The working principle and analysis of DNS

first, what is DNS.

DNS (domain Name System) is the abbreviation for the name systems, a computer and network service naming system that is organized into a domain hierarchy that is used by TCP/IP networks and provides services for converting host names and domain names to IP addresses. You can think of it as a huge phone book.
For example, if you want to access the domain name math.stackexchange.com, first you have to find out through DNS that its IP address is 151.101.129.69.
If you do not know why the IP address must be identified in order to conduct network communications, I suggest that first read the Internet Protocol I wrote the introduction.

DNS is such a "translation officer", its basic work can be shown in the following figure:

II. spatial structure of DNS domain name

As a hierarchical and distributed database, the domain Name system contains various types of data, including host names and domain names. The name in the DNS database forms a hierarchical tree structure called the domain namespace.

Root domain: DNS domain name used in the rule by the tail period '. ' To specify the domain hierarchy where the name is located at the root or higher level.

Top-level domain: Used to indicate a country, region, or organization. Three characters are used, such as COM-> Commercial Company, Edu-> educational institution, net-> network company, Gov-> non-military government agency and so on.

Secondary domain: The registered name that an individual or organization uses on the Internet. Use two characters, such as: CN-> on behalf of China, JP-> Japan, UK-> United Kingdom, HK-> Hong Kong and so on.

Host: Host name in the domain name space structure of the lowest level, host name and domain name combined to form the FQDN, host name is the most left part of the FQDN.

iii. access process for DNS

DNS is an application-tier protocol that is actually working for other application-tier protocols, including not limited to HTTP and SMTP and FTP, to resolve user-supplied host names to IP addresses.
The specific process is as follows:
The client that runs DNS on the ① user host is our PC or mobile client running the DNS client.
The ② browser extracts the domain name field from the URL that is received, that is, the host name that is accessed, such as http://www.baidu.com/, and the host name is passed to the client of the DNS application.
③dns the client side sends a query message to the DNS server that contains the name segment of the host to be accessed (the middle includes some column cache queries and the work of the distributed DNS cluster).
④ The DNS client eventually receives an answer message that contains the IP address of the host name.
⑤ once the browser receives an IP address from DNS, it can initiate a TCP connection to the HTTP server where the IP address is located.

Iv. The architecture of DNS services

The role of the DNS service: the domain name resolved to the IP address, the IP address resolution to the domain name.

Assume that some applications running on the user's host, such as the Webl browser or mail reader, need to convert the hostname to an IP address. These applications will invoke the client side of DNS and indicate the hostname that needs to be converted. (on many unix-based machines, applications need to invoke function gethostbyname () to perform this transformation.) After receiving the DNS client of the user host, send a DNS query message to the network. UDP datagrams used by all DNS requests and response messages are sent via port 53 (for why UDP is used, see why there are only 13 domain name root servers). -Guo unintentional answer the DNS client on the user host receives a DNS reply message that provides the desired mapping after several MS delays to several s. This query result is passed to the application that invoked DNS. So, from the point of view of invoking the application from the user host, DNS is a black box that provides a simple, direct conversion service. In fact, the black box that implements this service is very complex, consisting of a large number of DNS servers distributed around the world and application layer protocols that define the way DNS servers communicate with query hosts.

v. Why DNS does not use a single point of centralized design, but rather the way in which distributed clusters work.
A simple design pattern for DNS is to use only one DNS server on the Internet, which contains all the mappings in which the client sends all query requests directly to a single DNS server, and the DNS server responds directly to all query clients. Although this design method is very tempting, it does not apply to the current Internet. Because today's internet has a large number and continues to grow in the host, this centralized design will have a single point of failure, communication capacity (hundreds of millions of hosts sent query DNS message requests, including but not limited to all HTTP requests, e-mail message server, TCP long connection service), Long-distance delays (examples from Australia to New York) are costly to maintain (since all hostname-ip mappings are updated at a service site).

The DNS server is typically divided into three types, the root DNS server, the top-level DNS server, and the authoritative DNS server.

Vi. working process of the DNS service

When a DNS client needs to query the name used in a program, it queries the local DNS server to resolve the name. Each query message sent by the client includes 3 messages to specify the question the server should answer.
The specified DNS domain name, which is represented as a fully qualified domain name (FQDN).
The specified query type, which can specify resource records based on type or as a specialized type of query operation.
The specified category for the DNS domain name.
For DNS servers, it should always be specified as an Internet category. For example, the specified name can be a fully qualified domain name for the computer, such as im.qq.com, and the specified query type is used to search for an address resource record through that name.
DNS queries are parsed in a variety of different ways. Clients can sometimes answer queries in place by using cached information obtained from a previous query. The DNS server can use its own resource record information cache to answer queries, or to query or contact other DNS servers on behalf of the requesting client, to fully resolve the name, and then return the answer to the client. This process is called recursion.
In addition, the client itself can try to contact other DNS servers to resolve the name. If the client does so, it uses a separate and additional query based on the server answer, called an iteration, that is, the interactive query between DNS servers is an iterative query.

The DNS query process looks like this:

1, in the browser to enter the www. QQ. com domain name, the operating system will first check their local hosts file whether there is this URL mapping relationship, if there is, first call this IP address mapping, complete the domain name resolution.
2, if the hosts do not have this domain name mapping, then look for the local DNS parser cache, whether there is this URL mapping relationship, if any, direct return, complete the domain name resolution.
3, if the hosts and the local DNS resolver cache have no corresponding URL mapping relationship, first find the TCP/IP parameters set in the preferred DNS server, where we call it a local DNS server, when the server receives a query, if the domain name to query, included in the Local Configuration zone resources, Then return the result to the client, complete the domain name resolution, this resolution is authoritative.
4, if you want to query the domain name, not by the local DNS server zone resolution, but the server has cached this URL mapping relationship, then call this IP address mapping, complete domain name resolution, this resolution does not have authority.
5, if the local DNS server local zone file and cache resolution are invalid, queries are based on the local DNS server's settings (whether to set up forwarders), and if the forwarding mode is not used, local DNS sends the request to 13 root DNS, and the root DNS server determines the domain name (. com) when it receives the request. Who is authorized to administer and will return an IP that is responsible for the top-level domain server. When the local DNS server receives IP information, it will contact this server responsible for the. com domain. When the server that is responsible for the. com domain receives the request, if it cannot resolve it, it will find a next-level DNS server address (http://qq.com) to the local DNS server that manages the. com domain. When the local DNS server receives this address, it will look for the http://qq.com domain server, repeat the above action, and query until you find www. QQ. com host.
6, if the use of forwarding mode, the DNS server will forward the request to the first level of DNS server, by the previous server to resolve, if the server can not be resolved, or to find root DNS or transfer requests to the superior, to this cycle. Whether the local DNS server is forwarded or root prompted, the result is returned to the local DNS server, which is then returned to the client.
The client to the local DNS server is a recursive query, and the interactive query between DNS servers is the iterative query.