Location>code7788 >text

Interviewer: can't even get DNS resolution straight, dare you say you know networking? Me: Boing boing!

Popularity:375 ℃/2024-12-18 10:02:55

I. Writing at the beginning

In the OSI seven-layer protocol model in the application layer is the closest to us, and the future development of the most used layer, in the last blog post we have learned the application layer in the HTTP protocol, in this article we come together to learn about DNS. what?DNS is not a very good understanding? Then do not quickly look down!

In fact, a few years ago and a friend to chat, at that time, he is a network line of technical managers, to me, said, now come to interview a lot of bad programming language, turn to engage in the network, the results of asking a DNS, he did not understand, on this is still good enough to do the network? I was too scared to speak, because I myself for network programming is the kind of shallow mentality, for fear that he turned back to ask me a question, haha.

II. Definition of DNS

DNS (Domain Name System) is the first important protocol used when a user accesses a Web site using a browser.DNS solves the problem of mapping domain names to IP addresses.

image




DNS is an online distributed database system that is distributed, hierarchical, and modular, and it belongs to the application layer of protocols, based on UDP transport, on port 53.

III. DNS server classes

We said above that DNS has a hierarchical structure, and this hierarchy is mainly reflected in the deployment of its servers, DNS's domain name hierarchy is a tree, from theroot name serveruntil (a time)top level domain name serverAuthoritative Domain Name Serversand then tolocal name serverAll of the DNS servers we encounter are included in these four categories.

  • Root DNS servers: is to provide IP addresses for TLD servers, there are only 13 groups of root servers in the world, there is still no root servers in our country, but later, after the application of anycasting, DNS breaks down 1089 root domain name server nodes, and there are 26 root domain name server nodes in our country.
  • Top-level domain name servers (TLD servers)Top-level domain name refers to the domain name of the suffix, like com, org, net, etc. are, different countries also have their own domain names, such as uk, ca, fr these, our country is cn. and the top-level domain name system is to provide authoritative DNS server IP address.

    image

  • Authoritative Domain Name DNS Servers: All organizations with publicly accessible hosts on the Internet must provide accessible DNS records that hold information such as domain names and IP mappings, which are stored on authoritative DNS servers.
  • local name server: Each ISP (Internet Service Provider) has a local DNS server of its own. When a host makes a DNS request, the request is sent to the local DNS server, which acts as a proxy and forwards the request into the DNS hierarchy.

So knowing the underlying server structure of DNS, how do they work together, or what mechanism is used to achieve the resolution of a domain name and response to the corresponding IP? Read on!

Fourth, the DNS resolution process

The opening starts with a picture:

image



Now suppose we use a browser to access " " IP address, then the entire resolution process of the DNS resolution system can be roughly divided into the following steps:

  1. The first step: the client sends a DNS request message to the local DNS server, which contains the domain name, if there is a corresponding record in the local DNS, directly back to the client, if not, then visit the root DNS server to continue to process the request.
  2. Step 2: The local DNS server sends a request to the root DNS server, which is the top level of the domain name system and is responsible for managing all the top-level domains (e.g., .com, .net, .org, as well as country and area codes such as .cn). The root name server returns the address of the primary name server for the queried domain (in this case, the ".cn" domain).
  3. The third step: the local DNS in the receipt of the root server to return the address, it will send a request to the cn top-level domain name servers, generally here is possible to find the corresponding domain name mapping of the IP address, but if not, it will query its own records in order to find the "." domain name servers (authoritative DNS servers) address to return.
  4. Step 4: The local DNS server has to continue to send requests to the authoritative DNS servers, and finally, the local DNS servers can send requests to the authoritative DNS servers.It has already been filed with the authoritative domain DNS, where it finds its corresponding record, and then returns the record to the local DNS;
  5. Step 5: The local dns server sends the received return address to the client and at the same time writes it to its own cache for the next query.

Points to note. The query from the requesting host to the local DNS server is recursive, the rest of the query is iterative; when the appropriate record is not found, an empty result is returned instead of a timeout message.

五、DNS报文格式

DNS message format is a structured data format used in the DNS protocol for communication between clients and servers.DNS messages are mainly divided into two types: query messages and answer messages, which have the same format.

image




DNS (Domain Name System) messages are messages transmitted between DNS clients and DNS servers during the domain name resolution process, and their message format mainly includes the following parts:

We can look at this in three parts:

message header

  • markings: A 16-bit identifier that identifies the DNS message. A random identifier is generated when the client sends a request, and the server uses the same identifier in its response so that the client can correspond the response to the request.
  • symbolize: A 16-bit flag field containing multiple flag bits to indicate information such as the type of message, opcode, response status, etc. For example, the QR bit indicates whether it is a query message (0) or a response message (1); the OPCODE bit indicates the opcode, which is usually a standard query (0), etc.
  • Number of issues: A 16-bit field specifying the number of problem records contained in the message.
  • Number of responses: A 16-bit field specifying the number of answer records contained in the message.
  • Number of authorities: A 16-bit field specifying the number of authority records included in the message.
  • Number of additional information: A 16-bit field specifying the number of additional information records included in the message.

Issue section

  • Query Name: Variable length field containing the domain name to be queried. The domain name is encoded using a special encoding method that represents the various parts of the domain name in the form of labels, with each label preceded by a byte indicating the length of that label, and ending with a byte of zeros.
  • Query Type: A 16-bit field that specifies the type of resource record to be queried, such as an A record (for host address), an NS record (for domain name server), a CNAME record (for alias), and so on.
  • query class: Usually 1, indicating the Internet class.

Answer section, authority section and additional information section

The format of these three sections is essentially the same, and each section can contain multiple resource records, each of which is formatted as follows:

  • domain name: The same format as the query name in the Questions section, usually the domain name being queried or a related domain name.
  • typology: A 16-bit field that corresponds to the type of query in the question section and indicates the type of record for this resource.
  • resemble: Usually 1, indicating the Internet class.
  • survival time: A 32-bit field, in seconds, indicating how long this resource record is valid in the cache.
  • Resource data length: A 16-bit field specifying the length of the resource data that follows.
  • Resource data: Variable length field containing specific data related to this resource record type, such as the IP address of the A record, the name of the domain name servers of the NS record, etc.

summarize

Above is the DNS domain name management system involved in the knowledge points, although many back-end programmers, almost no longer deep pursuit of DNS in the future work of the underlying principles, but the initial period, we still need to understand some of the contents of the network, after all, the enterprise transfer is more common.