examples

• https://www.facebook.com/Learn-the-Net-330002341216/
• This is the the URL for Learn the Net’s Facebook page (which you should
definitely visit and “Like”).
• The protocol is https. Facebook uses HTTPS (the secure version of HTTP)
because you have to be logged-in to use it, and because they store and
use a lot of your personal data and information.
• The TLD is .com, indicating that Facebook is probably a commercial site (it
is).
• The domain name is facebook.com.
• They are using the www subdomain. Probably for usability reasons (some
people still expect all domains names to begin with www, even though it
isn’t necessary).
• The path is Learn-the-Net-330002341216, which identifies a specific
resource (our page) on their server.
1
 Internet Names and Addresses
• Addresses, e.g. 129.10.117.100
– Computer usable labels for machines
– Conform to structure of the network
• Names, e.g. www.gbpuat.ac.in
– Human usable labels for machines
– Conform to organizational structure
• How do you map from one to the other?
– Domain Name System (DNS)

2
• If you want to…
– Call someone, you need to ask for their phone number
• You can’t just dial “………………….”
– Mail someone, you need to get their address first
• What about the Internet?
– If you need to reach Google, you need their IP
– Does anyone know Google’s IP?(For IPv4: 8.8.8.8 and/or 8.8.4.4 .
For IPv6: 2001:4860:4860::8888 and/or 2001:4860:4860::8844 )
• Problem:
– People can’t remember IP addresses
– Need human readable names that map to IPs

3
 Towards DNS
• Eventually, the hosts.txt system fell apart
– Not scalable, SRI couldn’t handle the load
– Hard to enforce uniqueness of names
• e.g MIT
– Massachusetts Institute of Technology?
– Melbourne Institute of Technology?
– Many machines had inaccurate copies of hosts.txt
• Thus, DNS was born(first Unix name server implementation
known as BIND (Berkeley Internet Name Domain). Over the years,
various developers and organizations, including the Internet
Systems Consortium (ISC), contributed to the maintenance and
development of BIND. In November 1987, RFC 1034 and RFC 1035
replaced the original DNS specifications from 1983.)

4
• A web browser loads a webpage using various protocols:
• It uses the Domain Name System (DNS) protocol to convert
a domain name into an IP address.
• It uses the HyperText Transfer Protocol (HTTP) to request
the webpage contents from that IP address.
• It may also use the Transport Layer Security (TLS) protocol
to serve the website over a secure, encrypted connection.
• The web browser uses these protocols on top of the Internet
protocols, so every HTTP request also uses TCP and IP.
• The Web is just one of the applications built on top of the
Internet protocols, but it is by far the most popular.
5
• IP addresses …. how computers identify other computers on the
Internet.
• The domain name system (DNS) gives us humans an easy way to
identify where we want to go on the Internet.
• We simply type in a domain name like "www.wikipedia.org", and
our computer connects us to the computers powering Wikipedia:
• A domain name is a human-friendly address for a website,
something that's easy for us to remember and type in.
• Anatomy of a domain name
• Each domain name is made up of parts:
• third-level-domain. second-level-domain.t op-level-domain
• There are a limited set of top level domains (TLDs), and many
websites use the most common TLDs,“ .com", ".org", and ".edu".
• The second level domain is unique to the company or organization
that registers it, like "wikipedia" or "khanacademy".

6
• The third level domain is also called a subdomain, because it's owned by
the same group and that URL often directs you to a subset of the website,
like "m.wikipedia.org" (mobile-optimized Wikipedia) or
"es.khanacademy.org" (Spanish-language Khan Academy).
• Domains ↔ IP addresses
• Behind the scenes, each domain name maps to an IP address. When we
type a URL in the address bar of our browser, the computer has to figure
out its IP address.
• Diagram of computer with a browser open. The browser displays
"www.wikipedia.org" in the URL bar, and the computer has a thought
bubble which says "www.wikipedia.org = ?".
• The computer can't store a database of more than 300 million domain
names locally, so it goes through a multi-step process to find out the IP
address.
• Step 1: Check the local cache
• If you've visited a website once, there's a fairly good chance you'll visit it
again. That's why computers keep their own local cache of domain name
to IP mappings. The cache stays small, because it kicks out domains you
haven't visited in a while or domains that send down expiration dates.
7
• Step 2: Ask the ISP cache
• Every ISP provides a domain name resolving service and keeps its
own cache. Perhaps you haven't visited a particular website, but
your neighbor just did, so the ISP can lookup the IP from their visit.
• If it's not in the ISP's cache, then it's off to the next step.
• Step 3: Ask the name servers
• There are domain name servers scattered around the globe that
are responsible for keeping track of a subset of the millions of
domain names.
• The servers are ordered in a hierarchy:
• Root name servers → TLD name servers → Host name servers.
• The ISP starts by asking the root name servers: "hey, which name
server knows about .org domains?" The root name server
responds with the IP address of a TLD name server that tracks
".org" domains.

8
• The ISP sends the IP address back to the requesting computer, and
now our computer can successfully connect with the computer
powering that domain.
• If that sounds like quite a process: yes, it is! But don't worry, it's not
done that often. A lot of information is cached along the way, so it's
rare that a DNS lookup has to go through so many steps.
• When a lookup does have to go through all the steps, there are
multiple name servers that can answer each question, so a
computer doesn't have to wait too long for a response or worry
about a name server going down.
• We've had the domain name system since 1985, and it's scaled
impressively to match the growth of the Internet, thanks to its
hierarchy, redundancy, and caching.
• DNS Spoofing
• The domain name system is scalable, but it is not always secure.
Cyber criminals figured out a way to exploit flaws in DNS name
servers, in an attack known as DNS spoofing or DNS cache poisoning.

9
• a domain resolver service must ask name servers when it doesn't already
know the mapping of a domain to an IP.
• If a cyber criminal manages to take control of a name server or redirect
requests to its own server, then it can reply with any IP address it wants:
• The domain resolver now stores the new IP in its cache and sends that IP
back to the requesting computer. The IP address often redirects users to a
page that will download computer viruses or ask for their secure
information.
• DNS cache poisoning can happen at any level in the name server
hierarchy. Imagine a cyber criminal intercepting requests to a root name
server: they'd be able to direct all traffic for .org domains!
• Once the domain ↔ IP mapping is poisoned in one server, it can spread
to any other server that asks for information from that server.
• DNS spoofing can be prevented. The DNSSEC protocol extends the
original DNS protocol and specifies the best way for DNS resolvers to
authenticate the information sent to them.
• Upgrading old systems takes time, so it may be years or decades before all
DNS systems are using DNSSEC.
• In the meantime, be careful when you load a website and see an
unexpected result. Not all websites are what they seem. 10
 DNS at a High-Level
• Domain Name System(To identify an entity, TCP/IP protocols use
the IP address, which uniquely identifies the connection of a host
to the Internet. However, people prefer to use names instead of
numeric addresses. Therefore, we need a system that can map a
name to an address or an address to a name. )
• Distributed database
– No centralization
• Simple client/server architecture
– UDP port 53, some implementations also use TCP
– Why?
• Hierarchical namespace
– As opposed to original, flat namespace
– e.g. .com  google.com  mail.google.com
11
Naming Hierarchy
(A name space that maps each address to a unique name
can be organized in two ways: flat or hierarchical)
Root

net edu com gov mil org uk fr etc.

• Top Level Domains (TLDs) are at the

neu mit top
• Maximum tree depth: 128
ccs ece husky • Each Domain Name is a subtree
– .edu  neu.edu  ccs.neu.edu 
www.ccs.neu.edu
www login mail • Name collisions are avoided
– neu.com vs. neu.edu 12
13
• DOMAIN NAME SPACE
the names are defined in an inverted-tree structure with the root at the
top. The tree can have only 128 levels: level 0 (root) to level 127
• Label.
• Each node in the tree has a label, which is a string with a maximum of 63
characters. The root label is a null string (empty string). DNS requires that
children of a node (nodes that branch from the same node) have different
labels, which guarantees the uniqueness of the domain names.
Domain Name
• Each node in the tree has a domain name. A full domain name is a
sequence of labels separated by dots (.). The domain names are always
read from the node up to the root. The last label is the label of the root
(null).This means that a full domain name always ends in a null label,
whichmeans the last character is a dot because the null string is nothing
• Domain
A domain is a subtree of the domain name space. The name of the
domainis the domain name of the node at the top of the subtree.

14
15
16
 Hierarchical Administration
Verisign Root ICANN

net edu com gov mil org uk fr etc.

• Tree is divided into zones

neu mit
– Each zone has an administrator
– Responsible for the part of the
ccs hierarchy
• Example:
– CCIS controls *.ccs.neu.edu
www login mail
– NEU controls *.neu.edu 17
18
19
20
21
22
DNS message

23
 DNS and Censorship
• DNS is a popular protocol for targeting by
Internet censors

• A few things to keep in mind …

• No cryptographic integrity of DNS messages
• DNSSEC proposed but not widely implemented
• Caching of replies means leakage of bad DNS
data can persist
 Much More to DNS
• Caching: when, where, how much, etc.
• Other uses for DNS (i.e. DNS hacks)
– Content Delivery Networks (CDNs)
– Different types of DNS load balancing
– Dynamic DNS (e.g. for mobile hosts)
• DNS and botnets
• Politics and growth of the DNS system
– Governance
– New TLDs (.xxx, .biz), eliminating TLDs altogether
– Copyright, arbitration, squatting, typo-squatting
25