A, DNS concepts
1, DNS Introduction
DNS (Domain Name System, DNS), a distributed database as another map names and IP addresses on the Internet, enable users to more easily access the Internet, without having to remember the IP number of strings can be directly read by a machine. By its host name, the host name corresponding to the finally obtained IP address is called a domain name resolution process (or host name resolution). Use port 53 TCP and UDP
2, DNS domain name space
DNS is a distributed, hierarchical management structure hostname, configure DNS server addresses, host does not need to know the corresponding ip address can access the Internet in the form of a host name. DNS root file system are the same as with the inverted tree-like shape, is the top-most
root server
, responsible for managing top-level domain, top-level domains like .com, .cn, .net, .edu, and so on, in the following
top domain name server
is responsible for the secondary domain name corresponds. As .baidu.com, .qq.com the like, followed by
secondary domain name server
is responsible for parsing the host name corresponding to the domain name resolution, or three. Third-level domains such as, .game.qq.com, www.qq.com and so on, and so on.
In Baidu (www.baidu.com) and Baidu Bar (tieba.baidu.com) exemplified
>>> domain: whether www.baidu.com or tieba.baidu.com, their domain names are baidu.com, strictly speaking, "baidu.com.". This is a sub-domain under com domain Baidu purchased.
>>> Host Name: For www.baidu.com, the host name is www, for tieba.baidu.com, the host name is tieba. In fact, strictly speaking, www.baidu.com and tieba.baidu.com is the host name, host of the next they are baidu.com domain. The next field can be defined many hosts, simply configure its IP address and host name to the corresponding host.
>>> FQDN (Full Qulified Domain Name): the fully qualified domain name, refers to a host name for all domains, including the root domain. FQDN host name can be said to be a complete representation, it shows exactly where the host logically.
3, layered authorized domain
Domain is authorized from top to bottom, each layer is only responsible for its own lower Territory, under the responsibility of not lower. For example, the root domain to the top-level domain authorization, top-level domains to the general domain authorized, but not to the general domain root domain authorization. And reality are not the same administration, authorization and management domain will not leapfrog down because it did not know at the lower level of the domain name exists.
4, DNS query process
Two query process: recursive queries, iterative query
>>> recursive queries: Host First seek the root domain, top-level domain root domain inquiry down (com), top-level domain continue to ask the downward second-level domain (baidu), the secondary domain name server parse the file is saved in the forward (.) (domain name> ip), a record file is recorded (the mapping between domain name and IP), and therefore secondary domain name server can query directly to this domain ( www.baidu.com .) ip address. Followed by the domain name back to the two top-level domain, it returns to the top-level domain root domain, root domain, and then returned to the host.
>>> iterative query: host first find the root domain, top-level domain root domain (com) server address is returned to the host, access to top-level domain, top-level domains return second-level domain (baidu) server address, the host continues to visit (.) second-level domain, secondary domain name server returns the ip address based on positive solutions file.
The actual query process analysis
1, the local host queries the local host file to see if there is correspondence between the host and ip www.baidu.com, and if so, give directly use; if not then the second step;
2, at this time the machine will be designated dns server (assumed as NS1) initiates query request. NS1 after receiving a request from the client, will be timely to query cache record on NS1 , to see if there is a resolution records baidu.com, if the direct feedback to the client, if not, then the third step;
3, NS1 this time will take the initiative to root name server initiates the request query WWW.baidu.com. But the root server only records information about .com, and at this time will tell NS1: I did not record this WWW.baidu.com, you can go to the whereabouts .com queries and inform NS1.com address;
4, so NS1, initiated according to the .com address of the root server to inform the whereabouts of inquiry www.baidu, com's request, but only a recording .com baidu.com, there is no www host record, you inform server NS1: I do not have www .baidu.com specific resolution records, but I know baidu.com address, you can go to his queries and inform address
5, followed by NS1 initiates query request to www.baidu.com baidu.com, then go baidu.com query the local records, to find the corresponding IP address of the www host 123.125.115.110, so will the www.baidu.co IP address back to NS1;
6, NS1 after receiving concrete results, the results will be stored in the first local DNS cache, to facilitate the same resolution request if the next fast response, then the result back to the client directly, complete resolution.
There are two phases in www.baidu.com resolution process: 1, the client requests will be resolved simply wait for the results on the line after sending to NS1; 2, NS1 after receiving the client's request, fully responsible for finding www.baidu. com, each process is to find NS1 to the request. Find a way these two processes are distinctly different, the former is what we call a recursive query , which is iterative query .
5, correct / anti-solution area
Positive Solutions: resolve host names to ip
Correct area pl.com
Anti Solution: ip to hostname resolution
Anti solution area 1.1.10.in-addr.arpa
6, the type of resource record (RR TYPE)
>>>
the SOA:
Start of Authority, the start of authority.
format
IN SOA domain dns server FQDN domain administrator email address (with @ Instead) (
Serial
Refresh
retry
The expire
negative ttl
)
serial
The first value is the serial number serial zone data files, data files each time you modify this area need to be modified so that the number values slave dns server to synchronize the zone data file
refresh
It represents the slave dns server to find a master dns server to update the data files every area
retry
When expressed slave dns server master dns server to find updated zone data files, if not contact master, then how long to wait and try again contact, the value is generally shorter than the refresh time, or retry the value indicated would be meaningless.
expire
Regional data files on representation slave dns server how long expired.
negative ttl
When looking for dns server that the client resolve, deny the length of time the cache answer
>>> NS:
storage is the dns server information about the domain. That NS record identifies which server is the DNS server
format:
pl.com IN NS dns1.pl.com.
The domain IN NS FQDN
A >>>:
address, is stored within the host name corresponding to the address ip
format:
The main desk name / FQDN IN A IP
Www.Pl.Com. IN A 172.16.200.181
Www IN A 172.16.200.181
* The above three positive solutions for the files or the inverse solution must file type
The PTR >>>:
pointer, opposite to the recording and A, is stored in the address corresponding to the hostname ip, only exists in the recording area of the data file parsed reverse (not necessarily)
format:
PTR www.pl.com the IN 181
IP last paragraph IN PTR FQDN
>>> MX:
Domain mail server
CNAME >>>:
Canonical name, represents the canonical name meaning, they represent often referred to as recording alias record.
format:
www1.pl.com IN CNAME www.pl2.com
