------------------------- Week 10 Notes for CST8165 ------------------------- -Ian! D. Allen - idallen@idallen.ca - www.idallen.com Remember - knowing how to find out an answer is more important than memorizing the answer. Learn to fish! RTFM! (Read The Fine Manual) Keep up on your readings (Course Outline: average 4 hours/week homework) Your second midterm test is in Week 11. IETF Talk - Friday March 28 - Michael Richardson (Ottawa) will be here to talk about what it's like to be part of the IETF and author RFC documents ------------------------------------------------------------------------------ Protocols - Telnet ------------------ Started with rfc0097 (Feb 1971!) - too many revisions to list! http://tools.ietf.org/html/rfc854 (1983, 15 pages) http://tools.ietf.org/html/rfc855 (options: 1983, 3 pages) http://tools.ietf.org/html/rfc856 (binary: 1983) ...etc... http://tools.ietf.org/html/rfc1097 (subliminal: April 1 1989) ...etc... http://tools.ietf.org/html/rfc4248 (URI: 2005) Q: T/F, never believe anything you read in an April 1 RFC document. Telnet URI (RFC submitted in 2005): http://tools.ietf.org/html/rfc4248 - e.g. telnet://:@:/ "Few implementations handle the user name and password very well, if at all." Q: Give the full URI for a "telnet" connection. - "The purpose of the TELNET Protocol is to provide a fairly general, bi-directional, eight-bit byte oriented communications facility. - "the symmetry of the TELNET model requires that there is an NVT at each end of the TELNET connection" p.6 - "symmetry is an operating principle rather than an ironclad rule." p.4 Q: What is the purpose of the TELNET protocol? - a line-oriented "Network Virtual Terminal" with option negotiation - options start with Interpret As Command (IAC) byte - 255 0xFF) - IAC must therefore be doubled when sent as part of data stream - this IAC option negotiation may confuse some applications - "The code set is seven-bit USASCII in an eight-bit field" (p.4) - which is why netcat ("nc") is better for TCP/IP debugging Q: How does the TELNET protocol signal that an option is coming? Q: How does the TELNET protocol transmit the IAC byte if it appears as part of the data stream? - TELNET command "Go Ahead" (GA) for old 2741 lockable keyboards (!) p.5 - some things don't map well to the data byte stream: - Interrupt Process (IP) (this is mandatory if local system supports it) - Abort Output (AO) (optional) - Are You There (AYT) (optional) - Erase previous Character (EC) (optional) - Erase current Line (EL) (optional) How do you send an Interrupt or Abort command to a remote terminal? - don't want to add the command to the end of the queued data stream - don't want flow control to hold up commands such as IP, AO, AYT - ANS: use "out-of-band" socket data that goes "around" the main data stream: - TCP provides an "Urgent notification" packet that bypasses socket queues - "Synch signal consists of a TCP Urgent notification, coupled with the TELNET command DATA MARK (DM) [in the data stream]..." p.9 - SYNCH causes client to throw away data and messages (except for IP,AO,AYT) until it finds the DM you put at the end of the data stream - the SYNCH mechanism discards all data (not TELNET commands) between the sender of the Synch and its recipient Q: How do you send an Interrupt or Abort command to a remote terminal? The TELNET NVT "printer": - 95 USASCII graphics (codes 32 through 126) - a very few control characters - to send 8-bit data, you have to escape the IAC 255 byte by doubling it - though TELNET has an option to pass raw data, netcat is better since it doesn't need to escape the IAC byte Telnet options (many, many following RFCs): http://tools.ietf.org/html/rfc854 Telnet protocol was eventually adopted for the FTP control stream (port 21). Q: How does FTP use the TELNET protocol? ============================================================================= Domain Name System - DNS ------------------------ http://tools.ietf.org/html/rfc1034 (concepts; Nov 1987; 55 pages, index at end) http://tools.ietf.org/html/rfc1035 (implementation; Nov 1987) http://www.dns.net/dnsrd/rfc/rfc1035/rfc1035.html (annotated with pictures) Additional: http://tools.ietf.org/html/rfc920 (Initial Set of Top Level Domains; October 1984) http://tools.ietf.org/html/rfc4343 (case sensitivity; January 2006) http://tools.ietf.org/html/rfc4033 (DNS security; March 2005) Annotated: http://www.dns.net/dnsrd/rfc/ - DNS is for turning names into IP addresses, vice-versa, and more - originally done using a big HOSTS.TXT file "Host name to address mappings were maintained by the Network Information Center (NIC) in a single file (HOSTS.TXT) which was FTPed by all hosts [RFC-952, RFC-953]. The total network bandwidth consumed in distributing a new version by this scheme is proportional to the square of the number of hosts in the network, and even when multiple levels of FTP are used, the outgoing FTP load on the NIC host is considerable. Explosive growth in the number of hosts didn't bode well for the future. - http://tools.ietf.org/html/rfc1034 - file /etc/hosts still used for local (non-DNS) IP/host name map on Unix - other Unix config options determine whether local file check comes before or after checking the DNS - still have file LMHOSTS on Windows? Q: What is the purpose of the Domain Name System? Q: Give any four (of many) specific functions that can be performed by the Domain Name System (DNS)? Q: In what file do Unix/Linux systems keep local non-DNS names? Assumptions about usage (RFC1034 Section 2.3 p.3) 1. size proportional to number of hosts, then number of users 2. most of the data changes slowly, some isolated parts may change quickly 3. administrative divisions and boundaries have their own name servers 4. availability of local "trusted" name servers to do external referrals 5. access is more important than timely updates or consistency Q: Give three (of five) assumptions made when DNS was designed. Query styles: - iterative query: NS refers client to another NS (blocked at Algonquin?) - the client has to query each new NS - recursive query: NS does lookup for client (must be used at Algonquin) - the client just waits for the answer Q: Describe and differentiate between the two types of DNS queries. Three major DNS components ("Elements") (RFC1034 2.4 p.6): 1. Domain Name Space and Resource records - tree-structured name space and data 2. Name Servers - hold complete information about a subset and may cache more 3. Resolvers are programs or libraries that query Name Servers - "directly accessible to user programs; hence no protocol is necessary" - this is the user-visible part Notes: - the resolver may have its own cache - Unix/Linux resolvers start with /etc/resolv.conf Q: T/F, the DNS name space is flat. Q: What is the function of the "name server" part of a DNS (not the "resolver")? Q: What is the function of the "resolver" part of a DNS (not the "name server")? Q: On Unix/Linux, what file is used by the resolver library to find name servers to query? Rules for DNS names (RFC1034) - case-insensitive (but case is preserved) p.7 - domain name components are *separated* by dots - "absolute" names end in the ROOT - a zero-length domain: idallen.ca. - "relative" names don't end in ROOT - no trailing dot: idallen.ca - A relative domain may have a local domain tacked onto the end during searches, e.g. you type foo.bar but the resolver actually looks up foo.bar.algonquincollege.com. Use a trailing dot to prevent this. - longest domain is 255 characters (plus dots, which separate components) - subdomains are fully contained within domains (3.1): - For example, A.B.C.D is a subdomain of B.C.D, C.D, D, and " " (the root). Q: T/F, DNS records are case-sensitive. Q: T/F, DNS records are converted to lower-case. Q: Describe and differentiate between a DNS "absolute" and "relative" name. Q: T/F, the dots in a DNS name are included in the 255 character name limit. - reverse DNS (ptr) lookups map into otherwise unused "IN-ADDR.ARPA." e.g. to reverse-look-up 1.2.3.4 you search for ptr in 4.3.2.1.in-addr-arpa. - number is reversed because DNS wants the top level on the right - some DNS software will do the reversal and ptr look up for you, e.g.: $ host 72.18.159.15 15.159.18.72.in-addr.arpa domain name pointer server320.tchmachines.com. $ host -t ptr 15.159.18.72.in-addr.arpa. 15.159.18.72.in-addr.arpa domain name pointer server320.tchmachines.com. - some software will not do the ptr look up for you: e.g. "dig" does not - you have to be explicit with the domain and type: $ dig 72.18.159.15 # fails - NXDOMAIN $ dig 15.159.18.72.in-addr.arpa. ptr # works $ dig -x 72.18.159.15 # also works Q: What is a "reverse-DNS lookup"? Q: How does a resolver look up the PTR record for IP address 1.2.3.4? Q: Give a Unix command that will turn a host name into an IP address. Q: Give a Unix command that will turn an IP address into a host name. - name syntax is given in RFC1034 section 3.5 p.11: "The labels must follow the rules for ARPANET host names. They must start with a letter, end with a letter or digit, and have as interior characters only letters, digits, and hyphen. There are also some restrictions on the length. Labels must be 63 characters or less. - but we have many violations: 3com.com, canada411.com, etc. DNS continues next week...