Introduction to DNS Principles

Source: Internet
Author: User
Tags tld dns tools domain name registration io domain io domain name mail exchange nslookup nslookup command

Guide DNS is one of the core Internet protocols. Whether it's surfing the web or programming, you need to know a little bit about it.
This article describes in detail the principle of DNS and how to use the tool software to observe its operation. My goal is that after reading this article, you will be able to fully understand DNS.
first, what is DNS?

The role of DNS (the domain name System abbreviation) is very simple, which is to isolate the IP address based on the domain name. You can think of it as a huge phone book.
For example, if you want to access the domain name math.stackexchange.com, first to find out through DNS that its IP address is 151.101.129.69.
If you do not know why you must find out the IP address in order to network communication.

second, the inquiry process

Although only one IP address needs to be returned, the query process for DNS is complex and is divided into multiple steps.
The tool software dig can display the entire query process.

$ dig math.stackexchange.com

The above command outputs six pieces of information.

The first paragraph is query parameters and statistics.

The second paragraph is the query content.

The above results indicate that a record of the query domain name math.stackexchange.com, A is the abbreviation of address.
The third paragraph is the reply of the DNS server.

The results above show that math.stackexchange.com has four A records, or four IP addresses. 600 is the TTL value (the abbreviation for Time to live), which indicates the cache times, i.e. no re-querying within 600 seconds.
The fourth segment shows the NS Records for stackexchange.com (abbreviated Name server), which servers are responsible for managing stackexchange.com DNS records.

The results above show that stackexchange.com has four NS records, four domain name servers, to which any query can know what the math.stackexchange.com IP address is.
The fifth paragraph is the IP address of the above four domain name servers, which are returned with the previous paragraph.

The sixth paragraph is some transfer information for the DNS server.

The results above show that the DNS server of this machine is 192.168.1.253, the query port is (the default port of the DNS server), and the response length is 305 bytes.
If you don't want to see so much content, you can use the +short parameter.

$ dig +short math.stackexchange.com151.101.129.69151.101.65.69151.101.193.69151.101.1.69

The above command returns only the 4 IP addresses of the math.stackexchange.com (that is, a record).

third, DNS server

Below we according to the previous example, step by step restore, this machine exactly how to get domain name math.stackexchange.com IP address.
First, the machine must know the IP address of the DNS server, or not on the network. Through a DNS server, you can know exactly what the IP address of a domain name is.

The IP address of the DNS server, which may be dynamic, is assigned by the gateway each time it is online, which is called the DHCP mechanism, or it may be a fixed address specified beforehand. Inside the Linux system, the IP address of the DNS server is saved in the/etc/resolv.conf file.
The DNS server in the example above is 192.168.1.253, which is an intranet address. There are some public network DNS servers that can also be used, the most famous of which is Google's 8.8.8.8 and level 3 of 4.2.2.2.
This machine only queries its own DNS server, and the dig command has an @ parameter that shows the results of queries to other DNS servers.

$ dig @4.2.2.2 math.stackexchange.com

The above command specifies 4.2.2.2 queries to the DNS server.

Iv. Hierarchy of domain names

How can a DNS server know the IP address of each domain name? The answer is a hierarchical query.
Take a closer look at the previous example, with one more point at the tail of each domain name.

For example, the domain name math.stackexchange.com is displayed as math.stackexchange.com. This is not negligence, but the tail of all domain names, in fact, there is a root domain name.
For example, the real domain name of www.example.com is Www.example.com.root, abbreviated to www.example.com. Because, root domain name. Root is the same for all domain names, so it is usually omitted.
The next level of the root domain name is called "Top-level domain" (top-level domain, abbreviated as TLD), such as. com,. NET, and next level called "Secondary domain name" (second-level domain, abbreviated as SLD), such as www.example.com inside the. example, this level of domain name is the user can register, and then the next level is the hostname (host), such as the www.example.com inside the WWW, also known as "three-level domain name", This is the name that the user assigns to the server in his or her domain, which the user can assign arbitrarily.
To summarize, the hierarchical structure of the domain name is as follows.

Hostname. Secondary domain name. Top-level domain name. The root domain # is host.sld.tld.root
Five, root domain name server

The DNS server makes hierarchical queries based on the hierarchy of domain names.
It should be clear that each level domain has its own NS record, and NS records the domain name server that points to that domain name. These servers know the various records for the next level of domain names.
The so-called "hierarchical query", that is, starting from the root domain name, and then query the NS records of each level domain name, until the final IP address is found, the process is generally as follows.

From "ROOT name server" to "top-level Nameservers" NS Records and a record (IP address) from "top-level Nameservers" to "sub-domain Name server" NS Records and a record (IP address) from "sub-domain Name server" isolated "hostname" IP address

Looking closely at the process above, you may find that there is no mention of how the DNS server knows the IP address of the "Root name server". The answer is that the NS records and IP addresses of the "root nameservers" are generally unchanged, so they are built into the DNS server.
The following is an example of a built-in Root name server IP address.

In the list above, the three NS records of the root domain name (. root) are listed a.root-servers.net, B.root-servers. NET and C.root-servers.net, and their IP addresses (that is, A records) 198.41.0.4, 192.228.79.201, 192.33.4.12.
In addition, you can see that the TTL value for all records is 3.6 million seconds, which is equivalent to 1000 hours. That is, the list of root name servers is only queried once every 1000 hours.
Currently, there are 13 groups of root name servers in the world, from A.root-servers.net to M.root-servers.net.

Vi. Examples of graded queries

The +trace parameter of the dig command can display the entire hierarchical query process for DNS.

$ dig +trace math.stackexchange.com

The first paragraph of the above command lists the root domain name. All NS records, that is, all root name servers.

Based on the built-in Root name server IP address, the DNS server issues a query request to all these IP addresses, and queries the NS records of Math.stackexchange.com's top-level domain name server com. The root name server that is first replied to will be cached and then sent only to this server for request.
Then the second paragraph.


The above results show the 13 NS records of the. com domain name, along with the corresponding IP address for each record.
The DNS server then issues query requests to these top-level nameservers and queries the NS records of Math.stackexchange.com's secondary domain stackexchange.com.

The above results show that stackexchange.com has four NS records, and also returns the corresponding IP address for each NS record.
The DNS server then queries the above four NS servers for the hostname of the math.stackexchange.com.

The results above show that math.stackexchange.com has 4 A records, that is, the four IP addresses can be accessed to the site. It also shows that the NS server that returns the results first is the NS-463.AWSDNS-57.COM,IP address of 205.251.193.207.

Seven, NS Records of the query

The dig command allows you to view the NS records for each level of domain separately.

The dig NS com$ dig ns stackexchange.com+short parameter can display simplified results. $ dig +short ns com$ dig +short NS stackexchange.com
VIII. record types for DNS

The correspondence between the domain name and the IP is called the record. According to the usage scenario, the "record" can be divided into different types (type), with a record and an NS record already seen in front.
The common DNS record types are as follows.

(1) A: Address record, which returns the IP address that the domain name points to. (2) NS: The name server record, which returns the server address that holds the next level of domain name information. The record can only be set to a domain name and cannot be set to an IP address. (3) MX: Mail record (mail eXchange), which returns the address of the server receiving the e-mail. (4) CNAME: Canonical name record (Canonical name), return another domain name, that is, the domain name of the current query is a jump to another domain name, see below. (5) PTR: Reverse lookup record (Pointer record), only used to query the domain name from IP address, see below.

In general, there should be at least two NS records for the security of the service, and A and MX records can have more than one, providing redundancy of the service to prevent a single point of failure.
CNAME records are primarily used for internal jumps of domain names, providing flexibility for server configuration, which is not perceived by users. For example, Facebook.github.io this domain name is a CNAME record.

$ dig facebook.github.io ...;; ANSWER SECTION:facebook.github.io. 3370    in  CNAME   github.map.fastly.net.github.map.fastly.net.  In  A   103.245.222.133

The above results show that Facebook.github.io's CNAME record points to github.map.fastly.net. In other words, when the user queries Facebook.github.io, the Github.map.fastly.net IP address is actually returned. The advantage is that when changing the server IP address, as long as the change github.map.fastly.net this domain name can be, the user's Facebook.github.io domain name without modification.
Since the CNAME record is a replacement, once the CNAME record is set, it is no longer possible to set up other records (such as A and MX records), in order to prevent conflicts. For example, foo.com points to bar.com, and two domains each have their own MX records, which can cause problems if they are inconsistent. Because top-level domains typically set up MX records, users are generally not allowed to set CNAME records on top-level domain names.
The PTR record is used to reverse the domain name from the IP address. The-x parameter of the dig command is used to query the PTR record.

$ dig-x 192.30.252.153 ...;; ANSWER Section:153.252.30.192.in-addr.arpa. 3600 in    PTR pages.github.com.

The above results show that the domain name of the 192.30.252.153 server is pages.github.com.
One application of reverse query is to prevent spam, that is, to verify the IP address of the sending message, and whether it really has the domain name it claims to have.
The dig command can view the specified record type.

$ dig a github.com$ dig ns github.com$ dig mx github.com
ix. Other DNS tools

In addition to dig, there are some other gadgets that you can use.

(1) host command

The host command can be thought of as a simplified version of the dig command, returning various records of the current requested domain name.

$ host github.comgithub.com has address 192.30.252.121github.com Mail was handled by 5 ALT2. Aspmx. L.google. COM.github.com Mail is handled by ten ALT4. Aspmx. L.google. COM.github.com Mail is handled by ten ALT3. Aspmx. L.google. COM.github.com Mail is handled by 5 ALT1. Aspmx. L.google. COM.github.com Mail is handled by 1 aspmx. L.google.com.
$ host facebook.github.comfacebook.github.com is a alias for Github.map.fastly.net.github.map.fastly.net have address The 103.245.222.133host command can also be used for reverse querying, i.e. querying a domain name from an IP address, equivalent to Dig-x.
$ host 192.30.252.153153.252.30.192.IN-ADDR.ARPA domain name pointer pages.github.com.
(2) nslookup command

The nslookup command is used to interactively query a domain name record.

$ nslookup> facebook.github.ioServer:     192.168.1.253Address:    192.168.1.253#53non-authoritative Answer: Facebook.github.io  Canonical name = Github.map.fastly.net.Name:   
(3) whois command

The WHOIS command is used to view the domain name registration status.

$ whois github.com

Introduction to DNS Principles

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.