​

Web Servers

Lecture 6

lemurseven & storce

What happens when we visit a website?

Overview

• Domain Name System
• Web servers
• Load balancing

Domain Name System

What is DNS?

169.229.226.23

1.2.3.4

9.9.9.9

Gimme the A record of www.ocf.berkeley.edu

169.229.226.23

TTL = 300s

GET / HTTP/1.1 Host: www.ocf.berkeley.edu

HTTP/1.1 200 OK

What is actually happening?

Types of DNS records

• A: returns an IPv4 address (e.g. 74.125.142.147)
• AAAA: returns an IPv6 address (e.g. 2607:f140:0:32::70)
• CNAME: returns the canonical domain name (e.g. uptime.ocf.io points to stats.uptimerobot.com)
• MX: redirects email to a mail server (e.g. MX ocf.b.e points to aspmx.l.google.com etc.)
• NS: stores the authoritative name server for a domain (e.g. ocf.io’s NS record points to ns1.o.b.e)

More types of DNS records

• TXT: contains information about the domain (e.g. site verification, etc.)
• SRV: specifies a host and port for specific services
• SOA: stores administrative information about a domain (such as the email address of the admin, when the domain was last updated, and how long the server should wait between refreshes)

The DNS records of OCF

https://github.com/ocf/dns

death IN A 169.229.226.23

death IN AAAA 2607:f140:8801::1:23

www IN CNAME death

fallingrocks IN A 169.229.200.70

fallingrocks IN AAAA 2607:f140:0:32::70

apt IN CNAME fallingrocks

mirrors IN CNAME fallingrocks

lb IN A 169.229.226.79

lb IN AAAA 2607:f140:8801::1:79

auth IN CNAME lb

...

​

​

TTL record

• Time to live
• Tells a DNS server or the local resolver how long it should keep the record in its cache
• Longer TTLs can speed up DNS resolution but causes updates to the zone to take longer to propagate to users

DNS poisoning

169.229.226.23

1.2.3.4

9.9.9.9

Gimme the A record of www.ocf.berkeley.edu

169.229.226.23

TTL = 300s

GET / HTTP/1.1 Host: www.ocf.berkeley.edu

HTTP/1.1 200 OK

<contents of web.stanford.edu>

​

171.67.215.200

TTL = 300s

ZZZ…

DNS

furd

171.67.215.200

Mallory

OCF

More DNS poisoning

2.4.6.8

69.69.69.69

Gimme the A record of www.ocf.berkeley.edu

171.67.215.200

​

TTL = 300s

More DNS poisoning

1.2.3.4

9.9.9.9

Gimme the A record of www.ocf.berkeley.edu

169.229.226.23

TTL = 300s

a.root-servers.net

NS for edu domains

Recursive resolver

a.edu-servers.net

a.edu-servers.net

adns1.berkeley.edu

adns1.berkeley.edu

A, www.o.b.e

NS for berkeley.edu

169.229.226.23, TTL = 300s

ns.ocf.berkeley.edu

It can happen at any of these levels!

Example: Great Firewall of China

Web Servers

What do web servers do?

https://youtu.be/dQw4w9WgXcQ

<webpage content>

5.0.0.1

1.2.3.4

What do web servers do?

https://…

<content>

page assets

video metadata

How do web servers scale?

How do web servers scale?

https://youtu.be/dQw4w9WgXcQ

<webpage content>

5.0.0.1

How do web servers scale?

https://youtu.be/dQw4w9WgXcQ

<webpage content>

5.0.0.1

vertical scaling

How do web servers scale?

5.0.0.1

5.0.0.2

https://…

<content>

horizontal scaling

What do load balancers do?

traffic balancing

5.0.0.1

5.0.0.2

5.0.0.3

5.0.1.1

What do load balancers do?

5.0.1.1

5.0.0.1

5.0.0.2

5.0.0.3

What do load balancers do?

Static load balancing algorithms (round robin, IP Hash)

1

2

3

What do load balancers do?

load balancing algorithms (response time, connections, dynamic)

14ms

10ms

21ms

What do load balancers do?

healthchecks

Won’t Load Balancers be overwhelmed?

5.0.1.1

5.0.0.1

5.0.0.2

5.0.0.3