Lecturer 8 Name Services Haibin Zhu Ph D

  • Slides: 32
Download presentation
Lecturer 8: Name Services Haibin Zhu, Ph. D. Assistant Professor Department of Computer Science

Lecturer 8: Name Services Haibin Zhu, Ph. D. Assistant Professor Department of Computer Science Nipissing University © 2002

Contents 9. 1 Introduction 9. 2 Name services and the DNS 9. 3 Directory

Contents 9. 1 Introduction 9. 2 Name services and the DNS 9. 3 Directory and Discovery services 9. 4 CASE study: Global Name Service 9. 5 Case Study: Directory service 9. 6 Summary 2

Learning objectives To understand the need for naming systems in distributed systems To be

Learning objectives To understand the need for naming systems in distributed systems To be familiar with the design requirements for distributed name services To understand the operation of the Internet naming service - DNS To be familiar with the role of discovery services in mobile and ubiquitous computer systems 3 *

Names and Addresses Pure names are simply uninterpreted bit patterns. Non-pure names contains information

Names and Addresses Pure names are simply uninterpreted bit patterns. Non-pure names contains information about the object that they name. An object’s address is a value that identifies the location of the object rather than the object itself. An attribute is a value of a property associated with an object. A name is resolved when it is translated into data about the named resource or object. The association between a name and an object is called a binding. 4

The role of names and name services Resources are accessed using identifier or reference

The role of names and name services Resources are accessed using identifier or reference – An identifier can be stored in variables and retrieved from tables quickly – Identifier includes or can be transformed to an address for an object w E. g. NFS file handle, Corba remote object reference – A name is human-readable value (usually a string) that can be resolved to an identifier or address w Internet domain name, file pathname, process number w E. g. /etc/passwd, http: //www. cdk 3. net/ For many purposes, names are preferable to identifiers – because the binding of the named resource to a physical location is deferred and can be changed – because they are more meaningful to users Resource names are resolved by name services – to give identifiers and other useful attributes 5 *

Name service stores a collection of one or more naming contexts – sets of

Name service stores a collection of one or more naming contexts – sets of bindings between textual names and attributes for objects such as users. Basic requirements of GNS – – – An essentially arbitrary number of names A long lifetime High availability Fault isolation Tolerance of mistrust 6

Name Space The collection of all valid names recognized by a particular services. A

Name Space The collection of all valid names recognized by a particular services. A naming domain is a name space for which there exists a single overall administrative authority for assigning names within it. 7

Requirements for name spaces Allow simple but meaningful names to be used Potentially infinite

Requirements for name spaces Allow simple but meaningful names to be used Potentially infinite number of names Structured – to allow similar subnames without clashes – to group related names Allow re-structuring of name trees – for some types of change, old programs should continue to work Management of trust 8 *

Composed naming domains used to access a resource from a URL Figure 9. 1

Composed naming domains used to access a resource from a URL Figure 9. 1 URL http: //www. cdk 3. net: 8888/Web. Examples/earth. html DNS lookup Resource ID (IP number, port number, pathname) 138. 37. 88. 61 8888 Web. Examples/earth. html ARP lookup (Ethernet) Network address file 2: 60: 8 c: 2: b 0: 5 a Socket 9 Web server *

Names and resources Currently, different name systems are used for each type of resource:

Names and resources Currently, different name systems are used for each type of resource: resource name identifies file pathname file within a given file system process id process on a given computer port number IP port on a given computer Uniform Resource Identifiers (URI) offer a general solution for any type of resource. There are two main classes: URL • • • URN • Uniform Resource Locator typed by the protocol field (http, ftp, nfs, etc. ) part of the name is service-specific resources cannot be moved between domains Uniform Resource Name requires a universal resource name lookup service - a DNS-like system for all resources 10 *

More on URNs format: urn: <name. Space>: <name-within-namespace> examples: a) urn: ISBN: 021 -61918

More on URNs format: urn: <name. Space>: <name-within-namespace> examples: a) urn: ISBN: 021 -61918 -0 b) urn: dcs. qmul. ac. uk: TR 2000 -56 resolution: a) send a request to nearest ISBN-lookup service - it would return whatever attributes of a book are required by the requester b) b) send a request to the urn lookup service at dcs. qmul. ac. uk - it would return a url for the relevant document 11

Name Resolution – An iterative process whereby a name is repeatedly presented to naming

Name Resolution – An iterative process whereby a name is repeatedly presented to naming contexts. Navigation – A process of locating naming data from among more than one name server in order to resolve a name. 12

Iterative navigation Figure 9. 2 NS 2 2 Client 1 3 NS 1 Name

Iterative navigation Figure 9. 2 NS 2 2 Client 1 3 NS 1 Name servers NS 3 A client iteratively contacts name servers NS 1–NS 3 in order to resolve a name Reason for NFS iterative name resolution This is because the file service may encounter a symbolic link (i. e. an DNS: Client presents entire name to servers, starting at a local server, NS 1. alias) when resolving a name. A symbolic link must be interpreted in If NS 1 has the requested name, it is resolved, else NS 1 suggests thecontacting client’s file system name space because it may point to a file in a NS 2 (a server for a domain that includes the requested name). directory stored at another server. The client computer must determine NFS: Client segments pathnames (into 'simple names') and presents them which server this is, because only the client knows its mount points. one at a time to a server together with the filehandle of the directory that (p. 377. ) contains the simple name. Used in: 13 *

Non-recursive and recursive server-controlled navigation Figure 9. 3 NS 2 2 2 client 1

Non-recursive and recursive server-controlled navigation Figure 9. 3 NS 2 2 2 client 1 4 NS 1 client 3 1 NS 1 4 3 5 NS 3 Non-recursive server-controlled Recursive server-controlled A name server NS 1 communicates with other name servers on behalf of a client DNS offers recursive navigation as an option, but iterative is the standard technique. Recursive navigation must be used in domains that limit client access to their DNS information for security reasons. 14 *

DNS - The Internet Domain Name System A distributed naming database Name structure reflects

DNS - The Internet Domain Name System A distributed naming database Name structure reflects administrative structure of the Internet Rapidly resolves domain names to IP addresses – exploits caching heavily – typical query time ~100 milliseconds Basic Scales millionsfor of name computers DNSto algorithm resolution (domain name -> IP number) – partitioned database • Look for the name in the local cache • Try a superior DNS server, which responds with: – caching – another recommended DNS server Resilient to failure of a server – the IP address (which may not be entirely up to date) – replication 15 *

DNS Data DNS naming data are divided into zones. A zone contains: – –

DNS Data DNS naming data are divided into zones. A zone contains: – – Attribute data for names in a domain The names and addresses The names of name servers Zone management parameters http: //hotwired. lycos. com/webmonkey/geektalk/97/03 /index 4 a. html? tw=backend 16

DNS name servers Figure 9. 4 Note: Name server names are in italics, and

DNS name servers Figure 9. 4 Note: Name server names are in italics, and the corresponding domains are in parentheses. Arrows denote name server entries a. root-servers. net (root) ns 1. nic. uk (uk) uk purdue. edu yahoo. com. . ns. purdue. edu (purdue. edu) co. uk ac. uk. . . ns 0. ja. net (ac. uk) *. purdue. edu ic. ac. uk authoritative path to lookup: jeans-pc. dcs. qmw. ac. uk alpha. qmw. ac. uk (qmw. ac. uk) dcs. qmw. ac. uk *. qmw. ac. uk. . . dns 0. dcs. qmw. ac. uk (dcs. qmw. ac. uk) *. dcs. qmw. ac. uk 17 dns 0 -doc. ic. ac. uk (ic. ac. uk) *. ic. ac. uk *

DNS in typical operation Without caching ns 1. nic. uk (uk) a. root-servers. net

DNS in typical operation Without caching ns 1. nic. uk (uk) a. root-servers. net (root) uk purdue. edu yahoo. com. . ns. purdue. edu (purdue. edu) co. uk ac. uk. . . ns 0. ja. net (ac. uk) *. purdue. edu ic. ac. uk qmw. ac. uk. . . alpha. qmw. ac. uk (qmw. ac. uk) dns 0. dcs. qmw. ac. uk (dcs. qmw. ac. uk) IP: alpha. qmw. ac. uk 2 dns 0 -doc. ic. ac. uk (ic. ac. uk) client. ic. ac. uk IP: jeans-pc. dcs. qmw. ac. uk IP: ns 0. ja. net dcs. qmw. ac. uk *. ic. ac. uk jeans-pc. dcs. qmw. ac. uk ? IP: dns 0. dcs. qmw. ac. uk 18 3 14 *

DNS server functions and configuration Main function is to resolve domain names for computers,

DNS server functions and configuration Main function is to resolve domain names for computers, i. e. to get their IP addresses – caches the results of previous searches until they pass their 'time to live' Other functions: – – – get mail host for a domain reverse resolution - get domain name from IP address Host information - type of hardware and OS Well-known services - a list of well-known services offered by a host Other attributes can be included (optional) 19 *

DNS resource records Figure 9. 5 Record type Meaning Main contents A NS CNAME

DNS resource records Figure 9. 5 Record type Meaning Main contents A NS CNAME SOA WKS PTR IP number Domain name for server Domain name for alias Parameters governing the zone List of service names and protocols Domain name HINFO A computer address An authoritative name server The canonical name for an alias Marks the start of data for a zone A well-known service description Domain name pointer (reverse lookups) Host information MX TXT Mail exchange Text string 20 Machine architecture and operating system List of <preference, host> pairs Arbitrary text *

DNS issues Name tables change infrequently, but when they do, caching can result in

DNS issues Name tables change infrequently, but when they do, caching can result in the delivery of stale data. – Clients are responsible for detecting this and recovering Its design makes changes to the structure of the name space difficult. For example: – merging previously separate domain trees under a new root – moving subtrees to a different part of the structure (e. g. if Scotland became a separate country, its domains should all be moved to a new country-level domain. See Section 9. 4 on GNS, a research system that solves the above issues. 21 *

Directory and discovery services Directory service: - 'yellow pages' for the resources in a

Directory and discovery services Directory service: - 'yellow pages' for the resources in a network – Retrieves the set of names that satisfy a given description – e. g. X. 500, LDAP, MS Active Directory Services w (DNS holds some descriptive data, but: • the data is very incomplete • DNS isn't organised to search it) Discovery service: - a directory service that also: – is automatically updated as the network configuration changes – meets the needs of clients in spontaneous networks (Section 2. 2. 3) – discovers services required by a client (who may be mobile) within the current scope, for example, to find the most suitable printing service for image files after arriving at a hotel. – Examples of discovery services: Jini discovery service, the 'service location protocol', the 'simple service discovery protocol' (part of UPn. P), the 'secure discovery service'. 22 *

Service discovery in Jini Figure 9. 6 Mobile client 1. ‘finance’ lookup service? Printing

Service discovery in Jini Figure 9. 6 Mobile client 1. ‘finance’ lookup service? Printing service admin Client Lookup service Network 4. Use printing service Corporate infoservice 2. Here I am: . . . admin, finance Printing service 3. Request printing & receive financeproxy Lookup service Jini services register their interfaces and descriptions with the Jini lookup services in their scope Clients find the Jini lookup services in their scope by IP multicast Jini lookup service searches by attribute or by interface type – The designers of Jini argue convincingly that this the only reliable way to do discovery 24 *

GNS (Global Name Service) case study An early research project (1985) that developed solutions

GNS (Global Name Service) case study An early research project (1985) that developed solutions for the problems of: – large name spaces – restructuring the name space <directory name, value name> 25

Figure 9. 7 GNS directory tree and value tree for user Peter. Smith DI:

Figure 9. 7 GNS directory tree and value tree for user Peter. Smith DI: 599 (EC) UK DI: 543 AC DI: 437 DI: 322 QMW Peter. Smith mailboxes Alpha Beta password Gamma 26 FR DI: 574

Figure 9. 8 Merging trees under a new root DI: 633 (WORLD) Well-known directories:

Figure 9. 8 Merging trees under a new root DI: 633 (WORLD) Well-known directories: #599 = #633/EC #642 = #633/NORTH AMERICA EC DI: 599 DI: 543 DI: 642 UK FR DI: 574 27 DI: 732 US CANADA DI: 457

Figure 9. 9 Restructuring the directory DI: 633 (WORLD) Well-known directories: #599 = #633/EC

Figure 9. 9 Restructuring the directory DI: 633 (WORLD) Well-known directories: #599 = #633/EC #642 = #633/NORTH AMERICA EC NORTH AMERICA DI: 599 DI: 543 UK DI: 642 FR US DI: 574 DI: 732 US CANADA DI: 457 #633/EC/US 28

X. 500 and LDAP A hierarchically-structured standard directory service designed for world-wide use Accommodates

X. 500 and LDAP A hierarchically-structured standard directory service designed for world-wide use Accommodates resource descriptions in a standard form and their retrieval for any resource (online or offline) Never fully deployed, but the standard forms the basis for LDAP, the Lightweight Directory Access Protocol, which is widely used DIT(Directory Information Tree) and DIB (Directory Information Base) 29

Figure 9. 10 X. 500 service architecture DUA DSA DSA DSA DUA DSA Directory

Figure 9. 10 X. 500 service architecture DUA DSA DSA DSA DUA DSA Directory User Agent Directory Service Agent 30

Figure 9. 11 Part of the X. 500 Directory Information Tree X. 500 Service

Figure 9. 11 Part of the X. 500 Directory Information Tree X. 500 Service (root) . . . France (country) Great Britain (country) Greece (country). . . BT Plc (organization) University of Gormenghast (organization). . . Computing Service (organizational. Unit) Department of Computer Science (organizational. Unit) Engineering Department (organizational. Unit). . . Departmental Staff (organizational. Unit) ely (application. Process) Research Students (organizational. Unit). . . Alice Flintstone (person). . . Pat King (person) James Healey (person) Janet Papworth (person) 31 . . .

Figure 9. 12 An X. 500 DIB (Directory Information Base) Entry info Alice Flintstone,

Figure 9. 12 An X. 500 DIB (Directory Information Base) Entry info Alice Flintstone, Departmental Staff, Department of Computer Science, University of Gormenghast, GB common. Name Alice. L. Flintstone Alice Flintstone A. Flintstone uid alf mail [email protected] gormenghast. ac. uk surname Flintstone Alice. [email protected] gormenghast. ac. uk room. Number Z 42 telephone. Number +44 986 33 4604 user. Class Research Fellow 32

Summary Name services: – defer the binding of resource names to addresses (and other

Summary Name services: – defer the binding of resource names to addresses (and other attributes) – Names are resolved to give addresses and other attributes – Goals : w Scalability (size of database, access traffic (hits/second), update traffic) w Reliability w Trust management (authority of servers) – Issues w exploitation of replication and caching to achieve scalability without compromising the distribution of updates w navigation methods Directory and discovery services: – 'yellow pages' retrieval by attributes – dynamic resource registration and discovery 33 *