CSE 222a Final Project - UCSD Spring 2007 p2p DNS addressing Presented By- Anup Tapadia Alexander Loukissas Justin Wu

CSE 222a Final Project - UCSD Spring 2007CSE 222a Final Project - UCSD Spring 2007

p2p DNS addressingp2p DNS addressing

Presented By- Presented By- Anup TapadiaAnup Tapadia

Alexander LoukissasAlexander LoukissasJustin WuJustin Wu


ProblemProblem

Why can’t we use DNS address as a Why can’t we use DNS address as a primary identifier for a computer to primary identifier for a computer to connect from anywhere, anytime ? connect from anywhere, anytime ? Eg – peter.myworld.com Eg – peter.myworld.com Connects to peter Connects to peter

1.NAT – Network address translators2.Firewalls


SolutionSolution

We introduce a p2p DNS addressing We introduce a p2p DNS addressing scheme that deals with both problemsscheme that deals with both problemsAddressing: Host names are decoupled from Addressing: Host names are decoupled from

IP addressesIP addressesConnectivity: Hosts can receive and respond Connectivity: Hosts can receive and respond

to HTTP requests, even when they are behind to HTTP requests, even when they are behind a NATa NAT


NATsNATs

Most DSL/Cable routers have a NAT built Most DSL/Cable routers have a NAT built into theminto them

NATs block incoming connections, making NATs block incoming connections, making the host inaccessiblethe host inaccessible

Many applications use techniques that Many applications use techniques that “punch UDP holes” through the NATs (e.g. “punch UDP holes” through the NATs (e.g. Skype) Skype)


The system at a glanceThe system at a glance

john.p2p.net

peter.p2p.net

p2p DNS Server

Step 1:DNS query forjohn.p2p.net

NAT/Firewall

PC with public IP(Super Server)

PC behind NAT

Step 1:DNS query forpeter.p2p.net

Step 3:Relay traffic between mobileand PC behind NAT

Step 2:HTTP requests and

responses

Step 2:HTTP requests and

responses

Case 2: PC behind NAT

Case 1: PC with public IP

HTTP Client

Step 4: (Optional)TCP hole punching


Client 1 Nat BP2P DNS Client (Super Server)

Nat A Client 2

HTTP Get from A:P1Outbound initialize req

SYN from B:P2 for Super Serv

HTTP redirect for B:P2

SYN from B:P2 for NAT A

SYN from A:P3 to B:P2

SYN-ACK

ACK

Data

Passive TCPListen

Pre-established connection

TCP connect

TCP connect

TCP NAT TraversalTCP NAT Traversal


p2pDNS Clientp2pDNS Client

Small Java application that provides both Small Java application that provides both addressing and connectivity to hostaddressing and connectivity to host

Utilizes feedback from STUN and DNS Utilizes feedback from STUN and DNS serverserver

Automatically runs in either SuperServer Automatically runs in either SuperServer of Client modeof Client mode


p2pDNS Server Tasksp2pDNS Server Tasks

Overloads standard DNS server Overloads standard DNS server e.g. e.g. bind9bind9

Assigns SuperServers to hostsAssigns SuperServers to hostsMaintains information for all online hostsMaintains information for all online hostsDNS lookup queries are handled as usualDNS lookup queries are handled as usual

e.g. by e.g. by namednamed on port 53 on port 53Overhead only on host login/logoutOverhead only on host login/logout


p2pDNS Server Tablep2pDNS Server TableUsernameUsername Unique username of a hostUnique username of a host

PasswordPassword Required for authentication of the hostRequired for authentication of the host

HostnameHostname Permanent FQDN (e.g. john.p2p.net)Permanent FQDN (e.g. john.p2p.net)

SuperServerSuperServer True/FalseTrue/False

Public IPPublic IP Host’s public IP address (as reported by STUN)Host’s public IP address (as reported by STUN)

Private IPPrivate IP Host’s private IP address (as reported by STUN)Host’s private IP address (as reported by STUN)

NAT typeNAT type Based on STUN infoBased on STUN info

LoadLoad # hosts connected to this SuperServer# hosts connected to this SuperServer

ISPISP Internet Service providerInternet Service provider

LatitudeLatitude Information for SuperServer election using Information for SuperServer election using GeolocationGeolocationLongitudeLongitude

SS1SS1 IP addresses of primary and secondary IP addresses of primary and secondary SuperServerSuperServerSS2SS2


Host logon processHost logon process

1.1. Host contacts DNS server on known IP Host contacts DNS server on known IP address and portaddress and port

2.2. Host sends logon request to the DNS Host sends logon request to the DNS serverserver

3.3. Based on information from the logon Based on information from the logon message, the DNS server authorizes the message, the DNS server authorizes the host and if needed, provides the IP host and if needed, provides the IP address of a SuperServeraddress of a SuperServer

4.4. DNS server updates lookup tableDNS server updates lookup table


Partial DecentralizationPartial Decentralization

P2PDNS

SS

SS

SS

SS

SS

SS

SS

CC

C

C C C

C

C

CCC

C

CC

C

CC

C

CC

C


Super-server electionSuper-server election

LoadLoadBandwidthBandwidthLatencyLatency# of clients logged on# of clients logged on

Geographical distance Geographical distance (ip2location.com database)(ip2location.com database)

Physical distancePhysical distance ISPISP

AvailabilityAvailability


Geolocational electionGeolocational election

0,0

0,0

0,0

0,0

-180,180

180,-180-180,-180

180,180

d1

d2


Experimental setupExperimental setup

p2pDNS serverp2pDNS serverClient behind NAT (alex.p2p.net)Client behind NAT (alex.p2p.net)Super Server / client (justin.p2p.net)Super Server / client (justin.p2p.net)Multi threaded HTTP clientMulti threaded HTTP client


Relay OverheadRelay Overhead

Response Latency

0

100

200

300

400

500

600

700

50 100 150 200 250 300 350 400 450 500

Requests/sec

Lat

ency

(m

sec)

Latency (with relaying)

Latency (direct connection)


AchievementsAchievements

p2pDNS registration and updatesp2pDNS registration and updatesServes any HTTP server with any http Serves any HTTP server with any http

clientclientSymmetric NAT traversal through super Symmetric NAT traversal through super

server relaysserver relaysCommon case TCP traversal through NAT Common case TCP traversal through NAT

hole punchinghole punchingStudy of geolocational server electionStudy of geolocational server election


Key IssuesKey Issues

SuperServer failover and fast recoverySuperServer failover and fast recoveryFast DNS cache updatesFast DNS cache updatesEffect of low TTL on DNS server loadEffect of low TTL on DNS server loadTCP traversal through various NAT’sTCP traversal through various NAT’sSecuritySecurity


ConclusionConclusion

It works !It works ! TCP NAT hole punching is hard to synchronize TCP NAT hole punching is hard to synchronize

but achievable in common casesbut achievable in common cases Needs moderate central infrastructureNeeds moderate central infrastructure

Future WorkFuture Work Scalability needs to be testedScalability needs to be tested Failover and recoveryFailover and recovery More De-centralizationMore De-centralization Extend p2pDNS services past HTTPExtend p2pDNS services past HTTP

Documents

CSE 222a Final Project - UCSD Spring 2007 p2p DNS addressing Presented By- Anup Tapadia Alexander Loukissas Justin Wu