the DNS and TCP

Tom Kelliher, CS43

Mar. 12, 1996

The DNS

The /etc/hosts crisis.

A distributed database:

1. Zones, zone files
2. Primaries, secondaries; the SOA record
3. Resolver routines, server
4. Caching
5. Address, pointer queries
6. Hostname spoof check

TCP

Features:

• Unit of data is a segment.
• Connection-Oriented, full-duplex connection:
  • A socket: (IP address, port number)
  • A socket pair --- (client IP address, client port number1, server IP address, server port number2) --- uniquely identifies a connection.
• Reliable:
  • TCP breaks byte stream into ``best-sized'' chunks.
  • Timer associated with each sent segment.
  • Segment acknowldegements.
  • TCP handles out of order IP datagrams, duplicate IP datagrams.
  • Flow control --- window size.

Selected TCP Header Fields

1. 16-bit source, destination port numbers.
2. 32-bit sequence number.
3. 32 bit acknowledgedment number.
4. URG, ACK, PSH, RST, SYN, FIN.
5. 16-bit window size.
6. 16-bit TCP checksum.

Sketch of Connection Establishement, Termination

Establishing a connection:

1. Client sends SYN segment, specifying server port and initial sequence number.
2. Server sends SYN segment, including its initial sequence number and ACKs the client segment.
3. Client ACKs the server's SYN segment.

Active, passive open.

Terminating a connection (half-close):

1. One side sends FIN segment.
2. Other side sends ACK segment, sends EOF to application.

Active, passive close.

Establishment timeouts: 5s, 24s, 76s.

Window size, maximum segment size.

Looking at the connections on a Unix system:

• Port, host, interface wildcards.
• Connection State.

Sequence numbers:

• What are we numbering? Why?
• Initial sequence number. Why not start at 1?
• ISN counter should increment every 4 microseconds.
• ISN counter typically increment by 64,000 every half-second.

Sequence Number Attack

Due to poor randomization of ISNs.

• Disable client
• Spoof client's IP address, guess ISN of server.
• Can't see server segments, have to guess.

TCP Futures

1. Path MTU Discovery --- optimize packet size.
2. Long Fat Pipes:

   

3. Window scale option --- dealing with bandwidth-delay.
4. Timestamp option --- RTT calculations.
5. PAWS: Protection Against Wrapped Sequence number.
6. T/TCP: an extension for transactions --- reduce the handshaking.
7. Performance.
8. Backward compatibility.