The core idea of this lesson occurs in the unplugged activity that kicks off the lesson, in which students try to keep track of IP addresses that had been randomly assigned to each student in the class, while at the same time the teacher occasionally changes students' addresses. This leads to identifying the need for an authoritative system for name-to-address mappings, known as the Domain Name System or DNS. Students will then briefly experiment with a DNS protocol in the Getting Started section. The activity is similar, in that you will have to grapple with IP addresses changing in real time and use the built-in DNS protocol to resolve the issues. The lesson ends with you doing some rapid research about DNS and some of its vulnerabilities, particularly what are known as Denial of Service Attacks.
Students will be able to:
The basic purpose of this lesson is to learn in kinesthetic and interactive ways some of the challenges solved, and created by, DNS. At its core, the DNS is "simply" a hierarchical system of computers and databases, that maps IP addresses to domain names. It enables Internet users to connect human-language locations on the Internet with numeric addresses used by IP. While distributed and hierarchical, it can be treated in the abstract as a centralized registry of locations on the Internet, allowing users to quickly find locations they are looking for and register themselves so that others may find them.
To start, we will demonstrate the need for the DNS through an unplugged simulation. Each student shoukd recieve one copy of the "Names and Addresses Worksheet" and one IP address cut-out from the "IP Address Labels" resource.
Instruct students to walk around the room and try to fill out the worksheet with a list of IP addresses and names for all students in the room. They may only talk to one person at a time, but may exchange as much information with that person as they want. As students are working, you should quietly walk around the room and silently take students' IP address slips, replacing them with a new or re-used IP address slip.
After the simulation, discuss the following points as a class.
Why did I keep taking your IP addresses?
Do you think the system we just simulated is an efficient way of collecting and keeping track of the IP addresses? Are there any inefficiencies you observe? How could it be made better?
Students should understand that this is a realistic scenario -- IP addresses change all the time. This system of everybody-keep-track-of-your-own-list is highly inefficient. Every student is developing an identical list to one another. A central list would be better, and the Internet has a system for that.
In the corresponding part of the Code.org curriculum, you would use the "Internet Simulator" program in their Code Studio. We have prepared a set of alternative programs that would provide you a similar experience in the following section.
When you activate the following link, you will be taken to the page that has Quorum online IDE with the code already written in it. Find the "Run IP-noDNS" button and activate the program. This will open another tab on you browser and a dialogue box will pop up. In the edit field of this box, you are asked to enter your friend's IP address. You can enter one of the following five IP addresses - 90.124, 8.71, 43.255, 9.154 or 80.211 (these are also the first 5 IP addresses from the "IP Address Labels" resource). If you mistakingly enter a wrong IP, the program will keep asking you the same question until you enter a valid address. Run the program multiple times to see how the person at the end of the connection changes almost every single time. Similar to the simulation in the "Getting Started" section, this is because there is no DNS and IP addresses are constantly changing. Here is the program "Internet Connection without DNS" (link)
When you activate the following link, you will be taken to the page that has Quorum online IDE with the code already written in it. Find the "Run IPwithDNS" button and activate the program. This will open another tab on you browser and a dialogue box will pop up. In the edit field of this box, you are asked to enter your friend's name. You can enter one of the following five names - Mary, Kit, Beth, Greg or Jane. If you mistakingly enter a wrong name, the program will keep asking you the same question until you enter a valid name. Run the program multiple times to see how each person's IP address changes constantly, yet the DNS keeps track of current IP assigned to the person. Here is the program "Internet Connection with DNS" (link)
Especially in the world of mobile devices it is very common for a device to lose an IP address and need to re-acquire one - entering a tunnel, flying on a plane, even moving from one WiFi hotspot to the next. It is true that at this point in time it's less likely that a web site with a registered domain name (like Code.org, google.com, or facebook.com) would rapidly change IP addresses, but the great thing about DNS is that even if they did, that change would be transparent to the public and you won't have to worry about it. Even so huge operations like Facebook, Twitter, etc. actually serve their sites on many hundreds (or thousands) of computers, all with different IP addresses - DNS helps manage that too, so you can just type Microsoft.com and it directs you to the right place. As an analogy, think about a time when a friend or family member changed their phone number. That affects everyone who needs to know that number and causes some annoying problems. If we had a system like DNS for phone numbers, you'd never have to concern yourself with anything but remembering the person's name. Of course, every person on earth would need to have a unique name for this to work, so it's a bit impractical to use for people. Computers, on the other hand, can be assigned any of nearly infinite names, allowing this system to work.
Watch the following video on DNS.
By this point, hopefully we all get the basic idea: the DNS is the large-scale system that translates human-readable web addresses into their numeric IP addresses so that computers can communicate. This system, however, was not designed to be secure and that has resulted in some major security incidents over time. You're now going to learn about some of them and how they work.
Find out more about DNS and DDoS attacks by researching on the following websites. Take notes on the "DNS and DDoS Research Activity Guide" resource. Students should be split into groups of 4-6 people, and each group should be assigned one article. After spending 15-20 minutes to read their article and fill out the activity guide, do a count-off to create new groups in which each member read a different article. Students should exchange information they learned with one another to fill out the Jigsaw portion on the second page of the activity guide.
Hold a class discussion, reviewing the following topics on IP and DNS systems.
Below are some points to help answer some of the discussion questions asked above.
1. A single central register of IP addresses and names (i.e. a DNS-style system) is an efficient means of translating human-readable names to IP addresses. Which of the following is NOT solved by DNS?
2. Why do computers need to periodically check the DNS for websites you have already visited?
3. Why don't we need to know the IP addresses for our favorite sites?
Check out the article below with your students. It provides a deeper look into the DNS and what one sees when communicating with the DNS from the command prompt or terminal.