Analysis of DNS principles and resolution process (image and text)

Most network communication is based on TCP/IP, while TCP/IP is based on IP addresses. Therefore, when a computer communicates over the network, it can only identify IP addresses such as "202.96.134.133, but cannot recognize the domain name. We cannot remember websites with more than 10 IP addresses. Therefore, when we visit a website, we enter a domain name in the address bar of a browser to see the desired page, this is because a computer named "DNS server" automatically translates our domain name into an IP address and calls out the webpage corresponding to the IP address.

What is DNS?
Domain Name System (DNS) is an English abbreviation of "Domain Name System". It is a computer and network service naming System organized into a Domain hierarchy. It is used for TCP/IP networks, it provides services to convert host names and domain names to IP addresses. DNS is such a "translator", and its basic working principle can be expressed.

DNS domain name
As a hierarchical and distributed database, the domain name system contains various types of data, including host names and domain names. The name in the DNS database forms a layered tree structure called the domain namespace. The domain name contains a single tag separator, for example, im.qq.com.
The fully qualified domain name (FQDN) uniquely identifies the host location in the DNS Hierarchy Tree and separates the names of the hosts referenced from the root using the specified path midpoint. The display and host are called examples of the qq.com DNS tree in im. The FQDN of the host is im.qq.com.
DNS domain name hierarchy

How DNS domain name space is organized
For details about the five categories used to describe the DNS domain name in the functional namespace, see the following table and examples with each name type.

DNS and Internet Domain
The Internet domain name system is maintained and allocated by the name registry to top-level domains of the organization and country/region for Internet management. These domain names comply with international standards of 3166. Many of the existing abbreviations are reserved for use in the Organization, and the abbreviations for countries/regions with two or three letters are shown in the following table. Some common DNS domain names are called as follows:

Resource Record
Resource Records (RR) contained in the DNS database ). Each RR identifies a specific resource in the database. We often use records such as SOA, NS, and A when creating a dns server. We use MX and CNAME records when maintaining the DNS server.
For common RR information, see:

Dns Service Process
When the DNS client needs to query the name used in the program, it will query the local DNS server to resolve the name. Each query message sent by the client includes three pieces of information to specify the question to be answered by the server.
● The specified DNS domain name is a fully qualified domain name (FQDN ).
● The specified Query type, which can specify resource records based on the type or be a special type of query operation.
● The specified category of the DNS domain name.
For a DNS server, it should always be specified as the Internet type. For example, the specified name can be a computer's fully qualified domain name, such as im.qq.com, and the specified Query type is used to search for address resource records using this name.
DNS queries are parsed in different ways. Sometimes, the client can use the cache information obtained from the previous query to locally respond to the query. The DNS server can use its own resource record information cache to respond to queries, or it can represent a request client to query or contact other DNS servers to completely resolve the name, then, the response is returned to the client. This process is called recursion.
In addition, the client can also try to contact another DNS server to resolve the name. If the client does this, it uses independent and additional queries based on server responses. This process is called iteration, that is, interactive queries between DNS servers are iterative queries.
Shows the DNS query process.

1. Enter the www.qq.com domain name in the browser. The operating system will first check whether the local hosts file has this URL ing relationship. If so, it will first call this IP address ing to complete domain name resolution.

2. If there is no hosting for this domain name in hosts, search for the local DNS parser cache and check whether there is this URL ing relationship. If yes, return directly to complete domain name resolution.

3. If there is no URL ing between the hosts and the local DNS parser cache, the preferred DNS server set in the TCP/IP parameter will be found first. Here we call it the local DNS server, when the server receives the query, if the domain name to be queried is included in the local configuration area resource, the resolution result is returned to the client to complete domain name resolution, which is authoritative.

4. If the domain name to be queried is not resolved by the local DNS server, but the server has cached the URL ing, the IP address ing is called to complete domain name resolution, this resolution is not authoritative.

5. If the file and cache resolution in the local region of the local DNS server are invalid, query based on the settings of the local DNS server (whether to set the forwarder). If the forwarding mode is not used, the local DNS sends the request to 13 root DNS servers. After receiving the request, the root DNS server determines the domain name (. com) who is responsible for authorization management, and will return an IP address responsible for the top-level domain name server. After receiving the IP address information, the local DNS server will contact the server responsible for the. com domain. After receiving the request, the server in charge of the. com domain finds a second-level DNS server address (qq.com) Managing the. com domain to the local DNS server if it cannot be resolved by itself. When the local DNS server receives the address, it will find the qq.com Domain Server and repeat the above action to query until the host www.qq.com is found.

6. If the forwarding mode is used, the DNS server will forward the request to the upper-level DNS server for resolution. If the upper-level server cannot resolve the request, you can also find the root DNS or transfer the request to the upper-level for this loop. Whether the local DNS server uses a forward or root prompt, the result is finally returned to the local DNS server, and then the DNS server returns the result to the client.

From the client to the local DNS Server is a recursive query, and the interactive query between DNS servers is an iterative query.

Appendix:
Configure forwarding and unconfigured packet forwarding in the local DNS
I will not describe how to create a new DNS here. For more information, see my previous blog post "Install bind in Win2003 [deploy smart DNS]".
1. No forwarding is configured on the DNS server.
Install wireshark on the 192.168.145.228 server, enable it, set the data packet to UDP filter, and run the nslookup command on the 192.168.145.12 client to query www.sohu.com, the local DNS server can check several of the 13 root domains in the world and resolve them step by step until the IP address of www.sohu.com is 220.181.118.87.
After the local DNS server obtains the IP address www.sohu.com, it returns the IP address to the 192.168.145.12 client to complete the resolution.

2. Configure forwarding on the DNS server

Because the domain name www.sohu.com has been used in step 1 Verification and is cached, nslookup www.baidu.com on 192.168.145.12 on the client to avoid interference from the previous experiment. As shown in the figure, the local DNS forwards the request to the 192.168.133.10 server, the 133.10 server returns the obtained IP address to the local DNS, and then the local DNS sends the IP address to the DNS client to complete the resolution.

This article is from the "System Network O & M" blog, please be sure to keep this source http://369369.blog.51cto.com/319630/812889