DNS Foundation and Domain Name System architecture

First, the domain name

Before we explain DNS, let's start with a cursory look at the domain name.

For example, when we use a browser to access the URL, we enter the address of the site is a domain name, for example www.google.com, but in fact we know that we have a logo on the internet every machine has an IP address, if we need to access a Web site server, in fact, we need to enter the IP address of the site to access, but the IP address is often difficult to remember, IPv4 even difficult to memorize, IPv6, so to speak, so We manage it by using a domain name, but when accessed, the system is accessed through an IP address, and the direct conversion of the domain name and IP address is done through the DNS server. First we first look at the domain name of some knowledge, take www.google.com this domain name.

It is usually divided into 3 parts for a domain name

www.google.com Host name    domain name    type

① type indicates the type of the domain name (COM, cn, edu, org, etc.)

② the name of the domain name, such as Google

③ hostname Domain A host name, such as www this host

In fact, strictly speaking, there is a "." In the back of the domain name, so the complete domain name should be www.google.com.

For the domain name, the case is not sensitive, in the browser we entered the case of the same IP address point

Second, DNS

From the above can be known that each domain name corresponds to an IP address, when we visit a domain name, in fact, the underlying operating system to communicate or through the IP address to communicate, so we need a service can convert the domain name to the corresponding IP address, or reverse the IP address into a domain name, This service is DNS (Domain Name System).

DNS provides a service is to convert between IP and domain name, the DNS service is provided by the DNS server, generally provides a DNS service has a separate DNS server, the role of this DNS server is used to save our domain name to its IP address between the resolution, for example, we are accessing www.google.com This domain name, our host will first initiate a DNS request to a DNS server, Request the DNS server to tell me www.google.com the IP address of this domain name, at this time the DNS server will give us to return the IP address of the domain name, this time we then access to this IP address www.google.com this server

DNS service is to resolve our domain name to its corresponding IP address, our daily use of the support network of the computer is generally used as a DNS client to use, applications, services, processes, etc. through the operating system underlying functions of the DNS server to initiate queries to the specified domain name to resolve

In Linux systems, it is common to use the gethostbyname () function provided at the bottom of the system for domain name resolution

In Linux systems, resolving domain names can usually be based on the following three ways:

① file (/etc/hosts,/etc/networks)

Hosts is the host file, which is stored in a domain name to the IP address of a corresponding, under Windows also have such a file, usually Linux under the file to resolve the domain name is through/etc/hosts this file

[Email protected] ~]# cat/etc/hosts127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4 :: 1         localhost localhost.localdomain localhost6 localhost6.localdomain6

Because the hosts file is stored in the domain name to the IP address of the direct correspondence, we can also manually go to our domain name designated as other IP, for example, we will www.google.com IP modified to 192.168.1.1

[Email protected] ~]# ping Www.google.comPING www.google.com (173.194.72.103) (+) bytes of data. [Email protected] ~]# vim/etc/hosts127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4 :: 1         localhost localhost.localdomain localhost6 localhost6.localdomain6192.168.1.1      www.google.com[[email protected] ~]# ping Www.google.comPING www.google.com (192.168.1.1) (+) bytes of Data.

We see that after we add 192.168.1.1 www.google.com This mapping relationship to the/etc/hosts file, when Ping www.google.com, its IP address becomes the 192.168.1.1 we set ourselves, But we know that the IP address is definitely not this. For this reason, we can write the IP addresses of some domain names directly into the hosts file on the operating system, so that we can directly access the IP addresses we specify when parsing.

②dns This is the DNS server we specify to resolve our domain name

③nis this is very rare.

We can view the order of DNS resolution by looking at the/etc/nsswitch.conf file.

[[email protected] ~]# cat/etc/nsswitch.conf # #/etc/nsswitch.conf## An example Name Service Switch config file. This file should be# sorted with the most-used services in the beginning.## ' [entry] ' Notfound=return that the S Earch for an# entry should stop if the search in the previous entry turned# up nothing. Note If the search failed due to some other reason# (like no NIS server responding) then the search continues with th e# Next entry.## Valid entries include:## nisplus use nis+ (NIS version 3) # NIS use NIS (NIS v             Ersion 2), also called yp# DNS use DNS (Domain Name Service) # files use the local files# db Use the local database (. db) files# Compat use NIS in Compat mode# Hesiod use Hesi OD for user lookups# [Notfound=return] Stop searching if not found so far## to use DB, put the "db" in front of "fil Es "For entries-want to be# looked up first in the Databases## Example: #passwd: DB files nisplus nis#shadow:db files nisplus nis#group:db files Nisplus nispasswd: Filesshadow:filesgroup:files#hosts: DB Files nisplus NIS dnshosts:files DNS# Example-obey only Nisplus tells us ... #services: nisplus [Notfound=return] files#networks:nisplus [notfound=r Eturn] files#protocols:nisplus [Notfound=return] files#rpc:nisplus [Notfound=return] files#ethers:nisplus [     Notfound=return] files#netmasks:nisplus [notfound=return] Files Bootparams:nisplus [Notfound=return] Filesethers: Filesnetmasks:filesnetworks:filesprotocols:filesrpc:filesservices:filesnetgroup:nispluspublickey : Nisplusautomount:files nisplusaliases:files Nisplus

We see that the order of the hosts parsing is resolved through the file files, and then through DNS parsing, we can directly modify the file to control our query order

Third, DNS query

We can use the host or dig command to query the IP address of our domain name

①host (less content displayed)

[Email protected] ~]# host www.google.comwww.google.com has address 74.125.31.104www.google.com have address 74.125.31.147www.google.com has address 74.125.31.106www.google.com have address 74.125.31.99www.google.com has address 74.125.31.103www.google.com has the address 74.125.31.105www.google.com has IPV6 address 2404:6800:4008:c01::6a

②dig (Show content details)

[Email protected] ~]# dig www.google.com; <<>> DiG 9.8.2rc1-redhat-9.8.2-0.17.rc1.el6 <<>> www.google.com; Global options: +cmd;; Got answer:;; ->>header<<-opcode:query, Status:noerror, id:65143; Flags:qr Rd RA; Query:1, Answer:6, authority:0, additional:0; QUESTION section:;www.google.com.            in    A;; ANSWER SECTION:www.google.com.        5    in    A    74.125.31.104www.google.com.        5    in    A    74.125.31.147www.google.com.        5    in    A    74.125.31.106www.google.com.        5    in    A    74.125.31.99www.google.com.        5    in    A    74.125.31.103www.google.com.        5    in    A    74.125.31.105; Query time:2012 msec;; server:192.168.198.2#53 (192.168.198.2); When:mon June  3 19:49:55 2013;; MSG SIZE  rcvd:128

We see that the dig command query out a lot of content, for each line of the meaning of the statement, will be detailed in the following essays to explain

For DNS query, in fact, DNS is a tree-like structure, when the query is based on the domain name from right to left to query, domain name each level by a separate or multiple DNS server to query

We see that when we query the domain of www.google.com, the first thing we do is pass. This root DNS server to query the address of the COM type DNS server, and then through the COM corresponding DNS server (each layer has more than one DNS server) to query the Google domain DNS server, and finally through Google's DNS server to query the host named www of this host's resource record, thus obtaining the IP address of www.google.com. We can trace the entire DNS query process through dig +trace www.google.com this command

[[email protected] ~]# dig +trace www.google.com; <<>> DiG 9.8.2rc1-redhat-9.8.2-0.17.rc1.el6 <<>> +trace www.google.com;            Global options: +cmd.            5 in NS f.root-servers.net.            5 in NS g.root-servers.net.            5 in NS h.root-servers.net.            5 in NS i.root-servers.net.            5 in NS j.root-servers.net.            5 in NS k.root-servers.net.            5 in NS l.root-servers.net.            5 in NS m.root-servers.net.            5 in NS a.root-servers.net.            5 in NS b.root-servers.net.            5 in NS c.root-servers.net.            5 in NS d.root-servers.net. 5 in NS e.root-servers.net.;            Received 508 bytes from 192.168.198.2#53 (192.168.198.2) in 28138 mscom.            172800 in NS a.gtld-servers.net.com.   172800 in NS b.gtld-servers.net.com.         172800 in NS c.gtld-servers.net.com.            172800 in NS d.gtld-servers.net.com.            172800 in NS e.gtld-servers.net.com.            172800 in NS f.gtld-servers.net.com.            172800 in NS g.gtld-servers.net.com.            172800 in NS h.gtld-servers.net.com.            172800 in NS i.gtld-servers.net.com.            172800 in NS j.gtld-servers.net.com.            172800 in NS k.gtld-servers.net.com.            172800 in NS l.gtld-servers.net.com. 172800 in NS m.gtld-servers.net.;        Received 492 bytes from 193.0.14.129#53 (193.0.14.129) in 26867 msgoogle.com.        172800 in NS ns2.google.com.google.com.        172800 in NS ns1.google.com.google.com.        172800 in NS ns3.google.com.google.com. 172800 in NS ns4.google.com.;    Received 168 bytes from 192.54.112.30#53 (192.54.112.30) in 8681 mswww.google.com.    A 173.194.72.103www.google.com.        A 173.194.72.99www.google.com.        A 173.194.72.106www.google.com.        A 173.194.72.104www.google.com.        A 173.194.72.147www.google.com. 173.194 in A. 72.105;; Received bytes from 216.239.38.10#53 (216.239.38.10) in + + MS

We see that the entire DNS query process is the above based on the domain name from right to left to step-by-step query. Root DNS--com DNS--google DNS--www

There are two types of DNS queries, one is iterative query (iterative query) and the other is recursive (Recursive query) We can know the difference between the two queries by the following two.

① iterative queries (iterative query)

② recursive queries (Recursive query)

When we see an iterative query, the local DNS server first. DNS server makes a request at this time. DNS server returns the DNS server to the local DNS server COM, and so on, and so on, and finally returns the IP address of the www.google.com, while the recursive query is just the local DNS server. DNS server makes a request, and then resolves the IP that is given to its subordinate DNS server to complete, and finally returns the IP address, since the recursive query on each DNS server will have cache information, so generally we are using two query methods in combination of the way to the DNS query

Iv. resource records

On the DNS server, the DNS information is saved through a format called a resource record (RR Resource record), which not only saves the domain name to the IP address, but also keeps a lot of other information

The properties commonly used for resource records are:

-Name (host name)

-Class (category, usually in)

-Type (types, types of resource records)

-RDATA (information)

Such as:

www in A 192.168.1.1

Mail in A 192.168.1.2

Server1 in CNAME www

In MX ten mail.gmail.com. (For MX records, the following domain name must be complete, that is, the last.)

　　NAME CLASS TYPE RDATA　　　　　　

It's all our resource records. DNS resource records can record many types of resources, not just IP addresses, and the common resource record types are as follows:

Resource record type (type)	Represents content
A	IPV4 Address
Aaaa	IPV6 Address
Mx	Mailing Records
CNAME	Alias
Ptr	Pointer (inverse parsing)
SRV	Service Resources

We can use the Advanced query commands of DNS to view information about these resource records

①dig-t a www.google.com View the IPV4 address of the domain name

[Email protected] ~]# dig-t a www.google.com; <<>> DiG 9.8.2rc1-redhat-9.8.2-0.17.rc1.el6 <<>>-T a www.google.com;; Global options: +cmd;; Got answer:;; ->>header<<-opcode:query, Status:noerror, id:52161; Flags:qr Rd RA; Query:1, Answer:6, authority:0, additional:0; QUESTION section:;www.google.com.            in    A;; ANSWER SECTION:www.google.com.        5    in    A    74.125.31.103www.google.com.        5    in    A    74.125.31.99www.google.com.        5    in    A    74.125.31.147www.google.com.        5    in    A    74.125.31.104www.google.com.        5    in    A    74.125.31.106www.google.com.        5    in A    74.125.31.105//These are www.google.com IPv4 addresses;; Query time:2010 msec;; server:192.168.198.2#53 (192.168.198.2); When:mon June  3 20:45:30 2013;; MSG SIZE  rcvd:128

②dig-t MX gmail.com View gmail.com Mail records for this domain

[[email protected] ~]# dig-t MX gmail.com; <<>> DiG 9.8.2rc1-redhat-9.8.2-0.17.rc1.el6 <<>>-t MX gmail.com;; Global options: +cmd;; Got answer:;; ->>header<<-opcode:query, Status:noerror, id:44633; Flags:qr Rd RA; Query:1, Answer:5, authority:0, Additional:4;            QUESTION section:;gmail.com. in MX;;        ANSWER SECTION:gmail.com.        5 in MX alt4.gmail-smtp-in.l.google.com.gmail.com.        5 in MX alt3.gmail-smtp-in.l.google.com.gmail.com.        5 in MX ten alt1.gmail-smtp-in.l.google.com.gmail.com.        5 in MX 5 gmail-smtp-in.l.google.com.gmail.com.　　5 in MX alt2.gmail-smtp-in.l.google.com. gmail.com mail server;; ADDITIONAL section:alt3.gmail-smtp-in.l.google.com. 5 in AAAA 2607:f8b0:400d:c02::1aalt1.gmail-smtp-in.l.google.com. 5 in AAAA 2a00:1450:4010:c03::1bgmail-smtp-in.l.google.com. 5 in AAAA 2607:f8b0:400e:c01::1aalt4.gmail-smtp-in.l.goOgle.com. 5 in AAAA 2607:f8b0:400c:c01::1a//gmail.com mail server corresponding IP address;; Query time:2003 msec;; server:192.168.198.2#53 (192.168.198.2); When:mon June 3 20:47:32 2013;; MSG SIZE rcvd:262

③dig-x 42.121.135.98 Reverse resolution 42.121.135.98 This IP address gets its domain name (IP of the blog park)

[[Email protected] ~]# host www.cnblogs.comwww.cnblogs.com has address 42.121.135.98[[email protected] ~]# dig-x 42.121.1 35.98; <<>> DiG 9.8.2rc1-redhat-9.8.2-0.17.rc1.el6 <<>>-x 42.121.135.98;; Global options: +cmd;; Got answer:;; ->>header<<-opcode:query, Status:nxdomain, id:22590; Flags:qr Rd RA; Query:1, answer:0, Authority:1, additional:0; QUESTION section:;98.135.121.42.in-addr.arpa.    in    PTR;; Authority Section:121.42.in-addr.arpa.    5    in    SOA    hidden-master.aliyun.com. hostmaster.aliyun-inc.com. 2013060300 7200 900 2592000 600;; Query time:2004 msec;; server:192.168.198.2#53 (192.168.198.2); When:mon June  3 20:51:27 2013;; MSG SIZE  rcvd:126

DNS Foundation and Domain Name System architecture