Network Operating Systems

INT413

Naming

Content sources: (i) Introduction to Network Operating Systems by Carol Traver and Richard T. Watson
(ii) Lecture notes of Hsung-Pin Chang, National Chung-Hsing University
Naming
• Used to share resources, to uniquely identify entities, to refer to locations in computer
systems
• An important characteristic is that a name should be resolv ed to the entity it refers to
• Name resolution allows a process to access the named entity
• To resolve names, it is necessary to implement a naming system
• Difference between naming in DSs and non-DSs
• Difference is the way naming systems are implemented
• In a DS, the implementation of a naming system is itself often distributed across
multiple machines
• Two major issues in designing naming systems in DS
• Efficiency and scalability

2
Naming
• What do we need to name?
• Processes, Services, Hosts, Objects, Groups, ...
• All of these can be named
• Binding – Discovering and associating a name to an identifier
• Port number, IP address, any other identifier

3
Names, Addresses, & Routes
• Names
• (Abstract) strings or other data types that refer to specific entities
in a system
• Addresses (identifiers)
• Identifiers of places to find the named entities
• Routes
• Sequences of names or addresses specifying steps to follow to get
to named entities
• Sometimes called paths

4
Example: Person
• Name
• Ali
• Address
• Ajman University, University Street, Ajman
• Route
• Close to Khalifa hospital and Immigration

5
Example: Computer
• Name
• eit.ajman.ac.ae
• Address
• 203.159.10.32
• Route
• Follow Internet routing (cross a number of hops) to arrive
at destination

6
Names vs. Addresses
• A name in one context may be an address (or identifier) in another
context
• “University Street” is part of the address but also represents name
of a street in Ajman
• When you hand a name to a naming system to resolve, it must look it
up to find the corresponding object or entity
• When you hand an address to a system, it already knows how to find
it
• e.g., an IP address

7
Naming Entities
• Name
• String of bits or characters used to refer an entity
• Entity
• Can be practically anything, such as resources, processes, users, mailboxes,
newsgroups, Web pages, messages, network connections etc.
• Access point
• To operate on an entity, it is necessary to access it, for which we need an access
point. An access point is yet another, but special, kind of entity in a distributed
system. The name of an access point is called an address. The address of an
access point of an entity is also simply called an address of that entity.
• An entity can offer more than one access point.

8
Access point
• As a comparison, a telephone can be viewed as an access point of a
person, whereas the telephone number corresponds to an address.
Indeed, many people nowadays have several telephone numbers,
each number corresponding to a point where they can be reached. In
a distributed system, a typical example of an access point is a host
running a specific server, with its address formed by the combination
of, for example, an IP address and port number (i.e., the server's
transport-level address).

9
Naming Entities
• Address
• Name of an access point
• An entity may offer more than one access point
• An entity may change its access point in the course of time
• Identifier: Special name with the following properties
• Each identifier refers to at most one entity
• Each entity is referred to by at most one identifier
• An identifier always refers to the same entity (it is never reused)

10
Naming Entities
• Question: Why not use the address of an entity as its name?
• Names are human-friendly and addresses are machine-readable

11
Name Servers
• A name service stores a collection of one or more naming contexts
• Binding between names of resources and attributes of resources
• Should support
• Name resolution: Lookup attributes from a given name
• Create new bindings, deleting bindings etc.
• Requirements:
• Scalability (number of names and administrative domains)
• Long lifetime
• High availability
• Fault isolation
• Tolerance of mistrust
12
Naming Systems: Taxonomy

13
Naming Systems: Taxonomy
• Flat naming
• The identifier is simply a random bit string
• It does not contain any information whatsoever on how to locate
an access point of its associated entity
• Good for machines
• Structured naming
• Composed of simple human-readable names
• Examples are file system naming and host naming on the Internet

14
Naming Systems: Taxonomy
• Attribute-based naming
• Allows an entity to be described by (attribute, value) pairs
• This allows a user to search more effectively by constraining some
of the attributes

15
Flat Naming
• Need global directory
• May be replicated
• May be partitioned
• Not (necessarily) tied to location
• But many challenges

16
Flat Naming
• All names are equivalent in namespace and must be globally unique
• Issues
• How to locate an entity, given only its identifier (access point)?
• Locating mobile entities
• Several approaches
• Broadcasting
• Forwarding pointers
• Home-based approaches
• Distributed hash tables
• Hierarchical approaches

17
Flat Naming: Forwarding pointers
• Finding objects that move
• Forwarding pointers (client stub, server
stub pairs)
• Each time an entity moves, it leaves
behind a pointer telling where it has
gone to
• Dereferencing can be made entirely
transparent to clients by simply
following the chain of pointers
• Update a client’s reference as soon
as present location has been found

18
Flat Naming: Forwarding pointers
• Finding objects that move
• Redirection

19
Flat Naming: Forwarding pointers
• Finding objects that move
• Mobile IP

20
Hierarchical Approaches to Flat Names
• A flat namespace with hierarchical administration
• Top level domain knows (or can find) all names
• Each sub-domain knows subset of names
• Local names resolved within own subset
• Other names cached as needed

21
Hierarchical Resolution of Flat Names

22
Hierarchical Resolution of Flat Names
• Caching

23
Naming versus Locating Entities
a) Direct, single level mapping between names and addresses
• Mapping needs to change each time location is changed
b) T-level mapping using identities
• Separating names from locations

24
Structured Naming
• Names organized into namespaces
• Namespaces organized into directed graph
• Leaf nodes represent named entities
• Interior nodes represent directories
• Everyone has to know root node
• Familiar Structured Naming Systems
• Unix/Linux/Windows file systems
• Domain Name System (DNS) for Internet nodes and services

25
Structured Naming

26
Namespace
• A (hierarchical) namespace can be represented as a labeled directed
graph (naming graph)
• A leaf node represents a (named) entity
• A directory node refers to other nodes; stores a (directory) table of
(edge label, node identifier) pairs
• Each node in a naming graph is considered as an entity, and has an
associated id

27
Namespace
• An abstract container or environment to group/organize unique
names within it
• Names are organized into a namespace and are unique only within
that namespace
• A collection of valid names recognized by a particular service
• Commonly structured as hierarchies to allow reuse of names in
different contexts
• Names may have an internal structure that represents their
position within the hierarchy

28
Structured Naming
• Names are really paths through the naming system
• Relative vs. Absolute
• Resolution – iterative vs. recursive
• Iterative – repeatedly contact hierarchy of nodes to resolve parts of
the name
• Recursive – contact your local namespace and let it walk the hierarchy
(and cache results)

29
Iterative Name Resolution
Problem: Want to resolve absolute pathname: root:<nl, vu, cs, ftp, pub, globe, index.html >
1. The address of the root server must be well known
2. A name resolver hands over the complete name to the root name server
3. The root server will resolve the path name as far as it can, and return the result to the client.
• the root server can resolve only the label nl, for which it will return the address of the associated name server.
4. The client passes the remaining path name (i.e., nl:<vu, cs, ftp, pub, globe, index.html >) to that name server.
5. This server can resolve only the label vu, and returns the address of the associated name server, along with
the remaining path name vu:<cs, ftp, pub, globe, index.html >.
6. The client's name resolver will then contact this next name server, which responds by resolving the label cs,
and also ftp, returning the address of the FTP server along with the path name ftp:<pub, globe, index.html >.
7. The client then contacts the FTP server, requesting it to resolve the last part of the original path name.
8. The FTP server will resolve the labels pub, globe, and index.html, and transfer the requested file (in this case
using FTP).
• (The notation #<cs> is used to indicate the address of the server responsible for handling the node referred to by <cs>.)

30
Iterative Name Resolution

31
Recursive name resolution
• Instead of returning each intermediate result back to the client’s
name resolver, each name server passes the result to the next name
server it finds
• Puts a higher performance demand on each name server
• Communication costs may be reduced

32
Recursive name resolution

33
Recursive vs. Iterative name resolution

34
Attribute-Based Naming
• Refers to locating entities in a way that is independent of current
location from their names
• Resolving names by means of entity attributes
• Allows an entity to be described by (attribute, value) pairs
• Enables a user to search more effectively by constraining some of the
attributes
• Users must be able to search the entity by merely providing any
description about the entity

35
Attribute-Based Naming
• Each entity has certain attributes
• Each attribute says something about the entity
• Users can search by constraining the attributes
• Attribute-based naming systems are also known as directory services
• More general model is using resource description framework (RDF)
• Resources are described as triplets consisting of a subject,
predicate and an object. e.g. (person, name, Alice)

36
Directory Services
• Contains entities that have a set of associated attributes which can be
used for searching
• Each entity has certain attributes
• Each attribute says something about the entity
• In some cases, the choice of attributes can be relatively simple
• Example: Email (Attributes sender, recipient, subject)

37
Directory Services
• Designing an appropriate set of attributes is not trivial
• In most cases, attribute design has to be done manually
• Even if there is consensus on the set of attributes to use, practice
shows that setting the values consistently by a diverse group of
people is a problem by itself

38
Directory Services
• The resource descriptions are stored at a central location
• Reason: Not having the descriptions in the same place may incur a
serious performance problem
• Unlike structured naming systems, looking up values in an attribute-
based naming system essentially requires an exhaustive search
through all descriptors
• When considering performance, such a search is less of problem
within a single data store
• But separate techniques need to be applied when the data is
distributed across multiple, potentially dispersed computers
39
Resource Description Framework(RDF)
• Resources are described as triplets consisting of a subject, a
predicate, and an object
• Example
• (Person, name, Alice) -> describes a resource Person whose name
is Alice
• Each subject, predicate, or object can be a resource itself
• This means that Alice may be implemented as reference to a file
that can be subsequently retrieved

40
Directory Services
• A common approach to tackling distributed directory services is to
combine structured naming with attribute-based naming
• Also known as hierarchical directory services
• Example
• LDAP (Lightweight Directory Access Protocol)

41
LDAP
• Stands for Lightweight Directory Access Protocol
• The LDAP information model is based on entries
• The LDAP naming model defines how entries are identified and
organized. Entries are organized in a tree like structure called the
Directory Information Tree (DIT)

42
LDAP
• A directory service that consists of a number of records, usually
referred to as directory entries
• A directory entry is comparable to a resource record in DNS
• The implementation supports both single-valued attributes and
multiple-valued attributes
• The latter typically represent arrays and lists

43
LDAP
• An application protocol for accessing and maintaining distributed
directory information services
• Works over an IP network
• Directories store (attribute, value) pairs
• A database access protocol optimized for reading
• Organizes data in a tree structure
• The tree structure is adopted from the well known DNS schema
• This enables us to find and uniquely identify data

44
LDAP: Examples
A simple example of an LDAP directory entry using LDAP
naming conventions
Attribute Abbr. Value
Country C NL
Locality L Amsterdam
Organization O Vrije Universiteit
OrganizationalUnit OU Comp. Sc.
CommonName CN Main server
Mail_Servers — 137.37.20.3, 130.37.24.6, 137.37.20.10
FTP_Server — 130.37.20.20
WWW_Server — 130.37.20.20

45
LDAP: Examples

46
LDAP: Examples

47
LDAP: Terminologies
• Directory information base (DIB)
• Collection of all directory entries in an LDAP directory service
• Each record is uniquely named so that it can be looked up
• Relative distinguished names (RDN)
• A sequence of naming attributes that each record is uniquely named
• Directory information tree (DIT)
• The hierarchy of the collection of directory entries
• A naming graph in which each node represents a directory entry
• Usually partitioned across several directory service agents (DSA)
• Clients are represented by directory user agents (DUA), which are similar to a name
resolver in DNS

48
LDAP: Terminologies
• DIT (A subnet)

49
LDAP: Terminologies
• Two directory entries having host_name as RDN

50
LDAP: Approaches
• Referral

• Server Chaining

51
LDAP: Approaches (Referral)

52
LDAP: Approaches (Chaining)

53
LDAP: Client Processes
• The client may request the following operations:
• StartTLS — use the LDAPv3 Transport Layer Security (TLS) extension for a secure connection
• Bind — authenticate and specify LDAP protocol version
• Search — search for and/or retrieve directory entries
• Compare — test if a named entry contains a given attribute value
• Add a new entry
• Delete an entry
• Modify an entry
• Modify Distinguished Name (DN) — move or rename an entry
• Abandon — abort a previous request
• Extended Operation — generic operation used to define other operations
• Unbind — close the connection (not the inverse of Bind)

54
Naming Entities
• Directory
• A directory is optimized for read operations, while a database is optimized for
write and change operations
• Any data that is read many more times than it is written or modified is a good
candidate for storage in a directory
• Directories, more than databases, need to be standards-based, provide high
performance for simultaneous access, and be able to be more easily
distributed, replicated, and secured
• Active Directory
• A database system that provides authentication, directory, policy, and other
services in a Windows environment

55