DNS

1. Introduction:
o DNS is the system that translates human-friendly domain names (e.g., www.google.com) into
IP addresses (e.g., 142.250.190.78), which computers use to identify each other on the
network.
o The design of DNS ensures that complexity is concentrated at the network edge, where client
machines and local DNS servers interact.
o DNS operates as an application-layer protocol, meaning it functions at the highest level of the
network protocol stack.
o It enables communication between:
▪ Hosts (e.g., your computer or phone): Initiating queries to resolve domain names into
IP addresses.
▪ DNS Servers: Responding to these queries with the required mappings.
2. Why Not Centralize DNS? Centralizing DNS would have several disadvantages:
o Single Point of Failure: If the central server fails, the entire Internet's DNS system would
collapse.
o Traffic Volume: A single server would be overwhelmed by the sheer number of DNS queries.
o Distant Centralized Database: A centralized server would increase latency for users located
far from it.
o Maintenance Challenges: Keeping one central server updated and secure is a massive task,
making it impractical.
A centralized DNS system does not scale effectively for the global Internet. That’s why DNS is
organizationally and physically decentralized which means millions of different organizations responsible
for their records.
3. DNS Services: DNS provides the following essential services:
o Hostname-to-IP Address Translation: Translates user-friendly domain names into machine-
readable IP addresses.
o Host Aliasing: Allows a single machine to have multiple aliases, such as www.cs.umass.edu or
cs.umass.edu.
▪ Canonical Name: The primary name for a host.
▪ Alias Names: Alternative names that map to the canonical name.
o Mail Server Aliasing: Maps a domain name to the IP address of the email server, ensuring
emails are routed correctly.
o Load Distribution: Distributes traffic across multiple servers by associating one domain name
with multiple IP addresses. This enables efficient load balancing for web services like
www.google.com.
4. Scalability:
 o DNS's distributed and hierarchical structure makes it scalable.
o Examples of real-world usage:
▪ Comcast DNS Servers: Handle over 600 billion DNS queries per day.
▪ Akamai DNS Servers: Handle over 2.2 trillion DNS queries daily.
5. Distributed Database Implemented in a Hierarchy:
o DNS operates as a distributed database to handle the immense scale of the Internet.
o Instead of a single central server, DNS is structured in a hierarchical system consisting of:
▪ Root Servers: Root name servers are the topmost authorities in the DNS hierarchy,
serving as the contact-of-last-resort for resolving domain names. When lower-level
DNS servers (like local or TLD servers) cannot answer a query, root servers guide them
to the next step, such as the appropriate TLD server. They ensure the DNS system's
reliability by acting as the starting point for resolving queries across the Internet.
▪ TLD Servers: Manage specific domains like .com, .org, .edu, .net, or country codes like
.uk, .cn, .pk, .in and .jp.
▪ Authoritative Name Servers: Organization’s own DNS server(s), providing
authoritative hostname to IP mappings for organization’s named hosts (e.g.,
amazon.com or nyu.edu). It can be maintained by organization or service provider.
Example: A client wants IP address for www.amazon.com; 1st approximation:
- client queries root server to find .com DNS server
- client queries .com DNS server to get amazon.com DNS server
- client queries amazon.com DNS server to get IP address for www.amazon.com

6. DNS, An Important Internet Function:

• The Internet could not function without DNS because it is essential for most Internet
operations since almost every online activity involves resolving a domain name (e.g., accessing
websites, sending emails, streaming videos).
• Domain Name System Security Extensions (DNSSEC) is a set of cryptographic protocols that
help to ensure that users are directed to the correct website and not a fake one.
• Internet Corporation for Assigned Names and Numbers (ICANN) manages the internet's
domain name system (DNS) and IP addresses.
7. Local DNS Name Server:
Every host (e.g., a computer or smartphone) is configured to communicate with a local DNS name
server, typically provided by an Internet Service Provider (ISP), organization, or campus network. This
 local server acts as the first point of contact for DNS queries and is not part of the formal hierarchical
structure.
Functionality of a Local DNS Server:
o When a host requests a domain name resolution (e.g., www.example.com), the query is sent
to the local DNS server.
o If the local DNS server has a recent record of the requested domain from its cache, it
immediately provides the result.
o Cached records reduce query time and network traffic but may occasionally return outdated
results.
o If the local server does not have the requested information, it forwards the query to higher-
level DNS servers in the hierarchy (e.g., root, TLD, or authoritative servers) for resolution.
How to Find Your Local DNS Server:
o MacOS Command: Use the scutil --dns command to view local DNS settings.
o Windows Command: Use ipconfig /all to see the DNS servers configured for your device.
Benefits of Local DNS Servers (NOT INCLUDED IN THE SLIDES):
o Local servers provide faster response times.
o It reduces load on the Global DNS System
o ISPs and organizations can manage and optimize their DNS traffic.
8. Iterated Query Process: When a host (e.g., engineering.nyu.edu) needs to resolve a domain name
(gaia.cs.umass.edu) to an IP address:
▪ The host sends a query to its local DNS server (e.g., dns.nyu.edu).
▪ If the local DNS server doesn’t have the mapping cached, it queries other DNS servers
in an iterative manner:
1. First, it queries a root server, which responds with the address of a TLD server
(e.g., .edu server).
2. Then, it queries the TLD server, which provides the address of the authoritative
DNS server (e.g., dns.cs.umass.edu).
3. Finally, it queries the authoritative server, which returns the IP address of the
requested domain.
o The local DNS server caches this response for future requests, and the IP address is sent back
to the host.
Features:
o Server Interaction: The contacted server either responds with the answer or directs the client
to another server to continue the query.
o Caching: Results are cached at intermediate steps to reduce future query times.
9. Recursive Query Process:
o Instead of the client handling the iterative queries, it delegates the task to its local DNS server.
 o The local DNS server performs the entire query resolution process (iterating through root, TLD,
and authoritative servers) on behalf of the host.
o Once resolved, the local DNS server returns the final IP address to the host.
Features:
o Burden on Local Server: The local DNS server takes on the entire resolution task, increasing
its workload.
o Efficiency for the Client: The host does not need to handle multiple interactions; it waits for
the resolved result.
10. Caching DNS Information
Once a DNS server resolves a query, it stores the mapping (e.g., domain-to-IP address) in its cache for
a certain duration, defined by the Time-to-Live (TTL) value.
Benefits of Caching:
o Reduced Latency: Faster responses for repeated queries.
o Lower Network Load: Reduces the number of queries sent to higher-level servers (e.g., root,
TLD) because TLD servers are typically cached in local name servers.
o Scalability: Makes DNS more efficient for large-scale usage.
Challenges with Caching:
o Outdated Entries: Cached mappings may become stale if a domain’s IP address changes
before the TTL expires.
o Best-Effort Translation: There’s no guarantee that cached data is always up to date across the
Internet.
11. DNS Security
1. DDoS Attacks: Attackers bombard DNS servers (e.g., root servers or TLD servers) with excessive
traffic to overwhelm them. Countermeasures include:
▪ Traffic Filtering: Blocking malicious traffic.
▪ Caching: Local DNS servers caching TLD information to bypass root servers.
2. Spoofing Attacks: Attackers intercept DNS queries and provide false responses to redirect users
to malicious websites. Techniques include:
▪ DNS Cache Poisoning: Manipulating a DNS server’s cache with fake records.
3. DNSSEC (DNS Security Extensions): It provides mechanisms for:
▪ Authentication: Ensures DNS responses come from a legitimate source.
▪ Integrity: Verifies that DNS responses are not tampered with.
o Introduced in RFC 4033, DNSSEC helps defend against spoofing and poisoning attacks.

VIDEO STREAMING AND CDNs

1. Video Streaming and CDNs: Context
Video streaming is a dominant consumer of Internet bandwidth. Examples include platforms like
Netflix, YouTube, and Amazon Prime, which accounted for 80% of residential ISP traffic (2020).
 Challenges in Streaming:
▪ Scale: The need to deliver content to a vast audience (~1 billion users).
▪ Heterogeneity: Users differ in devices and network conditions, such as wired vs.
mobile connections or varying bandwidths.
Solution: A distributed, application-level infrastructure addresses these challenges, allowing
scalability and adaptability.
2. Multimedia: Video
A video is a sequence of images displayed at a constant rate (e.g., 24 frames/second). Digital images
are arrays of pixels, where each pixel is represented by bits.
o To reduce the number of bits needed, coding exploits redundancy:
1. Spatial Redundancy: Redundancy within an image. For instance, instead of
transmitting every pixel, group identical colors.
2. Temporal Redundancy: Redundancy between consecutive images. Only transmit the
differences between frames.
Encoding Techniques:
o CBR (Constant Bit Rate): Encoding rate is fixed.
o VBR (Variable Bit Rate): Encoding rate adapts based on spatial and temporal variations.
o Examples:
▪ MPEG1 (CD-ROM) - 1.5 Mbps
▪ MPEG2 (DVD) - 3-6 Mbps
▪ MPEG4 (Internet) - 64 Kbps to 12 Mbps
3. Streaming Stored Video: Streaming involves the simultaneous processes of recording, transmitting,
and playback. While the server sends later parts of the video, the client plays out earlier parts.
Challenges:
o Continuous Playout Constraint: Video playback must match its original timing, requiring:
1. Client-Side Buffers: To smooth out delays caused by network jitter.
2. Handling packet loss and enabling client interactivity like pausing or rewinding.
o Variable Network Bandwidth: Changes in network congestion impact video quality.
Playout Buffering:
o Buffers help manage variable network delays by temporarily storing video before playback.
o This ensures consistent playback rates despite fluctuations in transmission.
4. Streaming Multimedia: DASH
DASH is a protocol that adapts video quality based on the client’s bandwidth and buffer status.
Streaming video = encoding + DASH + playout buffering
Server-Side Mechanism:
 o Videos are divided into multiple chunks
o Each chunk encoded at multiple different rates
o Different rate encodings stored in different files
o Files replicated in various CDN nodes
o A manifest file contains URLs for different chunks and bitrates.
Client-Side Intelligence:
o Estimates server-to-client bandwidth periodically.
o Requests the chunk with the highest bitrate sustainable under current conditions.
o Chooses chunks from servers closest to it or with the least congestion to improve
performance.
5. Content Distribution Networks (CDNs)
CDNs address the challenge of streaming massive amounts of content to a global audience by
improving scalability, performance, and reliability.
Challenges:
o Serving millions of videos to hundreds of thousands of simultaneous users is infeasible with
a single server.
o A centralized approach suffers from:
1. Single Points of Failure
2. Network Congestion
3. Long Delays for Distant Clients
CDN Approaches:
▪ Deploy CDN servers deep within many access networks, close to users.
▪ Example: Akamai (240,000 servers in over 120 countries, as of 2015).
▪ Use a smaller number (10’s) of larger CDN clusters located at Points of Presence
(PoPs) near access networks.
▪ Example: Limelight utilizes this approach.

SOCKET PROGRAMMING
A socket is a door between application process and end-end-transport protocol.
1. Socket Programming with UDP: It requires no connection between client and server. UDP transmitted
data may be lost or received out-of-order and it provides unreliable transfer of group of bytes. The main
features of socket programming with UDP are:
• no handshaking before sending data
• sender explicitly attaches IP destination address and port # to each packet
• receiver extracts sender IP address and port# from received packet
UDP Client Pseudo Code:
 1. Include Python’s socket library
2. Create a UDP socket
3. Get user input
4. Attach server name and server port to message and send into socket
5. Read reply data (bytes) from socket
6. Print out received string
7. Close the socket
UDP Server Pseudo Code:
1. Include Python’s socket library
2. Create a UDP socket
3. Bind the socket to a specific port
4. Enter an infinite loop
5. Read from UDP socket into message, getting client’s address (client IP and port)
6. Send upper case string back to this client
2. Socket Programming with TCP: It enables communication between two systems (client and server) in a
reliable, connection-oriented manner.
Process:
• The server must start first, create a welcoming socket, and listen for incoming client
connections.
• The client initiates the connection by creating a socket and specifying the server's IP and port.
• Once the connection is established, data can flow bi-directionally in a byte-stream format.
• After communication, the connection is closed gracefully by both ends.
Server Handling Multiple Clients:
• A new socket is created for each client connection.
• The server distinguishes between clients using their IP address and port number.
TCP Features:
• Communication happens between one sender and one receiver.
• Establishes a connection (via a handshake) before data exchange to synchronize sender and
receiver states.
• Does not define message boundaries (works with streams of bytes).
• Allows bi-directional data flow
• MSS (Maximum Segment Size) defines the largest data segment size that can be sent.
• Reliable and in-order delivery.
 • Connection termination ensures no data is lost during closure.
• Receiver acknowledges receipt of all data up to a certain point.
• Multiple packets can be sent before receiving an acknowledgment, improving efficiency.
• Includes congestion and flow control mechanisms to adjust the transmission rate.
• Ensures the sender does not overwhelm the receiver with too much data.
TCP Client Pseudo Code:
1. Include Python’s socket library
2. Create a TCP socket
3. Connect to the server using its address and port
4. Send data to the server
5. Receive the response
6. Print out received response
7. Close the socket
TCP Server Pseudo Code:
1. Include Python’s socket library
2. Create a TCP socket
3. Bind the socket to a specific port
4. Start listening for incoming TCP connections
5. Enter an infinite loop
6. Server waits on accept() for incoming requests, new socket created on return
7. Read bytes from socket
8. Send upper case string back to this client
9. Close connection to this client (but not welcoming socket)

TCP SEGMENT STRUCTURE

Sequence Number: byte stream “number” of first byte in segment’s data

Acknowledgement Number: seq # of next byte expected from other side
How TCP receiver handles out-of-order segments?
TCP receivers handle out-of-order segments by buffering them temporarily. They utilize techniques like
Selective Acknowledgements (SACK) to inform the sender about missing segments, allowing for selective
retransmissions. Once all segments are received, the receiver reorders them and delivers them to the
application in the correct sequence.
TCP Sender:
When data is received from the application:
➢ create segment with seq #
➢ seq # is byte-stream number of first data byte in segment
➢ start timer if not already running whose expiration interval is TimeOutInterval
When an ACK (acknowledgment) is received:
➢ If the ACK confirms that previously sent segments were received, the sender updates its records.
➢ If there are still unacknowledged segments, the timer is restarted.
When a timeout occurs:
➢ If the timer expires before an ACK is received, the sender retransmits the segment.
➢ The timer is restarted to wait for an ACK for the retransmitted segment.
How to set TCP timeout value?
➢ It should be longer than Round Trip Time (RTT)
➢ It should not be too short because it causes premature timeout and unnecessary retransmissions
➢ It should not be too long because it causes slow reaction to segment loss
How to estimate RTT?
We can calculate Estimated RTT by taking multiple Sample RTTs i.e., measuring time from segment
transmission until the ACK receipt while ignoring retransmissions and then taking average of multiple Sample
RTTs. Following is the exponential weighted moving average (EWMA)
Estimated RTT = (1-α)×Estimated RTT + α×Sample RTT (where α = 0.125)
How to calculate timeout interval?
Timeout Interval = Estimated RTT + 4×DevRTT (where 4×DevRTT is a safety margin)
Note: Larger variation in Estimated RTT requires larger safety margin
DevRTT = (1-β)×DevRTT + β×|SampleRTT-EstimatedRTT| (where β = 0.25)
TCP Fast Retransmit: 'Fast Retransmit' is a mechanism in TCP that allows for the retransmission of a lost
packet before the expiration of the timeout, based on the detection of duplicate acknowledgments from the
receiver.
(Note: For simple retransmission scenarios and fast retransmit scenario, please refer to the slide number 11,
12, and 13 of week 7)

Telnet Scenarios for Practice of Sequence and Acknowledgement Numbers

 Segment Number Seq # ACK # Segment Number Size Seq # ACK #
1 3 2 1 8 bytes 3
2 2 3 bytes
3 3 1 byte
4 4 5 bytes
5 5 2 bytes
6 6 3 bytes
(Hint: ACK # of segment 1 of sender (Hint: ACK # of segment 1 of receiver = seq # of segment 1 of sender + size
is the Seq # of segment 1 of receiver Assume ACK # of segment 1 of sender as 1, 2, 3 and so on and the rest of
and the Seq # of segment 2 of sender logic is same as the previous question.)
is the ACK # of segment 1 of receiver)