Download Application Layer

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Corecursion wikipedia , lookup

Certificate authority wikipedia , lookup

Domain Name System Security Extensions wikipedia , lookup

Transcript
Application Layer
At long last we can ask the question how does the user interface with the
network?
Domain Name Service
• IP addresses are hard to remember.
• One of the primary application-layer
protocols is the one that allows a user to
type in a text string as a network address,
and then translates that string to an IP
address. DNS is this protocol.
• The problem, of course, is scale.
The Name Space
• In order for a mapping system to work, the
correspondence between names and IP
addresses must be 1:1 and unique.
• Each IP address should have only one name,
and each name should point to only one IP
address.
• Therefore, just like we divide IP addresses
into address spaces, we divide domain
names up into name spaces.
• The Internet does this hierarchically.
Domain Name Space
• The Internet has a tree-shaped hierarchy of domain
names.
• Each node in the tree has a string associated with it (63
char max). The root node contains the null string.
• Every child of a given node must contain a unique
string.
• The full domain name of a given IP address is the
collection of strings from bottom to top. Combined with
the previous restriction, this guarantees all domain
names are unique.
The hierarchy
• The first set of children of the root are the toplevel domains, e.g. com, gov, edu, mil, etc. This
level includes all the country domains.
• As you travel down the tree, names get more
specific.
• A fully qualified domain name is each of the
strings along branch of the tree, separated by
dots.
• DNS requires FQDNs to be submitted for
mapping to IP addresses.
Name servers
• Once upon a time, the Internet was small
enough that each host kept a host file that
mapped names to IP addresses. Obviously,
those days are long gone.
• It also is not feasible to maintain complete
name information on just one or a few
central name servers.
• The solution DNS adopts is to allow for a
hierarchy of name servers that mirrors the
hierarchy of name spaces.
• A given name server has responsibility for a zone
of the name space.
• A zone can be as small as a subnet of a LAN or as
large as an entire top-level domain.
• Only the servers at the bottom of the hierarchy
maintain complete name-IP mappings of the hosts
in their zone. All other servers maintain references
to the lower level servers they are connected to.
• There are several root servers scattered around the
world. These keep references to the other servers
they delegate authority to (usually top-level
domain servers).
Name-address Resolution
• DNS works as a client/server application.
• A host needing resolution sends a request to the
nearest DNS server.
• That server checks its database. If it has the required
mapping it sends it back to the client.
• If not, the server either refers the client to another
DNS server, or it kicks the request higher up the tree.
• If the request gets to a root server without being resolved, it gets sent
back down the appropriate branch of the hierarchy until an answer is
found. This is called recursive resolution
• In iterative resolution, the server gives the client the address of
another server that might have the answer. The client repeats the
request and either gets an answer or is directed to yet another server.
• Once an answer is found, it is stored in the server’s
cache.