430 likes | 736 Views
Name Resolution in Windows Server 2008 (R2). DNS & PNRP. Name Resolution Overview. NetBIOS name resolution Host name resolution Peer Name Resolution. Name Resolution Overview.
E N D
Name Resolution in Windows Server 2008 (R2) DNS & PNRP
Name Resolution Overview • NetBIOS name resolution • Host name resolution • Peer Name Resolution
Name Resolution Overview • NetBIOS name resolution* Originally a broadcast-based NR protocol in PC-LAN & LM networks on top of NetBEUI* Based on single-label names (non-hierarchical)* Uses lmhosts (static) files, broadcasts and WINS (NBNS) servers in TCP/IP networks • Host name resolution* Original ARPANET (Internet) NR protocol* Based on multi-level names (hierarchical)* Distributed database model* Uses hosts (static) files and DNS Servers
Name Resolution Overview • Peer Name Resolution* Strictly for IPv6 addresses* Distributed and serverless protocol* Real-time updates* Adresses computers, ports and services* Unsecured or secured with PK-cryptography
Protocol stack comparison WinSock Interface NetBIOS Interface SMB SMB, CIFS, HTTP A P NetBEUI(NBF) S TCP UDP T IP N LLC MAC D ARP, PPP, xDLC 802.n 802.n medium medium P Unicast NR Traffic Broadcast NR Traffic
Protocol stack comparison WinSock Interface NetBIOS Interface NBT SMB SMB, CIFS, HTTP A P S NetBIOS over TCP/IP helper TCP UDP T IP N LLC MAC ARP, PPP, xDLC D 802.n medium P Unicast NR Traffic Broadcast NR Traffic
a.root-servers.net b.root-servers.net c.root-servers.net d.root.servers.net e.root-servers.net f.root-servers.net g.root-servers.net … l.root-servers.net m.root-servers.net Internet DNS Namespace “ “ root “13” root-servers.net .org .com .net .edu gTLD’s .gov .mil .int generic Top Level Domains Second Level Domains .mit .yale .ucla .navy .army .airforce Third Level Domains .law .math .physics
a.root-servers.net b.root-servers.net c.root-servers.net d.root.servers.net e.root-servers.net f.root-servers.net g.root-servers.net … l.root-servers.net m.root-servers.net Internet DNS Namespace “ “ root “13” root-servers.net .org .com .net .edu gTLD’s .gov .mil .int generic Top Level Domains Second Level Domains .mit .yale .ucla .navy .army .airforce Third Level Domains .law .math .physics
a.root-servers.net b.root-servers.net c.root-servers.net d.root.servers.net e.root-servers.net f.root-servers.net g.root-servers.net … l.root-servers.net m.root-servers.net Internet DNS Namespace “ “ root “13” root-servers.net .org .com .net .edu gTLD’s .gov .mil .int generic Top Level Domains ISO 3166 country codes .be .gb .gb .fr .au .de .nu .nl .tv .jp .tw .il .ru
a.root-servers.net b.root-servers.net c.root-servers.net d.root.servers.net e.root-servers.net f.root-servers.net g.root-servers.net … l.root-servers.net m.root-servers.net Internet DNS Namespace “ “ root “13” root-servers.net .org .com .net .edu gTLD’s .gov .mil .int generic Top Level Domains ISO 3166 country codes .be .uk .fr .au .de .nu ccTLD’s .nl .tv .jp .tw .il .ru Country codeTop Level Domains
Recursive query “13” root-servers.net “ “ root ? Root hints m.root-servers.net. 202.12.27.33 l.root-servers.net. 198.32.64.12 k.root-servers.net. 193.0.14.129 j.root-servers.net. 198.41.0.10 i.root-servers.net. 192.36.148.17 h.root-servers.net. 128.63.2.53 g.root-servers.net. 192.112.36.4 f.root-servers.net. 192.5.5.241 e.root-servers.net. 192.203.230.10 d.root-servers.net. 128.8.10.90 c.root-servers.net. 192.33.4.12 b.root-servers.net. 128.9.0.107 a.root-servers.net. 198.41.0.4 http://www.amazon.com .com Cached? … No! www.amazon.com? Own zone? … No! .amazon www Cached? … No! Ask my DNS server
Iterative query “13” root-servers.net “ “ root ? www.amazon.com? Don’t know … ask .com server! http://www.amazon.com www.amazon.com? .com amazon.com NS = 93.151.75.200 ! www.amazon.com? Oh, it’s … 93.151.75.13! www.amazon.com? .amazon www
Recursive response “13” root-servers.net “ “ root ? www.amazon.com? Don’t know … ask .com server! http://www.amazon.com www.amazon.com? .com amazon.com NS = 93.151.75.200 ! www.amazon.com? Ah, it’s … 93.151.75.13! Oh, it’s … 93.151.75.13! www.amazon.com? .amazon www
Recursive response “13” root-servers.net “ “ root ? http://www.amazon.com .com Cached: www.amazon.com = 93.181.75.13 TTL = 3600 .amazon www
Domain vs. Zone • Domain is a node in the Internet namespace • Root domain is largest domain • Zone is a file that contains records for a domain with or without child domains • Zones can only contain contiguous domains • Child domains can be delegated to separate DNS servers (=zone delegation)
Domain vs. Zone “.” (root) Root Domain .ccTLD’s .arpa .org .mil .com .net .edu .gov .int .microsoft .myspace .youtube .contoso .amazon .google .acme .bol .hp .technet .support .update .msdn .mcp .one .com Domain .microsoft Domain
Domain vs. Zone “.” (root) .ccTLD’s .arpa .org .mil .net .edu .com .gov .int .microsoft .myspace .youtube .contoso .amazon .google .acme .bol .hp .technet .support .update .msdn .mcp .one
Domain vs. Zone “.” (root) Single contiguous DNS zonefilecontains all records for domains: microsoft.com one.microsoft.com technet.microsoft.com msdn.microsoft.com mcp.microsoft.com update.microsoft.com support.microsoft.com .com .microsoft .technet .support .update .msdn .mcp .one
Domain vs. Zone “.” (root) DNS zonefilecontains only records for: microsoft.com .com .microsoft Delegated zones Each DNS server contains a separate zone for each delegation: one.microsoft.com technet.microsoft.com msdn.microsoft.com mcp.microsoft.com update.microsoft.com support.microsoft.com .technet .support .update .msdn .mcp .one
Domain vs. Zone “.” (root) Partly delegated contiguous DNS zonefilecontains records for: microsoft.com one.microsoft.com technet.microsoft.com msdn.microsoft.com mcp.microsoft.com .com .microsoft Delegated zones Each DNS server contains a separate zone for each delegation: update.microsoft.com support.microsoft.com .technet .support .update .msdn .mcp .one
Domain vs. Zone “.” (root) Partly delegated contiguous DNS zonefilecontains records for: microsoft.com one.microsoft.com technet.microsoft.com msdn.microsoft.com mcp.microsoft.com .com .microsoft Illegal delegation Domains .update and .support are non-contiguous (common parent needed) .technet .support .update .msdn .mcp .one
Zone types • Primary zone • Secondary zone • Stub zone • AD integrated zone (acts as primary zone) • RODC AD integrated zone (acts as primary Read-Only zone)
“.” (root) Primary Zone .com Primary Zone file contains R/W-version of data .acme Manual updates acme.com.dns acme.com IN SOA www.acme.com 10.10.0.50 srv1.acme.com 10.10.0.20 mail.acme.com 10.10.0.30 Automatic updates ns1.acme.com 10.10.0.40 ns2.acme.com 10.10.0.60 pc1.acme.com 10.10.0.100 pc2.acme.com 10.10.0.101 pc3.acme.com 10.10.0.102 Refreshes
“.” (root) Secondary Zone .com Primary Zone file contains R/W-version of data .acme Secondary Zone file contains R/O-version of data Manual updates acme.com.dns acme.com IN SOA www.acme.com 10.10.0.50 srv1.acme.com 10.10.0.20 mail.acme.com 10.10.0.30 Automatic updates ns1.acme.com 10.10.0.40 ns2.acme.com 10.10.0.60 pc1.acme.com 10.10.0.100 pc2.acme.com 10.10.0.101 pc3.acme.com 10.10.0.102 Refreshes
“.” (root) Secondary Zone And Full Zone Transfer (AXFR) .com Primary Zone file contains R/W-version of data .acme Secondary Zone file contains R/O-version of data Request full zone transfer (AXFR) … Authorized? Yes!
“.” (root) DNS Notify And Incremental Zone Transfer (IXFR) .com Database version increment Primary Zone file contains R/W-version of data .acme Secondary Zone file contains R/O-version of data DNS Notify Get SOA record Version increment = 1 IXFR (1 record) Update (send 1 record) Database version increment
Aging and Scavenging Lease Renewed Lease 0,5 Lease 0,5 Lease Renewed Lease Tl DHCP T0 Acknowledge Acknowledge Offer Acknowledge Discover Request Request Request Register DNS Register DNS Register DNS DNS 1 st No-Refresh Interval Refresh Interval Zone fileversion: 2nd No-Refresh Interval 1 2 3
Aging and Scavenging Lease 0,5 Lease Tl DHCP T0 Offer Acknowledge Discover Request Register DNS DNS Scavenging Interval 1 st No-Refresh Interval Refresh Interval
Reverse Lookups • Resolve IP-addresses to FQDN’s • Reverse indexes the Internet • Uses the in-addr.arpa or ip6.arpa Domain • Requires participation of domain holders • Used for inbound SMTP server determination(and more)
Reverse Lookups • Compare:hostname structure IP-address structure Srv3.east.acme.com. Internet rootdomain gTLD 2nd Leveldomain 3rd Leveldomain Left-to-right = Up the hierarchy Hostname
Reverse Lookups • Compare:hostname structure IP-address structure Srv3.east.acme.com. 191.124.17.201 191.124.17.201 /24 Host-ID Net-ID Left-to-right = Down the hierarchy
Reverse Lookups • Compare:hostname structure IP-address structure Srv3.east.acme.com. 191.124.17.201 191.124.17.201 /24 Host-ID Net-ID Left-to-right = Down the hierarchy
Reverse Lookups • Compare:hostname structure IP-address structure Srv3.east.acme.com. 191.124.17.201 .17 .124 .191 .in-addr.arpa. 201 Left-to-right = Up the hierarchy “Internet root” “Host-ID”
Reverse Lookups • Example IP-address 191.124.17.201 • Find PTR 201.17.124.191.in-addr.arpa. • Iterates between DNS servers to find:17.124.191.in-addr.arpa zone • Finds 201 PTR record with name:201 IN PTR srv3.acme.com • Responsibility of acme.com domain holder to maintain PTR records
Reverse Lookups “.” (root) .arpa .in-addr .ccTLD’s .org .mil .gov .int What name belongs to IP: 191.124.17.201 ? 201. 17. 124. 191. . in-addr.arpa 192 255 191 254 … 1 … 3 2 srv3.acme.com ! 125 255 124 254 … … 3 2 1 191 17.124.191.in-addr.arpa. acme.com IN SOA … … PTR srv1.acme.com PTR srv2.acme.com PTR srv3.acme.com PTR srv4.acme.com … … 255 254 18 … 17 … 3 2 1
Peer Name Resolution Protocol • Mentioned on P2P conference November 2001 • July 2003: Advanced Networking Pack for XP • Later SP2 for XP • PNRP 2.0 in Windows Vista, available for XP • PNRP 2.1 in:* Windows Vista SP1* Windows Server 2008* Windows XP SP3* Windows 7 Easy Connect (Remote Assistance)
Peer Name Resolution Protocol PNRP Clouds: A Cloud is a group of connected PNRP nodes(any node can resolve a name published by another node in the cloud) Three cloud scopes: Global Site Local (deprecated) Link Local Transient connectivity and shortcomings in DNS Easily scales to billions of names When starting PNRP service it joins multiple clouds
P2P and PNRP ID’s • Peer name is a communications endpoint • Consists of Authority.Classifier (256 bits) SHA-1 = P2P ID e06bf33a5b21 … . Friendly Name Authority Classifier SHA-1 = PNRP ID Service Location (128 – bits) 5ff01aac793c121f … (128 – bits hash) 256 bits
P2P and PNRP ID’s • Peer name is a communications endpoint • Consists of Authority.Classifier (256 bits) SHA-1 = P2P ID e06bf33a5b21 … . Friendly Name Authority Classifier SHA-1 PNRP ID = PNRP ID Service Location (128 – bits) 5ff01aac793c121f … (128 – bits hash) 256 bits
P2P and PNRP ID’s • Authority = 0 if unsecure, value if secure Cache PNRP ID
End • Questions??