1.1. DNS & CDN & HTTPDNS Principle Analysis
background:
域名系统
DNS (Domain Name System ):
As a distributed database that maps domain names and IP addresses to each other, DNS can quickly resolve domain names to corresponding IP addresses, so that we can easily access any host (or website) on the Internet.
CDN(Content Delivery Network):
The basic idea is to avoid bottlenecks and links that may affect the speed and stability of data transmission on the Internet as much as possible, so that content transmission is faster and more stable.
HTTPDNS
: use HTTP requests to simulate DNS requests
1.1.1. 0x00 DNS principle
DNS server type:
- Internal DNS: It is located in the intranet, provides intranet DNS services, and also has Internet DNS caching and forwarding capabilities
- External DNS: located in the Internet, providing Internet DNS services (including DNS caching and forwarding)
- Primary DNS: Provides DNS services (including queries, cache writes)
- Secondary DNS: only provides DNS query service, and synchronizes the database with the primary DNS
- Cache-only DNS: It does not have DNS resolution capabilities, but has a DNS cache database
- Forward DNS: With forwarding feature, it can forward DNS requests to other DNS servers
- Authoritative DNS: There is a mapping corresponding to the DNS request in its own database
- Non-authoritative DNS: There is no corresponding mapping, but there is a corresponding cached query result
本地
DNS:
i.e. in the host's DNS settings
域名组成:
[host name].[second-level domain name].[top-level domain name], so you can 树形结构
find a path from the root to the leaf according to the domain name, the leaf node is the authoritative DNS
Tree DNS structure.PNG
Function of DNS server:
- Authoritative DNS, with its own resolution capabilities
- Forward DNS
- Cache DNS
In a local area network composed of routers, the local DNS is set to obtain automatically (router), the router DNS is set to (DNS provided by ISP), and the DNS request-response situation when the host accesses through a browser :http://www.jianshu.com
dns-process.png
The text description of the above image is as follows:
192.168.110.252
Access in browserhttp://www.jianshu.com
192.168.110.252
Check whether thewww.jianshu.com
corresponding IP exists in the local hosts file- If not,
192.168.110.252
continue to check whether thewww.jianshu.com
corresponding IP exists in the local DNS cache - If not,
192.168.110.252
initiate a DNS query request to the local DNS server - After the router receives the DNS query request, it checks the router DNS cache
- If not, the router sends
202.202.202.202
a DNS query request to the local DSN server (ISP DNS) from the external network address. - After receiving the DNS query request, the ISP DNS finds that it is not an authoritative DNS and has no corresponding cached data, so it forwards the request to
其他
DNS
服务器
:happy: 其他
DNS
服务器
After receiving the request, I also found that I was not an authoritative DNS and had no corresponding cached data, so I started to perform DNS iterative query: send the request to根域名服务器
根域名服务器
After receiving the request, send the顶级域名服务器
(.com) IP to其他
DNS
服务器
10. 其他
DNS
服务器
Send DNS query requests to 顶级域名服务器
11. 顶级域名服务器
After receiving the request, send the 二级域名服务器
(jianshu.com) IP to 其他
DNS
服务器
12. 其他域名服务器
Send DNS query requests to 二级域名服务器
13. 二级域名服务器
After receiving the request, I found myself to be the authoritative DNS server, so I sent the www.jianshu.com
mapped IP 120.132.92.21
to 其他域名服务器
14. 其他域名服务器
After receiving the parsing result, it will be 120.132.92.21
passed back and forth layer by layer, until finally 192.168.110.252
15. 192.168.110.252
Receive the www.jianshu.com
parsing result 120.132.92.21
, www.jianshu.com
establish a TCP connection with the IP, and then initiate an HTTP request for the homepage content
1.1.2. 0x01 DNS Protocol Structure
For details, see: Analyze DNS protocol with Wireshark
wireshark-dns.PNG
wireshark-cname.PNG
According to the above wireshark analysis results, it can be seen that the DNS server does not necessarily return an IP. When the domain name is an alias in the DNS request, the DNS server will return its A record;
As shown in the figure above cdn-qn0.jianshu.io
, the domain name resolution returns the CNAME type result cname iduvrz0.qiniudns.com
, which indicates that it cdn-qn0.jianshu.io
is an alias, and its cname points (A record) is iduvrz0.qiniudns.com
Because the A record is mapped to the IP, the host initiates a iduvrz0.qiniudns.com
DNS request to the DNS server again
1.1.3. 0x02 DNS Round Robin and CDN
DNS round robin: When the authoritative DNS finds that a domain name is mapped to multiple IPs, it will use IP round robin to evenly distribute the IPs to multiple DNS requests, so as to achieve the effect of load balancing
CDN : Due to the even distribution of DNS round-robin, the distribution cannot be optimized according to the load conditions of different servers. Even if one server goes down, DNS cannot know the situation in time and allocate the IP of the server, which will cause inaccessibility; therefore , it is necessary to add a CDN layer between the authoritative DNS and the server; on the basis of the ability to schedule and allocate servers, the CDN can synchronize the operation of the server, and then adjust the scheduling strategy in a timely manner according to the situation, so as to balance the load ability is greatly improved;
CDN features:
- Scheduling and assigning hosts; load balancing, according to IP, network traffic, and assigning the closest CDN node with the most smooth network to achieve acceleration
- reverse proxy
- Static caching; caching of static resources (html, images, music, videos, etc.)
- Prevent DDOS attacks
CDN schematic:
cdn.PNG
images.jianshu.com
Point to (A record) by the cname configured in the authoritative DNS server asabc.qiniudns.com
abc.qiniudns.com
Will map with 110.110.110.110, 220.220.220.220, 330.330.330.330
three IPs in CDN DNS
It is possible to images.jianshu.com
accelerate the domain name through CDN
For more CDN knowledge, see: CDN knowledge
1.1.4. 0x03 HTTPDNS
In order to prevent DNS hijacking in the traditional DNS resolution process, the DNS cache version is too old, and the user's location cannot be accurately located due to the forwarding function of the DNS server, so HTTPDNS
为主,传统
DNS
为辅
the mechanism used is used to achieve fast, real-time and accurate DNS resolution, So as to provide users with a fast, safe and stable, up-to-date website access experience