DNS is one of the core Internet protocols. Whether it's surfing the web or programming, you need to know a little bit about it.
This article describes in detail The principle of DNS and how to use the tool software to observe its operation. My goal is that after reading this article, you will be able to fully understand DNS.
First, What is DNS?
The role of DNS (the domain name System abbreviation) is very simple, which is to isolate the IP address based on the domain name. You can think of it as a huge phone book.
For example, if you want to access the domain name math.stackexchange.com, first to find out through DNS that its IP address is 151.101.129.69.
If you don't know why you must find out IP address for network communication, it is recommended to read the "Introduction to Internet Protocol " I wrote first .
Second, the inquiry process
Although you only need to return a IP address, but the query process for DNS is complex and is divided into multiple steps.
The tool software Dig can display the entire query process.
$ dig math.stackexchange.com
The above command outputs six pieces of information.
The first paragraph is query parameters and statistics.
The second paragraph is the query content.
The above results indicate that a record of the query domain name math.stackexchange.com, A is the abbreviation of address.
the third paragraph is The reply of the DNS server.
the results above show thatMath.stackexchange.com has four A records, or four IP addresses. 600 is the TTL value (the abbreviation for Time to live), which indicates the cache times, i.e. no re-querying within 600 seconds.
The fourth segment shows the NS Records for stackexchange.com (abbreviated Name server), which servers are responsible for managing stackexchange.com DNS records.
The results above show that stackexchange.com has four NS records, four domain name servers, to which any query can know what the math.stackexchange.com IP address is.
The fifth section is the top four domain name servers IP address, which is returned along with the previous paragraph.
the sixth paragraph is Some transport information for the DNS server.
The above results show that the machine's The DNS server is 192.168.1.253, the query port is (the default port for the DNS server), and the response length is 305 bytes.
If you don't want to see so much content, you can use the +short parameter.
$ dig +short math.stackexchange.com
151.101.129.69
151.101.65.69
151.101.193.69
151.101.1.69
The above command returns only the 4 IP addresses of the math.stackexchange.com (that is, a record).
Third, DNS Server
below we according to the previous example, step by step restore, this machine exactly how to get domain name math.stackexchange.com IP address.
first of all, this machine must know The IP address of the DNS server, or the network is not on. Through a DNS server, you can know exactly what the IP address of a domain name is.
The IP address of the DNS server, which may be dynamic, is assigned by the gateway each time it is online, which is called the DHCP mechanism, or it may be a fixed address specified beforehand. Inside the Linux system, the IP address of the DNS server is saved in the/etc/resolv.conf file.
of the above example The DNS server is 192.168.1.253, which is an intranet address. There are some public network DNS servers that can also be used, the most famous of which is Google's 8.8.8.8 and level 3 of 4.2.2.2.
this machine only to its own For DNS server queries, the dig command has an @ parameter that displays the results of queries to other DNS servers.
$ dig @4.2.2.2 math.stackexchange.com
The above command specifies the DNS server 4.2.2.2 query.
Iv. Hierarchy of domain names
How can a DNS server know the IP address of each domain name? The answer is a hierarchical query.
Take a closer look at the previous example, with one more point at the tail of each domain name.
For example, the domain name math.stackexchange.com is displayed as math.stackexchange.com. This is not negligence, but the tail of all domain names, in fact, there is a root domain name.
For example,the real domain name of www.example.com is Www.example.com.root, abbreviated to www.example.com. Because, root domain name. Root is the same for all domain names, so it is usually omitted.
The next level of the root domain name is called "top-level domain" (top-level domain, abbreviated as TLD), such as. com,. NET, and next level called "Secondary domain name" (second-level domain, abbreviated as SLD), such as www.example.com inside the. example, this level of domain name is the user can register, and then the next level is the hostname (host), such as the www.example.com inside the WWW, also known as "three-level domain name", This is the name that the user assigns to the server in his or her domain, which the user can assign arbitrarily.
To summarize, the hierarchical structure of the domain name is as follows.
host name . secondary domain name . top-level domain . root domain
# that
Host.sld.tld.root
Five, root domain name server
The DNS server makes hierarchical queries based on the hierarchy of domain names.
it needs to be clear that each level of domain name has its own NS record, NS records the domain name server that points to the domain name. These servers know the various records for the next level of domain names.
The so-called "hierarchical query", that is, starting from the root domain name, and then query the NS records of each level domain name, until the final IP address is found, the process is generally as follows.
- NS Records and A records (IP addresses) for top-level nameservers from "ROOT name server"
- NS Records and A records (IP addresses) for sub-domain name servers from top-level nameservers
- Isolate the IP address of the hostname from the secondary domain name server
look closely at the process above, you may find out, without mentioning How does the DNS server know the IP address of the "Root name server"? The answer is that the NS records and IP addresses of the "root nameservers" are generally unchanged, so they are built into the DNS server.
here is the built-in Root name server An example of an IP address.
In the list above, the three NS records of the root domain name (. Root) are listed a.root-servers.net, B.root-servers. NET and C.root-servers.net, and their IP addresses (that is, A records) 198.41.0.4, 192.228.79.201, 192.33.4.12.
In addition, you can see all the recorded The TTL value is 3.6 million seconds, which is equivalent to 1000 hours. That is, the list of root name servers is only queried once every 1000 hours.
Currently, there are 13 groups of root name servers in the world, from A.root-servers. NET until m.root-servers.net.
Vi. Examples of graded queries
The +trace parameter of the dig command can display the entire hierarchical query process for DNS.
$ dig +trace math.stackexchange.com
The first paragraph of the above command lists the root domain name . All NS records, that is, all root name servers.
based on the built-in Root name server IP address, the DNS server issues a query request to all these IP addresses, and queries the NS record for math.stackexchange.com's top-level domain name server com. The root name server that is first replied to will be cached and then sent only to this server for request.
Then the second paragraph.
The above results show the 13 NS records of the. com domain name, along with the corresponding IP address for each record.
Then, The DNS server issues query requests to these top-level nameservers and queries the NS records of Math.stackexchange.com's secondary domain stackexchange.com.
The above results show that stackexchange.com has four NS records, and also returns the corresponding IP address for each NS record.
Then, The DNS server queries the above four NS servers for the hostname of the math.stackexchange.com.
The results above show thatmath.stackexchange.com has 4 A records, that is, the four IP addresses can be accessed to the site. It also shows that the NS server that returns the results first is the NS-463.AWSDNS-57.COM,IP address of 205.251.193.207.
Seven, NS Records for queries
The dig command allows you to view the NS records for each level of domain separately.
$ dig NS com
$ dig NS stackexchange.com
The +short parameter can display simplified results.
$ dig +short ns com
$ dig +short NS stackexchange.com
Eight, Record types for DNS
Domain name and The correspondence between IPs, called "Records". According to the usage scenario, the "record" can be divided into different types (type), with a record and an NS record already seen in front.
of Common The DNS record types are as follows.
(1) A: Address record, which returns the IP address that the domain name points to.
(2) NS: The name server record, which returns the server address that holds the next level of domain name information. The record can only be set to a domain name and cannot be set to an IP address.
(3) MX: Mail record (mail eXchange), which returns the address of the server receiving the e-mail.
(4) CNAME: Canonical name record (Canonical name), return another domain name, that is, the domain name of the current query is a jump to another domain name, see below.
(5) PTR: Reverse lookup record (Pointer record), only used to query the domain name from IP address, see below.
in general, for the safety and reliability of the service, there should be at least two NS records, and A and MX records can have more than one, which provides redundancy of the service and prevents a single point of failure.
CNAME records are primarily used for internal jumps of domain names, providing flexibility for server configuration, which is not perceived by users. For example, Facebook.github.io this domain name is a CNAME record.
$ dig Facebook.github.io
...
;; ANSWER section:
Facebook.github.io. 3370 in CNAME github.map.fastly.net.
Github.map.fastly.net. In A 103.245.222.133
The above results show thatFacebook.github.io's CNAME record points to github.map.fastly.net. In other words, when the user queries Facebook.github.io, the Github.map.fastly.net IP address is actually returned. The advantage is that when changing the server IP address, as long as the change github.map.fastly.net this domain name can be, the user's Facebook.github.io domain name without modification.
because CNAME records are a replacement, so once you set up a CNAME record, you can't set up other records (such as A and MX records) to prevent conflicts. For example, foo.com points to bar.com, and two domains each have their own MX records, which can cause problems if they are inconsistent. Because top-level domains typically set up MX records, users are generally not allowed to set CNAME records on top-level domain names.
The PTR record is used to reverse the domain name from the IP address. The-x parameter of the dig command is used to query the PTR record.
$ dig-x 192.30.252.153
...
;; ANSWER section:
153.252.30.192.in-addr.arpa. 3600 in PTR pages.github.com.
The above results show thatthe domain name of the 192.30.252.153 server is pages.github.com.
one application of reverse query is to prevent spam, that is, to verify the sending of messages IP address, does it really have the domain name it claims.
The dig command can view the specified record type.
$ dig a github.com
$ dig NS github.com
$ dig MX github.com
Ix. Other DNS Tools
In addition to dig, there are some other gadgets that you can use.
(1) host command
The host command can be thought of as a simplified version of the dig command, returning various records of the current requested domain name.
$ host Github.com
Github.com has address 192.30.252.121
Github.com Mail is handled by 5 ALT2. Aspmx. L.google.com.
Github.com Mail is handled by ten ALT4. Aspmx. L.google.com.
Github.com Mail is handled by ten ALT3. Aspmx. L.google.com.
Github.com Mail is handled by 5 ALT1. Aspmx. L.google.com.
Github.com Mail is handled by 1 aspmx. L.google.com.
$ host Facebook.github.com
Facebook.github.com is a alias for github.map.fastly.net.
Github.map.fastly.net has address 103.245.222.133
The host command can also be used for reverse querying, that is, querying a domain name from an IP address, equivalent to Dig-x.
$ host 192.30.252.153
153.252.30.192.IN-ADDR.ARPA domain name pointer pages.github.com.
(2) nslookup command
The nslookup command is used to interactively query a domain name record.
$ nslookup
> Facebook.github.io
server:192.168.1.253
address:192.168.1.253#53
Non-authoritative Answer:
Facebook.github.io canonical name = Github.map.fastly.net.
Name:github.map.fastly.net
address:103.245.222.133
>
(3) whois command
The WHOIS command is used to view the domain name registration status.
$ whois github.com
Introduction to DNS Principles