DNS Domain Name System resolution

DNS (domain Name System), a distributed database of domain names and IP addresses that are mapped to each other on the Internet, makes it easier for users to access the Internet without remembering the number of IP strings that can be read directly by the machine. The process of obtaining the IP address of the host name through the hostname is called Domain name resolution (or hostname resolution). The DNS protocol runs on top of the UDP protocol, using the port number 53. RFC 2181 has a canonical description of DNS in RFC 2136, a description of dynamic updates to DNS, and RFC 2308 describes the reverse caching of DNS queries.

DNS Features

Each IP address can have a host name that consists of one or more strings separated by a decimal point. With the hostname, do not memorize each IP device IP address, just remember the relative intuitive meaningful host name on the line. This is the function that the DNS protocol will perform.

There are two ways to map host names to IP addresses:

1) static mapping, each device is configured host-to-IP address mapping, each device independently maintain their own mapping table, and only for the use of this device;

2) dynamic mapping, set up a set of domain Name resolution system (DNS), only in a dedicated DNS server to configure the host-to-IP address mapping, network needs to use host name communication device, first need to DNS server to query the host IP address.

The process of obtaining the IP address of the host name through the hostname is called Domain name resolution (or hostname resolution). In resolving the domain name, you can first use static domain name resolution method, if the static domain name resolution is not successful, then use dynamic Domain name resolution method. You can put some common domain names into the static Domain name resolution table, which can greatly improve the efficiency of domain name resolution.

DNS Importance

1, technical point of view: DNS resolution is the majority of Internet applications of the actual addressing method, domain name technology, as well as a variety of applications based on domain name technology, enriched the Internet applications and protocols.

2, Resource point of view: The domain name is the identity of the Internet, is not the unique identification of resources; The globalization of the Internet makes the domain name a national strategic resource to identify the sovereignty of a country.

Domain name structure

Typically, the general structure of the Internet host domain name is: hostname. Level three domain name. Level two domain name. The top-level domain name of the Internet is registered and managed by the Internet Network association domain name Registry Query Committee responsible for network address allocation, which also assigns a unique IP address to each host on the Internet. There are three major network information centers around the world: Inter-nic in the United States, the United States and other regions, Ripe-nic in the Netherlands, responsible for the European region and APNIC in Japan, responsible for the Asia Pacific region.

DNS Server

The DNS service is provided by the computer that has the DNS server-side software installed. Server-side software can be either a class-based Linux operating system or a Windows-based operating system. Once the DNS server software is installed, you can create a zone file in the location you specify, which is a file that contains the name-to-IP address resolution record in this domain, such as the contents of the file: primary name server = DNS2 (host name of the primary server is)

serial = 2913 (serial number = 2913, the function of this serial number is when the secondary name server to copy this file, if the number is increased copy)

Refresh = 10800 (3 hours) (refresh = 10,800 seconds, secondary name server queries a primary server every 3 hours)

Retry = 3600 (1 hour) (retry = 3,600 seconds, when the secondary domain service tries to query for updates on the primary server, and the connection fails, the secondary domain server accesses the primary nameservers every 1 hours)

expire = 604800 (7 days) (expires = 604,800 seconds, the secondary name server deletes the record in the 7 day after failing to the primary service update. ）

The default TTL = 3600 (1 hour), which defaults to 3,600 seconds, the cache server saves the record for 1 hours. That is to tell the cache server to save the domain's resolution record for 1 hours)

DNS Security issues

1. Malicious attacks against the domain Name System: DDoS attacks cause domain name resolution to collapse.

2. Domain Name hijacking: Modify the registration information, hijacking parsing results.

3. State-of-the-Nature Domain Name System security event: ". Ly" Domain name Paralysis, ". af" Domain name change of domain name management.

4. A vulnerability exists in the DNS service running on the system, causing the hacker to gain permission to tamper with the DNS information.

Improper setting of 5.DNS causes some sensitive information to be leaked. Provides powerful information for hackers to further attack.

DNS Domain Name System resolution