1 / 59

Understanding Passive FTP and Domain Name System in Computer Networks

Learn about the secure data transfer method Passive FTP, its benefits, differences from Normal FTP, and the role of Domain Name System (DNS) in simplifying network communication. This text also covers Trivial File Transfer Protocol (TFTP) and URL structure.

dellison
Download Presentation

Understanding Passive FTP and Domain Name System in Computer Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Passive FTP

  2. Passive FTP • Passive FTP is a more secure form of data transfer in which the flow of data is set up and initiated by the File Transfer Program (FTP) client rather than by the FTP server program. • FTP client programs sometimes allow the user to select passive FTP. • Most Web browsers (which act as FTP clients) use passive FTP by default.

  3. Passive FTP

  4. Passive FTP • Recall FTP consists of two connections, in normal FTP the client initiates the control connection, but the server establishes the data connection. • Some networks have firewalls that only allows connections that were initiated from within, this would rule out the data connection of a normal FTP session.

  5. “Normal” vs Passive FTP • Normal: Client initiates control and gives a port number to server which then initiates data connection. • Passive: Client initiates control and asks server to return over the control connection which port it intends to use (for data), then the client initiates a data connection using the port number supplied by the server.

  6. TFTP • Trivial File Transfer Protocol, a simple version of FTP, but TFTP uses the User Datagram Protocol (UDP) instead of TCP. • It is simpler, faster, requires less code. • But is less capable and less secure. • It is used where user authentication and directory visibility are not required. • It is often used by servers to boot diskless workstations, X-terminals, and routers. • Diskless workstations need operating systems too.

  7. Domain Name System Based on Computer Networks and Internets, Comer

  8. IP Addresses • Delivery at the Internet Layer of the TCP/IP is based on an IP address. • In IP(v4) it is a 32-bit number • E.g. 10001011010101000000101011111010 • To make an IP address somewhat more comprehensible, one can use the dotted decimal notation in which the IP is expressed as 4 decimal numbers between 0 and 255 separated by periods. • E.g. 139.84.10.250

  9. Domain names • In order to make network communication more user friendly, we use domain names in place of IP addresses. (The details necessary for the Internet Layer can be hidden from the user.) • The domain name is a symbolic string of characters that is easier to remember than an IP address. • E.g. alpha.lasalle.edu instead of 139.84.10.250 • If we used 8 bits to represent each character in alpha.lasalle.edu its would require 136 = 17*8, even more than IP(v6) • This scheme is known as the Domain Name System (DNS).

  10. URL • The domain name is familiar to you as part of the URL. • A Uniform Resource Locator is a file’s address on the Internet. • In addition to the domain name, a URL has an indication of the protocol being used (http, ftp, etc.) as well as the location (directory) and name of the file and perhaps an anchor indicating a specific part of the file. • http://www.lasalle.edu/lsu-site/it/notes.htm#attach

  11. URL (Cont.) • The HTTP server can be set up to access a default file or a default directory if none is indicated. • http://www.lasalle.edu • Most URLs use the default port, another part of the URL is the port number. • http://www.lasalle.edu:1234/it/fake.htm#attach • Sometimes used to test sights before making them available to the public

  12. Domain names are used in other services such as telnet

  13. Resolution/Translation • The domain name must be translated (a.k.a. resolved) into the equivalent IP address before it is used. • The basic mechanism is a lookup table, but because of the vastness of the Internet, the data is “distributed.” • “Distributed" is when programming and/or data are spread out over more than one computer. • Finally the resolved IP address (binary form, of course) is added to the IP datagram at the Network (Internet) Layer.

  14. Domain Name Server • The name resolution database is distributed over a large set of computers located at different sites across the Internet. • If a host needs an address resolved, it becomes a client of a “domain name server” or DNS server. • The client sends a request with a domain name to the domain name server which responds with the corresponding IP address.

  15. RFC 1034

  16. Client Server request Client DNS Server alpha.lasalle.edu reply DNS Server Client 139.84.10.250

  17. Server Hierarchy • If the first DNS server does not have a listing for the domain name, it the sends a request to the next DNS server, and so on, until the name is resolved. The first DNS server becomes a client to the second. DNS Server/ Client DNS Server Client

  18. Naming Hierarchy • Having the database distributed makes it easier to update. A given network administrator will be in charge of the name database for his or her network. • A central database would take autonomy away from the local administrator and complicate changes that would have to be sent to a central authority. • On the other hand, some aspect of the scheme must be centralized to enable address resolution beyond the local network. • ICANN (Internet Corporation for Assigned Names and Numbers) is the top-level authority.

  19. Naming Structure • Domain names are hierarchical with the “most significant” or “top-level” part on the right. • There are a fixed number of these top level domains (TLDs) • The left-most (“least significant”) segment of the name identifies an individual computer. • The intermediate segments in the name identify the group that owns the name. • ICANN does not specify the number of segments in a name, that is left for the organization using the name.

  20. TLDs • ICANN is in charge of the TLDs (top-level domains). • The TLDs indicate the type of group the name corresponds to • .com for business • .edu for school • A couple years ago ICANN accepted a new set of TLDs.

  21. Old set of TLDs

  22. Country Codes

  23. ICANN website

  24. Newer TLD’s

  25. Newer TLD’s (Cont.)

  26. DNS Names • Organizations apply for a name under one of the TLDs. • ICANN or one of their approved brokers will approve the request and assign the IP address that is associated with the name. The suffix used for the name must be unique within the TLD. • www.lasalle.edu • www.lasalle.com

  27. Location + Organization • DNS allows organizations to use a geographic registration. • Some countries have adopted a combination of geographic and organizational domain names, such as ac.uk, where • ac is academic • uk is United Kingdom

  28. Organizational Domain Names • After a name is assigned to a group, they can decide to add other hierarchical structure to the naming. • They may add a • computer.division.location.name.domain depending on how far they wish to extend the naming hierarchy. • Location is usually for several areas in the same group. • Division is usually for several divisions within the same area. • Computer is for a specific computer or server in a division within an area. • Any of these parts may be eliminated.

  29. Name hierarchy Top level domain Name assigned to group Additional hierarchy

  30. DNS Client-Server Model • DNS allows each organization to assign names to computers or to change those names without informing the central authority. • The organization controls all names with a particular suffix. • Most organizations have an Internet connection which runs a DNS. The server contains information about links to other domain name servers. • If an organization does not have a DNS server, it uses a service provided by its ISP.

  31. Name Translation • To translate a name to an IP address, the application sends a request to the local DNS server. • If the local DNS cannot supply the IP address, it sends a request to another server until the request is successfully processed. • DNS servers are arranged in a hierarchy similar to the name authority. A root server occupies the top of the hierarchy and is the authority for the top-level domain. • The root server contains information to reach the other name servers.

  32. DNS Server Hierarchy • Although the naming hierarchy helps to develop the connections between the DNS servers, the structure of each server is different. • The structure depends on the format used by the organization responsible for maintaining the name. • The organization may run one server or several servers depending on the organization level in the hierarchy.

  33. DNS Server Hierarchy • De-centralizing the name database by using several DNS servers allows the organizations responsible for generating the names to easily administer the database. • Multiple servers allow quicker name resolution. • Centralized DNS databases may not be able to handle all the requests or database maintenance.

  34. Root system server • Each TLD has a server at the top of the hierarchy. It is known as the root system server. • On a daily basis, this list is replicated to 12 other geographically dispersed file servers that are maintained by an assortment of agencies. The Internet routing system uses the nearest root server list to update routing tables.

  35. Multiple Servers • An organization can have one or several DNS servers. • The motivation for having multiple DNS servers is similar to that for having multiple segments (connected by bridges) or subnetworks connected by routers, it divides the traffic into local and non-local. (It balances the load.) • The DNS servers must be organized in a tree-like structure, each responsible for a “zone.”

  36. Server Links • A single name server is responsible for a zone , i.e. all computers in a given suffix. • Servers in the domain name system are linked together, making it possible to find the correct server by following the links. • Each server is configured to know the locations of servers that branch off from it (lower in the hierarchy). • Each server is configured to know the location of the server it branches off from (higher in the hierarchy).

  37. Name Resolution • Translation of a symbolic name to the IP address is called resolution. • If a server cannot answer a translation request directly, it sends the request to the root-server for the name. The root-server directs the request to the correct name server. • The eventual response is a translation or an indication that the address cannot be translated.

  38. Optimizing DNS Performance • Replication • Each root server is duplicated. There are many copies around the world. When a request is made, the server will receive the response from whichever root server is most responsive at a given time. Usually the closest geographical server is best. • Caching • Each server maintains a cache of names. The server places a copy of the binding in its cache. Before contracting another server to request a binding, it checks the cache. If the binding exists in the cache, the server uses the cached answer to generate a reply. • Hosts also cache.

  39. Replication • There is probably a DNS server within close geographic proximity to your access provider that maps the domain names in your Internet requests or forwards them to other servers in the Internet. • Replication leads to a distinction between primary, secondary and master DNS servers.

  40. Primary, secondary and master • Primary name server: server gets information for a zone from a local file • Secondary name server: receives its information from other servers (have copy of database but cannot update it) • Transferring information is known as “zone transfer” • Replication provides fault tolerance • Replication can prevent frequent transfer of information over slow connection • Replication can provide load balancing • Master zone: where the secondary zone gets its info (not necessarily primary)

  41. DNS Entry Types • There are different types of queries and different table listings. • It is possible to find a resolution (domain name/IP pair) for one type of query but not for another. • Using the same name for different types may inhibit some applications from working with a specific type. An email type name will not respond to ping or tracert message.

  42. DNS Entry Types • Type A • address type • Most common binding used for FTP, ping or WWW • MX (Mail eXchanger) • computer name found in the email address • Aliases-CNAME • symbolic links in a file — the entry provides an alias for another DNS entry. • Convenient because it permits organizations to change a computer that is used for a particular service without changing the name or address. You only need to change the server CNAME record.

  43. Same host/Different names

  44. Multiple DNS Types and Names • Allows a manager to use a single name for multiple purposes. • The type system that the DNS uses can produce unexpected results because some applications are able to work with multiple types. • Resolvers are programmed to handle abbreviated addresses by trying a set of suffixes. Abbreviations allowed on one system may not work on another.

  45. Local shortened version Our DNS server is programmed to try adding .lasalle.edu to a domain

  46. Reverse DNS lookup • Reverse DNS lookup is using an Internet IP address to find a domain name. • You may see a URL in which the domain name part is expressed as an IP address (in dotted decimal notation) and want to know to its domain name. • An Internet facility that lets you do either forward or reverse DNS lookup yourself is called nslookup.

  47. nslookup • nslookup is the name of a program that lets one enter a host name and find out the corresponding IP address. • nslookup will also let one enter an IP address and find out the corresponding domain name • nslookup sends a domain name query packet to a DNS server.

  48. nslookup ping also works

More Related