Chapter 2, Section 4: DNS (Domain Name System)

¡Supera tus tareas y exámenes ahora con Quizwiz!

Authoritative DNS servers:

organization's own DNS server(s) ,providing authoritative hostname to IP mappings for organization's named hosts can be maintained by organization or service provider

Recursive query

puts burden of name resolution on contacted name server heavy load at upper levels of hierarchy

DNS protocol messages

query and reply messages both with same message format

Top-level domain (TLD) servers:

responsible for com,org,net,edu, aero, jobs, museums, and all top-level country domains, ex.:uk, fr,ca, jp Network Solutions maintains servers for .com TLD Educause for .edu TLD.

Exploit DNS for DDoS

send queries with spoofed source address: target IP requires amplification

type=A

name is hostname value is IP address

redirect attacks

man-in-middle: intercept queries DNS poisoning: send bogus relies to DNS server ,caches

type=MX

value is name of mailserver associated wit name

Domain Name System:

Distributed database implemented in hierarchy of many name servers application-layer protocol:hosts,name servers communicate to resolve names (address/name translation) - core Internet function,implemented as application-layer protocol. complexity at network's "edge"

DDoS attacks

bombard root servers with traffic: not successful to date traffic filtering local DNS servers cache IPs of TLD servers,allowing root server bypass bombard TLD servers: potentially more dangerous

Iterated query

contacted server replies with name of server to contact

DNS Records

distributed database storing resource records (RR)

Local DNS name server

does not strictly belong to hierarchy each ISP (residential ISP,company,university) has one. also called "default name server" when host makes DNS query,query is sent to its local DNS server has local cache of recent name-to-address translation pairs(but may be out of date!) acts as proxy,forwards query into hierarchy

DNS Services

hostname to IP address translation. host aliasing-canonical,alias names mail server aliasing load distribution replicated web servers: many IP addresses correspond to one name.

type=CNAME

name is alias name for some "canonical" (the real) name value is canonical name

type=NS

name is domain (ex. foo.com) value is hostname of authoritative name server for this domain

DNS: caching,updating records

once (any) name server learns mapping,it caches mapping-cache entries timeout (disappear) after some time (TTL) TLD servers typically cached in local name servers.-thus root name servers not often visited cached entries may be out-of-date (best effort name-to-address translation!)- if name host changes IP address,may not be known internet-wide until all TTLs expire update/notify mechanisms proposed IETF standard :RFC 2136

why not centralize DNS?

single point of failure. traffic volume. distant centralized database. maintenance.


Conjuntos de estudio relacionados

Programming Logic and Design 3rd Edition Chapter 1 Review

View Set

U5L2: The Supreme Court and Other Courts

View Set

Language Development of Children

View Set

Hartman's Nursing Assistant Long Term Care Chapter 1 and 2

View Set

Exemplar 5.A - Benign Prostatic Hyperplasia

View Set

Pharmacology II Fluid and Electrolytes

View Set

TExES Core Social Studies TEST Questions

View Set