Naming

What's in a name? (TCP/IP Chapter 3)

IP (unlike other networking protocols) uses NUMBERS ONLY.
Names provided for convenience.
Names form a SEPARATE SPACE of options from numbers.

Translating names:

/etc/hosts (LOCALLY VALID list of names)
Network Information Service (/etc/hosts for a local network)
- maintains and broadcasts several system tables.
- UNIX-specific
- works on almost all UNIX's.
- distributes /etc/passwd in a frightfully insecure manner.
NIS+ (/etc/hosts for an enterprise of hosts).
- maintains and broadcasts several system tables.
- UNIX-specific
- barely works on Suns, and it was created for them.
BIND (/etc/hosts for the internet)
- just naming information
- NOT unix-specific.

Berkeley Internet Name Domain (BIND): (TCP/IP Chapter 8)

A.K.A. Domain Name Service (DNS)

Hierarchical
specific to task of translating names
scalable

Hierarchy of names:

root domain, root servers: top level of name service
top level domains:
- org: US non-profit
- edu: US educational
- gov: US government
- com: US commercial (for-profit)
- mil: US military organizations.
- net: US network support organizations.
geographical top level domains:
- fi: finland
- sg: singapore
- de: Germany. (Deutschland)
- ch: SWITZERLAND(!)
CAVEAT: international abbreviations are in the LANGUAGE OF THE COUNTRY

Hierarchical organization and delegation:

hierarchy of servers.
no machine gets to be a name server without being TRUSTED.

Top-level servers DELEGATE subdomains to lower-level servers.

       edu
     /     \
 tufts.edu mit.edu
    |
 eecs.tufts.edu

You can't just start up a nameserver and expect people to listen.
SCOPE of a name server is the number of other servers that trust it to serve a particular domain.
tcp.eecs.tufts.edu: completely untrusted. Only works on the local WIRE (in room 223).
largo.eecs.tufts.edu: serves eecs.tufts.edu, trusted by ns1.tufts.edu serving tufts.edu.

Bind parts:

libresolve: the name resolution LIBRARY.
- compiled into (or dynamically linked into) all programs using names.
- queries nameservers as described in /etc/resolv.conf
- /usr/lib/libresolv.a or -lresolv
/etc/resolv.conf: configuration file.
/usr/sbin/named: name service daemon.

Controlling bind

/etc/resolv.conf (on andante):

 search eecs.tufts.edu tufts.edu
 nameserver 130.64.23.33       # largo.eecs.tufts.edu
 nameserver 130.64.5.5         # tufts.edu
 nameserver 171.64.249.100     # ns1.highwire.org

no names (we don't know how to translate them yet).
a list of suffixes to append in searching for a name.
- fully qualified name doesn't use this.
```
 telnet allegro.eecs.tufts.edu.
```
- short (unqualified) name tries each suffix.
```
 telnet allegro
```

named: the name service daemon

UNIX process.
daemon: a process that runs all the time in the background.
responds to requests on udp port 42
returns either information or a pointer to a server with more information.
different kinds of named service:
- primary: authoritative source for a domain.
- secondary: a backup source slaved to a primary.
- cacheing-only: only queries remote servers and remembers the answer.

named files:

named.boot: instructions about what information to serve.
named.ca (named.cache): cache of all the root nameservers.
zone maps: map from names to numbers

reverse maps: map from numbers to names.

 ******** named.boot: (largo.eecs:/etc/named.boot):
 
    primary    EECS.Tufts.EDU           eecs-tufts.zone
    primary    CS.Tufts.EDU             eecs-tufts.zone
    primary    EE.Tufts.EDU             eecs-tufts.zone
    primary    24.64.130.IN-ADDR.ARPA 130.64.24.reverse
    primary      23.64.130.IN-ADDR.ARPA 130.64.23.reverse
 
 ******** named.ca: (largo.eecs:/etc/named.cache):
 
 .                     99999999        IN      NS      NS.NIC.DDN.MIL.
                       99999999        IN      NS      NS.NASA.GOV.
                       99999999        IN      NS      TERP.UMD.EDU.
                       99999999        IN      NS      A.ISI.EDU.
                       99999999        IN      NS      AOS.BRL.MIL.
                       99999999        IN      NS      C.NYSER.NET.
 
 ;
 ;  Prep the cache (hotwire the addresses).  Order does not matter
 ;
 
 NS.NIC.DDN.MIL.       99999999        IN      A       192.112.36.4
 NS.NASA.GOV.          99999999        IN      A       192.52.195.10
 A.ISI.EDU.            99999999        IN      A       26.3.0.103
 A.ISI.EDU.            99999999        IN      A       128.9.0.107
 AOS.BRL.MIL.          99999999        IN      A       192.5.25.82
 C.NYSER.NET.          99999999        IN      A       192.33.4.12
 TERP.UMD.EDU.         99999999        IN      A       128.8.10.90
 
 
 LOCALHOST.            99999999        IN      A       127.0.0.1
 1.0.0.127.IN-ADDR.ARPA. 99999999      IN      PTR     LOCALHOST.

Name service records:

SOA: start of authority
NS: name server
A: name to address
PTR: address to name
MX: mail exchanger
CNAME: canonical name (alias)
HINFO: host information.
WKS: well known service.

References:

largo:/var/named/eecs-tufts.zone:
largo:/var/named/130.64.23.reverse
largo:/var/named/130.64.24.reverse

Naming caveats

naming service serves not only name to IP, but also other identifying info.
- Mail exchangers.
- Authority for domain.
- Machine type.
- Geographical location.
Marvelous hack: Realtime blackhole list (anti-spam)

Example files

OOPS!

I just put my whole nameservice records on the web!
This is dumb!
Reason: hackers can use this information to get information on my machines!

nslookup

contents of names-old/nslookup.txt...
conbrio{couch}386: /usr/sbin/nslookup
Default Server:  Largo.EECS.Tufts.EDU
Address:  130.64.23.33

> andante
Server:  Largo.EECS.Tufts.EDU
Address:  130.64.23.33

Name:    andante.eecs.tufts.edu
Address:  130.64.23.37

> ftp.uu.net
Server:  Largo.EECS.Tufts.EDU
Address:  130.64.23.33

Non-authoritative answer:
Name:    ftp.uu.net
Address:  192.48.96.9

> set type=ptr
> 5.5.64.130.in-addr.arpa.
Server:  Largo.EECS.Tufts.EDU
Address:  130.64.23.33

5.5.64.130.in-addr.arpa name = fat.net.tufts.edu
64.130.IN-ADDR.ARPA     nameserver = ns1.tufts.edu
64.130.IN-ADDR.ARPA     nameserver = ns2.tufts.edu
64.130.IN-ADDR.ARPA     nameserver = ns1.highwire.org
64.130.IN-ADDR.ARPA     nameserver = ns2.highwire.org
ns1.tufts.edu   internet address = 130.64.1.1
ns2.tufts.edu   internet address = 130.64.5.1
...end of names-old/nslookup.txt

dig

contents of names-old/dig.txt...
conbrio{couch}389: dig andante

; <<>> DiG 2.0 <<>> andante 
;; ->>HEADER<<- opcode: QUERY , status: NXDOMAIN, id: 6
;; flags: qr rd ra ; Ques: 1, Ans: 0, Auth: 1, Addit: 0
;; QUESTIONS: 
;;      andante, type = A, class = IN

;; AUTHORITY RECORDS:
.       10699   SOA     A.ROOT-SERVERS.NET.  hostmaster.internic.NET. (
                        2000021500      ;serial
                        1800    ;refresh
                        900     ;retry
                        604800  ;expire
                        86400 ) ;minim


;; Sent 1 pkts, answer found in time: 0 msec 
;; FROM: conbrio to SERVER: default -- 130.64.23.33
;; WHEN: Tue Feb 15 16:54:27 2000
;; MSG SIZE  sent: 25  rcvd: 98


conbrio{couch}391: dig ftp.uu.net

; <<>> DiG 2.0 <<>> ftp.uu.net 
;; ->>HEADER<<- opcode: QUERY , status: NOERROR, id: 6
;; flags: qr rd ra ; Ques: 1, Ans: 1, Auth: 2, Addit: 2
;; QUESTIONS: 
;;      ftp.uu.net, type = A, class = IN

;; ANSWERS:
ftp.uu.net.     3301    A       192.48.96.9

;; AUTHORITY RECORDS:
UU.NET. 97761   NS      AUTH00.NS.UU.NET.
UU.NET. 97761   NS      AUTH60.NS.UU.NET.

;; ADDITIONAL RECORDS:
AUTH00.NS.UU.NET.       96966   A       198.6.1.65
AUTH60.NS.UU.NET.       96966   A       198.6.1.181

;; Sent 1 pkts, answer found in time: 0 msec 
;; FROM: conbrio to SERVER: default -- 130.64.23.33
;; WHEN: Tue Feb 15 16:54:49 2000
;; MSG SIZE  sent: 28  rcvd: 127

conbrio{couch}404: dig 33.23.64.130.in-addr.arpa. ptr

; <<>> DiG 2.0 <<>> 33.23.64.130.in-addr.arpa. ptr 
;; ->>HEADER<<- opcode: QUERY , status: NOERROR, id: 6
;; flags: qr aa rd ra ; Ques: 1, Ans: 1, Auth: 5, Addit: 5
;; QUESTIONS: 
;;      33.23.64.130.in-addr.arpa, type = PTR, class = IN

;; ANSWERS:
33.23.64.130.in-addr.arpa.      86400   PTR     Largo.EECS.Tufts.EDU.

;; AUTHORITY RECORDS:
23.64.130.IN-ADDR.ARPA. 86400   NS      Largo.EECS.Tufts.EDU.
23.64.130.IN-ADDR.ARPA. 86400   NS      Ns1.Tufts.EDU.
23.64.130.IN-ADDR.ARPA. 86400   NS      Ns2.Tufts.EDU.
23.64.130.IN-ADDR.ARPA. 86400   NS      Ns1.Highwire.ORG.
23.64.130.IN-ADDR.ARPA. 86400   NS      Ns2.Highwire.ORG.

;; ADDITIONAL RECORDS:
Largo.EECS.Tufts.EDU.   86400   A       130.64.23.33
Ns1.Tufts.EDU.  8466    A       130.64.1.1
Ns2.Tufts.EDU.  8547    A       130.64.5.1
Ns1.Highwire.ORG.       118013  A       171.64.249.100
Ns2.Highwire.ORG.       118013  A       171.64.249.110

;; Sent 1 pkts, answer found in time: 1 msec 
;; FROM: conbrio to SERVER: default -- 130.64.23.33
;; WHEN: Tue Feb 15 16:57:35 2000
;; MSG SIZE  sent: 43  rcvd: 277

...end of names-old/dig.txt

Network Debugging

Three levels of networking.
- MAC/ARP
- IP/RIP
- DNS (domain name service)
You never know which has failed.
Start from the top down or bottom up (depending upon circumstances).
Move up or down as appropriate.

Debugging ARP

operative commands
- ping <address>
- arp -a
procedure: bottom up
- Are we connected?
- Can we ping a host connected to the same hub?
- Can we ping a host connected to the same switch?

Debugging Routes

operative commands:
- traceroute <address>
- netstat -rn
Procedure: bottom up
- Can we ping our gateway?
- Can we ping another interface on our gateway?
- Can we ping the next hop after our gateway?
- Can we traceroute to the desired host?

Debugging names

operative commands:
- /usr/sbin/nslookup
- /local/bin/dig
Procedure: bottom-up
- Does our own nameserver know the appropriate IP address?
- Do our secondary servers know the appropriate address?
- Do the root servers know the appropriate address?

lecture in color

/comp/150NET/notes/names-old.php
downloaded on Nov-23-2009 03:55:20 PM,
was last modified on Feb-17-2004 10:48:46 PM.
All lecture note content is copyright 2004 by
Alva L. Couch, Computer Science, Tufts University