What is DNS domain name resolution
We first need to understand the difference between a domain name and an IP address. The IP address is the only logical address of the computer on the Internet. The communication between different computers is realized through the IP address. Every networked computer needs to be connected and separated by the IP address.
However, since the IP address is composed of a series of confusing numbers, it is difficult for people to remember the IP addresses of all computers, so it is very difficult for us to visit different websites in our daily work and life. Based on this background, people have developed a more recognizable symbolic logo on the basis of IP addresses. This logo is composed of letters and numbers chosen by people. Compared with IP addresses, it is easier to be recognized and remembered, and gradually replaces IP addresses. The IP address has become the main entrance for Internet users to access the Internet. This symbolic identification is the domain name.
Although domain names are easier to accept and use by users, computers can only recognize IP addresses composed of pure numbers, and cannot directly read domain names. Therefore, in order to achieve the access effect, it is necessary to translate the domain name into an IP address. The DNS domain name resolution is responsible for this translation effect.
DNS domain name resolution process
When we enter www.baidu.com in the address bar of the browser, there will be nearly 10 steps in DNS resolution. This process can be roughly represented by a picture:
The whole process is roughly described as follows, where the first two steps are completed on the local computer, and the last eight steps involve the real domain name resolution server :
first step ,
The local computer will check whether there is a resolved IP address corresponding to the domain name in the browser cache, and if there is one in the cache, the resolution process will end. The browser cache domain name is also limited, not only the size of the browser cache is limited, but also the cache time is limited, usually ranging from a few minutes to several hours, the time limit for the domain name to be cached can be set through the TTL attribute. If the cache time is too long or too short, it is not good. If the time is too long, once the IP address to which the domain name is resolved changes, the domain name cached by the client cannot be resolved to the changed IP address, so that the domain name cannot be normal. Analysis, some users cannot access the website during this period of time. If the setting time is too short, it will cause the user to re-analyze the domain name every time they visit the website.
second step ,
If there is no data in the browser cache, the browser will check whether there is a DNS resolution result corresponding to the domain name in the operating system cache. In fact, the operating system also has a domain name resolution process. In Linux, it can be set through the /etc/hosts file, and in Windows, it can be set by configuring the C:\Windows\System32\drivers\etc\hosts file. Users can set any The domain name resolves to any IP address that can be accessed. For example, we can resolve a domain name to a test server during testing, so that we can test whether the business logic of the code on a separate server is correct without modifying any code. It is precisely because of this local DNS resolution procedure that a hacker may resolve a specific domain name to his designated IP address by modifying the user's domain name, resulting in the hijacking of these domain names.
third step ,
When the first two processes cannot be resolved, the "DNS server address" in our network configuration must be used. The operating system will send this domain name to the local DNS server. Each complete intranet usually has a local DNS server configured. For example, if a user accesses the Internet at school or work, the user's local DNS server must be in the school or work. They generally cache the domain name resolution results, and of course the cache time is controlled by the expiration time of the domain name. About 80% of the domain name resolution ends here, and the subsequent DNS iteration and recursion are also taken care of by the local DNS server.
Windows is configured here: Control Panel-"Network and Sharing Center-"Change Adapter Settings-"Select the target adapter, right-click and select Properties-"Internet Protocol Version 4 (TCP/IPv4)-"Configure DNS address.
Linux is set here: /etc/resolv.conf
The fourth step ,
If the local DNS server still does not hit, it will directly go to the root DNS server to request resolution.
Step five ,
The root DNS server returns a top-level DNS server address to the local DNS domain name server, which is an international top-level domain name server, such as .com, .cn, .org, etc. There are only about 13 in the world.
Step six ,
The local DNS server then sends a resolution request to the top-level DNS server obtained in the previous step.
Seventh step ,
The top-level DNS server that accepts the request looks up and returns the address of the Name Server domain name server corresponding to this domain name. This Name Server server is the server of the domain name provider of the website I want to visit. In fact, the domain name resolution task is performed by the server of the domain name provider. Finish. For example, if I want to visit www.baidu.com, and this domain name is registered from company A, then the server on company A will have relevant information about www.baidu.com.
eighth step ,
The Name Server server will query the stored domain name and IP mapping relationship table, and then return the queried domain name and IP address and other information, together with a TTL value, to the local DNS server.
Ninth step ,
Return the IP and TTL value corresponding to the domain name, the local DNS server will cache the corresponding relationship between the domain name and IP, and the cache time is controlled by the TTL value.
tenth step ,
Return the result of the analysis to the local computer, and the local computer caches it in the local system cache according to the TTL value. The domain name resolution process ends in the actual DNS resolution process, which may be more than these 10 steps. For example, the Name Server may have many levels, or there are A GTM is used for load balancing control, which may affect the domain name resolution process.
The difference between recursive query and iterative query
DNS clients and local name servers are recursive, while local name servers and other name servers are iterative.
DNS recursive name resolution : In DNS recursive name resolution, when the configured local name server cannot resolve it, the subsequent query work is performed by the local name server instead of the DNS client (centered on the "local name server"), only need The local name server only needs to return the final query result to the DNS client.
DNS iterative name resolution : (or called "iterative query") all query work is performed by the DNS client itself (centered on the "DNS client" itself). Iterative name resolution is used when one of the conditions is met:
-
When querying the local name server, if the client does not apply for recursive query in the request message, that is, the RD field in the DNS request header is not set to 1. It is equivalent to saying "you didn't ask me to do recursive query for you, of course I won't work for you".
-
The client applies for recursive query in the DNS request message (that is, the RD field is set to 1), but recursive query is disabled on the configured local name server (DNS servers generally support recursive query by default), that is, in The RA field in the header of the DNS response packet is set to 0.
domain name resolution record
It is mainly divided into A record, MX record, CNAME record, NS record and TXT record:
1. A record
A stands for Address, which is used to specify the IP address corresponding to the domain name, such as assigning item.taobao.com to 115.238.23.xxx, and assigning switch.taobao.com to 121.14.24.xxx. A record can resolve multiple domain names to one IP address, but cannot resolve one domain name to multiple IP addresses
2. MX records
Mail Exchange means that you can point the mail server under a domain name to your own Mail Server. For example, the A record IP address of the taobao.com domain name is 115.238.25.xxx. If you set the MX record to 115.238.25.xxx, that is xxx For the email routing of @taobao.com, DNS will send the email to the server where 115.238.25.xxx is located, and it will still be resolved to the IP address of the A record if it is requested through the web normally
3. CNAME record
Canonical Name, that is, alias resolution. The so-called alias resolution means that one or more aliases can be set for a domain name, such as resolving aaa.com to bbb.net and ccc.com to bbb.net, where bbb.net is aaa.com and ccc.com respectively alias of
4. NS records
Specify the DNS resolution server for a domain name, that is, the domain name is resolved by the DNS server with the specified IP address
5. TXT record
Set a description for a host name or domain name, such as setting the TXT record for ddd.net as "This is XXX's blog"