At work, you often switch between local and server to add various parses. Encountered some problems caused by DNS. Found online information is very chaotic, carefully organized and written, I hope to help you.

Domain Name System (DNS), at first, because the IP address is long and difficult to remember, it is not convenient to access websites through IP. So later by inventing the DNS server, when we go to a website and type in the domain name of the website, the DNS server resolves our domain name to IP. So we’re actually accessing the corresponding IP address.

Abstract DNS is a super distributed database that records IP addresses.

Root domain and root domain server

The first thing we need to know is how to distinguish domains, and we’ll talk about how to parse them later.

When we enter www.sunhao.win to visit the website. You’re actually accessing different domains. Among them. “” DNS name space, which is used to separate different domains,

WWW, Sunhao, and Win represent different fields. There’s actually a domain that comes after Win, but it’s the default domain name system, so I don’t have to write it here, but this is the root domain.

That’s what a domain name should look like.

The root domain www.sunhao.win.Copy the code

The root domain records all win fields (this one is called the top-level domain). Together with sunhao(the second-level domain), it forms the top-level domain sunhao.win

WWW (tertiary domain) and Sunhao.win are called the secondary domain www.sunhao.win

Just to be clear, sunhao.win and www.sunhao.win are two different sites.

Because we use the Internet UDP/TCP, UDP data is often not guaranteed, but the speed is fast, usually used for query and response, TCP due to multiple verification, transmission is guaranteed, but the speed is slow, mostly used for transmission between the master server and the slave server.

So we DNS mainly through UDP.

When we visit www.sunhao.win, if the local DNS server does not record, it will request the address from the root server.

That is, it asks the root server for the address of the Win domain. Then the request continues down through the WIN domain. The root DNS server does not directly resolve the domain name to be queried to the IP address, but tells the local DNS server which TOP-LEVEL DNS server to search for next.

So the root DNS server is important. Assume that all root DNS servers are down, then the entire DNS system cannot work.

Top-level domains and top-level domain servers

For example, www.sunhao.win

The location of WIN is the top-level domain

A domain name is a logical concept and does not represent the physical location of the computer. According to the statistics in December 2006, there are 265 Top Level domains (TLD), which are divided into three categories:

(1) National top-level domain name nTLD: adopt ISO3166. For example, CN stands for China, US stands for America, UK stands for Britain, and so on. The country domain name is also known as ccTLD(CC stands for country code contry-code).

(2) gTLD: The most common gTLD has 7, namely: com(company), NET (network service organization), ORG (non-profit organization), INT (international organization), gov(government department of the United States), MIL (military department of the United States). (3) Infrastructure domain: There is only one top-level domain name, namely ARPA, which is used for reverse domain name resolution, so it is called reverse domain name.

The TOP-LEVEL domain name server manages the secondary domain names registered with the top-level domain name server.

Authoritative DNS and authoritative domain name server

The authoritative DNS server is authorized to resolve domain names and transfer the resolution authorization to others.

For example, on the Internet, whoever sells the domain name, the domain name is authorized to whoever, for example, Sunhao. win is sold by Ali, so the authoritative server is Ali’s DNS server. (For security and general authority DNS servers are two)

dns9.hichina.com

dns10.hichina.com

However, due to business, I adjusted the resolution to Yunjiasu from the background.

;; AUTHORITY SECTION:
sunhao.win.		2992	IN	NS	n563.ns.yunjiasu.com.
sunhao.win.		2992	IN	NS	n3101.ns.yunjiasu.com.
Copy the code

Among them, N563.ns.yunjiasu.com and N3101.ns.yunjiasu.com are the authoritative servers of Sunhao.win. Managed by ns.yunjiasu.com authorized by the top-level domain win.

When access to Sunhao. win is resolved through the top-level domain name, win tells the user to access Sunhao. win, right? You have to go to n563.ns.yunjiasu.com, which records the IP address. If not, go to n3101.ns.yunjiasu.com. If not, you report the mistake yourself. ^_^.

Generally speaking, the father gives the child ten dollars (here refers to the domain name), this ten dollars, the child can spend themselves, can also be transferred to others. I have all the access to the ten bucks. To put it simply, once the domain name is granted to me, the part that is granted to me is mine.

Carrier DNS server and local DNS server

In the real Internet, we do not directly connect to the root server, but to the Internet through the local DNS server.

If DNS Settings are not good, or not correct, it will cause symptoms such as our QQ login, but the page can not browse the web,

In this context, local DNS mainly refers to the domain name resolution server provided by local telecom operators. That’s the DNS address you set up on our Internet card. You can also build your own server.

When a host sends a DNS query request, the request packet is sent to the local DNS server. The local DNS server performs DNS resolution for us and returns the IP address.

The query

Now that we know each server, how does the regular DNS system work

1, user – > local recursive server – > root authority server – > COM authority server – > X(X stands for any address).COM authority server – > local recursive server – > user

2, user – > local recursive server – > Cache – > User

There are two things to understand here.

Recursive query: the host generally adopts recursive query to the local domain name server. A recursive query is: if the host asked the local domain name server does not know the IP address of the domain name is query, then local domain name server in the DNS client identity, send a query request message to other root name servers to continue (for the host to query), and not let host himself into the next phase of the query. Therefore, the recursive query returns the IP address to be queried or an error message indicating that the REQUIRED IP address cannot be queried.

The address we requested must return an exact IP address. If it does not return an exact IP address, we can query other addresses and return an exact IP address to us. Our local server is a recursive server.

Iterative query: the iterative query of the local DNS server to the root DNS server. The features of iterative query are as follows: When the root DNS server receives an iterative query request packet from the local DNS server, it either gives the IP address to be queried or tells the local server which DNS server you should query next. It then lets the local server perform subsequent queries. The root DNS server usually informs the local DNS server of the IP address of the TOP-LEVEL DNS server that it knows, and then the local DNS server queries the TOP-LEVEL DNS server. After receiving the query request from the local DNS server, the TOP-LEVEL DNS server either provides the IP address to be queried or tells the local server which permission DNS server to query next. Finally, the IP address to resolve is known or an error is reported, and the result is returned to the host that initiated the query.

This is an iterative query performed by each level of server, which does not return IP itself, but returns the DNS server address of the next level.

In practice, the local DNS receives a large number of traffic. Therefore, an F5 server is configured in front of the DNS server to implement load balancing. At the same time, the server will cache the address for a period of time according to the Settings. So sometimes we change the DNS on the server, and sometimes we wait for a while before we can access the new address.

Parse the record

Domain name resolution records A, CNAME, MX, NS, TXT, AAAA, SRV, explicit URL, and invisible URL meanings

  1. A Record: Parses domain names to specified IP addresses

  2. CNAME record (Canonical Name alias pointing to) : Resolves domain Name to domain Name

  3. MX record: indicates a mail server. It is used by the email system to locate the mail server according to the address suffix of the recipient.

  4. NS records: Parsing server records. Indicates which server resolves the domain name. NS records are valid only for subdomain names. Priority: NS records take precedence over A records. That is, if NS records and A records exist at the same host address, the A record does not take effect. NS records here are valid only for subdomain names.

  5. TXT Record: Set contact information for a host name or domain name, for example, admin IN TXT Administrator, Tel: 1000000000.

  6. AAAA Record: A DNS record used to resolve domain names to IPv6 addresses. You can resolve a domain name to an IPv6 address or subdomain name to an IPv6 address.

  7. SRV records: Typically used when setting up Microsoft active directories.

  8. Explicit URL record: When a user accesses a domain name, the system automatically redirects to the specified URL. In this case, the URL is displayed in the address bar of the browser.

  9. Invisible URL record: When you access a domain name, the system automatically redirects to the specified URL. In this case, the original domain name is displayed in the address bar of the browser.

The reply

Authority to reply

The reply address returned directly by the authoritative server region

Non-authoritative response

The address returned by the cache or other server

TTL value and cache

If we were to send DNS requests every time, the server would be quite stressed, but the IP address of the server would change frequently, so we would actually set TTL to cache DNS locally.

What is the TTL value of a domain name?

TTL(time-to-live) is simply the TTL value of the returned record retained on the DNS server.

The DNS caches the final domain name resolution result to the local server. There are two types of browser cache and operating system (OS) cache.

When a user accesses a domain name in the browser, the user preferentially accesses the browser cache. If no match is returned, the user accesses the OS cache. Finally, access the DNS server again.

So when we debug, we change the local hosts and still access the old address, so wait a minute.

We can see that Chrome will automatically cache 70s DNS.

So what if we want to clear the cache in 70s?

When we type chrome in the Chrome address bar, it will automatically index the relevant basic address. Choose chrome – urls

Scroll down and select Chrome ://net-internals

On the far right

You can clear the page cache

To Clear DNS cache, click Clear Host cache.

In fact, this page is best collected down, easy to debug in time to refresh.

hosts

Before the DNS system, the corresponding IP addresses were saved in the hosts file, which is still saved in the system.

In fact, if you use a browser to access the DNS server, you need to query the DNS cache of the browser and then check whether there are records in the hosts

In WINDOWS, the Hosts file is stored in C:\WINDOWS\ System32 \drivers\etc

Hosts allows you to change a domain name to a local address for debugging and development.

For frequently visited websites, you can directly add them to hosts to speed up the access.

Sunhao. win analysis process analysis

Finally, let’s take a look at the entire parsing process traced by Dig + Trace

[root@sunhao ~]# dig +trace www.sunhao.win ; < < > > DiG 9.8.2 rc1 - RedHat - 9.8.2-0.37 rc1. El6 < < > > + trace www.sunhao.win;; global options: +cmd . 12674 IN NS e.root-servers.net. . 12674 IN NS i.root-servers.net. . 12674 IN NS h.root-servers.net. . 12674 IN NS  k.root-servers.net. . 12674 IN NS d.root-servers.net. . 12674 IN NS l.root-servers.net. . 12674 IN NS a.root-servers.net. . 12674 IN NS c.root-servers.net. . 12674 IN NS m.root-servers.net. . 12674 IN NS g.root-servers.net. . 12674 IN NS b.root-servers.net. . 12674 IN NS f.root-servers.net. . 12674 IN NS j.root-servers.net. ;; Received 492 bytes from 211.161.46.85#53(211.161.46.85) in 42 ms win.172800 in NS ns1.dns.nic.win.win.172800 in NS ns6.dns.nic.win. win. 172800 IN NS ns3.dns.nic.win. win. 172800 IN NS ns2.dns.nic.win. win. 172800 IN NS ns5.dns.nic.win. win. 172800 IN NS ns4.dns.nic.win. ;; Received 412 bytes from 192.36.148.17#53(192.36.148.17) in 191 ms Sunhao.win.3600 in NS n563.ns.yunjiasu.com. sunhao.win. 3600 IN NS n3101.ns.yunjiasu.com. ;; Received 86 bytes from 156.154.145.182#53(156.154.145.182) in 2415 ms www.sunhao.win. 300 in A 162.159.211.33 www.sunhao.win. 300 IN A 162.159.210.33;; Received 92 bytes from 220.181.111.112#53(220.181.111.112) in 6 msCopy the code

.is the original root domain. NS specifies the DNS server to resolve the domain name.

We can clearly see that the first step is from 13 DNS servers, but it is the top-level domain win, and the last authoritative domain Sunhao. win. The addresses are 162.159.211.33 and 162.159.210.33. The last one is record A. It’s not NS anymore.