6. Name Services and DNS
24/02/23
Name Services and Directory Services
Names
- Name uniquely distinguishes one thing from other like it
- Identifiers are names intended for machine use
- Descriptions are statements about some aspect of a thing
Names in distributed systems
- Pure name is just an array of bits
- Address specifically locates a resource
- Different services may use different name
URIs, URNs, URLs
- Uniform Resource Identifiers (URI) - service-independent names
- Uniform resource Names (URNs) - pure names
- Uniform Resource Locators (URLs) - include information to locate and access a resource
Name Services
- Name Service - Names are bound to attributes of the object/resource
- Name Space - Is the set of possible names in a name service. May be flat or hierarchical. Given name may be bound or unbound. Can be subdivided into name contexts
- Can be independent of the distributed system
Example: JavaRMI Registry
- The rmiregistry application provides the name service
Directory Services allow clients to look up names or address using more flexible queries. SQL-like queries over attribute values
Summary
- A name distinguishes one particular thing from others like it
- Identifiers are names typically intended for machine use
- A name service allows a (pure) name to be resolved to an address or other attributes bound to that name
- WWW URI includes URLs and URNs
- A directory service allows resources to be looked up flexibly than a name service
DNS - Domain Name System
- Name space is hierarchical, comprising
- Name components or labels
- Absolute but not relative. Default domains are often configured to try as a possible suffix for unqualified names
- Attributes are encoded as Resource Records of various types for various purposes
- Host name resolution, i.e. mapping a domain name to an IP address
- DNS A and AAAA records - IP addresses
- CNAME records specify an aliases. Automatically checked when resolving a domain name to an IP address
Lesser used recrods
- Mail host location - finding mail server to send internet mail to (MX records)
- Reverse resolution - IP address to domain name. Uses PTR records
- Host Information - OS. Uses HINFO records
- Service Lookup - Bonjour/DNS-SD. Uses dns SRV records Lecture 15
- Arbitrary Information - TXT records
Multiple Records/values
- Single domain name can have multiple records of the same type
- Multiple NS/MX/A records.
Administrative Domains
- Administrative domain - Subset of namespace with a single administrative authority
- Can correspond to a domain name suffix
- Authorities look after that root domain e.g .uk, .ac.uk, .com. Should be non-profit organisations.
Name resolution
- DNS name resolution is performed by a resolver
- First name server may not know the answer, but knows the address of a different name server to ask
- Steps can be handled
- Iteratively - Resolver asks each name server in turn, or
- Recursively - the first server ask is the second and so on
Cacheing
- Every response has a time to live (ttl)
- This determines how long things are cached for
- This is critical to the performance of DNS
- Cached responses are non-authoritative
Other Notes on DNS
- Dynamic DNS (DDNS) - Records may be updated automatically
- Rather insecure, secure extensions for DNS (DNSSEC) are not universally available/used
- DNS over HTTPS (DOH) is a proposed standard for browsers to do DNS over HTTPS to trusted DoH servers
- DNS can be done by multicast without a server
- DNS is also used to exfiltrate data or as a hidden control channel
Summary
- DNS is a global name service used in the internet
- Supports host name resolution (A records), service aliases (CNAME)
- DNS is divided into administrative domains or zones
- Each is independently controlled and partially deligated
- DNS clients use a resolver to resolve domain names.
- DNS includes caching in resolvers and servers for scalability and performance