Article Title: DNS resolution process. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
When the DNS client needs to query the name of an application, it will contact its own DNS server to resolve the name. DNS customers' resolution requests contain the following three types of information:
The domain name to be queried. If the original application does not submit a complete FQDN, the DNS client adds a domain name suffix to form a complete FQDN;
The specified Query type. Specifies the type of resource record to be queried, such as A record or MX record;
Specifies the DNS domain name type. For DNS Client Services, this type is always specified as Internet [IN.
The complete DNS resolution process of the DNS Client is as follows:
1. Check your local DNS name cache
When the DNS client needs to resolve an FQDN, first check its local DNS name cache. The local DNS name cache consists of two parts:
The host name-to-IP address ing definition in the Hosts file;
The results obtained from the previous DNS query are still valid;
If the DNS Client obtains the result from the local cache, the DNS resolution is complete.
2. Contact your DNS server
If the DNS client does not find the corresponding record in its local cache, contact your DNS server. You must configure the DNS server used by the DNS Client in advance.
When the DNS server receives the DNS Client's resolution request, it first checks whether it can answer the resolution request authority, that is, whether it manages the DNS region corresponding to the request record; if the DNS server manages the corresponding DNS region, the DNS server is authoritative for this region. In this case, if the corresponding resource records in the local region match the customer's resolution request, the DNS server uses this resource record to answer the customer's resolution request (authoritative reply ); if no corresponding resource record exists, no corresponding resource record (no reply) exists for the authoritative reply customer of the DNS server ).
If no region matches the resolution request initiated by the DNS client, the DNS server checks its local cache. If a matched result is returned, the DNS server does not provide an authoritative response to the customer's resolution request, whether positive or negative. DNS resolution is complete.
If the DNS server still does not find the matching results in its local cache, the DNS server will execute different request queries based on different configurations:
By default, the DNS server uses recursion to resolve the name. The recursive method means that the DNS server queries the resolution request from other DNS servers as the DNS client until the resolution result is obtained. During this process, the original DNS Client waits for a reply from the DNS server.
If you disable the DNS server from using recursion, the DNS server is working in iteration mode, that is, returning a reference reply to the original DNS Client, it contains information that is conducive to client resolution requests (such as root prompt information), instead of other operations. The original DNS Client determines the processing method based on the reference information returned by the DNS server. However, in the actual network environment, disabling recursive queries on the DNS server often causes the DNS server to return a reference reply to a server failure for client requests that cannot be locally parsed, the client determines that the resolution fails.
The difference between recursive mode and iterative mode is that when the DNS server does not locally complete client request resolution, who plays the role of the DNS client initiates resolution requests to other DNS servers. The recursive method is usually used, which is conducive to network management and security control. The Recursive Method consumes more performance of the DNS server than the iterative method. However, in general, this performance consumption does not matter.
The root prompt is the IP address of the root DNS server in the Internet namespace. For normal recursive resolution, the DNS server must know where to start searching for the DNS domain name, and the root prompt information is used to achieve this requirement. There are a total of 13 root DNS servers worldwide. Their names and IP addresses are stored in % systemroot % system32dnscache. in the dns file, each time the DNS server is started from the cache. read from the dns file. In general, you do not need to modify this file. If your DNS server is deployed in an internal network and does not need to use the Internet root DNS server, you can modify it as needed, point it to an internal root domain DNS server.
For example, when a DNS client requests to resolve a domain name www.winsvr.org and the DNS server is working in recursive mode, the complete resolution process is as follows:
The DNS Client checks its local name cache and does not find the corresponding record;
The DNS Client contacts the DNS server NameServer1 to query the domain name www.winsvr.org;
3. NameServer1: Check Your authoritative region and local cache. The corresponding value is not found. Therefore, contact a root domain server in the root prompt to query the domain name www.winsvr.org;
4. the root domain server does not know the corresponding value of www.winsvr.org. Therefore, it returns a reference reply to NameServer1 and tells NameServer1. org the authoritative DNS server of the top-level domain;
5. Contact the authoritative DNS server of the. org top-level domain to query the domain name www.winsvr.org;
6.org top-level domain servers do not know the corresponding value of www.winsvr.org, so they return a reference reply to NameServer1 and tell NameServer1 the authoritative DNS server in Winsvr.org domain;
7. NameServer1: contact the authoritative DNS server in the Winsvr.org domain to query the domain name www.winsvr.org;
8.Winsvr.org authoritative DNS server knows the corresponding value and returns it to NameServer1;
9. NameServer1 returns the result of www.winsvr.org to the original DNS Client. At this time, the resolution is complete.