As mentioned above, accessing a machine depends on the IP address and MAC address. The MAC address can be obtained through the ARP Protocol. Therefore, this is transparent to users, but the IP address cannot be used, in any case, users need to use a specified IP address to access a computer, and the IP address is not easy to remember, so a DNS system appears.
1. DNS SYSTEM INTRODUCTION
The full name of DNS is domain name system. It is responsible for translating the FQDN (the name ending with ".") into an IP address. The initial dnssystem uses a huge hosts.txt file (surprised, how can this be used ?), However, the development requires that the data warehouse be replaced by the hosts.txt file, and finally the distributed database is developed.
From the 143 page of the book, we can see that the DNS system is a huge tree with an unsung root at the top. The next layer is ARPA, COM, Edu, Gov, Int, Mil, us, CN. Among them, Arpa is the top of the domain name anti-resolution tree, while com, Edu, and other domain names are originally used only in the United States (this is the technical privilege), but now almost all over the world; us, CN, and so on are called country domains. The domain names in this tree are not centrally managed. The Network Information Center (NIS) is responsible for assigning top-level domains to authorization institutions in other designated regions.
An independently managed DNS subtree is calledZoneThe most common area is the second-level domain name, such as .com.cn. We can also divide this second-level domain name into smaller areas, such as sina.com.cn.
The DNS system is a distributed database. When a database finds that it does not have the data required for a query, it forwards the query, and the forwarding destination is usually the root server, the root server forwards queries from top to bottom until the target is found. Another feature of DNS is its high-speed cache. DNS caches the queried data somewhere for use in the next query.
2. DNS protocol
A dns message defines a message format that can be queried or responded. For specific formats, see p145. The fields are briefly described as follows:
- The first 16 bits uniquely identify the problem number, which is used by the query end to differentiate itself from the query.
- The next 16 bits can be further subdivided to indicate the nature and details of the message, such as querying or responding to the message, whether or not recursive query is required (generally, the server supports recursive query without any settings. This is the case for BIND)
- Query problems are followed by query types, including a, NS, cname, PTR, HINFO, and MX. If you are familiar with bind, you will know in Zong's configuration file, each record records its own type. For example, a is an IP address, and NS is a name server.
- Response packets can reply to multiple IP addresses, that is, the domain name can correspond to multiple IP addresses, and there are many cname.
3. Reverse Query
Forward query refers to the query of the IP address obtained through the domain name, and reverse query refers to the query of the domain name obtained through the IP address. For exampleHostCommand,Host IPYou can get the Domain Name of the server,Host domainnameThe IP address is obtained.
People who know a little about the data structure can realize that reverse queries are performed in the forward query domain. The only way to do this is to traverse the entire data set-for DNS, that is, traverse the entire database, this will bring a huge burden, so DNS adopts another method, using another subtree to maintain the corresponding table of IP-> domain name. The root node of this subtree is a in-addr.arpa, And the DNS address of an IP such as 192.168.11.2 is 2.11.168.192.in-ADDR. ARPA (IP inversion ). In the DNS system, a reverse address corresponds to a PTR record (corresponding to a record), So reverse query is also called a pointer (PTR) query.
4. Other questions 4.1.dns high-speed cache
Bind9 is a high-speed cache server by default. It transfers all the queries to the root server, and then obtains the results and places them in the local buffer to speed up the query. If you are interested, install bind9 and try it. The custom zone can specify the cache time, usually one day (1d in the configuration file ).
4. 2. Use UDP or TCP
The DNS server supports both TCP and UDP protocols, and the port number is 53. Most of the queries are UDP queries. Generally, TCP queries are required in two cases:
- When the data size is so large that data truncation (TC mark 1) occurs, you need to use the TCP fragment capability for data transmission (see the relevant chapter of TCP ).
- When the master Server communicates with the slave server, the slave server obtains the zone information of the master server.
End