What is DNS?

DNS: Domain Name System. The system provides an Internet service that resolves a specific domain name into an IP address. It is essentially a distributed database that stores mappings from domain names to IP addresses. It is one of many protocols at the heart of the Internet today.

There is a point of view that “Internet” is not the same as “Internet” in a strict sense. The details can be seen in Lv Shuwang’s report on “There is no Internet in China”. Although I also hold the same view, since the general public has already identified the two, and history is made by great people, so the exposition in this paper will also equate the two without distinguishing them.

What does DNS do?

Chapter 42 of Laozi’s Tao Te Ching says, “Tao begets one, life begets two, two begets three, and three begets all things.” Everything always develops slowly from relative “nothing” to relative “being”. Therefore, I think that to understand the meaning of a thing, we can begin by understanding how it was born. So next, let’s take a look at the RESUME of DNS.

A brief history of DNS

If we look a little bit, we know that to talk about the birth of DNS, we have to talk about the birth of IP addresses; To talk about the birth of IP addresses, we have to talk about the birth of computer networks……

In fact, a more specific chain of birth traces looks like this:

DNS -> IP Address -> Computer Network -> Network -> (electronic) computerCopy the code

The answer to the question of who invented the first electronic computer has always been controversial. However, it is generally acknowledged that the first modern electronic computer in human history was born in 1946 at the University of Pennsylvania ENIAC.

Well, now that we have the “modern” electronic computer, let’s trace back to when and how the first computer networks were created.

You can’t talk about the first computer network without the word “ARPA.” ARPA stands for Advanced Research Project Agency. We translate it as “(Defense) Advanced Research Projects Agency” (some people translate it as “(Defense) Advanced Research Projects Agency,” whatever), which, as its name suggests, is an official organization under the federal government of the United States. Without further ado, the first computer network was created to serve ARPA, or “ARPANET.” Our story begins with ARPANET.

The idea of creating a network of connected computers was developed by J. C. R. Licklider, Then The ARPANET project was formally proposed by Robert Taylor, the later director of the Information Processing Techniques Office of ARPA. At the invitation of Robert Taylor, Larry Roberts was appointed project manager for the project. Larry Roberts would later become known as the father of ARPANET.

In 1969, ARPANET was officially commissioned. When ARPANET began, it used NCP to connect a small number of computer networks. With the abandonment of NCP in favor of TCP/IP and the growing number of computers, ARPANET grew in size. The original way of keeping track of the Information of each host in the Network by a single-layer organizational structure and centralized hosts.txt file (which is maintained by the SRI NIC(Network Information Center, also known as SRI-NIC)) is no longer feasible:

This causes the following problems:

  1. Traffic and load problems. The sRI-NIC lines are overwhelmed by the network traffic and the load on the distribution host caused by the file distribution.
  2. Name conflicts. The hosts. TXT file must contain unique host names, but HOSTS on the network cannot be restricted to use the same name, which damages normal application services on the network.
  3. Consistency issues. It is becoming increasingly difficult to maintain consistency in hosts.txt files on an expanding network. Before the new file reaches the edge of the ARPANET, a new host is added to the other end or the host changes its address.

Paul Mockapetris struggled with the idea of making the host recognizable by name while increasing the flexibility of the system architecture and removing unnecessary restrictions when extending. Before he can actually produce a framework, he must figure out how to organize the allocation of domain names. It paid off, and he invented DNS in 1983. In 1986, after the creation of the Internet Engineering Task Force (IETF), DNS became one of the many original Internet standards (RFC 882). Subsequent drafts 1034 and 1035, issued in 1987, amended the DNS technical specification and repealed the previous drafts 882 and 883. Since then, revisions to the Draft Internet standard have made few major changes to the DNS technical specification.

Early domain names must be in. At the end. For example, when a user accesses the HTTP service at www.wikipedia.org, we have to type www.wikipedia.org. (note that there is a dot here) in the address bar so that DNS can resolve the domain name. DNS servers can now automatically fill in ending Periods in English.

summary

In the beginning, we used the hosts.txt file to record information about each host to facilitate communication between HOSTS in the interconnected computer network. A host name is simply a name made up of a word or phrase.

Later, we used multi-tier DNS instead of hosts.txt files, and domain names became formatted and rule-based.

From hosts.txt to DNS, the original intention remains the same. That’s how to get humans to use IP addresses with semantically named names. The solution to this problem is to add a medium between man and machine. This medium, which used to be hosts.txt, is now DNS.

Finally, returning to the topic of this section: “What does DNS do?” . A: “DNS keeps the mapping between domain names and IP addresses, allowing us to access a specific host in a vast network of computers using domain names.”

How DNS works

Before understanding the DNS resolution process, you must first understand the DNS organizational structure.

DNS Architecture

DNS system architecture is composed of two parallel subsystems. One is an organizational system for business operations and the other is a server hierarchy system for technical implementation. As the name implies, an organization system is composed of different organizations, while a server hierarchy system is composed of DNS servers at different levels. Both are equivalent to a certain extent, and both are tree-like hierarchical structures. By understanding both systems, we can understand DNS in a more three-dimensional, comprehensive way.

Organizational system

1. The IANA with ICANN

IANA: Internet Assigned Numbers Authority. IANA is undoubtedly the root node in the tree of organizational systems. Its job is to determine which TLDS (Top Level domains) will be used and which organizations can own them. In general, IANA assigns these top-level domains to organizations, from governments to coalitions to nonprofits to corporations.

How many top-level domains are there in the world? 300? 500? No, more than a thousand. The usual “.com “, “.cn “, “.org “and so on are top-level domains. A complete list of TLD’s can be viewed here.

IANA is often accompanied by ICANN (The Internet Corporation for Assigned Names and Numbers). The first name in ICANN mainly refers to a domain name, and the number currently refers to an IPV4 address. IANA is the main function of ICANN, that is, ICANN manages IANA. ICANN is also responsible for the l-root DNS root server. In a lot of cases, people don’t distinguish between the two, IANA is ICANN, and ICANN is IANA.

2. ISC

ISC stands for Internet Systems Consortium, Inc. It is a non-profit organization registered in the state of Delaware. ISC supports and develops common Internet technologies by developing and maintaining enterprise-level software, such as the commonly used BIND software package. It currently operates f-root, one of the world’s 13 DNS root servers.

3. Verisign

Verisign Inc. is an American company based in Reston, Virginia, which operates A variety of network infrastructures, including two of the Internet’s thirteen root domain name servers (A-root and J-root),.com, .net and. Name are common authority registries.

4. CNNIC

CNNIC, the full name of “China Internet Network Information Center”, namely China Internet Information Center. CNNIC is an Internet management and service organization established on June 3, 1997. At first it was the Chinese Academy of Sciences, but later it was the Office of the Central Cyberspace Affairs Commission. Now, its headquarters is in Building 1, Software Park, Chinese Academy of Sciences, No.4 Nansi Street, Zhongguancun, Beijing:

Baidu Encyclopedia said that CNNIC is China’s domain name registration authority and the root server operation agency. Responsible for the operation and administration of national top-level domain name. Cn, Chinese domain name system.

That’s a euphemism. In fact, CNNIC not only manages all the domain names under.cn, but also all the domestic domain names (those registered with domain name registrars in mainland China). Its ability to reclaim any domestic domain name and the existence of a filing policy is a case in point.

Other institutions like CNNIC are the Hong Kong Internet Registration Corporation Limited, Hong Kong Internet Registration Corporation limited) and TWNIC (Taiwan Network Information Center). HKIRC manages the.hk domain name and TWNIC manages the.tw domain name.

Now that the basic organization overview is complete, let’s take a look at where they fit into the organizational structure.

First, once IANA has decided to add some top-level domains, it will consider assigning them to different orgs. Here, the organization is a generic concept, including national governments, organizations, non-profit organizations and large companies with top power, etc. However, IANA has a rule that the Orgs that are assigned a top-level Domain name cannot directly participate in the purchase and sale of the Domain name. They can either use the Domain name themselves or directly outsource it to the lower-level TLDM(Top Level Domain Manager) under a proposed contract. For example, the U.S. government, which was assigned the.com top-level domain name, outsourced it to Verizon, which took care of the specific secondary domain name assignment and the maintenance of the.com top-level DNS server. The ISC has the same status as this. As illustrated in the figure, two different orgs can be outsourced to the same TLDM. After TLDM gets the right to distribute the second level domain name, it can either lease the domain name directly to the consumer or transfer the right to buy and sell the domain name to the reseller. And Reseller can find another Reseller to represent his trading rights….. And so on. Finally, Reseller will sell the domain name to us as consumers. Of course, some TLDM directly took the domain name business. In other words, consumers can also interact directly with TLDM.

In fact, the ORG mentioned above is the owner and administrator of a top-level domain name, known in China as [domain name Registration Authority]. TLDM is what we call [domain name registrar/domain name registration service agency] in China (you can go here to check the current domestic domain name registration service agency), and Reseller is what we call [domain name agent/distribution/distributor] in China.

Take a practical example. IANA handed over control of.cn to CNNIC. And CNNIC gave the distribution right of the secondary domain name under.cn to Ali Cloud (formerly Wanwang, now Ali Cloud acquired Wanwang), we consumers can directly on Ali cloud to buy a domain name, and through ali cloud agents to buy domain names, and even you can apply to Ali cloud as its agent. Of course, you can also apply to become a domain name registrar if you have strong qualifications (see this example of how someone applied to become a domain name registrar for Credit Suisse, for example). In this example, CNNIC is ORG in the architecture diagram, Ali Cloud is TLDM, and the agent of Ali Cloud is Reseller. We are naturally consumers who buy the domain name.

Server layered system

1. DNS client

DNS client, DNS client. It is a service component built into the operating system. It is mainly responsible for caching the results of DSN parsing and registering the computer name of the current computer. In Windows 10, the DNS client looks like this:

2. The local DNS server

The local DSN server, also known as recursive DNS Server, recursive resolver, or DNS recursor. A local DSN server is a server that responds to DNS query requests from DNS clients and obtains DNS records of a specific domain name from top to bottom (from root name server to authoritative DNS server) in DNS hierarchical system. In general, local DNS servers are provided and maintained by ISPs. The local DSN server is at the beginning of the DNS lookup chain:

Check out this blog post to get an accurate idea of the local DNS server.

3. An authoritative DNS server

Authoritative DNS server, authoritative DNS Server. Authoritative DNS server refers to the DNS record server (including domain name, TTL, record type and IP address) that truly knows the domain name visited. It’s at the end of the DNS lookup chain:

4. NS server

NS server: Full name Server. According to its level, name serve can be divided into root Name server, TLD Name Server, secondary name Server and so on. The NS server is a DNS server in a server hierarchical system except the local DSN server and the authoritative DNS server. In general, they do not cache DNS resolution results; they simply store and maintain a DNS Record table of NS records. By using this table, the NS server can know the IP address of the NS server of the domain name of the next level and report the result to the local DNS server.

It is worth emphasizing that there are only 13 root-name-servers in the world, numbered from A to M. Among the 13 root DNS servers, one is master server and the other is slave server. A detailed list of the 13 root server operators can be found at root-serveers.org.

5. ISP

An ISP is an Internet Service Provider.

The top 10 ISPs in China are:

  • China Telecom network (CHINANET, also known as China Public Computer Internet)
  • China Mobile Internet (CMNET)
  • China Unicom Internet (UNINET)
  • China Great Wall Internet Network (CGWNET)
  • China Netcom Public Internet (CNCNET, including CHINAGBN)
  • China Railcom Internet (CRCNET)
  • China Satellite Group Internet (CSNET)
  • China Science and Technology Network (SCTNET)
  • China Education and Research Computer Network (CERNET)
  • China International Economic and Trade Internet (CIETNET)

Well known, no more than the first three, China Telecom, China Mobile and China Unicom.

Three types of queries

  • Recursive query. Recursive query refers to the request exchange between the DNS client (here, DNS client refers to the terminal machine) and the local DNS server. The result of a recursive query is either a specific DNS record or an error message with few resolution results for the domain name.

  • Iterative Query. Iterative query refers to the process in which the local DNS server searches the IP address corresponding to the domain name from top to bottom in the DNS hierarchical service system. The top-down tracing refers to the direction from the root Name server to the authoritative DNS server.

  • Non-recursive query. It refers to the request exchange between the local DNS server and a name server.

Three types of DNS cache

  • Browser DNS Caching. If the DNS resolution request is sent from the browser, this will be the first stop for DNS resolution. It caches DNS resolution results of all accessed domain names so that it can directly send network connection requests to the IP address of the domain name, bypassing the subsequent DNS resolution process. Under Chrome, you can check your browser’s DNS cache with Chrome ://net-internals/# DNS.

  • DNS client Caching. The DNS client itself was born primarily for DNS caching. If the DNS resolution request is sent from the browser, it will be the second place to store the cache of DNS resolution results.

  • Local DNS server Caching. As with the previous two caches, the local DNS server checks its OWN DNS cache before deciding to issue a DNS resolution request. If the DNS resolution result of the domain name exists in the cache, it is directly returned to the terminal machine.

After introducing the concepts of the organizational system and the hierarchical server system, we can combine the two and get a diagram like this:

DNS Resolution Process

In general, DNS resolution consists of eight steps, regardless of the DNS cache. Example Query the IP address of the example.com domain name as follows:

  1. After a user enters example.com in the address box of a browser, the browser uses the DNS client of the operating system to request the local DNS server for the resolution result of the domain name.
  2. Since DNS caching is not considered here, the local DNS server will then forward the request to the root DNS server.
  3. The root DNS server sees the top-level domain name as.comThen, without saying a word, it returns directly.comThe server IP address of this top-level domain name is given to the local DNS server.
  4. The local DNS server receives this IP address and then sends the.comThe top-level domain name server sends DNS resolution requests.
  5. .comThe top-level domain name server sees the secondary domain name asexample, returns the second level domain registered under the top-level domain nameexampleThe server IP address is assigned to the local DNS server.
  6. Again, the local DNS server will then send theexampleThe secondary DNS server sends the request.
  7. exampleA secondary DNS server is a so-called authoritative DNS server. It knows all the information (DNS record) of this domain name, mainly the IP address. So it returns the IP address to the local DNS server;
  8. The local DNS server returns the IP address of the domain name to the DNS client, and the DNS client returns the IP address to the browser. From there, the browser can establish a connection with the server at this IP address.

If round-trip requests from the terminal machine to the actual WE server are included, the entire DNS resolution process looks like this:

In addition, if you want to help yourself understand in an anthropomorphic way, this picture can also help you:

DNS practice

Here we take the IP address of the domain name news.qq.com as an example, and use the DIG tool in ISC package BIND to demonstrate the whole process of parsing.

First, we typed “dig +trace news.qq.com” in the Mac command line window, and we should see the following print:

// first paragraph; <<>> DiG 9.8.3-p1 <<>> +trace news.qq.com; global options: +cmd . 378722 IN NS e.root-servers.net. . 378722 IN NS a.root-servers.net. . 378722 IN NS l.root-servers.net. . 378722 IN NS f.root-servers.net. . 378722 IN NS i.root-servers.net. . 378722 IN NS c.root-servers.net. . 378722 IN NS j.root-servers.net. . 378722 IN NS g.root-servers.net. . 378722 IN NS d.root-servers.net. . 378722 IN NS m.root-servers.net. . 378722 IN NS b.root-servers.net. . 378722 IN NS h.root-servers.net. . 378722 IN NS k.root-servers.net. ;; Received 508 bytes from 192.168.43.1# 53 (192.168.43.1) in 68 ms// 192.168.43.1 is the IP address of the local DNS server. 17800 IN NS l.gtld-servers.net.com. 172800 IN NS l.gtld-servers.net.com. 172800 IN NS j.gtld-servers.net.  com. 172800 IN NS f.gtld-servers.net. com. 172800 IN NS d.gtld-servers.net. com. 172800 IN NS h.gtld-servers.net. com. 172800 IN NS b.gtld-servers.net. com. 172800 IN NS g.gtld-servers.net. com. 172800 IN NS a.gtld-servers.net. com. 172800  IN NS e.gtld-servers.net. com. 172800 IN NS c.gtld-servers.net. com. 172800 IN NS i.gtld-servers.net. com. 172800 IN NS  m.gtld-servers.net. ;; Received 492 bytes from 192.36.148.17# 53 (192.36.148.17) in 97 ms// 192.36.148.17 is the IP address of the first responding root DNS server. The DNS record of the server is shown in the preceding figure. 172800 IN NS ns2.qq.com.qq.com.172800 IN NS ns2.qq.com.qq.com.172800 IN NS ns3.qq.com.qq.com.172800 IN NS ns3.qq.com  IN NS ns4.qq.com. ;; Received 293 bytes from 192.43.172.30# 53 (192.43.172.30) in 489 ms// 192.43.172.30 is the IP address of the first responding top-level DNS server. The DNS record of the server is shown in the preceding figure. // paragraph 4 news.qq.com. 86400 IN NS ns-tel1.qq.com. Received 137 bytes from 101.89.19.165# 53 (101.89.19.165) in 127 ms// 101.89.19.165 is the IP address of the first responding secondary DNS server, the so-called authority server. The DNS record of the server is shown in the preceding figure. // 第 5 段 news.qq.com 600 IN CNAME https.qq.com. Https.qq.com 600 IN A 183.3.226.35; Received 65 bytes from 123.151.66.83# 53 (123.151.66.83) in 66 ms// 123.151.66.83 is the IP address of the first tier 3 DNS server to respond. The DNS record of the server is shown in the preceding figure.Copy the code

As can be seen, the print result is divided into five paragraphs in the order of iterative query. Each paragraph is actually a DNS Record table. Each time only one server responds to the local DNS server request, then we will extract the DNS record corresponding to this server, will form such a table:

The domain name to be queried TTL Type of the query information record type Name or IP address of the server
. 378722 IN NS e.root-servers.net
com. 172800 IN NS d.gtld-servers.net.
qq.com. 172800 IN NS ns1.qq.com.
news.qq.com. 86400 IN NS ns-tel1.qq.com.
https.qq.com. 600 IN A 183.3.226.35

Here, we will briefly explain a few table headers:

  • Domain name to be queried: What is the domain name to be queried at the current level?
  • TTL: Time To Live (DNS cache validity duration, unit: second).
  • Type of the query information: IN indicates the IP protocol, that is, Internet.
  • Record Type: indicates the type of a record entryA.CNAME.NSandAAAA.
    • A – indicates the IPv4 address record.
    • CNAME – Canonical Name, for alias record;
    • Ns-name server indicates the DNS server record.
    • AAAA – Indicates the IPv6 address record.

If the entire parsing process in this example were drawn as a flow chart, it would look something like this:

The resources

  1. wikipedia: Robert Taylor
  2. wikipedia: ARPANET
  3. The origin of the DNS
  4. DNS history. When and why was DNS created?
  5. Engineers are most likely to get domain name knowledge wrong
  6. Root Zone Database
  7. How many top-level domains are there now
  8. HTIRW: The Business Side of DNS (1)
  9. HTIRW: The Business Side of DNS (2)
  10. China Internet Network Information Center – FAQ for users
  11. En. Wikipedia: China Internet Network Information Center;
  12. What is the difference between a domain name registrar and a domain name registrar?
  13. What Is DNS? | How DNS Works?
  14. 13 root DNS server maintainers: https://root-servers.org/