1 / 73

Computer Networks

Learn about the Domain Name System (DNS) and how it translates readable domain names into IP addresses. Explore the hierarchical structure of domain names and the different types of top-level domains. Understand the role of name servers and how they translate domain names into IP addresses using a decentralized database. Discover the resource records and principal DNS record types used in the DNS system.

Download Presentation

Computer Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Computer Networks Application layer Application layer -- May 2004

  2. Overview • DNS -- Domain Name System • E-mail • Terminal Access: TELNET Application layer -- May 2004

  3. Domain names • IP-addresses not user friendly  readable names telnet 134.58.42.36 telnet nix.cs.kuleuven.ac.be • Overview • Definition of Internet domain names • Translating domain names into IP addresses Application layer -- May 2004

  4. Domain names • Internet domain names • Hierarchical structure nix.cs.kuleuven.ac.be country code (Belgium) university (academic) K.U.Leuven dept. Computer science name of computer system Application layer -- May 2004

  5. Domain names • 3 groups Top Level Domains (TLD) • 2-letter country codes (ISO 3166) • generic names (similar organisations) • com commercial organisations • org non-commercial organisations (bv. Vzw) • int international organisations (nato, EU, …) • net companies offering network services • NEW: name, biz, info,… • names of organisations within USA • edu universities • gov US government • mil US army Application layer -- May 2004

  6. Domain names • View on Internet domain name space Application layer -- May 2004

  7. Domain names • Each TLD: • administrator (assign names within domain) • “be”: • till jan. 2000: dept. Computer science • now: vzw DNS BE (Ispa, Agoria, Beltug) • Each organisation with a domain name: • creates new names within its domain • E.g.. kuleuven.ac.be and kulak.ac.be • Hierarchical name structure + delegation = workable structure Application layer -- May 2004

  8. Translating domain names • Database • not centralised (bottleneck!) • name server • Translate domain name  IP-address • hierarchy of name server • For each domain (zone): separate (primary) name server • Zone = sub tree of name space tree • Primary name server • Gets info from a zone file on disk Application layer -- May 2004

  9. Domain names • Internet domain names <> zones Application layer -- May 2004

  10. Systems/subdomains type IP-adresof cs.kuleuven.ac.be nix A 134.58.42.36 idefix A 134.58.41.7 droopy A 134.58.41.10 stevin A 134.58.41.16 ... Translating domain names Name server of cs.kuleuven.ac.be A = Address Application layer -- May 2004

  11. Machines/subdomeinen type IP-adresvan kuleuven.ac.be cs NS 134.58.39.1 esat NS … www A … ... NS = NameServer Translating domain names Name server of kuleuven.ac.be Application layer -- May 2004

  12. Translating domain names • Resource records Application layer -- May 2004

  13. Translating domain names • Principal DNS Resource record types Application layer -- May 2004

  14. Translating domain names • Part of DNS database for cs.kuleuven.ac.be ; Authoritative data for cs.kuleuven.ac.be ; $TTL 86400 ; default TTL = 1 day @ IN SOA dns.cs.kuleuven.ac.be. postmaster.cs.kuleuven.ac.be. ( 2002042601 ; serial 10800 ; refresh (3h) 1800 ; retry (30m) 3600000 ; expire (>5w) 86400 ) ; default (1d) ; ; Application layer -- May 2004

  15. Translating domain names • Part of DNS database for cs.kuleuven.ac.be (cont.) ; General info for zone CS.KULEUVEN.AC.BE NS snoopy.cs.kuleuven.ac.be. NS dns.cs.kuleuven.ac.be. NS ns1.kulnet.kuleuven.ac.be. NS ns.be.ubizen.com. NS secdns.eunet.be. ; dns.cs.kuleuven.ac.be is used as secondary for be. and others dns A 134.58.40.4 ; general MX records cs.kuleuven.ac.be. MX 20 mailrelay.cs.kuleuven.ac.be. MX 100 mail.cc.kuleuven.ac.be. st.cs.kuleuven.ac.be. MX 10 st.cs.kuleuven.ac.be. MX 20 mailrelay.cs.kuleuven.ac.be. MX 100 mail.cc.kuleuven.ac.be. Application layer -- May 2004

  16. Translating domain names • Part of DNS database for cs.kuleuven.ac.be (cont.) calendar CNAME billie.cs.kuleuven.ac.be. ssh 3600 CNAME billie.cs.kuleuven.ac.be. lp-kleur CNAME delphi.cs.kuleuven.ac.be. lp-wit CNAME medusa.cs.kuleuven.ac.be. ; Cnames do not work for MX's ;ftp 3600 CNAME arachne.cs.kuleuven.ac.be. ftp 1800 A 134.58.40.10 MX 18 mail.cs.kuleuven.ac.be. MX 20 mailrelay.cs.kuleuven.ac.be. ; HINFO Sparc Solaris Application layer -- May 2004

  17. Translating domain names • Part of DNS database for cs.kuleuven.ac.be (cont.) ; our switch/router/firewall/ntp-server ; lswitch-cw A 134.58.250.50 A 134.58.39.254 A 134.58.41.254 A 134.58.42.254 A 134.58.43.254 A 134.58.44.245 A 134.58.45.254 A 134.58.46.254 MX 18 mail.cs.kuleuven.ac.be. MX 20 mailrelay.cs.kuleuven.ac.be. RP hostmaster contact.cs.kuleuven.ac.be. ; Application layer -- May 2004

  18. Translating domain names • Part of DNS database for cs.kuleuven.ac.be (cont.) snoopy A 134.58.41.8 A 134.58.42.3 A 134.58.43.4 A 134.58.45.1 A 134.58.46.63 A 134.58.39.1 MX 10 snoopy.cs.kuleuven.ac.be. MX 18 mail.cs.kuleuven.ac.be. MX 20 mailrelay.cs.kuleuven.ac.be. ; HINFO SunULTRA2Server Solaris Application layer -- May 2004

  19. Translating domain names • Part of DNS database for cs.kuleuven.ac.be (cont.) panoramix A 134.58.45.66 MX 10 panoramix.cs.kuleuven.ac.be. MX 18 mail.cs.kuleuven.ac.be. MX 20 mailrelay.cs.kuleuven.ac.be. RP pv contact.cs.kuleuven.ac.be. ; HINFO i86 Linux ubiz A 134.58.39.91 MX 18 mail.cs.kuleuven.ac.be. MX 20 mailrelay.cs.kuleuven.ac.be. RP pv contact.cs.kuleuven.ac.be. ; HINFO IBM_ThinkPad Windows2000 Application layer -- May 2004

  20. Translating domain names • Part of DNS database for .be $ORIGIN . $TTL 86400 ; 1 day be IN SOA master.ns.dns.be. tech.dns.be. ( 2002052301 ; serial 3600 ; refresh (1 hour) 1800 ; retry (30 minutes) 3600000 ; expire (5 weeks 6 days 16 hours) 600 ; minimum (10 minutes) ) NS dns.cs.kuleuven.ac.be. NS master.ns.dns.be. NS woluwe.ns.dns.be. NS hasselt.ns.dns.be. NS vilvoorde.ns.dns.be. Application layer -- May 2004

  21. Translating domain names • Part of DNS database for .be (cont.) $ORIGIN be. 007 NS ns3.asp NS ns4.asp ac NS ns.belnet NS ns1.surfnet.nl. NS ns3.belnet $ORIGIN ac.be. dns.cs.kuleuven A 134.58.40.4 $ORIGIN be. huens NS ns.be.ubizen.com. NS dns.cs.kuleuven.ac verbaeten NS ns.yournamehosting.com. NS ns.yournamewebhosting.com. Application layer -- May 2004

  22. Translating domain names • Name server of TLD names • = root name server • Known IP-address • Contains only references to TLD name servers Application layer -- May 2004

  23. www.cs.vu.nl 130.37.24.11 Root-NS Lokale NS (cs.kuleuven.ac.be) NS (nl) NS (vu.nl) 130.37.24.11 NS (cs.vu.nl) Resolving domain names Example : www.cs.vu.nl Application layer -- May 2004

  24. Resolving domain names 2 schemes • Iterative (see previous slide) • Name server returns reference • Recursive • Scheme of forwarding requests to “better” name servers • Correct figure? • Comparison? Application layer -- May 2004

  25. Resolving domain names • Cumbersome? • Name servers: “cache” • Translations are cached during the specified time (TTL) • Vulnerable? • Name server can crash • For each domain: many name servers • One primary: returns authoritative records • At least one secondary: return cached records, possibly out of date Application layer -- May 2004

  26. DNS Security Normal situation. • Can we trust the DNS Replies? Application layer -- May 2004

  27. DNS Security Normal situation. • Can we trust the DNS Replies? An attack based on breaking into DNS and modifying Bob's record. Application layer -- May 2004

  28. DNS Security • How Trudy spoofs Alice's ISP. • Reply faster than DNS server! Application layer -- May 2004

  29. DNS Security • Solution: DNSsec • New records • KEY: public key of zone • SIG: signed (with secret key) hash of set of resource records • Signed Replies from servers • Set of resource records (RRSets) • SIG Application layer -- May 2004

  30. DNS security • Resource Record set for bob.com: • A-record(s) for bob.com • Public key for bob.com • Signature of hash of A record & Key record, signed with signature of com Application layer -- May 2004

  31. Overview • DNS -- Domain Name System • E-mail • Terminal Access: TELNET Application layer -- May 2004

  32. Major components: User agent Mail servers = Transfer agents Protocols Transfer: SMTP Access: POP, IMAP user agent user agent user agent user agent user agent user agent SMTP SMTP SMTP mail server mail server mail server outgoing message queue user mailbox E-mail POP IMAP SMTP POP Application layer -- May 2004

  33. E-mail: user agent • Internet E-mail addresses pv@cs.kuleuven.be Pierre.Verbaeten@cs.kuleuven.be nachtradio@vrt.be • after @: domain name • before @: • login_name • FirstName.LastName • Name_of_Group Application layer -- May 2004

  34. E-mail: user agent • E-mail programs • Often (mostly) graphical user interface • functionality: • receive & read messages • compose & send a message • reply to a message • forward a message • Store messages in folders • maintain file with addresses • E.g.: Netscape, Exchange, Eudora, pine, elm, ... Application layer -- May 2004

  35. E-mail: user agent • E-mail program: Netscape Application layer -- May 2004

  36. E-mail: message • RFC 822: standard for text message format: • Structure of a message • Header From: sender To: destination Cc: copy to … Subject: • Blank line • Message body • Must be ASCII!!! header body Application layer -- May 2004

  37. E-mail: message Subject: mail voor luce Date: Mon, 20 May 2002 10:21:34 +0200 From: Jean Huens <Jean.Huens@cs.kuleuven.ac.be> To: Pierre Verbaeten <Pierre.Verbaeten@cs.kuleuven.ac.be> CC: Bart Swennen <Bart.Swennen@cs.kuleuven.ac.be> Pierre, vermits jullie in Leuven wonen kan je voor Luce ook een postbox.be adres krijgen. info op www.postbox.be Jean Application layer -- May 2004

  38. E-mail: message • RFC 822 Header fields, related to transport Application layer -- May 2004

  39. E-mail: message • Other RFC 822 header fields Application layer -- May 2004

  40. mail server = system responsible for the E-mail handling within an organisation: Talks smtp with other mail servers Stores received messages for local users in its mailbox Sends messages for remote users to the appropriate mail server Accepts mail from local user agents user agent user agent user agent SMTP SMTP SMTP mail server mail server mail server E-Mail: mail servers SMTP Application layer -- May 2004

  41. Defined in RFC 821 Interaction in command/response mode three phases of transfer handshaking (greeting) transfer of messages closure messages must be 7-bit ASCII server E-Mail: smtp protocol Sending server or User agent commands client response reliable transfer Application layer -- May 2004

  42. E-Mail: smtp protocol • try smtp interaction for yourself: • telnetservername25 • wait for reply from server:220 … • enter commands:HELO, MAIL FROM, RCPT TO, DATA, QUIT • send an email without using email client (reader) Application layer -- May 2004

  43. E-Mail: smtp protocol: example • Connect to mail server …. billie$ telnet mail.cs.kuleuven.ac.be 25 Trying 134.58.41.11... Connected to mail.cs.kuleuven.ac.be. Escape character is '^]'. 220 iris.cs.kuleuven.ac.be ESMTP Mail Transfer Agent ; Wed, 22 May 2002 16:31:50 +0200 (MEST) • Dialogue with mail server Application layer -- May 2004

  44. E-Mail: smtp protocol : example • Dialogue with mail server HELO ubiz.cs.kuleuven.ac.be 250 iris.cs.kuleuven.ac.be Hello billie.cs.kuleuven.ac.be [134.58.41.39], pleased to meet you MAIL FROM Pierre.Verbaeten@cs.kuleuven.ac.be 501 5.5.2 Syntax error in parameters scanning "FROM" MAIL FROM: Pierre.Verbaeten@cs.kuleuven.ac.be 250 2.1.0 Pierre.Verbaeten@cs.kuleuven.ac.be... Sender ok RCPT TO:Jean.Huens@cs.kuleuven.ac.be 250 2.1.5 Jean.Huens@cs.kuleuven.ac.be... Recipient ok DATA 354 Enter mail, end with "." on a line by itself • Enter Message (header + body) Application layer -- May 2004

  45. E-Mail: smtp protocol : example • Enter Message (header + body) Subject: test Date Wed, 22 May 2002 16:35:00 From: Pierre.Verbaeten@cs.kuleuven.ac.be To: Jean.Huens@cs.kuleuven.ac.be ingetikte mail Pierre . 250 2.0.0 g4MEXXG06443 Message accepted for delivery QUIT 221 2.0.0 iris.cs.kuleuven.ac.be closing connection Connection closed by foreign host. billie$ Application layer -- May 2004

  46. summary Simple text based protocol: 7-bit ascii Line with “.” only to indicate end of message This string excluded inside message smtp requires reliable connections TCP: reliable byte stream ESMTP extensions Negotiate special services other contents: voice, video,… MIME extensions E-Mail: smtp protocol Application layer -- May 2004

  47. E-Mail: esmtp extensions • Approach • EHLO command: extensions available at server? • Symbolic name for each extension • Optional parameters for MAIL FROM: & RCPT TO • Some extensions • 8BITMIME: 8 bit data, still lines • BINARYMIME: arbitrary data • SIZE: server informs client of max size of message • CHECKPOINT: support for resuming broken sessions • DSN: delivery status notification Application layer -- May 2004

  48. MIME: multimedia mail extension, RFC 1341, 1521 additional lines in message header declare MIME content type Content encoded into ascii text E-Mail: MIME extensions MIME version From: Pierre.Verbaeten@cs.kuleuven.ac.be To: hilde@yahoo.com Subject: Picture MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Type: image/jpeg base64 encoded data ..... ......................... ......base64 encoded data method used to encode data multimedia data type, subtype, encoded data Application layer -- May 2004

  49. E-Mail: MIME extensions • RFC headers related tp MIME Application layer -- May 2004

  50. E-Mail: MIME extensions • Mime types/subtypes RFC 1521 Application layer -- May 2004

More Related