancy
Both◦ An authoritative ns may be master for some of its zones
and be slave for some others◦ It’s imprecise to call an ns, master or slave!
DNS ApplicationsAttach IP addresses to domain
names (ease of use)Many to many mapping
◦Virtual HostingSender Policy FrameworkMakes it possible for people to
assign authoritative names, without needing to communicate with a central registrar
Load balancing between hosts
DNS HistoryIdea in ARPAnetOriginally, each computer retrieved a file
called HOSTS.TXT which contained the mappings◦ Hosts file exists today (Looked up before querying
DNS) /etc/hosts, C:\WINDOWS\system32\drivers\etc\hosts
◦ Limitations Not scalable Each time a given computer’s address changed, all
computers should update their Hosts file
DNS invented by Paul Mockapetris in 1983◦ First implementation was called JEEVES by himself
Parts of a Domain NameDomain name consists of two or more
parts separated by dots (eng.ui.ac.ir for example)◦Rightmost label: Top-level domain (ir)◦Each label to the left specifies a subdomain
of the domain above it. ac is a subdomain of the ir domain ui is a subdomain of the ac.ir domain Theoretical limits: 127 level, each level 63 chars,
total domain name 255 chars
◦A domain name with one or more IP addresses is called a hostname (eng.ui.ac.ir, ui.ac.ir but not ac.ir)
A Distributed Hierarchical Database
Root Servers (13 root servers worldwide)
TLD Servers (.com, .org, .net, .uk, .ir, …)
Authoritative DNS Servers (organization’s DNS server)
Distributed, Hierarchical Database
Root servers and TLD servers typically do not contain hostname to IP mappings; they contain mappings for locating authoritative servers.
Root DNS Servers
com DNS servers ir DNS servers edu DNS servers
poly.eduDNS servers
umass.eduDNS servers
yahoo.comDNS servers
amazon.comDNS servers
ac.irDNS servers
TLDServers
co.irDNS servers
Local DNS ServerDoes not belong to hierarchyAlso called default name serverActs as a proxy (forwarder),
forwards query into hierarchy◦Caches the results if of interest
DNS QueriesRecursive
◦Contacted name server should recurs and find the mapping for the requesting host
◦Heavy load on the serversIterative
◦Contacted server replies with the name of the server to contact
◦An ns provides the name of the next ns Bootstrapping problem (another query is
required and …) So the IP of the next ns is provided
Glue record
DNS QueriesRecursive
query example
requesting host
gaia.cs.umass.edu
root DNS server
local DNS serverNs.ui.ac.ir
1
2
45
6
authoritative DNS serverdns.cs.umass.edu
7
8
TLD DNS server
3
DNS QueriesIterative query
example
requesting host
gaia.cs.umass.edu
root DNS server
local DNS serverns.ui.ac.ir
1
23
4
5
6
authoritative DNS serverdns.cs.umass.edu
78
TLD DNS server
DNS Caching and Updating RecordsOnce a name server learns mapping, it
caches it◦It’ll expire (TTL defined by the
authoritative server)◦TLD servers typically cached in local
name server Root name servers not often visited
Update/Notify Mechanisms◦RFC 2136
DNS records
DNS: distributed db storing resource records (RR)
Type=NS◦ name is domain (e.g.
foo.com)◦ value is IP address of
authoritative name server for this domain
RR format: (name, value, type, ttl)
Type=A name is hostname value is IP address
Type=CNAME name is alias name for some
“canonical” (the real) name www.ibm.com is really servereast.backup2.ibm.com value is canonical name
Type=MX value is name of mail server
associated with name
Legal Users of DomainsRegistrantAdministrative contactTechnical contactBilling contactName servers
Try whois in Linux and see these information for different hosts
DNS SoftwareBIND (Berkeley Internet Name Daemon) – full
featured, most popular, de facto Internet standard Djbdns (Daniel J. Bernstein's DNS) – composed of
several small-footprint components MaraDNS – UDP only VitalQIP (Lucent Technologies) Adonis DNS Management Appliance (BlueCat
Networks Inc) NSD (Name Server Daemon) – small footprint,
UDP only, authoritative only PowerDNS Microsoft DNS (in the server editions of
Windows 2000 and Windows 2003)
ReferencesWikipedia, the free encyclopedia
◦http://en.wikipedia.org/wiki/Domain_Name_System
Computer Networking: A Top Down Approach Featuring the Internet, 3rd edition, Jim Kurose, Keith Ross, Addison-Wesley, July 2004
DNS and BIND, 3rd edition, Cricket Liu, Paul Albitz, O’Reilly, September 1998
BIND9 Administrator Reference Manual