DNS is a distributed database, and the naming system adopts a hierarchical logical structure, like an inverted tree. This logical tree structure is called domain name space. Because DNS divides domain space, organizations can create DNS information with their own domain space. Note: In the DNS domain name space, the maximum depth of the tree should not exceed 127 layers, and each node in the tree can store up to 63 characters.
Noun interpretation
1. Domain and domain name
Each node of the DNS tree represents a domain. Through these nodes, the whole domain name space is divided into a hierarchy.
The name of each domain name in the domain name space is represented by the domain name.
Domain name: It is usually identified by a fully qualified domain name (FQDN). FQDN can accurately represent its position relative to the root of DNS domain, that is, the complete expression from node to DNS root. From node to root, in reverse, each node is separated by "."For Google in the domain of DNS, its official domain name (FQDN) is google.com.
For example, google is a subdomain of com domain, which is represented by google.com, while www is a subdomain of google domain, which can be represented by www.google.com.
Note: FQDN generally has strict naming restrictions, and the length cannot exceed 256 bytes. Only characters A-Z, 0-9, a-z and minus sign-. The dot is allowed. It is only allowed between domain names (such as google.com) or at the end of FQDN.
Domain names are not case-sensitive.
From top to bottom, it can be divided into: root domain, top-level domain, secondary domain and subdomain.
The top layer of the Internet domain name space is the root domain, which records the important DNS information of the Internet and is managed by the Internet domain name registration agency, which distributes the management responsibility of each part of the domain name space to all organizations accessing the Internet.
There are 13 root servers in the world.
Below the DNS root domain is the top-level domain, which is also managed by the Internet domain name registrar. * * * There are three types of top-level domains.
1. Organization domain: A three-character code is used to indicate the main functions or activities of organizations included in the DNS domain. For example, com is a commercial organization, edu is an educational organization, gov is a government organization, mil is a military organization, net is a network organization, org is a non-profit organization and int is an international organization.
2. Address field: two-character country or region code. For example, cn is China, kr is South Korea, and us is the United States.
3. Reverse domain: This is a special domain named in-addr.arpa, which is used to map IP address to name (reverse query).
For the subordinate domains of the top-level domain, the Internet domain name registration authority authorizes various organizations on the Internet. When an organization is authorized by a certain part of the domain name space, it is responsible for naming the assigned domain and its subdomains, including computers and other devices in the domain, and managing the mapping information between host names and IP addresses in the assigned domain.
2. Region
A zone is part of a DNS namespace, which contains a set of resource records stored on a DNS server.
Using the concept of zones, DNS servers answer queries about hosts in their own zones, and each zone has its own authorization server.
3. Primary domain name server and secondary domain name server
When the secondary server of the zone is started, it connects with the primary server of the zone and starts transmission. The secondary server of the zone communicates with the primary server of the zone regularly to check whether the data of the zone has changed. If it has changed, it starts data update transmission. Each zone must have a primary server and at least one secondary server. Otherwise, if the primary server of the zone crashes, the name of the zone will not be resolved.
Advantages of the secondary server:
1. Fault tolerance
After configuring the secondary server, the client can still resolve the name of the zone even if the primary server of the zone crashes. In general, the main server of the area and the auxiliary server of the area are installed on different subnets, so that if the connection to one subnet is interrupted, DNS clients can directly query the name server of another subnet.
2. Reduce the traffic of wide-area links.
If there are a large number of clients in an area, users can remotely add auxiliary servers in the area and configure remote clients to query these servers first, thus preventing remote clients from making DNS queries through slow link communication.
3. Reduce the load of the main server
The secondary server can answer the queries in this area, thus reducing the number of queries that the primary server in this area must answer.
4.DNS related concepts
1.DNS server
The computer running the DNS server program stores DNS database information. The DNS server will try to resolve the client's query request.
When answering the query, if the DNS server can provide the requested information, it will directly respond to the parsing result; If the DNS server has no domain name information, it will provide the client with another server address that can help resolve the query; If both methods fail, it will respond that the client does not have the requested information or the requested information does not exist.
2.DNS cache
When the DNS server parses the client's request, if it has no DNS information locally, it can ask other DNS servers. When other domain name servers return query results, the DNS server will record the results in the local cache and make it a DNS cache. The next time the client submits the same request, the DNS server can directly use the DNS information in the cache for resolution.
DNS query process:
Look at the DNS query process:
Through the eight-step parsing process, the client can successfully access the domain name www. 163.com, but in practical application, this process is usually very fast.
1. The client submits a domain name resolution request and sends it to the local domain name server.
2. When the local domain name server receives the request, it first queries the local cache.
If there is a DNS information record of the query, the query result will be returned directly.
If there is no record, the local domain name server sends a request to the root domain name server.
3. The root domain name server returns the top-level domain name server address of the query domain to the local domain name server.
4. The local server is sending a request to the returned domain name server.
5. The domain name server that receives the query request queries its cache and records it. If there is relevant information, it returns the query result of the client; otherwise, it informs the client of the address of the subordinate domain name server.
6. The local domain name server sends a query request to the returned DNS server.
7. The domain name server returns the query result of the local server (if the domain name server does not contain the DNS information of the query, the query process will repeat steps 6 and 7 until the resolution information or the response of resolution failure is returned).
8. The local domain name server saves the returned results in the cache and returns the results to the client.
5. Two query methods
Recursive query
Recursive query is a query method of DNS server. In this mode, when the DNS server receives the client's request, it must reply to the client with accurate query results. If the DNS server does not store the query DNS information locally, the server will query other servers and submit the returned query results to the client.
Iterative query
Another query method of DNS server is iterative query. When the client sends a query request, the DNS server does not directly reply to the query result, but tells the client the address of another DNS server, and the client submits the request to this DNS server in turn until the query result is returned.
6. Forward analysis and reverse analysis
Forward analysis
Forward parsing refers to the parsing process from domain name to IP address.
Back analysis
Reverse resolution is the resolution process from IP address to domain name. The function of reverse parsing is server authentication.
7.DNS resource records
1.SOA resource record (unique in the whole region)
Each zone contains the beginning of an authorization record (SOA record) at the beginning of the zone.
SOA defines the global parameters of the domain and sets the management of the whole domain. Only unique SOA records are allowed in the zone file.
2.NS resource record
The NS (Name Server) record is a domain name server record that specifies which DNS server will resolve the domain name. Each zone contains at least one ns record at the root of the zone.
3. Resource records
Address (a) The resource record maps FQDN to IP address. Because of this record, DNS server can resolve the IP address corresponding to FQDN domain name.
4.PTR resource record
Compared with the A resource record, the PTR record maps IP addresses to FQDN. Used for reverse query to find the domain name through IP address.
5.CNAME resource record
The alias record (CNAME) resource record creates an alias for a specific FQDN. Users can use CNAME records to hide the implementation details of the user network, so that the connected clients cannot know the real domain name.
For example, when ping Baidu, it resolves to Baidu's alias server. Baidu has an alias cname=www.a.shifen.com
6.MX resource records
A mail exchange (MX) resource record that specifies a mail exchange server for a DNS domain name.
A mail exchange server is a host that processes or forwards mail for DNS domain names. Handling mail refers to sending mail to a destination or forwarding it to another different type of mail sender. Forwarding mail refers to sending mail to the final destination server, using SMTP to send mail to the nearest mail exchange server, or queuing mail for a certain period of time.