Explain the DNS protocol in detail!

News 2023-07-11 23:19:46 views: null

foreword

If you want to communicate between different computers, you need to know the IP of the other party, but why do we seldom use IP, but domain names? In fact, it is mainly for the convenience of reading. Let us remember a string of ip is not as convenient as memorizing the domain name. When we access the domain name, there is actually a DNS server that helps us complete the resolution from the domain name to the IP.

1. What is dns

 

What is dns? Is it possible to understand the meaning of dns well? The Domain Name System uses a hierarchical structure similar to a directory tree. The domain name server is the server side in the client/server mode, and it mainly has two forms: main server and forwarding server. The process of mapping a domain name to an IP address is called "domain name resolution." There is a one-to-one (or many-to-one) relationship between domain names and IP addresses on the Internet. Although domain names are easy for people to remember, machines can only recognize each other’s IP addresses. The conversion work between them is called domain name resolution. The resolution needs to be completed by a dedicated domain name resolution server, and DNS is the server for domain name resolution. DNS naming is used in TCP/IP networks such as the Internet to look up computers and services by user-friendly names. When a user enters a DNS name into an application, the DNS service can resolve the name into other information associated with it, such as an IP address. Because, the URL you enter when surfing the Internet is resolved through the domain name resolution system to find the corresponding IP address, so that you can surf the Internet. In fact, the final point of the domain name is the IP. Everyone knows that when we surf the Internet, we usually enter a URL, which is actually a domain name, and computers on our computer network can only use IP addresses to identify each other. The domain name (url address) is just equivalent to the house number, which is only added for the convenience of memory.

2. Domain name

1. Domain name structure

Before understanding the DNS server, you need to understand the domain name space structure on the Internet, as shown in the following figure:

2. Name server

 

It is a server that converts domain names and corresponding IP addresses . That is to say, the domain name server is used to manage the domain name, usually composed of multiple DNS servers to resolve the domain name, pointing to the server where your website program is placed. 

3. Domain name resolution

 

1. First, the location of the client is a computer or mobile phone. After opening the browser, such as entering the domain name of http://www.zdns.cn , it first initiates a DNS resolution request by the browser. If the local cache server If no result is found, it will first query the root server, which records the location of the server where each top-level domain is located. When requesting http://www.zdns.cn from the root , the root server will return The location information of the .cn server.

2. After the recursive server gets the address of the authoritative server of .cn, it will ask the authoritative server of cn whether it knows the location of http://www.zdns.cn . At this time, the cn authoritative server searches and returns the address of the http://zdns.cn server.

3. Continue to query the address from the authoritative server of http://zdns.cn , and the server of http://zdns.cn gives the address: 202.173.11.10

4. Finally, the http link can be made and the website can be accessed smoothly.

5. It is added here that once the recursive server gets the resolution record, it will cache it locally. If the client requests the same domain name from the local recursive domain name server next time, it will not check layer by layer. , because there is already a cache in the local server, at this time, just return the A record of http://www.zdns.cn to the client directly.

3. Query method

1. Local query

The host saves recent DNS query records, which mainly contain two pieces of content. One is the hosts file, which is saved in the system disk of the client computer, and the file path is Windows/system32/drivers/etc/. The other is the client's high-speed cache, which can be checked with ipconfig/displaydns.

If the host initiates a DNS query, first query the hosts file, and then query the DNS cache. If the hosts file is tampered with by malicious programs, the Internet will be abnormal, and even bad web pages will be opened.

2. Direct inquiry

The local DNS server is 192.168.16.1, which is a home router, and there will be no corresponding DNS records in the local DNS cache, because it is not responsible for resolving http://qq.com . Therefore, the local DNS server must forward the query request to the forwarder. This forwarder is the DNS address set in the WAN port of the home router, and there are usually two master and backup.

3. Iterative query

The transponder successively queries the root server, .com domain server, and http://qq.com domain server according to the level of the domain name, and finally gets an authorization response. This query process is an iterative query.

4. Recursive query

The forwarder returns the corresponding query result to the local DNS server 192.168.16.1, and the local DNS server returns the query result to the host, and finally obtains the ns record of http://qq.com .

4. Query process

The process of resolving a domain name is as follows:

  • First search the DNS cache of the browser, and maintain a correspondence table between domain names and IP addresses in the cache
  • If there is no hit, continue to search the DNS cache of the operating system
  • If there is still no hit, the operating system will send the domain name to the local domain name server, and the local domain name server will recursively query its own DNS cache, and return the result if the search is successful
  • If the DNS cache of the local domain name server is not hit, the local domain name server will perform an iterative query to the upper-level domain name server
    • First, the local domain name server initiates a request to the root domain name server, and the root domain name server returns the address of the top-level domain name server to the local server
    • After the local domain name server gets the address of the top-level domain name server, it initiates a request to obtain the address of the authoritative domain name server
    • The local domain name server initiates a request to it according to the address of the authoritative domain name server, and finally obtains the IP address corresponding to the domain name
  • The local domain name server returns the obtained IP address to the operating system, and at the same time caches the IP address itself
  • The operating system returns the IP address to the browser, and at the same time caches the IP address itself.
  • So far, the browser has obtained the IP address corresponding to the domain name, and cached the IP address.

1. Check whether the IP address corresponding to the domain name has been cached in the browser cache

After a user browses a website through a browser, the browser will automatically cache the address corresponding to the domain name of the website. When the user visits again, the browser will look up the IP address corresponding to the domain name from the cache, because the cache is not only a There is a size limit, and there is also a time limit (the time for the domain name to be cached is set through attributes), so there are cases where the corresponding domain name cannot be found. When the browser finds the address corresponding to the domain name of the website from the cache, the entire parsing process ends, and if it is not found, it will proceed to the next step. For the cache time problem, it is not appropriate to set too long a cache time. If the time is too long, if the corresponding domain name changes, users will not be able to access the website normally for a period of time. If it is too short, it will cause frequent resolution of domain names.

2. If the IP is not found in the browser cache, it will continue to check whether the local system has cached the IP

If the first step does not complete the domain name resolution process, the browser will go to the system cache to find out whether the system has cached the address corresponding to the domain name, which can also be understood as the system itself has the basic ability to resolve domain names. In the system, you can manually bind the domain name to a certain location by setting a file, and the file location is . For ordinary users, it is not recommended to manually bind the domain name and domain name. For developers, by binding the domain name and domain name, you can easily switch environments, and you can switch from the test environment to the development environment, which is convenient for development and testing. In the system, the hacker often modifies the files of his computer, and binds the domain names frequently accessed by users to the one he specifies, thereby realizing local resolution and causing these domain names to be hijacked. In or in the system, the file is in, and the same purpose can be achieved by modifying the file.

The first two steps are completed on the local machine, so they are not shown in the above example diagram. From the third step onwards, the domain name resolution request is being initiated to the remote DNS server.

3. Initiate a domain name resolution request to the local domain name resolution service system

If the domain name resolution cannot be completed on this machine, then the system can only request the local domain name resolution service system to resolve. In the computer room of the campus, if you are connected to the network of China Telecom, China Mobile or China Unicom, then the local domain name resolution server is in the local area, and the service is provided by the respective operators. For the address of the local server, the system can use the command to view it. Under the and system, directly use the command to view the service address. Generally, most of the domain name resolution results are cached. Of course, the cache time is also controlled by the domain name expiration time. Most of the resolution work is almost over here, and it is responsible for most of the resolution work.

4. Initiate a domain name resolution request to the root domain name resolution server

If the local domain name resolver has not completed the resolution, the local domain name resolution server will initiate a resolution request to the root domain name server.

5. The root domain name server returns the gTLD domain name resolution server address

The local domain name resolution initiates a resolution request to the root domain name server, and the root domain name server returns the address of the generic top-level domain (GTLD) of the searched domain.

6. Initiate a resolution request to the gTLD server

The local domain name resolution server initiates a request to the gTLD server.

7. The gTLD server receives the request and returns to the Name Server server

The server receives the request initiated by the local domain name server, and finds the domain name server corresponding to the domain name according to the domain name that needs to be resolved. Usually, this server is the domain name server you registered, then the server of the service provider of the domain name you registered will undertake The task of domain name resolution.

8. The Name Server server returns the IP address to the local server

The server searches for the address corresponding to the domain name, and returns the address together with the value to the local domain name server.

9. The local domain name server caches the resolution results

The local domain name server caches the resolved results, and the cache time is controlled by time.

10. Return the analysis result to the user

The analysis result will be directly returned to the user, and the user system will cache the address, and the cache time will be controlled by the source. At this point, the analysis process is over.

Here is a brief introduction and analysis of the steps of parsing, and the specific parsing process of a domain name will be parsed in the form of the command line later.

5. Domain name caching

When the domain name server resolves, use the cache to save IPthe mapping between the domain name and the address

The records in the computer DNSare also divided into two cache methods:

  • Browser cache: After the browser obtains the actual IP address of the website domain name, it will cache it to reduce the loss of network requests
  • Operating system cache: The operating system cache is actually a file configured by the user  hosts .

Guess you like

Origin blog.csdn.net/weixin_74021557/article/details/131547728
Recommended
TIOBE May list: Fortran “resurrected” into Top 10
GCC 14.1 released
Ranking
B. Little Girl and Game【1300 / 回文字符串 博弈论】
CIKERS Shane 20190613
"Javascript advanced programming" study notes - the constructor and prototype
beeline hiveserver2 start
springboot - Automatically backup mysql data every day
Data Storage Full Solution--Detailed Persistence Technology
Detailed Explanation of Spring Web MVC DispatcherServlet—Official Original
TCP / IP protocol layers structure and function
Command type literal pos: unknown; Fallback type literal pos: unknown] with root cause
Design of multifunctional curtain controller with indoor anti-theft alarm
Daily
More
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)

Code World

© 2018 codetd.com