Distributed systems 6. name services

Distributed Systems 6. Name Services Werner Nutt 1 Naming Concepts Names = strings used to identify objects (files, computers, people, processes, objects) Textual names (human readable) — used to identify individual services, people – email address: Hans. Mair@inf. unibz. it – URL: www. google. com — or groups of people or objects – mailing lists: professors@unibz. it – mail domains (if there are several mail exchangers) 2 Naming Concepts (cntd) Numeric addresses (identify the location of an object) — locate individual resources, e. g. 193. 206. 186. 100 (IP host address) — special case: group addresses, e. g. multicast and broadcast addresses: IP Multicast, Ethernet Object identifiers — “ pure” names (= bit patterns), usually numeric and large – never reused (include timestamp) – used for identification purposes No real distinction between names and addresses. Both must be looked up to obtain lower-level data (= name resolution). 3 Examples of Name Services File system — maps file name to file RMI registry — binds remote objects to symbolic names DNS (= Domain Name Service) — maps domain names to IP addresses — scalable, can handle change X. 500/LDAP directory service — maps person’s name to email address, phone number 4 Name Resolution on the WWW URL http://www. inf. unibz. it: 8888/~mair/Photos/hans. jpg DNS lookup Resource ID (IP number, port number, pathname) 8888 ~mair/Photos/hans. jpg 193. 206. 186. 198 ARP lookup (Ethernet) Network address 2: 60: 8c: 2: b0: 5a Socket file Web server 5 Names and Resources Currently, different name systems are used for each type of resource: resource file process port name pathname process id port number identifies file within a given file system process on a given computer IP port on a given computer Uniform Resource Identifiers (URI) identify arbitrary resources: Uniform Resource Locator (URL): locates resource — typed by the scheme field (http, ftp, nfs, etc.) — part of the name is service-specific — resources cannot be moved between domains Uniform Resource Name (URN): names resource 6 Name Spaces Name space = collection of all valid names recognised by a service with — a syntax for specifying names, and — rules for resolving names (e. g., left to right) Naming context = maps a name to primitive attributes directly, or to another context and derived name (usually by prefixing) — telephone no: country, area, number — Internet host names: contexts = domains — Unix file system: contexts = directories 7 Name Spaces (cntd) Binding — associating a name to an object — binding names to attributes, one of which may be address Naming domain — has an authority that assigns names to objects within a name space or context – sysadmin assigns login names – Host names are assigned in a domain — object may be registered more than once within context Multiple names — alias (alternative name for an object, e. g. www, ftp, etc.) — symbolic name (alternative name which maps to a path name in the name space, e. g., symbolic link for file) 8 Hierarchic Name Spaces Sequence of name tokens resolved in different context — syntax: name token (text string) + delimiter — DNS: inf. unibz. it — Unix: /usr/bin Name structure reflects organisational structure — name changes if object migrates — names can be used relative to context or absolute — local contexts managed in a distributed fashion Examples — domain names, Unix file system 9 Flat Name Spaces Single global context and naming authority for all names — computer serial number — Ethernet address — remote object reference (IP address, port, time, object number, interface id) Names not meaningful — difficult to resolve (no tree hierarchy) — easy to create — easy to ensure uniqueness (timestamps) 10 Name Resolution Iteratively present name to a naming context — start with initial naming context — repeat as long as contexts + derived names are returned — aliases can introduce cycles (abandon after threshold no of resolutions or ensure no cycles) Replication/Caching — used for improved fault-tolerance on large services (more than one server, cf. DNS) Navigation — organising the access to several servers 11 Iterative Navigation NS2 2 Client 1 3 NS1 Name servers NS3 e. g., in DNS The database is distributed over servers for different domains A client contacts servers NS1—NS3 one after the other in order to resolve a name Server returns attributes if it knows the name, otherwise suggests another server 12 Server-controlled Navigation Name server communicates with other name servers on the client’s behalf NS2 2 1 client 4 NS1 3 NS3 client 5 1 NS1 2 4 NS2 3 NS3 Non-recursive server-controlled Recursive server-controlled In DNS, iterative navigation is the standard. Recursive navigation is an option that is necessary in domains that limit client access to their DNS information for security reasons 13 Replication and Caching Replicate some directories for performance and availability. Updates — Approach 1: write to single master, master propagates updates — Approach 2: write to any replica, later merge updates (timestamps) — Result: weak consistency (some entries out of date) Look-ups — try any local server, then go to root and down the tree Caching — names and addresses of recently used objects 14 Internet Domain Name System (DNS) Maps host names to IP addresses (basically) Design dates back to 1987 (Mockapetris) Before all host names and addresses in one large master file stored on one central host downloaded by computers that needed to resolve names What were the drawbacks of that approach? 15 Internet Domain Name System (cntd) Distributed naming database Hierarchical name structure reflects administrative structure of the Internet Rapidly resolves domain names to IP addresses — exploits caching heavily — typical query time ~100 milliseconds Scales to millions of computers — partitioned database — caching Resilient to failure of a server — replication (e. g., 13 root servers, 6 servers for . it, etc.) 16 The DNS Name Space . generic domains country domains org com net edu de at it uk yahoo ibm mit unibz bz inf Domain names: – Top level domains – 2nd level domains -… www provinz web www mail Computer names www 17 DNS Server Functions Main function: — resolves domain names for computers, i. e. gets their IP addresses — caches the results of previous searches until they pass their “ time to live” Info offered: — — — — — host IP addresses and canonical names name servers for a domain mail exchangers for a domain host information – type of hardware and OS well-known services – a list of well-known services offered by a host Other functions: — reverse resolution – get domain name from IP address 18 Example: DNS Servers Look up IP-address of www. dcs. qmw. ac. uk a. root-servers. net (root) uk purdue. edu yahoo. com …. ns1. nic. uk (uk) co. uk ac. uk … ns. purdue. edu (purdue. edu) ns0. ja. net (ac. uk) ic. ac. uk qmw. ac. uk … * . purdue. edu – Name server names are in italics – (Corresponding domains are in parentheses) – denotes a name server entry a. ns. qmw. ac. uk (qmw. ac. uk) a. ns. dcs. qmw. ac. uk (dcs. qmw. ac. uk) ns0. ic. ac. uk (ic. ac. uk) dcs. qmw. ac. uk *. qmw. ac. uk *. dcs. qmw. ac. uk *. ic. ac. uk 19 DNS Servers and Zones The DNS namespace consists of zones: — zone = domain minus sub-domains, administered independently Every zone must have at least two name servers — exactly one master (= primary) server: contains the only writable copy of the “ zone file” — one or more secondary (= slave) servers: copies its zone file from the master — both, master and slaves, are “ authoritative” for the zone — set up should guarantee that slaves never hold information that is out of date 20 DNS Name Resolution Basic algorithm Look for the name in the local cache Try a superior DNS server, which responds with: — another recommended DNS server — the IP address (which may not be entirely up to date) 21 DNS Iteration Without caching ns1. nic. uk (uk) co. uk ac. uk … ns0. ja. net (ac. uk) ic. ac. uk qmw. ac. uk … a. root-servers. net (root) uk purdue. edu yahoo. com …. ns. purdue. edu (purdue. edu) * . purdue. edu IP: a. ns. qmw. ac. uk ns0. ic. ac. uk (ic. ac. uk) a. ns. qmw. ac. uk (qmw. ac. uk) a. ns. dcs. qmw. ac. uk (dcs. qmw. ac. uk) 2 client. ic. ac. uk IP: www. dcs. qmw. ac. uk IP: ns0. ja. net dcs. qmw. ac. uk *. qmw. ac. uk *. dcs. qmw. ac. uk *. ic. ac. uk 14 www. dcs. qmw. ac. uk ? IP: a. ns. dcs. qmw. ac. uk 3 22 Recursive Name Resolution in DNS 23 Types of DNS Resource Records Record type Meaning A NS CNAME SOA WKS PTR HINFO MX TXT A computer address An authoritative name server The canonical name for an alias Marks the start of data for a zone A well-known service description Domain name pointer (reverse lookups) Host information Mail exchange Text string Main contents IP number Domain name for server Domain name for alias Parameters governing the zone List of service names and protocols Domain name Machine architecture and operating system List of pairs Arbitrary text DNS Serves organize their info in “ resource records” 24 Name Server Content An excerpt from the DNS database for the zone cs. vu. nl. 25 DNS Message Format Queries and replies have the same format (using UDP) Header identification: 16 bit number set in query, matching reply with same number flags: 1 bit each, e. g., — — — — query or reply authoritative answer recursion desired recursion available 26 DNS Message Format (cntd) The message body consists of resource records Domain names (or IP adds), type of records requested (incomplete records) Resource records answering the query Records pointing to authoritative servers Typically, address records of the authoritative servers 27 Implementations of DNS De facto standard for UNIX is BIND (= Berkeley Internet Name Domain) — Client programs acting as resolver link in library software (i. e., no process on client) — Server machines run a daemon (“ named”) — Server can be configured as one of three categories: – primary, secondary, caching-only Microsoft’s Active Directory supports DNS 28 Access to DNS host — command for name resolution and reverse resolution nslookup — command/tool to query DNS servers for arbitrary info dig — similar to nslookup, without some of the deficiencies of the former /etc/resolv. conf — file containing IP address of default name server Java JNDI (= Java Naming and Directory Interface) — provides interface for querying DNS 29 Global Name Service (GNS) A proposal from research [B. Lampson, 86]: DI: 599(EC) GNS is more flexible system for resource location, mail addressing and authentication UK FR DI: 543 DI: 574 Structured leafs: “ Value trees” AC DI: 437 Directory nodes have a unique directory identifier ID QMW DI: 322 Names in GNS have two parts Peter. Smith mailboxes password Gamma GNS accommodates change: use directory identifiers to identify old roots Alpha Beta 30 Merging Trees Under a New Root DI: 633 (WORLD) Well-known directories: #599 = #633/EC #642 = #633/NORTH AMERICA DI: 599 EC NORTH AMERICA DI: 642 US CANADA DI: 457 DI: 543 UK FR DI: 574 DI: 732 Old “ working roots” (like #599 (EC)) can be found in the new tree, using the “ well-known” directories table of #633 (WORLD) 31 Restructuring the Directory DI: 633(WORLD) Well-known directories: #599= #633/EC #642= #633/NORTH AMERICA DI: 599 UK FR US DI: 574 EC NORTH AMERICA DI: 642 US CANADA DI: 457 DI: 543 DI: 732 #633/EC/US The US becomes part of the EU: a symbolic link (#633/EC/US) points to the new location GNS gains flexibility at the cost of accumulating additional data after reconfiguration 32