DNS Domain name resolution process

Objective

This article from the "Deep analysis of Java Web Technology Insider" book, because I am not particularly familiar with DNS, this book about the DNS part has been more detailed, so the contents of the book directly to use. The usual, do not copy, not sticky, all the content of the hand, playing while learning, understanding.

DNS Domain name resolution

We know that the Internet is through the URL to publish and request resources, and the URL of the domain name needs to be resolved to an IP address to establish a connection with the remote host, how to resolve the domain name to IP address is a DNS resolution of the scope of work.

It is no exaggeration to say that although we usually do not feel the existence of DNS resolution on the Internet, but once the DNS parsing error, can lead to a very serious internet disaster. At present, the entire Internet in the world has several DNS root name servers, any one root server is broken, the consequences are very serious.

DNS Domain name resolution process

When we enter www.abc.com in the browser, the DNS resolution will have nearly 10 steps, the process is roughly roughly a graph can be represented:

The entire process is described as follows, where the first two steps are done natively, and the last 8 steps involve a real domain name resolution server:

1, the browser will check the cache there is no corresponding to the domain name of the resolved IP address, if the cache, the parsing process is over. Browser cache domain name is also limited, not only the browser cache size is limited, and the cache time is also limited, usually a few minutes to a few hours, the domain name is cached time limit can be set by the TTL attribute. This cache time is too long and too short is not very good, if the time is too long, once the domain name is resolved to the IP has changed, it will cause the domain name cached by the client can not resolve to the changed IP address, so that the domain name can not be resolved properly, during this time some users can not access the site. If the set time is too short, it causes the user to re-resolve the domain name each time they visit the site.

2. If there is no data in the user's browser cache, the browser will look for the DNS resolution results for this domain name in the operating system cache. In fact, the operating system also has a domain name resolution process, in Windows can be set through the C:\Windows\System32\drivers\etc\hosts file, in Linux can be set through the/etc/hosts file, The user can resolve any domain name to any IP address that can be accessed. For example, we can resolve a domain name to a test server when testing, so that you can test the correct business logic for code on a separate server without modifying any code. It is because of this local DNS resolution procedures, so there is a hacker may modify the user's domain name to the specific domain name to resolve to his designated IP address, resulting in these domain names are hijacked.

3, the first two processes can not be resolved, it is necessary to use the "DNS server address" in our network configuration. The operating system will send this domain name to this ldns, which is the domain name server in the region. This DNS is usually provided to the user local Internet access to a DNS resolution service, such as the user is in school access to the Internet, then the user's DNS server is certainly in school, if the user is in the community access to the Internet, then the user's DNS is to provide access to the Internet application provider, namely telecommunications or unicom, That is the usual spa, then this DNS will usually be in the user's city somewhere in the corner, not very far. The configured DNS server can be queried by cat/etc/resolv.conf in the Windows environment through the command line input ipconfig,linux environment . This dedicated domain name resolution server performance will be very good, they will generally cache the domain name resolution results, of course, the cache time is controlled by the expiration time of the domain name. About 80% of the domain name resolution here is over, so ldns mainly undertook the domain name parsing work.

4, if the Ldns still does not hit, directly to the root server domain name Server request resolution

5. The ROOT name server is returned to the local domain name server with a queried primary domain name server (gTLD server) address. gTLD is an international top-level domain name server, such as. com,. cn,. org, etc., only about 13 units worldwide

6, the local domain name server Ldns The return of the gTLD server to send a request

7. The requested GTLD server finds and returns the address of the name server name servers for this domain name, which is typically a user-registered name server, such as a domain name requested by a user in a domain Name service provider. Then this domain name resolution task is done by the server of the domain name provider

8, the name Server name server will query the stored domain name and IP mapping relationship table, under normal circumstances, according to the domain name to obtain the destination IP address, together with a TTL value returned to the DNS server domain name server

9, return the domain name corresponding to the IP and TTL values, Ldns will cache the domain name and IP correspondence, the cache time is controlled by the TTL value

10, the results of the resolution is returned to the user, the user according to the TTL value cache in the local system cache, the domain name resolution process is over

In the actual DNS resolution process, there may be more than 10 steps, such as name server may have many levels, or have a GTM to load balance control, which may affect the domain name resolution process.

Clear the cached domain name

We know that DNS domain name parsing will cache parsing results, which are mostly cached in two places:

1. Local DNS Server

2, the user's local machine

Both caches are TTL values and native cache size control, but the maximum cache time is the TTL value, basically the cache time of the local DNS server is TTL-controlled, it is difficult to intervene manually, but our native cache can be cleared by the following way:

1, the Windows environment can again command line execution Ipconfig/flushdns command to flush the cache,

2, Linux environment can be/ETC/INIT.D/NSCD restart to clear the cache, because my home computer installed virtual machine comparison card, not

Restarting is still the first choice to solve many problems.

In Java applications, the JVM also caches DNS parsing results, which is done in the InetAddress class, and this cache time is special, and it has two caching strategies:

1. Correctly parse the result cache

2. Failed Parse Result cache

These two cache times have two configuration item controls, and the configuration items are configured in the%java_home%\lib \security\java.security file, respectively, and the two configuration items are Networkaddress.cache.ttl and Networkaddress.cache.negative.ttl, their default values are-1 (never expire) and 10 (cache 10 seconds), directly modifying these two values, You can also modify the default values by adding-dsun.net.inetaddr.ttl=xxx to the Java startup parameters, or you can modify them dynamically through the InetAddress class.

Several ways to resolve domain names

Domain name resolution records are divided into a records, MX records, CNAME Records, NS records and TXT records:

1. A record

A represents address, which specifies the IP address of the domain name, such as assigning item.taobao.com to 115.238.23.xxx and switch.taobao.com to 121.14.24.xxx. A record can resolve multiple domain names to an IP address, but cannot resolve a domain name to multiple IP addresses

2. MX record

Mail Exchange, which can point a mail server under a domain name to its own mail server, such as the A record IP address of the taobao.com domain name is 115.238.25.xxx, if the MX record is set to 115.238.25.xxx, the [ Email protected] Mail routing, DNS will send the message to the server where 115.238.25.xxx, and normal through the Web request, still resolve to the IP address of a record

3. CNAME record

Canonical name, which is the alias resolution. The so-called alias resolution is the ability to set one or more aliases for a domain name, such as parsing aaa.com to Bbb.net, and parsing ccc.com to Bbb.net, where Bbb.net is the alias of AAA.com and Ccc.com, respectively.

4, NS Records

Specifies a DNS resolution server for a domain name, which is parsed by the DNS server for the specified IP address

5. TXT record

Set a description for a host name or domain name, such as a note that you can set the TXT record for ddd.net as "This is XXX blog"

DNS Domain name resolution process