Java internal DNS query implementation and parameter settings

Java internal DNS query implementation and parameter settings
1. Java internal DNS query

Java uses its own internal domain name implementation mechanism for domain name query, and finally submits it to InetAddress for DNS resolution.

Source code analysis reference:

// Query the domain name String dottedQuadIpAddress = InetAddress. getByName ("blog. arganzheng. me "). getHostAddress (); // The domain name InetAddress [] addresses = InetAddress. getAllByName ("8.8.8.8"); // ip or DNS namefor (int I = 0; I <addresses. length; I ++) {String hostname = addresses [I]. getHostName (); System. out. println (hostname );}

Ii. jndi dns service provider settings)

Http://docs.Oracle.com/javase/7/docs/technotes/guides/net/properties.html

Sun.net. spi. nameservice. provider. <n >=< default | dns, sun |...> specifies the name service provider that you can use. by default, Java will use the system configured name lookup mechanism, such as file, nis, etc. you can specify your own by setting this option. <n> takes the value of a positive number, it indicates the precedence order with a small number takes higher precendence over a bigger number. aside from the default provider, the JDK has des a DNS provider named "dns, sun ".

Prior to JDK 7, the first provider that was successfully loaded was used. in JDK 7, providers are chained, which means that if a lookup on a provider fails, the next provider in the list is consulted to resolve the name.

This parameter is important to distinguish jdk versions. Before jdk 7, only the provier of the first setting takes effect. After jdk 7 and later, the provider chain takes effect. From the first one, the parsing is successful.

Java has two implementations:

Default: It is equivalent to setting System. setProperty ("sun.net. spi. nameservice. provider.1", "default"). The specific resolution process is System Call and depends on the System's DNS resolution method.

In linux, the default DNS method is to read/etc/resolv. conf for DNS resolution.

Mac requests the DNS server from the Gateway by default, and then directly requests the DNS server for resolution without reading/etc/resolv. conf.

<Dns, sun>: System. setProperty ("sun.net. spi. nameservice. provider.1", "dns, sun"); read/etc/resolv. conf for DNS resolution.

Sun.net. spi. nameservice. nameservers = <server‑ipaddr, server2_ipaddr...> you can specify a comma separated list of IP addresses that point to the DNS servers you want to use. if the sun.net. spi. nameservice. nameservers property is not defined, then the provider will use any name servers already configured in the platform DNS configuration.

Sun.net. spi. nameservice. domain = <domainname> This property specifies the default DNS domain name, for instance, eng.example.com. if the sun.net. spi. nameservice. domain property is not defined then the provider will use any domain or domain search list configured in the platform DNS configuration.

 

Provider using dnsjava:

1. Add the dnsjava package to the project.

2. Set provider: System. setProperty ("sun.net. spi. nameservice. provider.1", "dns, dnsjava ");

Dnsjava's provider has powerful functions:

There's no standard way to determine what the local nameserver or DNS searchpath is at runtime from within the JVM.  dnsjava attempts several methodsuntil one succeeds. - The properties 'dns.server' and 'dns.search' (comma delimited lists) are   checked.  The servers can either be IP addresses or hostnames (which are   resolved using Java's built in DNS support). - The sun.net.dns.ResolverConfiguration class is queried. - On Unix, /etc/resolv.conf is parsed. - On Windows, ipconfig/winipcfg is called and its output parsed.  This may   fail for non-English versions on Windows. - As a last resort, "localhost" is used as the nameserver, and the search   path is empty.

Refer:

Http://www.xbill.org/dnsjava/dnsjava-current/README

Http://stackoverflow.com/questions/5668058/how-to-change-the-java-dns-service-provider

Iii. jvm dns Cache

If security manager is enabled, it is cached permanently, but generally, security manager is not started.

You can set no cache in the program or in the startup parameters.

java.security.Security.setProperty("networkaddress.cache.ttl" , "0")

If security manager is not enabled, JDK versions must be differentiated:

1.5 and later, java caches DNS resolution IP addresses. The default cache timeout value is-1 (permanent cache before JVM restart)

1.6 and above, the cache time is based on ttl.

Refer:

Http://docs.oracle.com/javase/1.5.0/docs/guide/net/properties.html

Http://docs.oracle.com/javase/7/docs/technotes/guides/net/properties.html

Set ttl: When the command starts JVM, set the parameter "-Dnetworkaddress. cache. ttl = 60 -Dsun.net. inetaddr. ttl = 60"

4. Does the Linux server use the dns Cache and ttl?

Linux itself does not have dns Cache. If you want to use dns cache, you need to install a service program NSCD.

$ Ps aux | grep nscd available for viewing

Related questions:

5. nginx implements dns resolver and caches dns. 6. ping the entire process of an unknown domain name (depending on the operating system)

Host A and B (no longer the same network segment), host B has A domain name assumed to be www.baidu.com
1. Run the "ipconfig/flushdns" command on the local host A to clear the local DNS cache;
2. Run the "arp-d" command on the local host A to clear the arp cache.

Host A Then ping www.baidu.com (that is, the domain name of host B)

In this process, what message interaction occurs?

Ideas:

1. To run the ping command, host A must convert the domain name to an IP address, so there must be a dns resolution process;
2. Before DNS resolution, host A must know the MAC address of its default gateway, which involves ARP resolution;
3. The ping Command itself is an ICMP echo request, so there must be an ICMP Echo Request interaction.

The entire process is as follows:

(Refer to the ping process across CIDR blocks. Here, we assume that the DNS server and host A are not in the same CIDR block, if the two are in the same CIDR block, I want to get the mac address of the DNS server through simple arp without going through the gateway)
1. host a sends arp request packets to mac as FFFFFF-FFFFFF, destination IP as gateway IP address, and obtain the gateway MAC address;
2. the router (the default gateway of host A) sends the ARP reply packet of the target mac address A and the target IP address A to inform gateway A of the mac address;
3. After obtaining the mac address of the Gateway, A sends a dns query packet to the gateway. The destination mac address is the mac address of the gateway and the destination IP address is the IP address of the DNS server;
4. after the gateway receives the DNS query packet, the packet splitting check finds that the DNS query encapsulates the corresponding (query) information and sends the packet to the DNS server. The destination IP address is the IP address of the DNS server, the target mac is the next-hop mac, and the IP address of the domain name is resolved to the DNS server;
5. After DNS resolution, host A knows the IP address of the domain name to be pinged;
6. the rest of the ping process is the same as ping A specific IP address. First, determine whether the IP address of the ping command is in the same CIDR block as the IP address of the ping command, if the IP address is in the same CIDR block, it is equivalent to ping the IP address in the same CIDR block. If the IP address is not in the same CIDR Block, the ping of the IP address in different CIDR blocks does not need to be resolved.

This article permanently updates the link address: