当前位置:网站首页>DNS domain name resolution
DNS domain name resolution
2022-07-02 02:05:00 【Hadron's blog】
One , Domain name service
1, What is the DNS
DNS DNS is a core service of the Internet , It is used to IP A distributed database with address mapping , Make it easier for people to access the Internet , Instead of remembering what can be read directly by the machine IP Number string . The global 13 platform DNS Root server distribution : The United States VeriSign company 2 platform Network management organization IANA(Internet Assigned Number Authority) 1 platform European network management organization RIPE-NCC(Resource IP Europeens Network Coordination Centre) 1 platform The United States PSINet company 1 platform The United States ISI(Information Sciences Institute) 1 platform The United States ISC(Internet Software Consortium) 1 platform University of Maryland (University of Maryland) 1 platform NASA (NASA) 1 platform Us department of defense 1 platform U.S. Army Research Institute 1 platform The Norwegian NORDUnet 1 platform Japan WIDE(Widely Integrated Distributed Environments) Research plan 1 platform “ All over the world 13 platform ( this 13 The name of the root DNS server is “A” to “M”),1 Primary root servers in the United States . rest 12 Secondary root servers , among 9 One in America , The European 2 individual , Located in the UK and Sweden , Asia 1 In Japan
2,DNS The role of
Forward analysis : Search for the corresponding IP Address Reverse DNS : according to IP Address to find the corresponding domain name ( Anti spam verification )
3,DNS Protocol and port number used
DNS The default port of is 53, Ports are divided into TCP and UDPTCP For area transfer , Mostly used for master-slave synchronization
In a district DNS The server reads the data file of this area DNS Data and information , And auxiliary DNS The server is from the master of the zone DNS The server reads the DNS Data and information .
UDP Used to do DNS analysis
domain name : Usually a fully qualified domain name (FQDN) identification .FQDN Full name Fully Qualified Domain Name , It can accurately express its relative to DNS The location of the root of the domain tree , That is to say, node to DNS The complete expression of tree roots , Reverse writing from node to root , And use “.” Separate , about DNS Domain google Come on , Its fully official domain name (FQDN) by google.com. for example ,google by com A subdomain of a domain , Its expression is google.com, and www by google A subdomain in a domain , have access to www.google.com. Express .
4, Domain name composition
1 http://www.sina.com.cn./
2 http:// host . Subdomain . The secondary domain . Top-level domain Root region /
- 1.
- 2.
5,DNS Domain name resolution process
Forward analysis :FQDN--------IP( One to many )------ Forward parsing is generally used Reverse DNS :IP------------FQDN FQDN:(Fully Qualified Domain Name) Fully qualified domain name : Name with both host name and domain name . From the information contained in the fully qualified domain name, we can see the location of the host in the domain name tree .
1. Forward parsing process :
1) First query the local cache records ; 2) Inquire about hosts file ; 3) Inquire about dns Domain name server , hand dns Domain name server processing 4) This dns The server may be a local domain name server , There is also a cache , If there is a direct return result , If there is no , Go to the next step 【 client --- Local dns The server : It belongs to recursive query 】
5) Help the root domain server , The root domain server returns the top-level domain server that may know the result , Let him find the top-level domain server 6) Help the top-level domain server , The top-level domain server returns the secondary domain server that may know the result , Let him find the secondary domain server 7) Turn to the secondary domain server , The secondary domain server found that it is my host , Find out IP The address is returned to the local domain name server 8) The local domain name server logs the results to the cache , Then put the domain name and IP The corresponding relationship is returned to the client 【 Local dns The server ---- Extranet : It belongs to iterative query 】
2. Two ways to query
1) recursive query
DNS The server received a client request , You must reply to the client with an accurate query result ; if DNS The server does not store queries locally DNS Information , The server will ask other servers , And return the query results to the client 【 After the client sends the request , Just wait for the result , The specific process in the middle is left to the server 】
2) Iterative query ( Heavy guidance )
When the client sends a query request ,DNS The server does not reply directly to the query results , Instead, tell the client another DNS Server address ; The client is here DNS The server submits the request , Loop back and forth until the result of the query is returned 【 The client's request needs to be queried one by one to get the result , When the server has no results, it will only give you the address of other servers , Instead of asking for your inquiry 】
Sum up :
Recursive query , There are only two results returned : Iterative query is also called re guidance , The best query point or host address is returned .
【windows System query dns Cache command :ipconfig /displaydnswindows System cleanup dns Cache command :ipconfig /flushdnslinux clear dns Cache needs to be installed nscd Software , start-up 、 perform nscd -i hosts】
6, Domain name Architecture
1)DNS Distributed Internet parsing library
root . Root domain name DNS The server :
Located at the top of the domain name space , Usually use one “.” Express ; Responsible for root domain name
Class A DNS The server ( Top-level domain ):
Responsible for first level domain name resolution ( A type of organization or country )
.com( Business circles Enterprises ) .net( Network providers ) .edu( educational services ) .cn( Chinese national domain name ) .org( Group organizations ) .gov ( Government sector )
- 1.
second level DNS The server :
Specify a specific organization within the top-level domain , The secondary domain names under the national top-level domain are managed by the national network department ; Responsible for secondary domain name resolution
The secondary domain name set under the top-level domain name : .com.cn .net.cn .edu.cn
- 1.
subdomain DNS The server : Also known as tertiary domain name Organizations or users are free to apply for their own domain names
2) Domain name Architecture
All domain names must end with a dot :www.qq.com. www.baidu.com
Root domain name (.)
First level domain name :.cn( China ) .kr( South Korea ) .jp( Japan ) .hk( Hong Kong ).uk( The British )
Two level domain name :.com.cn( Chinese business organizations ) edu.cn( educational services ) .org.cn( uncommercially ) .net.cn( Chinese operators )
Three level domain name :sina.com.cn nb.com.cn haixi.com.cn .........
Organizational domain :.com .org .net .CC
National domain :.cn .tw( Taiwan ) .hk( Hong Kong ) .iq .ir .jp( Japan )
Reverse domain
-----------------------------------
The copyright belongs to the author : come from 51CTO The original work of the blogger's angry code , Please contact the author for permission to reprint , Otherwise, the legal liability will be investigated
DNS Domain name resolution
https://blog.51cto.com/u_15436647/4935890
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
common : 114.114.114.114 It's domestic mobile 、 Common to China Telecom and China Unicom DNS 8.8.8.8 yes GOOGLE Provided by the company DNS, The address is universal 223.5.5.5 and 223.6.6.6: Alibaba cloud DNS Nanjing, jiangsu province ( China Telecom ) The preferred DNS by :218.2.135.1 spare DNS by :61.147.37.1
Two ,DNS Server type
1) Primary domain server :
Responsible for maintaining all domain name information of a region , It's the authoritative source of all the information in a given place , Data can be modified . When building the primary domain name server , It is necessary to establish the address data file of the responsible area .
2) From the domain name server :
When the primary DNS server fails 、 When closed or overloaded , Provide domain name resolution services from the domain name server as a backup service . The resolution results provided from the domain name server are not determined by yourself , But from the main domain name server . When building a slave domain name server , You need to specify the location of the primary domain name server , So that the server can automatically synchronize the address database of the region .
3) Cache domain name server :
Only provide the caching function of domain name resolution results , The purpose is to improve the query speed and efficiency , But there is no domain name database . It obtains the results of each domain name server query from a remote server , And put it in the cache , Use it to respond to future queries for the same information . The cache domain name server is not an authoritative server , Because all the information provided is indirect . When building a cached domain name server , You must set the root domain or specify another DNS Server as the source of resolution .
4) Forward DNS :
Responsible for local query of all non local domain names . After receiving the query request, the forwarding domain name server , Find... In its cache , If it cannot be found, forward the request to the specified domain name server in turn , Until you find the result , Otherwise, the result that cannot be mapped is returned .
Improve cluster speed :host Configure the hostname in the file +IP Address
BIND The software package is as follows
bind-9.9.4-37.el7.x86_64.rpm // Provides the main procedures and related documents of domain name service .
bind-utils-9.9.4-37.el7.x86_64.rpm // Provide for the right to DNS Server test tool program , Such as nslookup etc.
bind-libs-9.9.4-37.el7.x86_64.rpm // Provides bind、bind-utils Library functions to be used .
bind-chroot-9.9.4-37.el7.x86_64.rpm // by BIND The service provides a disguised root directory ( take /var/named/chroot/ Folder As BIND Root directory of the service ), To improve security .
To configure :
install bind software package
yum install bind -y ( Network source or CD must be mounted ) or rpm -ivh The premise is to mount the CD ( System disk ISO Mirror image )
Modify the main configuration file
vim /etc/named.conf
options {
listen-on port 53 { 192.168.10.10; }; ● monitor 53 port ,ip Address uses the local where the service is provided IP, Also available any Express all
#listen-on-v6 port 53 { ::1; }; #ipv6 Lines can be commented out or deleted if they are not used
directory undefined/var/namedundefined; # The default storage location of area data file
dump- file undefined/var/named/data/cache_dump.dbundefined; # Location of domain name cache database file
statistics-file undefined/var/named/data/named stats.txtundefined; # The location of the status statistics file
memstatistics-file undefined/var/named/data/named mem stats.txtundefined; # Location of memory statistics file
allow-query { 192.168.10.0/24; 172.16.30.0/24; };● Allow to use this DNS The network segment of the resolution service , Also available any On behalf of all
}
zone undefined.undefined IN {# Forward analysis “.undefined Root area
type hint;# The type is the root region
file undefinednamed.caundefined;# The area data file is named.ca,# Recorded 13 The domain name of the root domain server and IP Address and other information
};
include undefined/etc/named. rfc1912. zonesundefined; # Contains all the configurations in the zone configuration file
Configure forward zone data file
cd /var/ named/
cp -p named.localhost ceshi.com.zone # Keep the permissions of the source file and the properties of the owner
vim /var/named/ceshi.com.zone
$TTL 1D # The lifetime of valid resolution records
@ in SOA ceshi.com. admin.ceshi.com. ( #“@undefined The symbol represents the current DNS Area name
0 ; serial # Update serial number , It can be 10 Integers within bits
1D ; refresh # Refresh time , The interval between re downloading address data
1H ; retry # Retry delay , Retry interval after download failure
1W ; expire # Failure time , If you still can't download after this time, give up #
3H) ; minimum # Invalid lifetime records for resolution ,
NS ceshi.com. # Record the current area of DNS Name of the server
A 192.168.10.10 # Recording host IP Address
IN MX 10 mail.ceshi.com. #MX Record for mail exchange , The higher the number, the lower the priority
www IN A 192.168.10.10 # Record forward resolution www.ceshi.com Corresponding IP
mail IN A 192.168.10.11 #MX Record for mail exchange , The higher the number, the lower the priority
ftp IN CNAME www #CNAME Use the alias ,ftp yes www Another name for
* IN A 192.168.10.100 # Pan domain name resolution ,“*undefined Represents any host name
Start the service , Turn off firewall
systemctl start named
systemctl stop firewalld
setenforce 0
# If the service fails to start , You can view the log file to troubleshoot errors
tail -f /var/log/messages
Add... In the domain name resolution configuration file of the client DNS Server address
vi /etc/resolv .conf
# The modification will take effect immediately
nameserver 192.168.10.10
or
vi /etc/sysconfig/network-scripts/ifcfg-ens33
# After modification, you need to restart the network card
test DNS analysis
host www.ceshi.com
nslookup www.ceshi.com
Reverse DNS
vim /etc/named.rfc1912.zones
// 192.168.10.0 The reverse is 10.168.192
zone undefined10.168.192.in-addr.arpaundefined IN {
type master;
file undefinedceshi.com.zone.localundefined; // Specify the data file for reverse parsing , It can also be the same as the forward parsing data file
allow-update { none; };
};
cd /var/named/
cp -p ceshi.com.zone ceshi.com.zone.local
$TTL 1D # The lifetime of valid resolution records , The default unit is seconds
@ IN SOA ceshi.com. admin.ceshi.com. ( #SOA Mark 、 Domain name and administrator email ,@ The variable represents the domain name
0 ; serial # Update serial number ,10 Numbers within digits , For master-slave synchronization , The value of the master server should be greater than that of the slave server, otherwise it cannot be synchronized
1D ; refresh # Refresh time
1H ; retry # Retry refresh interval
1W ; expire # Failure time , After that time, give up
3H ) ; minimum # Invalid lifetime records for resolution
NS ceshi.com.
A 192.168.10.10
100 IN PTR www.ceshi.com.
200 IN PTR mail.ceshi.com.
# 20 yes 192.168.10.10 It means
# PTR Reverse pointer function : Reverse DNS
systemctl restart named //rndc reload You can also reload the configuration file
host 192.168.10.10
// The domain name will be resolved in reverse www.ceshi.com
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
- 16.
- 17.
- 18.
- 19.
- 20.
- 21.
- 22.
- 23.
- 24.
- 25.
- 26.
- 27.
- 28.
- 29.
- 30.
- 31.
- 32.
- 33.
- 34.
- 35.
- 36.
- 37.
- 38.
- 39.
- 40.
- 41.
- 42.
- 43.
- 44.
- 45.
- 46.
- 47.
- 48.
- 49.
- 50.
- 51.
- 52.
- 53.
- 54.
- 55.
- 56.
- 57.
- 58.
- 59.
- 60.
- 61.
- 62.
- 63.
- 64.
- 65.
- 66.
- 67.
- 68.
- 69.
- 70.
- 71.
- 72.
- 73.
- 74.
- 75.
- 76.
- 77.
- 78.
- 79.
- 80.
- 81.
- 82.
- 83.
- 84.
- 85.
- 86.
- 87.
- 88.
- 89.
- 90.
- 91.
- 92.
- 93.
- 94.
- 95.
- 96.
- 97.
- 98.
- 99.
- 100.
- 101.
边栏推荐
- Word search applet design report based on cloud development +ppt+ project source code + demonstration video
- 5g/4g pole gateway_ Smart pole gateway
- Sword finger offer 62 The last remaining number in the circle
- 【C#】使用正则校验内容
- 如何用一款产品推动「品牌的惊险一跃」?
- D discard the virtual recovery method
- The difference between new and malloc
- What style of Bluetooth headset is easy to use? High quality Bluetooth headset ranking
- JPM 2021 most popular paper released (with download)
- [deep learning] Infomap face clustering facecluster
猜你喜欢
Three core problems of concurrent programming
How to execute an SQL in MySQL
Cross domain? Homology? Understand what is cross domain at once
Word search applet design report based on cloud development +ppt+ project source code + demonstration video
Design and implementation of key value storage engine based on LSM tree
mysql列转行函数指的是什么
This is the form of the K-line diagram (pithy formula)
Types of exhibition items available in the multimedia interactive exhibition hall
The concept, function, characteristics, creation and deletion of MySQL constraints
The smart Park "ZhongGuanCun No.1" subverts your understanding of the park
随机推荐
Sword finger offer 42 Maximum sum of continuous subarrays
Sword finger offer 31 Stack push in and pop-up sequence
正则表达式学习笔记
【视频】马尔可夫链原理可视化解释与R语言区制转换MRS实例|数据分享
Architecture evolution from MVC to DDD
np. Where and torch Where usage
STM32F103——两路PWM控制电机
479. Additive binary tree (interval DP on the tree)
golang---锁
5g/4g pole gateway_ Smart pole gateway
Based on configured schedule, the given trigger will never fire
Construction and maintenance of business websites [11]
RTL8189FS如何关闭Debug信息
Bash bounce shell encoding
Ks006 student achievement management system based on SSM
The role of artificial intelligence in network security
How to execute an SQL in MySQL
C language 3-7 daffodils (enhanced version)
Niuke - Huawei question bank (51~60)
Four basic strategies for migrating cloud computing workloads