Module 23 Application Protocols 1. DHCP 2. DNS

1
Module 23Application Protocols1. DHCP 2. DNS
2

• Textbook sections
• BF Chapter 15 BOOTP and DHCP
• BF Chapter 16 Domain Name System (DNS)
• Topics
• DHCP
• Overview
• Dynamic Addressing
• Dynamic allocation and manual allocation
• DHCP Operation
• DNS
• Overview
• The Domain Name Space
• Name Servers
• Resolvers
• Messages

3
1. DHCP - Overview

• Dynamic Host Configuration Protocol (DHCP) is a
  protocol for assigning dynamic IP addresses to
  hosts on a network.
• DHCP is built on a client-server model, where
  designated DHCP server allocates network
  addresses and delivers configuration parameters
  to dynamically configured clients.
• DHCP server a host providing configuration
  parameters through DHCP
• DHCP client a host requesting configuration
  parameters from a DHCP server.
• DHCP consists of two components
• A protocol for delivering host-specific
  configuration parameters from a DHCP server to a
  host
• A mechanism for allocation of IP addresses to
  hosts.
• A partial list of configuration parameters IP
  address, subnet mask, default gateway (router),
  domain name, DNS
• A host should not act as a DHCP server unless
  explicitly configured to do so by a system
  administrator.
• DHCP client support is built into NT
  workstations. NT 4 server includes both client
  and server support.

4
1. DHCP Dynamic Addressing

• Dynamic addressing
• With dynamic addressing, a host can have a
  different IP address every time it connects to
  the network.
• Dynamic addressing simplifies network
  administration because the software keeps track
  of IP addresses rather than requiring an
  administrator to manage the task. A new computer
  can be added to a network without the trouble of
  manually assigning it a unique IP address.
• Many ISPs use dynamic IP addressing for dial-up
  users

5
1. DHCP - Dynamic allocation and manual
allocation

• Dynamic allocation and manual allocation
• Dynamic allocation DHCP assigns an IP address to
  a client for a limited period of time (or until
  the client explicitly relinquishes the address)
• Useful for assigning an address to a client that
  will be connected to the network only temporarily
• Useful sharing a limited pool of IP addresses
  among a group of clients that do not need
  permanent IP addresses
• Useful for assigning an IP address to a new
  client being permanently connected to a network
  where IP addresses are sufficiently scarce that
  it is important to reclaim them when old clients
  are retired.
• Manual allocation A clients IP address is
  assigned by the network administrator, and DHCP
  is used simply to convey the assigned address to
  the client.
• DHCP server functions just as a centralized
  repository for host configuration parameters

6
1. DHCP - Overview

• A DHCP server has two databases
• The first database statically binds physical
  addresses with IP addresses
• The second database has a pool of available IP
  addresses. When a DHCP client requests a
  temporary IP address, DHCP server goes to the
  pool of available (unused) IP addresses and
  assign an IP address for a negotiable period of
  time.

7
BF Figure 15-4 DHCP Operation Part I
Step 1
Step 2
Step 3
Step 4
Step 5
8
BF Figure 15-4 DHCP Operation Part II
Step 6
Step 7
9
1. DHCP DHCP Operation

• Step 1
• The client broadcast a DHCPDISCOVER message using
  destination port 67
• The first problem faced by DHCP is for a client
  to find its DHCP servers. In order to minimize
  the amount of manual configuration, instead of
  having each host to be configured with the
  address of a DHCP server, a broadcast message is
  sent by the client.
• Step 2
• All DHCP servers on the local net receives the
  DHCPDISCOVER message, and those servers that have
  been programmed to respond to the particular
  client send a DHCPOFFER message.
• Thus, a client may receive zero or more
  responses.
• If the client receives no DHCPOFFER message, it
  will try four more times, each with a span of two
  seconds. If there is still no reply of these
  messages, the client sleeps for five minutes
  before trying again.
• An IP address is offered by each server in its
  DHCPDISCOVER message. Duration of the lease can
  be offered in the message (default value is one
  hour).

10
1. DHCP DHCP Operation

• Step 3
• The client chooses one of the offers (e.g., the
  first to arrive) and sends a DHCPREQUEST message
  to the selected server.
• Step 4
• The server responds with a DHCPACK message
• The server creates a binding between the client
  physical address and its IP address
• The client can use the IP address until the lease
  expires
• Step 5
• Before 50 percent of the lease period is reached,
  the client sends another DHCPREQUEST and asks for
  renewal.
• If the server responds with a DHCPACK, the client
  has a new lease agreement and can reset its
  timer.
• If the server responds with a DHCPNACK, the
  client must immediately stop using the IP address
  and find another server (step1)

11
1. DHCP DHCP Operation

• Step 6
• If the server does not respond, the client sends
  another DHCPREQUEST when the lease time reaches
  87.5 percent.
• If the server responds with a DHCPACK, the client
  has a new lease agreement and can reset its
  timer.
• If the server responds with a DHCPNACK, the
  client must immediately stop using the IP address
  and find another server (step1)
• If the client receives no response from the
  server, it waits until the lease time expires and
  starts all over again from step 1.
• Step 7
• The client can terminate the lease prematurely by
  sending a DHCPRELEASE message to the server.

12
State-transition diagram for DHCP clients

• Notation
• event/action for client
• T1 50 timer
• T2 87.5 timer

Host boots/
INITIALIZE
- / Send DHCPDISCOVER
SELECT
DHCPOFFER/Collect replies
DHCPNAK/ Halt network
Select offer/Send DHCPREQUEST
DHCPNAK, Lease expired/Halt network
REQUEST
REBIND
T2 expires/ DHCPREQUEST
RENEW
T1 expires/Send DHCPREQUEST to lease server
DHCPACK/Record lease, set timers T1,T2
DHCPACK/ Record lease, set timers T1,T2
DHCPACK/Record lease, set timers T1,T2
BOUND
13
2. DNS - Overview

• Domain Name System (DNS) The distributed naming
  system of the Internet, used to resolve host name
  (e.g., cicada.cs.princeton.edu) into IP address
  (e.g., 192.12.69.35). The DNS is implemented by
  a hierarchy or name servers.
• Other approaches for name mapping
• Host files
• Not suitable for large networks.
• Not easy to maintain when changes are frequent
• Centralized control use a single computer
• Not acceptable for Internet due to a huge amount
  of traffic

14
2. DNS - The Domain Name Space

• Domain name space The names are defined in an
  inverted-tree structure with the root at the
  top. The tree can have only 128 levels.

BF Figure 16-1 Domain Name Space
15
2. DNS - The Domain Name Space
BF Figure 16-7 DNS used in the Internet
16
2. DNS - The Domain Name Space

• The Internet authority has chosen to partition
  its top level into the domains listed below

17
2. DNS - The Domain Name Space

• Conceptually, the top-level domains come in two
  flavors generic and country.
• The country domains include one entry for every
  country, as defined in ISO 3166.
• In principle, domains can be inserted into the
  tree in two different ways.
• In practice, however, nearly all organizations in
  the United States are under a generic domain
• Nearly all outside the United State are under the
  domain of their country.
• There is no rule against registering under two
  top-level domains, but doing so might be
  confusing, so few organizations do it.

18
2. DNS - The Domain Name Space

• Label
• Each node in the tree has a label, which is a
  string with a maximum 63 characters.
• The root label is null string (empty string).
• DNS requires that children of a node (nodes
  which branch from the same node) have different
  labels, which guarantees the uniqueness of the
  domain names

BF Figure 16-2 Domain names and labels
19
2. DNS - The Domain Name Space

• Domain Name
• Each node in the tree has a domain name.
• Fully Qualified Domain Name (FQDN) A label
  which is terminated by a null string. It contains
  all labels, from the most specific to the most
  general, that unique defines the name of the
  host.
• Partially Qualified Domain Name (PQDN) A PQDN
  starts from a node, but it does not reach the
  root.
• It is used when the name to be resolved belongs
  to the same site as the client. Here the
  resolver can supply the mission part, called the
  suffix, to create an FQDN.

BF Figure 16-3 FQDN and PQDN
20
2. DNS - The Domain Name Space

• Domains
• a domain is a subtree of the domain name space.
• The name of the domain is the domain name of
  the node at the top of the subtree.

BF Figure 16-4 Domains
21
2. DNS Name Servers
BF Figure 16-5 Hierarchy of name servers
22
2. DNS Name Servers

• Concept of zones
• What a server is responsible for or has authority
  over is called a zone.
• Relationship between a zone and a domain
• If a server accepts responsibilities for a domain
  and does not divide the domain into smaller
  domains, the domain and the zone refer to the
  same thing. The server makes a database called a
  zone file and keeps all the information for every
  node under that domain.
• If a server divides its domain into sub-domains
  and delegates part of the authority to other
  servers, domain and zone refer to different
  things.
• Information about the nodes in the sub-domains is
  stored in the servers at the lower levels, with
  the original server keeping some sort of
  reference to these lower-level servers.
• The original server still has a zone, but the
  detailed information is kept by the lower-lever
  servers.

23
2. DNS Name Servers

• Relationship between a zone and a domain
• A server can also divide part of its domain and
  delegate responsibility but still keep part of
  the domain for itself. In this case, its zone is
  made of detailed information for the part of the
  domain that is not delegated and reference to
  those parts that are delegated.
• Summary
• In general, a particular name server has complete
  information about a subset of the domain space,
  and pointers to other name servers that can be
  used to lead to information from any part of the
  domain tree.
• Name servers know the parts of the domain tree
  for which they have complete information a name
  server is said to be an Authority for these parts
  of the name space.
• Authoritative information is organized into units
  called Zones.

24
2. DNS Name Servers
BF Figure 16-6 Zones and domains
25
2. DNS Name Servers

• DNS name servers
• Primary servers
• A server that stores a file about the zone for
  which it is an authority.
• Responsible for creating, maintaining, and
  updating a zone file.
• It stores the zone file on a local disk.
• Secondary servers
• A server that transfer the complete information
  about a zone from another server (primary or
  secondary) and stores zone file on its local
  disk.
• The secondary servers neither create nor update
  the zone files.
• The secondary servers provide redundancy for the
  zone file so that if one server fails, the other
  can continue serving clients.

26
2. DNS - Resolvers

• Resolver
• DNS is designated as a client/server application
• A host that needs to map an address to a name or
  a name to an address calls a DNS client called a
  resolver.
• The resolver accesses the closed DNS server with
  a mapping request. If the server has the
  information, it satisfies the resolver
  otherwise, it either refers the resolvers to
  other servers or asks other servers to provide
  the information. After the resolver receives the
  mapping, it interprets the response to see if it
  is a real resolution or an error, and finally
  delivers the results to the process that
  requesting it.
• A name server can operate either in a recursive
  mode or a non-recursive mode.

27
2. DNS - Resolvers

• Recursive Resolution
• The client (resolver) can ask for a recursive
  answer from a name server.
• The simplest mode for the client In this mode
  the name server acts in the role of a resolver
  and returns either an error or the answer, but
  never referrals.
• This service is optional in a name server, and
  the name server may also choose to restrict the
  client which can use recursive mode.
• Recursive service can be used by a relatively
  simple client, which lacks the ability to use
  anything other than a direct answer to the
  question.

BF Figure 16-11 Recursive resolution
28
2. DNS - Resolvers

• Iterative resolution
• The name server can operate in non-recursive
  mode.
• The simplest mode for the name server, since it
  can answer queries using only local information.
  The response contains either an error, the
  answer, or a referral to some other server
  closer to the answer.
• All name servers must implement non-recursive
  mode.

BF Figure 16-12 Iterative resolution
29
2. DNS - Resolvers

• Caching The Key to Efficiency
• Approach
• Each time a server receives a query for a name
  that is not in its domain, it needs to search its
  database for a server.
• Reduction of this search time would increase
  efficiency.
• When a server asks for a mapping from another
  server and receives the response, it stores this
  information in its cache memory before sending it
  to the client.
• If the same or another client asks for the same
  mapping, it can check its cache memory and
  resolve the problem.
• In order to inform the client that the response
  is coming from the cache memory and not from an
  authoritative source, the serve marks the
  response as unauthoritative.

30
2. DNS - Resolvers

• Caching The Key to Efficiency
• Usage of caching
• When a client asks a local name server to resolve
  a name, the local name server first checks to see
  if it has authority for the name according to the
  standard procedure.
• If not, the local name server checks its cache to
  see if the name has been resolved recently. If
  it has, then
• The local name server reports cached information
  to the client, but mark it as a unauthoritative
  binding.
• The local name server provides the domain name of
  the server, S, from which they obtained the
  binding.
• The name server also sends along additional
  information that tells the client the binding
  between S and an IP address.
• Therefore, the client receives answers quickly,
  but the information may be out-of-date.
• If efficiency is important, the client will
  choose to accept the unauthoritative information.
• If accuracy is important, the client will choose
  to contact the authority and verify that binding
  between name and address is still valid.

31
2. DNS - Resolvers

• Caching The Key to Efficiency
• Potential problems If a server caches a mapping
  for a long time, it may send an outdated mapping
  to the client. Solution
• First, the authoritative server always adds a
  piece of information to the mapping called
  time-to-live (TTL). It defines the time in
  seconds that the receiving server can cache the
  information. After that time, the mapping is
  invalid and any query must be sent again to the
  authoritative server.
• Thus, an authoritative can reduce network
  overhead by specifying long TTL for entries that
  they expect to remain unchanged, while improving
  correctness by specifying short TTL for entries
  that they expect to change frequently.
• Second, DNS requires that each server keeps a TTL
  counter for each mapping it caches. The cache
  memory must be searched periodically and those
  mapping with an expired TTL must be purged.

32
2. DNS - Messages
BF Figure 16-13 DNS Messages

• Answer section
• Consists of one or more resource records.
• Presents only on response messages.
• Includes the answer from the server to the
  client (resolver)

BF Figure 16-14 Query and response messages
33
2. DNS - Messages
BF Figure 16-19 Resource record format
34
2. DNS - Messages

• Resource record fields
• Domain name
• Domain type (See BF Table 16.4)
• Domain class (See BF Table 16.5)
• Time to live
• Resource data length
• Resource data The format and contents of this
  field depends on the value of the type field. It
  can be one one of the following
• A number
• A domain name
• An offset pointer
• A character string

35
2. DNS - Messages
BF Table 16.4 Types
36
2. DNS - Messages
BF Table 16.5 Classes