Edns-client-subnet of Intelligent DNS parsing

Abstract: Intelligent DNS resolution is an important part of the CDN, so-called intelligence is based on the request of users to the same domain name to make the corresponding different resolution (currently most domain name registrars have not yet provided line resolution services), so the scheduling accuracy of the CDN is entirely dependent on the DNS intelligent resolution, But the protocol was designed by DNS earlier on the internet but did not take into account the situation of today's network applications.

First, preface

Intelligent DNS resolution is an important part of the CDN, so-called intelligence is based on the request of users to the same domain name to make the corresponding different resolution (currently most domain name registrars have not yet provided line resolution services), so the scheduling accuracy of the CDN is entirely dependent on the DNS intelligent resolution, But the protocol was designed by DNS earlier on the internet but did not take into account the situation of today's network applications. Let's take a simple look at how traditional DNS works-

　　

Throughout the parsing process. Public DNS in place of the user to the root, top-level domain, authoritative DNS to query the results and return the results to the user, the authoritative DNS server queried is unable to know specifically which user to query, this is also the problem, since can not obtain user IP and how to accurately dispatch the Na? Google has submitted a DNS extension protocol that allows DNS resolver to pass the user's IP address to authoritative DNS server.

Second, the agreement

DNS query contains header and RR two sections

type=41 Extending content for Edns

　　

Option-code:2 bytes (the latest definition in RFC is 0x0008, the boss is 0X50FA)

Option-length:2 bytes that describe the content length after it (byte)

Family:2 bytes, 1 means IPv4, 2 means IPv6

Address: Where the IP address is actually stored, the IPv4 length is 4

Third, testing

Currently bind cannot support edns need to be patched to send Edns query package, please download edns-client-subnet dig patch and install into bind first.

1. First to resolve the domain name of the test domain long line

Edns.dns.com made two DNS intelligent resolution, respectively, from Shanghai Telecom users resolved to 3.3.3.3, the user of Beijing Telecom resolves to 2.2.2.2, and the rest resolves to 1.1.1.1.

2. Use the edns-client-subnet patch dig to query

　　

When the client is 180.149.128.1 (Shanghai Telecom IP), the corresponding line resolution can be returned correctly.

　　

When the client is 58.32.1.1 (Beijing Telecom IP), the corresponding line resolution can also be returned correctly.

Iv. Summary

The use of edns-client-subnet on the test can solve the current CDN does not have a precise height of pain points. But it is also possible to see the need to support the EDNS0 in the middle of the various aspects of the force.

1. First authoritative DNS to have the ability of intelligent resolution, a precise IP library;

2. Authority to support the EDNS0 format and properly remove the client IP;

3. Public DNS requires that client IP information be packaged in a EDNS0 format to send queries.

Reference documents

https://tools.ietf.org/html/draft-ietf-dnsop-edns-client-subnet-08

The RFC2671 also contains a number of things that the requester and responder are aware of when implementing EDNS0, as well as problems with EDNS0.

Edns-client-subnet of Intelligent DNS parsing