Source: http://369369.blog.51cto.com/319630/812889
Most of the network traffic is based on TCP/IP, and TCP/IP is based on the internet, so when the computer communicates on the network, it can only recognize IP addresses such as "202.96.134.133" and not know the domain name. We can not remember more than 10 IP addresses of the site, so when we visit the site, more is to enter the domain name in the browser address bar, you can see the required page, this is because there is a "DNS server" computer automatically put our domain name "translated" into the corresponding IP address, Then bring up the page that corresponds to the IP address.
What is DNS?
DNS, the domain Name System, is the acronym for a domain-organized hierarchy of computers and network service naming systems that are used in TCP/IP networks that provide services that are used to convert host names and domain names to IP addresses. DNS is such a "translator", its basic principles of work can be expressed.
DNS domain name
The domain Name system is a hierarchical and distributed database that contains various types of data, including host names and domain names. The names in the DNS database form a hierarchical tree structure called the domain namespace. The domain name contains a single label divider, for example: im.qq.com.
The fully qualified domain name (FQDN) uniquely identifies the location of the host in the DNS hierarchy tree, separating the list of names from the root-referenced host by the specified path. Shows an example of a qq.com DNS tree with a host called IM. The FQDN of the host is im.qq.com.
Name hierarchy of the DNS domain
How DNS domain name spaces are organized
The five categories that describe DNS domain names in their functional namespaces are described in the following table, as well as examples with each name type.
DNS and Internet domains
The Internet domain Name System is maintained by the name Registration Authority, which is managed by the organization and the top-level domain of the country/region on the Internet. These domains are in accordance with international standard 3166. Some of the many existing abbreviations that are reserved for use in organizations, as well as two-letter and three-letter country/region abbreviations are shown in the following table. Some common DNS domain names are called:
Resource records
The resource record (RR) that is contained in the DNS database. Each RR identifies a specific resource in the database. When we set up a DNS server, records such as soa,ns,a are often used, and mx,cname records are used when maintaining a DNS server.
Common RR See:
The working process of the DNS service
When a DNS client needs a name that is used in a query program, it queries the local DNS server to resolve the name. Each query message sent by the client includes 3 messages to specify the question the server should answer.
Specifies the DNS domain name, expressed as a fully qualified domain name (FQDN).
Specifies the type of query that can specify resource records by type, or as a specialized type for query operations.
The specified category of the DNS domain name.
For DNS servers, it should always be specified as the Internet category. For example, the specified name can be a fully qualified domain name for the computer, such as im.qq.com, and the specified query type is used to search for address resource records by that name.
DNS queries are parsed in a variety of different ways. Clients can sometimes answer queries in place by using the cached information obtained from previous queries. The DNS server can use its own resource record information cache to answer queries, or it can query or contact other DNS servers on behalf of the requesting client to fully resolve the name and then return the answer to the client. This process is called recursion.
Alternatively, the client can attempt to contact another DNS server to resolve the name itself. If the client does this, it uses stand-alone and additional queries based on server answers, called iterations, where an interactive query between DNS servers is an iterative query.
The process for DNS queries is as shown.
1, enter the www.qq.com domain name in the browser, the operating system will first check their local hosts file whether there is this URL mapping relationship, if there is, first call this IP address mapping, complete the domain name resolution.
2, if the hosts do not have this domain name mapping, then find the local DNS resolver cache, whether there is this URL mapping relationship, if there is, direct return, complete the domain name resolution.
3, if the hosts and the local DNS resolver cache does not have the corresponding URL mapping relationship, first will find the TCP/IP parameters set in the preferred DNS server, where we call it a local DNS server, when the server receives the query, if the domain name to query, included in the Local Configuration zone resources, The parsing result is returned to the client and the domain name resolution is completed, which is authoritative.
4, if the domain name to be queried is not resolved by the local DNS server zone, but the server has cached this URL mapping relationship, call this IP address mapping, complete the domain name resolution, this resolution is not authoritative.
5, if the local DNS server local zone file and cache resolution are invalidated, according to the local DNS server settings (whether set forwarders) to query, if not in the forwarding mode, local DNS will send the request to 13 root DNS, the root DNS server receives the request will determine the domain name (. com) Who is authorized to administer and returns an IP that is responsible for the top-level domain name server. After the local DNS server receives the IP information, it will contact the server responsible for the. com domain. After the server that is responsible for the. com domain receives the request, if it cannot resolve itself, it will find a management. com domain's next-level DNS server address (qq.com) to the local DNS server. When the local DNS server receives this address, it will find the qq.com domain server, repeat the above action, query until the www.qq.com host is found.
6, if the use of a forwarding mode, this DNS server will forward the request to the first level of DNS server, from the previous level of the server to resolve, the previous level of the server if it can not resolve, or find root DNS or transfer requests to the upper ancestor, in this cycle. Whether the local DNS server uses either forwarding or root hints, the result is returned to the local DNS server, which is then returned to the client.
From the client to the local DNS server is a recursive query, and the DNS server is an interactive query between the iterative query.
Appendix:
Local DNS configuration forwarding and non-configured forwarding packet analysis
Create a new DNS, specifically how to build me here no longer described, see my previous post, "Install bind in Win2003" Deploy smart DNS "
1, the DNS server does not set the forwarding
Install the Wireshark software on the 192.168.145.228 server, and open it, set the packet to UDP filtering, 192.168.145.12 client on the nslookup command to query www.sohu.com, immediately see the local DNS server directly to the global 13 units A few of the root domains, and then step-by-step parsing, through a recursive way, until the www.sohu.com corresponding IP is found to be 220.181.118.87.
After the local DNS server obtains the www.sohu.com IP, it returns the IP to the 192.168.145.12 client and completes the parsing.
2. DNS Server settings forwarding
Because www.sohu.com domain name in the first step of the verification used, there is a cache, in order not to be affected by the previous step experiment, we 192.168.145.12 on the client nslookup www.baidu.com. From the figure, the local DNS forwarded the request to the 192.168.133.10 server, the 133.10 server returned the resulting IP to the local DNS, and then the local DNS IP to the DNS client, complete the resolution.
The principle of DNS and its parsing process