http://blog.csdn.net/crazw/article/details/8986504
Let's talk about some basic concepts of DNS:
one. root domain
It is the so-called ".". In fact, our website www.baidu.com should be www.baidu.com. has become a habit.
We know that there are 13 root domain servers, but this is a misconception.
The root domain server only has 13 IP addresses, but the number of machines is not 13. Because these IP addresses use anycast technology, we can set up mirror sites of these IPs around the world. The IP you visit is not the only one of that host.
The specific mirror distribution can refer to Wikipedia . The content of these hosts is the same
two. Domain division
The root domain is the top-level domain or first-level domain.
There are two ways of division. One is com., net., etc., which are divided according to the nature of the industry when the Internet is just emerging.
You can check the specific amount by yourself, we don't care here.
Each domain will have a domain name server, also known as an authoritative name server.
Baidu.com is a top-level domain name, while www.baidu.com is not a top-level domain name. It is a host called www in the domain of baidu.com.
After the first-level domain, there are second-level domains and third-level domains. As long as I buy a top-level domain, and I set up my own BIND server (or other software) to register it on the Internet, then I can add a few more at will. A domain (of course, the length is limited).
For example, a.www.baidu.com, in this URL, www.baidu.com has become a second-level domain instead of a host, and the host name is a.
three. domain name server
A server that can provide domain name resolution. The above record types can be A (address) record, NS record (name server), MX (mail), CNAME, etc.
(For details, please refer to the blog: Differences and connections between A records, CNAMEs, MX records, and NS records in domain name resolution )
What does the A record mean? It is to record an IP address and a host name, such as the domain test.baidu.com where my domain name server is located. We know that this is a second-level domain name, and then I have an A record in it, Record the IP of the host as a, and return it to you when found.
If I now want to query a.test.baidu.com from the domain name server baidu.com, then the top-level domain name server will find that the URL you requested is in the domain of test.baidu.com, and I have recorded this secondary level here. The IP of the NS of the domain name server test.baidu.com. I will return this address to you, and then you can check the host whose host is a.
The domain name servers in these domains are called authoritative servers and directly provide DNS query services. (These servers don't do recursion)
Four. parsing process
So how does our DNS resolve a domain name?
1. Now I have a computer that is connected to the Internet through an ISP, then the ISP will assign me a DNS server. This DNS server is not an authoritative server , but a dns resolution server equivalent to a proxy. It will help you iterate authoritative The response returned by the server, and then return the IP finally found to you.
2. Now my computer is going to send a request to this ISPDNS to query the domain name www.baidu.com, (remind by netizens: this is actually not ISPDNS, but should be the DNS in the user's own computer network settings, not It must be ISPDNS. For example, it is possible that you manually set 8.8.8.8)
3. After ISPDNS gets the request, first check whether there is this address in its cache, and return it directly if there is. The IP address obtained at this time will be marked as a response from a non- authoritative server .
4. If there is no cache, ISPDNS will read the addresses of 13 root domain name servers from the configuration file (these addresses are unchanged, directly in the BIND configuration file),
5. Then make a request like one of them.
6. After the root server gets the request, it knows that it is under the top-level domain name com., so it will return the NS records in the com domain, generally 13 host names and IPs.
7. Then ISPDNS initiates a request to one of them again. The server of the com domain finds that your request is from the domain of baidu.com. Once I find the NS of this domain, I will return it to you, and you can check it again.
(Baidu currently has 4 top-level domain name servers for baidu.com).
8. ISPDNS takes the trouble to initiate a request to the authoritative server of the domain baidu.com again. After receiving it, baidu.com checks the host with www and returns the IP to you.
9. Then ISPDNS gets it, returns it to the client, and saves this in the cache.
Let's use the nslookup tool to explain the parsing steps in detail:
From the image above we can see:
The first line of Server is: the hostname of the DNS server -- 210.32.32.1
The second line Address is: its IP address -- 210.32.32.1#53
The following Name is: parsed URL-- www.jsjzx.com
Address is: parsed IP--112.121.162.168
But there are also more complex DNS resolutions like Baidu:
You will find that Baidu has an alias with cname = www.a.shifen.com.
What kind of process is this?
Let's use the dig tool to track it (the linux system comes with it)
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
The Dig tool will iterate on the local computer and record the query process.
The first step is to obtain the 13 IPs and hostnames [bj].root-servers.net. of the root domain service area from the ISPDNS of my machine.
The second step is to send a query request for www.baidu.com to one of the root domain servers (Servername is in the parentheses in the last line), which returns the server IP (not shown) and name of the com. top-level domain,
The third step is to request a server 192.33.4.12 in the com. domain, www.baidu.com, and he returns the server IP (not shown) and name of the baidu.com domain. Baidu has four top-level domain servers.
[You can use dig @192.33.4.12 www.baidu.com to view the returned Baidu TLD server IP address].
The fourth step is to request www.baidu.com from Baidu's top-level domain server (202.108.22.220). He finds that www has an alias instead of a host, and the alias is www.a.shifen.com.
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
According to general logic, when dns requests an alias, the query will be terminated, but the request to query the alias will be re-initiated, so what should be returned here is just www.a.shifen.com.
But why return the NS of this domain of a.shifen.com?
We can try this command: dig +trace shifen.com and see what happens. . . . . . . .
You will find that in the third step, the domain name server of the top-level domain of shifen.com and the domain name server of the domain of baidu.com are the same host (ie: dns.baidu.com)!
When I got the alias www.a.shifen.com of www.baidu.com, I originally needed to go to the com domain to find the NS of the shifen.com domain, but because these two domains are on the same NS, I directly initiated to the machine,
The shifen.com domain finds that the requested www.a.shifen.com belongs to the a.shifen.com domain.
So I returned the NS and IP of a.shifen.com, and let me query www.a.shifen.com on the domain name server of a.shifen.com.
So I got an A record from one of ns X .a.shifen.com, and finally the IP address of www.baidu.com. [You can also use dig +trace www.a. shifen.com] Follow it
Use a picture to illustrate (only 13 units in the world in the third step in the picture are wrong)
The following content is the experimental data obtained by building a local dns server in a virtual machine to correct the above conclusions
In the above analysis, we tracked with the dig tool, but dig did not continue to track things after we got the cname and the IP of ns2.a.shifen.com from baidu.com.
That's why we came to the conclusion that local dns will request www.a.shifenc.om from ns2.a.shifen.com.
In fact, this idea is wrong. Build a local dns in your own local area, grab all the packages in the whole parsing process, and you will understand when you look at it.
The actual result is that although dns.baidu.com returns the server address and IP of the a.shifen.com domain,
However, local dns does not directly request www.a.shifen.com from the returned IP, but requests the com domain again, and gets the servers of the shifen.com domain (that is, the four baidu.com servers),
Then request www.a.shifen.com, return to the server of the domain of a.shifen.com, and finally request www.a.shifen.com,
Although the IP has been returned above, the result of the experiment is to go through the query of the shifen.com domain again.
The above picture is the whole process of localdns parsing www.baidu.com to capture packets. The blue one is to continue to request shifen.com from the com domain after receiving the cname and the IP address of the domain name server of the responding a.shifen.com.
This figure fully illustrates that the IP of ns2.a.shifen.com is also returned when cname is returned.
So to sum up it is
① This machine requests www.baidu.com from local dns
②local dns requests www.baidu.com from the root domain, and the root domain returns the server IP of the com. domain
③Request www.baidu.com from the com. domain, and the com. domain returns the server IP of the baidu.com domain
④Request www.baidu.com from baidu.com, and return the server IP of cname www.a.shifen.com and a.shifen.com domains
⑤ Request www.a.shifen.com from the root domain
⑥ Request www.a.shife.com from the com. domain
⑦Request to shifen.com
⑧ Request to a.shifen.com domain
⑨ Get the IP of www.a.shifen.com
⑩localdns returns the local www.baidu.com cname www.a.shifen.com and the IP of www.a.shifen.com