This is the 13th day of my participation in the August More text Challenge. For details, see: August More Text Challenge

There was no DNS in the world, but as there were more websites, there was DNS.

DNS protocol

The Domain Name System (DNS) serves as the “pointer” to the Internet. Its function is straightforward: retrieve IP addresses from domain names.

When the Internet just appeared, there is no DNS, there is a special person to record the IP address of the URL to TXT text, for users to search. Later, more and more websites, TXT registration and query efficiency is too low, can not maintain, the emergence of the prototype of DNS.

DNS works according to the DNS protocol through Name Server servers scattered around the world. Here is the DNS protocol stack:

  1. It is generally believed that DNS protocol is located at the application layer.
  2. DNS query messages, small information, fixed format, so at the transport layer priority to use UDP protocol to send, the benefits of this is faster transmission rate! TCP is used only if there is no response;
  3. The default DNS server port is 53, and the client port is random.
  4. DNS protocol adopts the C/S request-reply model similar to HTTP, that is, the client initiates a query request to the server, and the server responds

Look at a real DNS request-reply message:

  • The client sends A request to port 53 of the DNS server to query the A address (IPV4 address) of “activity.windows.com “. You can see that THE UDP transmission is used

  • Server response, also using UDP transmission, the client will receive the information to verify;
  • The message also has 2 answers. One tells the client that “activity.windows.com “is actually pointing to another domain” activity-geo.trafficManager.net “(CName); The other is to return the IP address of the real domain name to the client to complete the response.
  • In the message, type A, type CName, is the DNS record type, which I will explain in detail below

DNS classification

To see how DNS works, let’s first parse a web address:

  • URL: The figure above is the URL we usually enter. In fact, it is a Uniform Resouce Locator (URL), which identifies the location of resources on the Internet. We know that a web page is actually an HTML file, so if you open this url, you will open the CORRESPONDING HTML file.

  • Data-flair. Training: That’s the domain name we applied for from the domain name registrar. It consists of two parts, the TLD (top-level domain name) and the SLD (sub-domain name). “.training” is a Top level domain (TLD) that we use when we register a domain name. Common top-level domains include country code /com/net/org. Data-flair “, also known as a second-level domain (SLD), is private and subordinates to the selected top-level domain (TLD);

  • WWW: this is our subdomain, which corresponds to the specific host. This subdomain is not required to apply to the domain name registrar, but can be specified by us.

  • Hierarchy of domain names: From top-level domains to subdomains, we can see that there is hierarchy of domain names. The host name. The subdomain name (SLD), also known as the domain name. The root domain name (root) # is host.sld.tdD. root as shown in the figure below:

  • Root domain name: In fact, our urls all end with a period “.”, this is the root domain name, because the root domain name is the same for all domains, so it is omitted. The root domain name is managed by a dedicated root DNS server, which we will discuss later in anyCast.

  • DNS hierarchies: Since domain names have hierarchies, so do the DNS that registers and manages them

A query

The DNS hierarchical mechanism is designed to cope with the increasing number of domain names and query requests. To speed up the query efficiency and reduce the pressure on the DNS server, follow the following principles when querying a domain name:

  1. The hierarchical query
    • Starting from the root domain name, the DNS records of each level domain name are queried in turn until the final IP address is found.
    • For example, a.com DNS server knows the address of the Google.com DNS server, and so on, and finally finds the IP address of host.

  1. Proximity principle:
    • The client first sends a query request to the local DNS(Resolver). If the local DNS has the corresponding cache, the client responds directly.
    • If there is no corresponding result, the local DNS sends a query request to the nearest root node through the resolver and performs a recursive query until the final result is returned.

Based on this, DNS supports two query modes: recursive query and iterative query.

The difference between the two is the subject of the query: if the query is executed by the local Name Server and returned to the client, the query is recursive. If the client directly executes the query to the Name Server of different levels, the query is iterative.

In general, recursive queries are used for two reasons:

  1. The local name server has higher performance and faster query speed.
  2. The queried results can be cached. The cached results can be used by all local clients, which is more efficient.

Recursive query

Let’s explain it step by step:

  1. After entering a web address, the browser on the client sends a query to the DNS cache and host file on the local computer. If there are corresponding records, the client returns the corresponding IP address immediately. The query is complete.
    • It is important to note that this return is non-authoritative and may lead to the wrong IP address
    • You can use the ipconfig/ displayDNS command to view the local cache, and use the ipconfig/flushdns command to clear the local cache.

  1. If no result is found in the local cache, the client initiates a query to the local Name server specified by the ISP based on the “proximity principle”. If there is a result in the LDNS, the query is complete. If no query result is displayed, the LDNS sends the query to the root DNS server based on the hierarchical query principle

  2. The root domain name returns the record and IP address of the TLD domain name. Then the LDNS sends a query to the TLD server, and then obtains the IP address of the target host and returns it to the client. The result is stored in the local LDNS with the time to live (TTL).

The above is the key content and working principle of DNS protocol, we will look at the DNS query process in detail in the next article.

Thank you for reading. If there are any inaccuracies or errors, please leave a message and correct them. I will correct them immediately.





Summary is not easy, please do not reprint privately, otherwise don’t blame the old man you are welcome

Welcome technical friends to communicate with me, wechat 1296386616

References:

“How to Choose a Perfect Domain Name — SEO Best Practices” Data Flair Data-Flair. Training/Blogs/SEO-D…

“Cloud DNS” Ali Cloud help.aliyun.com/document_de…

The working principle of the DNS and the difference between the recursion and iteration “WytheOnly blog.csdn.net/wytheonly/a…

Studies of DNS security Guo Juxia zhuanlan.zhihu.com/p/345791057