DNS (Domain Name System) is the Domain Name resolution System, this thing said for developers, should be no unknown. To put it simply, the system resolves domain names into IP addresses. Every web request we make, if it’s a domain name, is domain name resolution.
An excellent domain name service should be able to meet two requirements, one is to be able to return the CORRECT IP address, the second is to be able to return the requested domain name according to the network conditions of the nearest server IP address.
LocalDNS
A DNS query is first queried from the local cache. If the DNS server does not exist or has expired, the DNS server is queried. If the client does not proactively configure a DNS server, the DNS server of the service provider is usually queried. This is uncontrollable. If the IPS LocalDNS domain name server is used, it is more or less unavoidable to encounter problems such as various domain names being cached and slow cross-network access of users in the Internet environment with Chinese characteristics.
Let’s take a look at what’s wrong with normal domain name services:
1. Domain hijacking:
Some small service providers and small local service providers love to do this. According to Tencent, DNS hijacking rates are 7% and malicious hijacking rates 2%. The hijacking rate for Internet speed is 10-15%.
- Resolve your domain name to a competitor and cry yourself to death wondering why traffic drops.
- Insert ads or tracking code into your code. That’s why do a search on Taobao or Baidu and soon someone will contact you.
- When downloading APK files, replace your files and download another app or a knockoff app.
- Open a page, jump first to the AD alliance, then to this page. Excessive spending on advertising for no reason, and misleading operations.
2. The intelligent DNS policy becomes invalid
Intelligent DNS is used to schedule user access policies. However, these factors may cause the intelligent DNS policies to fail.
- Small carriers do not have a DNS server and directly call other service providers. As a result, service providers are incorrectly identified and the transmission speed is greatly reduced.
- Service provider how long NAT, the actual IP, can not get, the result is not nearby access.
- Some carriers set their IP address to the location where the card is opened, and even if they roam elsewhere, the result is that they are not nearby.
At present, most enterprises in China have no special treatment for domain name resolution, which leads to those problems mentioned above, among which domain name hijacking is quite common. So is there a way to avoid this? Yes, of course. That is to use HttpDNS.
HttpDNS
HttpDNS is also another implementation of DNS resolution, but the DNS protocol is replaced by Http protocol, not complex. HTTP is used to send requests to port 80 of the D+ server instead of the traditional DNS protocol to request port 53 of the DNS server, bypassing the carrier’s Local DNS and avoiding hijacking and cross-network problems caused by using the carrier’s Local DNS.
Access to HttpDNS is also very simple, using ordinary DNS, when the client sends a network request, it is directly sent out, there is the underlying network framework for domain name resolution. When accessing the HttpDNS server, the client needs to send an HTTP request for domain name resolution. After obtaining the IP address corresponding to the domain name, the client sends a service protocol request to the IP address.
In this way, you don’t have to worry about domain name hijacking because you don’t have to worry about domain name hijacking because you use HTTP. In addition, if you choose a good DNS server provider, you can ensure that users are directed to the IDC with the fastest access speed.
Before connecting to HttpDNS
Since HttpDNS is so good, let’s get started. But first, there’s one more question to consider: which server does the HttpDNS server use?
Select service provider
At present, there are two well-known HttpDNS service providers (Tencent and Ali) :
- DNSPOD | D+
- Ali cloud HTTPDNS
Since the first one has a free version available, we’ll use DNSPOD to demonstrate how to access HttpDNS.
Select access SDK
Now that we have selected DNSPOD, we can go to the access page of its website and see its pricing information and access guide. In general a service provider should think all client provide response SDK to ease of use, but the DNSPOD: no, he only provides a C language version, if is the enterprise users, he will give to provide a customized SDK for use, for free users, if it’s not the C language version, there is a choice, That’s the open source third-party SDK:
- Sina-android version (support D+ enterprise version encryption function)
- Qiniu – Android version (support D+ enterprise version encryption function)
- 7 NiU-OC version (support D+ enterprise version encryption function)
The ABOVE SDK is almost the same with which are almost the same, here we take the Seven cattle android version to demonstrate access.
Access HttpDNS
Now that we’ve done a lot of pre-access, it’s time to get into the code, which is the most important part.
First, for demonstration purposes, we created an empty project using Android Studio. Then, we need to introduce two libraries, one is Okhttp, and the other is qiniu’s D+ open source SDK:
The compile ‘com. Qiniu: happy – DNS: 0.2.13’ compile ‘com. Squareup. Okhttp3: okhttp: 3.9.0’
The first one is the gradle library. This library does not specify its gradle dependencies on Github, but it has a pleasant name. The second library is the well-known OkHttp, which is used for two reasons: first, it has a large number of users; Second, it is quite convenient to use it to set up DNS resolution services.
When constructing OkHttpCient, we can use the method okHttpClient.Builder.dns (httpDns) to set the DNS resolution service used by the object, so that we can customize the httpDns domain name resolution.
The next step is to customize DNS resolution as required by OkHttp, specifically to implement the DNS interface. The following code is a Dns implementation class that I have wrapped:
public class HttpDns implements Dns {
private DnsManager dnsManager;
public HttpDns(a) {
IResolver[] resolvers = new IResolver[1];
try {
resolvers[0] = new Resolver(getByName("119.29.29.29"));
dnsManager = new DnsManager(NetworkInfo.normal, resolvers);
} catch(UnknownHostException e) { e.printStackTrace(); }}@Override
public List<InetAddress> lookup(String hostname) throws UnknownHostException {
if (dnsManager == null) // Use the default resolution when construction fails
return Dns.SYSTEM.lookup(hostname);
try {
String[] ips = dnsManager.query(hostname); // Get the result of HttpDNS resolution
if (ips == null || ips.length == 0) {
return Dns.SYSTEM.lookup(hostname);
}
List<InetAddress> result = new ArrayList<>();
for (String ip : ips) { // Convert an array of IP addresses into a list of desired objects
result.addAll(Arrays.asList(getAllByName(ip)));
}
return result;
} catch (IOException e) {
e.printStackTrace();
}
// Use default resolution when exceptions occur
returnDns.SYSTEM.lookup(hostname); }}Copy the codeWith the Dns implementation class above, here’s how to construct an OkHttpClient object that uses this domain resolution method:
OkHttpClient okHttpClient = new OkHttpClient.Builder().dns(new HttpDns()).build();
Copy the codeThen when we use the okHttpClient for network requests, the domain name resolution will be converted from the default domain name resolution to HttpDNS domain name resolution. That’s one of OkHttp’s strengths: ease of customization.
This completes access to HttpDNS.
Thanks to OkHttp’s strengths and the library provided by Seven Cows, I didn’t feel too bothered. I’ve read some blogs about using an interceptor to access HttpDNS. It works, but I don’t feel very good about it. So the interceptor code will not be posted. OkHttp’s interceptor is powerful enough to do a lot of things, including DNS, but that’s not what the interceptor does, and OkHttp provides Settings for DNS. Therefore, it is recommended to use this method of access.
