Unknown network programming (9) : Theory and practice, comprehensive in-depth understanding of DNS

The original author of this article is Selfboot. The blog address is selfboot.cn and the Github address is github.com/selfboot. Thanks for your technical sharing.

1, the introduction

DNS(Domain Name System)

2. Series of articles

This is the ninth article in a series that Outlines the following:

“Unknown Network Programming (1) : A Simple Analysis of the DIFFICULT Problems in TCP Protocol (part 1)”
“Unknown Network Programming (II) : A Brief Analysis of the DIFFICULT Problems in TCP Protocol (Part II)”
TIME_WAIT and CLOSE_WAIT when closing TCP connections
“Network Programming under the radar (Part 4) : A Deep Dive into TCP’s Abnormal Shutdown.”
Hidden Network Programming part 5: UDP Connectivity and Load Balancing
Unknown Network Programming (6) : Understanding UDP in Depth and Using it Well
Unknown Network Programming (7) : How to Make unreliable UDP Reliable?
Network Programming under the Radar (Part 8) : Deep Decryption of HTTP from the Data Transport Layer
“Unknown Network Programming (9) : Combining Theory with Practice to Comprehensively Understand DNS” (This article)

If you think this series is too professional, you can start by reading the Web Programming Slacker primer series, which includes the following table of contents:

Network Programming Lazy Introduction part 1: Quick Understanding of Network Communication Protocols part 1
“Network Programming Lazy Introduction ii: A Quick Understanding of Network Communication Protocols (Part II)”
“Network programming lazy Introduction (3) : A quick understanding of TCP protocol is enough.”
Network Programming Slacker’s Guide (part 4) : Quickly Understand the Difference between TCP and UDP
A Quick Look at why UDP Sometimes Has an Advantage over TCP
“Network programming lazy introduction (six) : The history of the most popular hub, switch, Router function principle introduction”
Web Programming Slacker’s Guide (7) : Understand HTTP in a Nutshell
“Network programming lazy introduction (8) : How to write tcp-based Socket long connection”
Web Programming for lazy People (9) : Why use MAC Addresses when you have IP Addresses?

This site’s “brain-disabled network programming introduction” is also suitable for entry learning, the outline of this series is as follows:

Learn TCP three handshakes and four waves with Animation
Introduction to Brain-dead Network Programming (II) : What are We Reading and writing when We read and write sockets?
Introduction to Brain-dead Network Programming (3) : Some must-know HTTP protocols
Introduction to Web Programming (4) : A Quick Understanding of HTTP/2 Server Push
Introduction to Brain-dead Network Programming (5) : The Ping command you Use every Day, What is it?
Introduction to Network Programming (6) : What is public IP and internal IP? What is NAT?

Please refer to the summary article on the characteristics and optimization methods of mobile terminal network:

Summary of Optimization Methods for Short Connections in Modern Mobile Networks: Request Speed, Weak Network Adaptation, and Security Guarantee
Mobile IM Developers must Read (1) : Easy to Understand the “weak” and “Slow” mobile Web
Mobile IM Developers must Read (ii) : Summary of the Most Complete Mobile Weak Network Optimization Methods ever
Comprehensive Understanding of mobile DNS Domain name Hijacking and other miscellaneous diseases: Technical principles, Root causes, Solutions, etc.
Mobile DNS Optimization practice of Meitu App: HTTPS Request Time Reduced by Nearly half
Baidu APP Mobile Terminal Network In-depth Optimization Practice Sharing (I) : DNS Optimization
Baidu APP Mobile Terminal Network In-depth Optimization Practice Sharing (II) : Network Connection Optimization chapter
Baidu APP Mobile Terminal Network In-depth Optimization Practice Sharing (III) : Mobile Terminal Weak Network Optimization Chapter

3. Reference materials

DNS cache poisoning

DNS Spoofing vs DNS Cache Poisoning

Reset the DNS cache in OS X

Human network failure

DNS spoofing principle and work engineering analysis

Comprehensive understanding of mobile DNS domain name hijacking and other miscellaneous problems: technical principles, root causes, solutions, etc

Mobile DNS optimization practice of Meitu App: THE HTTPS request time is reduced by nearly half

Baidu APP mobile terminal network in-depth optimization practice sharing (I) : DNS optimization chapter

4. DNS source starts

4.1 hosts mapping

ARPANET

There are three main reasons:

1) The hosts file becomes very large;
2) Host name conflicts;
3) A centralized maintenance site would be overwhelmed (hosts files for millions of machines, scary to think about).

4.2 Domain Name System

Paul Mockapetris

By Paul V. Mockapetris

Paul Mercapejos is a computer scientist and founder of RFCs882 and 883 technologies that invented the Domain Name System architecture. He is also one of the founders of the modern Internet. He proposed the architecture of DNS in 1983’s Draft Internet standard 882 and the 883 proposed by the Institute for Information Science at the University of Southern California. He found flaws in the early Internet, including ARPANET, which was based on domain-IP translation at a single level on a single host, and proposed an improvement to the distributed and dynamic database domain name system, a precursor to the domain name system we use today. In 2005, he received the ACM Lifetime Achievement Award in the Data Communications Professional Group.

The above problems were solved by the following three means:

1) The user’s computer does not store all name-to-IP mappings, which prevents the hosts file from being too large (the hosts file is empty by default on all operating systems).
2) The naming rules of domain names are stipulated to ensure that host names will not be repeated;
3) DNS server is no longer a single machine, but a hierarchical and reasonably organized server cluster.

The process of accessing a domain name can be simplified as follows:

5. DNS protocol

5.1 Domain Name Space

ICANN (Internet Corporation for Assigned Names and Numbers)

All of these domains can be organized into a tree, as shown below:

5.2 Domain Name Resource Records

The record is usually called a domain name resource record. It is a quintuple and can be expressed in the following format:

Domain_name Time_to_live Class Type ValueCopy the code

Among them:

1) Domain_name: specifies the domain name to which this record applies.
2) Time_to_live: indicates the lifetime of the record, that is, how long the record can be cached (caching mechanism will be discussed later);
3) IN Class: IN Class;
4) Type: record Type;
5) Value: indicates the Value of A record. In the case of A record, Value is an IPv4 address.

Some common record types are as follows:

5.3 Domain Name Server

DNS zone

For the domain name space shown above, one possible domain name division is as follows:

It keeps two types of domain name resource records:

1) Domain name resource records of all domain names in the region;
2) The domain name resource records (mainly NS records) corresponding to the domain name server of the parent region and sub-region.

Figure A:

Root DNS server

The following figure shows the distribution of global root DNS servers:

www.root-servers.org/

RFC 1034: 4. NAME SERVERS

This is simplified to a tree for easy comprehension) :

5.4 Domain Name Resolution

Using our figure A as an example, now suppose that a user in area E wants to access math.sysu.edu.cn, and the request is as follows:

Simple description in language is as follows:

1) User: Hello, local DNS server, tell me the address of math.sysu.edu.cn;
2) Local domain name server: Oops, I don’t know, it’s not in my jurisdiction, let me ask Big Brother. Boss root, can you tell me the address of Math.sysu.edu.cn?
3) root DNS server: busy, please ask B (.cn);
4) Local DNS server: Hello, B, tell me the address of math.sysu.edu.cn;
5) A: Please go to d.edu.cn.
6) Local DNS server: Hello, D, tell me the address of math.sysu.edu.cn;
7) D: You can go to F (sysu.edu.cn).
8) Local DNS server: Hello, F, tell me the address of math.sysu.edu.cn;
9) F: look, oh, here it is, X.X.X.X;
10) local domain name server: finally found, hello users, come out, I found, X.X.X.X.

6. Caching mechanism

Looking back at our daily browsing of websites, we will find two interesting conclusions:

1) 80% of the time we look at those 20% of websites, the famous 80/20 Rule;
2) We will jump between different pages of a website, that is, constantly visit the same domain name, similar to the local principle of program access.

RFC 1034: Domain Names – Concepts and Facilities

The article is not over

But there may still be the following question:

1) Why are all the domain names I want to apply for gone?
2) WHY do YOU need to record DNS domain names?
3) How to bind the domain name you just applied to your website?
4) How can I see the DNS servers that are silently resolving me behind the scenes?
5) Is it true that you can access many, many non-existent websites with one file?
6) What about trusted DNS servers, and are some doing bad things?
7) How do I know if my current DNS server isn’t working?
8)…

8. Domain name registration and binding

nets
godaddy

There is no free lunch

Adding a CNAME file to your repository

Here is my personal blog post on DNSpod:

9. Domain name resolution

9.1dig and nslookup commands

dig

Query the A record of selfboot.cn and return A short result:

$dig selfboot.cn -t A +short 192.30.252.153 192.30.252.154Copy the code

Dig can also be used to query the domain name corresponding to a certain IP, as follows:

$dig-x 192.30.252.153 +short pages.github.com.Copy the code

9.2 Querying parsing Paths

+trace

Dig selfboot.cn +trace @8.8.8.8; < < > > DiG 9.8.3 - P1 < < > > selfboot. Cn + trace @ 8.8.8.8;; global options: +cmd . 474418 IN NS j.root-servers.net. . 474418 IN NS g.root-servers.net. ...... . 474418 IN NS l.root-servers.net. . 474418 IN NS m.root-servers.net. ;; Received 496 bytes from 8.8.8.8#53(8.8.8.8) in 12 ms cn.172800 in NS a.dns.cn....... cn. 172800 IN NS e.dns.cn. cn. 172800 IN NS ns.cernet.net. ;; Received 292 bytes from 2001:500:1::803f:235#53(2001:500:1::803f:235) in 382 ms selfboot.cn. 86400 IN NS f1g1ns2.dnspod.net. selfboot.cn. 86400 IN NS f1g1ns1.dnspod.net. ;; Received 83 bytes from 203.119.25.1#53(203.119.25.1) in 816 ms selfboot.cn.14400 in A 192.30.252.153 selfboot.cn.14400 Selfboot.cn. 600 IN NS f1g1NS1.dnspod.net. Selfboot.cn. 600 IN NS f1g1NS2.dnspod.net. Received 125 bytes from 115.236.137.40#53(115.236.137.40) in 31 msCopy the code

seveas
dnsgraph

10, DNS currently exist defects

10.1 Cybersquatting

10.2 the DNS hijacking

Here’s a simple command to verify that my DNS server is not doing this:

➜ ~ nslookup Google.com Server: 10.8.4.4 Address: 10.8.4.4#53 Non-authoritative answer: Name: google.com Address: authoritative 120.196.0.5Copy the code

www.google.com

$nslookup [url=http://www.google.com]www.google.com[/url] 8.8.8.8 Server: 8.8.8.8 Address: Authoritative Answer: Name: [url=http://www.google.com]www.google.com[/url] Address: 0aaCopy the code

For more on DNS hijacking, see:
Comprehensive understanding of mobile DNS domain name hijacking and other miscellaneous problems: technical principles, root causes, solutions, etc

10.3 the DNS cheat

Header Answer: Name: Facebook.com Address: authoritative 169.106.121.75 $nslookup Facebook.com 8.8.8.8 Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: authoritative Address: facebook.com 159.106.121.75Copy the code

ViewDNS
The translation

Appendix: More information on network programming basics

TCP/IP, rounding
Chapter 11 ·UDP: User datagram protocol

TCP/IP, rounding
Chapter 17: TCP: Transmission control Protocol

TCP/IP, rounding
Chapter 18: Establishment and termination of TCP connections

TCP/IP, rounding
Chapter 21. TCP Timeouts and retransmission

Once upon a time in technology: TCP/IP changed the world

Easy to Understand – In-depth understanding of TCP (part 1) : Theoretical basis

Easy to Understand – In-depth understanding of TCP (part 2) : RTT, sliding window, and congestion handling

Theory classic: TCP protocol three handshake and four wave process in detail

Connection between theory and practice: Wireshark captures packets to analyze TCP three-way handshake and four-way wave

Protocol Diagram of Computer Network Communication (Chinese Edition)

What is the maximum size of a packet in UDP?

P2P technology details (a) : NAT details – detailed principle, P2P introduction

(2) : P2P NAT traversal (hole) solution

P2P technology details (three) : P2P technology STUN, TURN, ICE details

Easy to Understand: Quickly understand the PRINCIPLE of NAT penetration in P2P technology

High performance network programming (a) : the number of concurrent TCP connections can be a single server

High performance Network programming (II) : The last 10 years, the famous C10K concurrent connection problem

High performance Network Programming (III) : In the next 10 years, it is time to consider C10M concurrency

High performance Network programming (IV) : Theoretical exploration of high performance network applications from C10K to C10M

High performance network programming (5) : read the I/O model of high performance network programming

High performance network programming (6) : understand the threading model of high performance network programming

Technology Literacy: A new generation of UDP-based low latency Network Transport layer protocol – QUIC in detail

Making the Internet faster: A new generation of QUIC protocols shared in Tencent’s technology practices

Summary of optimization means of modern mobile terminal network short connection: request speed, weak network adaptation, security guarantee

Let’s talk about long connections in iOS network programming

Mobile IM Developers must read (1) : Easy to understand the “weak” and “slow” mobile web

Mobile IM Developers must read (ii) : Summary of the most comprehensive mobile weak Network optimization methods ever

IPv6 Technology details: Basic Concepts, Application Status, Technical Practice (Part I)

IPv6 Technology details: Basic Concepts, Application status, Technical Practice (Part 2)

From HTTP/0.9 to HTTP/2: Understand the history and design of the HTTP protocol

Take the network access layer design of online game server as an example to understand the technical challenges of real-time communication

To the next level: The network basics that a good Android programmer must know

Android programmers must know the network communication transport layer protocols – UDP and TCP

Introduction to Zero-Base Communication Technology for IM Developers (PART I) : 100 Years of Development of Communication Switching Technology (Part I)

Introduction to Zero-Base Communication Technology for IM Developers (II) : 100 Years of Development of Communication Switching Technology (II)

Introduction to Zero-base Communication Technology for IM Developers (III) : The Century-old changes of Chinese communication mode

Introduction to Zero-Base Communication technology for IM Developers (iv) : The evolution of mobile phones, the most comprehensive history of mobile terminals in history

Introduction to Zero-base Communication Technology for IM Developers (5) : 1G to 5G, 30 years of mobile communication technology evolution

Introduction to Zero-base Communication technology for IM developers (6) : Mobile terminal connector – “base station” technology

Introduction to Zero-Base Communication Technology for IM Developers (7) : The Swift Horse of Mobile Terminal — “Electromagnetic Wave”

Introduction to Zero-based Communication technology for IM Developers (eight) : Zero-based, the strongest “antenna” principle in history literacy

Introduction to Zero-Base Communication Technology for IM Developers (9) : “Core Network” — the Backbone of Wireless Communication Network

Introduction to Zero-Base Communication Technology for IM Developers (10) : Zero-base, the strongest 5G technology literacy in history

Why is WiFi signal bad? A text is understood!

Introduction to Basic Communication technology for IM Developers (12) : Networking? Network down? A text is understood!

Introduction to Zero-Base Communication Technology for IM Developers (13) : Why cell phone Reception is Poor? A text is understood!

How Hard is wireless On high-speed Trains? A text is understood!

Introduction to Zero-base Communication technology for IM Developers (15) : Understanding location technology, one article is enough

Technology master Chen Shuo’s share: from shallow to deep, network programming learning experience dry summary

Can ruin your interview: Do you know how many HTTP requests can be made over a TCP connection?

Zhihu technology sharing: Zhihu high performance long connection gateway technology practice of ten million level concurrent

More of the same…