Shulou(Shulou.com)06/02 Report--

This article mainly introduces "what are the knowledge points that DNS must understand". In daily operation, I believe many people have doubts about the knowledge points that DNS must know. The editor consulted all kinds of materials and sorted out simple and easy-to-use methods of operation. I hope it will be helpful to answer the questions of "what knowledge points DNS must understand". Next, please follow the editor to study!

Concept

The full name of DNS is Domain Name System or Domain Name Service. Its main function is to "translate" familiar URLs (domain names) into IP addresses that computers can understand. This process is called DNS domain name resolution.

For example, when we log on the address of Baidu, we always click on www.baidu.com to log in. Will you click on the address of IP to log in to Baidu? Obviously, the domain name is easy to remember.

Moreover, a domain name often corresponds to multiple DNS addresses, as shown in the following figure

If you want to remember it all, well, I'm sure my brother's memory must be amazing!

Process flow

Next, we have to talk about a classic interview question.

In fact, the answer is very simple (commonly known as Tianlong eight steps)

1. Perform DNS domain name resolution according to domain name

two。 Get the parsed IP address and establish a TCP connection

3. Send a HTTP request to the IP address

4. The server processes the request

5. Return the response result

6. Close the TCP connection

7. Browser parses HTML

8. Browser layout rendering

Ps: since this article is not about HTTP requests, I'd like to ask a few questions for readers to think about.

1. How many HTTP requests can a TCP connection correspond to? (hint, this is asking you the difference between HTTP1.0 and 1.1)

2. Can HTTP requests be sent together in a TCP connection (for example, three requests are sent together and three responses are received together)? (hint, this is asking you the difference between HTTP2.0 and HTTP1.1 protocols.)

3. Is there any limit on the number of TCP connections to the same Host? (please, there are so many pictures on a website, open a TCP connection and download them in order? Aren't you waiting to die?)

All right, forget it. This article is not about the Http protocol.

Let's focus on DNS parsing this piece.

Analysis

OK, focusing on DNS parsing this block, the flow chart is as follows

As shown in the figure, it roughly means: the browser enters the address, and then the browser process calls the gethostbyname function in a library of the operating system (for example, the gethostbyname function of the Linux GNU glibc standard library), and then this function sends the UDP request to the DNS server through the network card, receives the result, and then returns the result to the browser.

This picture actually explains the general process, but there may be some differences in the details.

For example

(1) when we use a chrome browser, we will first query it in the browser's dns cache, but not in the dns cache, and then call the gethostbyname function.

(2) before attempting to resolve DNS, the gethostbyname function first checks whether the domain name is in the local Hosts, and then check the DNS server if it is not found.

But look at this! Would you please recall these two interview questions?

Now, will you answer?

What, you don't know how to answer that? Pull the article to the beginning. Look at it from the beginning.

However, it should be added that there is also a place in DNS where the TCP protocol is used. That's zone transport!

The DNS specification specifies two types of DNS servers, one is called the primary DNS server and the other is called the secondary DNS server. In a zone, the main DNS server reads the DNS data information of the zone from its own local data file, while the secondary DNS server reads the DNS data information of the zone from the primary DNS server of the zone. When a secondary DNS server starts, it needs to communicate with the primary DNS server and load data information, which is called zone transfer. In this case, the TCP protocol is used.

So much for that. In fact, the interviewer can ask questions in depth, as shown below

For the first question, why does domain name resolution use UDP protocol?

Because UDP, come on! UDP's DNS protocol only needs one request and one reply. Using the TCP-based DNS protocol requires three handshakes, sending data and replies, and four waves. However, the transmission content of the UDP protocol cannot exceed 512 bytes. However, the client queries the DNS server for the domain name and generally returns no more than 512 bytes, which can be transmitted by UDP.

For the second question, why do you use the TCP protocol for area transfer?

Because the reliability of TCP protocol is good! You want to copy content from the main DNS, do you use an unreliable UDP?

Because the TCP protocol transmits a lot of content, do you use the UDP protocol, which can only transmit 512 bytes at most? What if the synchronized data is more than 512 bytes?

At this point, I suddenly thought of a joke (there is no way, there is too much knowledge in my mind)!

Let's talk about this question as a joke here.

Three-way handshake:

Zhou: "Brother Bin, do you want to make an appointment?"

Brother Bin: "make an appointment. Brother Zhou, are you sure about the appointment?"

Zhou: "make an appointment. Hotel Shangri La Santa Monica at nine o'clock tonight. Balabala"

Two handshakes:

Zhou: "Brother Bin, do you want to make an appointment?"

Brother Bin: about

Zhou: "Brother Bin, Brother Bin, do you have an appointment?"

Brother Bin: "shit, didn't you say an offer!"

Zhou: "Hey, Brother Bin, are you going to make an appointment or not?"

.

Four handshakes:

Zhou: "Brother Bin, do you want to make an appointment?"

Brother Bin: "about. Brother Zhou, would you like to make an appointment?"

Zhou: "about. Brother Bin, would you like to make an appointment?"

Brother Bin: "Brother Zhou is so stupid that he can't understand people!"

So... The resource of three-way handshake is the least (just watch the joke)! Let's get back to our DNS topic!

Principle

Now, talk about the last piece of DNS to resolve the principle of domain name! This is the most important piece!

First introduce the next dig command of linux to show the process of resolving a domain name.

For illustration, let's dig the process of Tmall.

The dig www.tmall.com results are shown in the following figure

Mo Fang, it's okay if I don't understand.

Now let's read the two key paragraphs. The first paragraph represents the request parameters as shown in the following figure

This paragraph is the content of the query.

There are generally three query parameters for DNS.

(1) Domain name: the name of the server and mail server (the @ after the email address)

(2) Class: when setting up the DNS scheme, networks outside the Internet are also taken into account, and Class is used to identify the network, but now it is only the Internet, so its value will always represent the IN of the Internet.

(3) record type: identify the type of record corresponding to the domain name. Type A, which represents the IP address corresponding to the domain name. When the type is MX, the domain name corresponds to the mail server. The type is PTR, which means that the domain name is checked based on the IP address. The type is CNAME, which means to query the aliases related to the domain name.

Of course, you have to ask me a question at this time (pay attention to the red box above)

Brother Yan, the address I typed is www.tmall.com but the address parsed in the command is www.tmall.com. Ah, there is one more. The symbol, huh? This。 What does a symbol mean?

So, I pulled another classic interview question.

OK, OK, let's be clear about this. We must first explain the structure of the domain name clearly!

The real domain name corresponding to www.tmall.com is www.tmall.com. At the end. It is called the root domain name, because each domain name has a root domain name, so we usually omit it.

The next level of the root domain name is called "top-level domain" (abbreviated as TLD), such as .com, .net

The next level is called "second-level domain" (SLD), such as .tmall in www.tmall.com, which is a first-level domain name that users can register.

The next level is the host name (host), such as the www in www.tmall.com, also known as the "third-level domain name". This is the name assigned to the server by the user in his own domain and can be assigned by the user at will.

Then the parsing process is a hierarchical query!

(1) first look it up in the DNS of the local machine, and if not, return directly. Native DNS is the following thing.

(2) if you find anything in the local DNS, check it in the root server. The root server finds that the domain name belongs to the com domain, so the root domain DNS server will return the IP address of the DNS server in the com domain it manages, meaning "although I don't know the address of the domain name you are looking for, you can go to the com domain to ask."

(3) the local DNS will send a query message to the DNS server in the com domain. There is no information about the domain name www.tmall.com in the com domain, and as before, the com domain server returns the IP address of the DNS server in the tmall.com domain below it.

And so on, as long as you repeat the previous steps, you can find the target DNS server ps: warm reminder, dig + trace www.tmall.com can see the parsing process. Interested readers, try it out for yourself.

Having pulled so many things, let's take a look at the second paragraph, that is, the part of the response body!

As shown below

Obviously, the first line says that the domain name address www.tmall.com has an alias of www.tmall.com.danuoyi.tbcache.com. So, obviously, the next few lines are the real IP of this www.tmall.com.danuoyi.tbcache.com address.

Why did Tmall set an alias to the www.tmall.com.danuoyi.tbcache.com address?

As a result, another classic interview question appeared

To tell you the truth, when I first saw this question, I thought it should be convenient for cdn configuration.

Back to our example, if Brother Yan's guess is correct, the address of www.tmall.com.danuoyi.tbcache.com should be a cdn address of Taobao.

Therefore, I specially checked the domain name record. As shown in the following figure

At this point, the study of "what knowledge points DNS must know" is over. I hope to be able to solve everyone's doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.