Home > Internet > Online Trends

DNS Resolution Process

Source: Internet
Author: User
Keywords dns dns resolution dns resolution process
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
DNS
DNS (Domain Name Service) domain name resolution service is to do the corresponding conversion between the domain name and ip, using TCP and UDP port 53
DNS system function:

Forward resolution: Find the corresponding ip address according to the domain name
Reverse analysis: Find the corresponding domain name according to the ip address
Classification of DNS servers:

Primary name server: The DNS server that stores the relevant settings in the zone, which stores the original data of the zone file
Secondary name server: copy data from other servers, the data is a copy and cannot be modified
Master name server: Provides DNS servers that tend to replicate data
Cache domain name server: obtain the resolution relationship between domain name and ip through query like root or other servers, cache query results locally, and improve the speed of repeated search
Domain transfer vulnerability
Domain transfer: refers to the backup server copying data from the main server and updating its own database with the obtained data. To synchronize the database between the active and standby servers, you need to use "DNS domain transfer".

Domain transfer vulnerability: It is caused by improper DNS server configuration, which causes anonymous users to obtain all DNS records of a certain domain by using the DNS domain transfer protocol.

The harm of domain transfer vulnerability: The network topology is leaked to potential attackers, including some internal hosts with low security, such as test servers. Directly accelerate and facilitate the attacker's invasion process.

Testing process:

1) Enter the nslookup command to enter the interactive shell: nslookup
2) The server command parameter setting queries the DNS server to be used: server dns server
3) The ls command lists all domain names in a domain: ls domain name
4) exit command to exit




Domain name space structure
Root domain (.)

Top-level domains (top-level domains include organization domains and country/regional top-level domains (net, edu, com, gov, mail, org, cn, uk...)

   --Organization top-level domain (net, edu, com, gov, mail, org...)

   --Country/region top-level domain (cn, uk...)

Second-level domain names (baidu, taobao...)

Third-level domain name (www, mail...)

Organization top-level domain

Description

gov

Government department

com

Business sector

edu

Education sector

org

Civil society organization

net

Network Service Agency

mil

Military department

National top-level domain

Description

cn

China

hk

China Hong Kong

uk

United Kingdom



 



DNS resolution process


DNS domain name resolution process:

When the client accesses the domain name, first check the DNS cache of its own host (with time limit), if the host DNS cache has it, then directly access the corresponding ip.

If the host DNS cache is not available, check the local hosts file.

If the hosts file does not exist, the request is sent to the domain name server designated by the host. After receiving the request, the domain name server first queries the local cache. If there is the record item, the domain name server directly returns the query result. If the record does not exist in the cache of the specified domain name server, the following iterative query is performed.

[Iterative query]

The local domain name server queries the root domain name server, and the root domain name server tells it where to look next, and then it queries down layer by layer according to the results until the final result is obtained. Each time it queries each server as a DNS client, that is, iterative query is an operation performed by the local server.

Specific process description:

(1) User host A first recursively query abc.exmaple.com with local domain name server B

(2) B first tries to query abc.exmaple.com using local DNS records. If there is no record of abc.example.com locally, B initiates iterative query abc.example.com as a DNS client

(3) B queries a root domain name server C for abc.example.com

(4) The root domain name server C tells B to go to the .com top-level domain name server D to inquire next, and inform D's IP address 1.2.3.4

(5) B queries the .com top-level domain name server D

(6) D tells the local domain name server B, the next step, please go to the .example.com authority server E to inquire, and inform E’s IP address 2.3.4.5

(7) B queries the .example.com authority server E

(8) E tells the local domain name server B whether the host of the domain name abc.example.com queried exists, and informs its IP address 3.4.5.6

(9) The local domain name server B reports back to the user host A that the IP address of the queried domain name abc.exmaple.com is 3.4.5.6

So, priority: local DNS cache> hosts file> DNS server
The storage path of the hosts file in windows: C:\Windows\System32\drivers\etc\hosts
The storage path of the hosts file in Linux: /etc/hosts

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
dns resolution test dns resolution order local dns resolution testing dns resolution trace dns resolution name resolution dns dns resolution check
Related Article
Getting Started with CDN
Front-end Must Learn: CDN Acceleration Principle
Elements of CDN Network
Understand the Principle of CDN Acceleration in One Article
Cloud Security Issues Derived from the Development of Cloud C...
8 New Types of Attacks Facing the Cloud Environment

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

Hot Article
Hot Tags
computing conference access forum computer class data get http html applications
Popular Keywords
html add blank space register business logo register ssl certificate full site sign in sign up node js build cloud register register a subdomain in python network management system tutorial how to learn computer science by myself

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More