Chapter 2 DNS How to Work This chapter will describe how D n s servers work, how to work together, and how to respond to domain name queries. This chapter includes the following: • Hierarchy of the host and domain name. In this section, it will see a hierarchy composed of a domain name space like a tree, that is, all interpivatable computer names. It also explains how the sub-domain divides the namespace into manageable units, and the delegate authorization can enable a D n S server to query other servers when needed. • Domain and domain zone (Z O N e). The relationship between the domain and the D n S server can vary, not necessarily one server per domain. D N S servers use a domain zone file to accurately determine which domains and hosts they will manage. The domain zone gives D N s administrators enough flexibility to cause a D n S server to handle a part of one or more domains, one or more domains or a combination of these two situations. This section describes the domain data of DNS management core. Note: Some servers do not use the domain area file to store domain information, the secondary service device may only have copies in the memory, and the Windows server can store domain information in the active directory. • Analyze the request of the client. What will happen when a client issues a name query? This section will explain the process of client query parsing through an example in detail, and will explain the recursive query and iterative queries that the D n S server can use. The example will display a query to be traced to the root server, then return to another branch to meet the client's request. • Tool Overview. This section describes the basic tools for solving D n s problems, including information collection, difficulty answers, and other tools. This section provides a gadget box that helps understand and use D N S. D N S is a place where the network host and domain name are stored and interactive. At this point, each hostname is used as a symbolic address because it is more convenient to use the host name than the digital address. Most of the D n s client features most reflected in the application of the network layer. For example, the W e-page of anywhere can be opened in the browser quickly via U r L name. The transport layer transmits D n s information in the network. D N S Clients and Servers query and respond in port 5 3 with unconnected UD P protocols, and also perform the server to the server to the server using the T C P protocol in port 5 3. D N S Clients and Services The use of unconnected U D P protocols is very simple. Transferring packets with UDP protocols Does not need to establish a connection. If the client does not receive the required information, the parser will keep back until it receives a response (the "Resolution Client Request" in this chapter will As will be described), for the server to the server, only the connection-based protocol, such as the TCP protocol can be used because these servers must transmit important resource records and sequence information, without this information, server You can't keep synchronization with other servers and you can't provide reliable service. 2.1 Hierarchy of the host and domain name When I n t e R n e t (originally referred to as A R PA N e t) is still very small, a separate unified H o S T. T x T host file is published in the network, and the host's lookup can be completed. When I N t e R n e t is getting bigger and larger, this lookup method of publishing host files is not applicable. The structure of the domain name system D N S is gradually formed to replace the original file-based host search. D N s implements a distributed data model to form a file system tree, as shown in Figure 2 - 1. From the architecture, the domain name system D N s is a distributed, hierarchical, client / server-based database management system. Figure 2-1 DNS tree, similar to the file system, each layer has the only name this tree model is distributed because each registered domain provides its own database list to the entire system, as shown in Figure 2 2 shown. Figure 2-2 DNS Domain Tree Hierarchy The highest end of the hierarchy from the root domain name is the root of the domain tree (usually used "." Means), providing root domain service.
The root domain name server has an initial pointer to the first layer, which is the top-level domain, such as. C O m ,. O RG ,. m i l, and. E d u. In addition, there are more than two hundred top-level domains that represent geographic locations. This list is still developing. The top domain name was originally managed by I N T E R N e t authorized address assignment group I a n a management. Later, some top-level domain names were authorized to some organizations, such as the I n t e R n e t information center I n t e R n i c management. 14 counting the first part of understanding the domain name system
Do not allow root (unknown) I n t e R n i c to manage other top-level domain names. C O m ,. O RG ,. A C T and. E D. Because the 1980s and the numerous registration of the 1990s have made it develop quickly and changing. These top-level domain names are listed in Appendix C "top I n t e R n e T domain name". In the domain name hierarchy, the host can exist on the layers below the root. Because the domain name tree is a layer-type rather than a planar, only the host name must be unique in each branch. For example, in a company, you can have a number of hostnames W W W W, W E b servers, provided that each server must be on different branches at the domain name hierarchy. Such as ww w.xyz. Com, ww w. Eng.com is a valid host name, that is, even if these hosts have the same name, they can be correctly parsed to the only one. Host. This principle applies to the F T P node, the W E B node, a domain name server, and the like, that is, as long as it is in different subdomains, you can reintegrately. The root D n S server is like a company and school used around the world, but it exists in the most special place in I N T E R N e t, that is, even on the first layer of domain names such as. C O m and. O RG, etc. Several layers in the domain name hierarchy are given in Table 2 - 1. The easiest way to memorize D n s hierarchical is to remember that the root domain is only "." The top-level field contains only one name, and the second layer field contains two names, so. The root domain name server and other agency, the main difference between the group's domain name server is that the root server contains pointers to all registered top-level domains. The second layer domain is part of a mechanism group or region, with the last part of the domain name, the domain suffix is classified. For example, the domain name M i C R o s o f t. C O m represents Microsoft. Most domain suffixes can reflect what is nature of institutions that use this domain name. Table 2-1 Location in the domain hierarchical hierarchical hierarchy. The root is the only domain without name, indicates a period. NET TLD or top domain name EXAMPLE. NET SLD, or the second layer name Test.example.net subdomain, institution The domain name of the middle department is not actually, and the first layer is actually a second domain than the root domain, but they are still called top domains or TLD (Top Level Domain). The root domain is a domain from the meaning of technology, but often does not be treated as a domain. All race-level members of the root domain are just to support domain name trees and its functions. However, the type of institution does not always be easily determined by the domain suffix. For example, it is unlike. The C O m domain is as clear as. C O m domain. Originally,. N e T domain is intended for I S P (I N t e R N e t service provider) and other networked agencies, but many research institutions or topical groups also use this domain, such as H A N D L e. N e T and G I g a. N e t, etc.. The O RG domain is originally used by research organizations for non-profit or government funded, but it is also subject to high Performance Computing Center (HPC. O RG), Integrated Technology Office (i Ntegratio Ntechnology Office: ito.org). 2.1.1 Subdomains If in another domain, it should be a sub-domain, even the top field is also the domain of the root domain. Since the subdomain below the second layer is particularly much, the large number of subdomains are also below the second layer, and therefore, the word domain is often used to refer to individual domains below the second layer. Chapter 2 How does DNS work counting 15
All institutions, groups often set up subdomains based on internal needs. Such as e a s t. I S i. E D is the subdomain of I S i. E d u, is set up for the East Coast Section of I S i. Companies often set up subdomains in accordance with the structure inside the company. The subfields shown in Figures 2 - 3 correspond to the engineering unit, the market, the sales department, and the Human Resources Department. In this way, subdomains are used to distribute the load to a number of hosts of the company's internal network, thereby improving performance of various services such as mail services, name services. The division of sub-domain structure is completely determined by themselves. The principle of dividing should be to minimize traffic on the network and meet demand. Because of the same reason, it is common to use structures that are similar to domain controllers in Windows 2000. If you want to divide the domain according to the boundary of the logical LAN, so that the traffic on the WAN is minimized, consider placing a cache name server at least in each LAN. Domain and sub-domains From a pure logic, all domains below the root domain can be referred to as subdomains because they are indeed below the root domain. However, the objects of such terms are too wide, nor is it suitable for distinguishing the upper and non-upper domains. Typically, administrators say the domain below the second layer is a subdomain, that is, those domains having three or more than 3 use "." Are subdomains. This makes it easy to distinguish the relatively fixed upper and third layers, fourth layers, or even lower layers. From a more practical perspective, the upper layer of the domain name tree in the root field, the top field, and the second layer domain is fixed, and the subdomain refers to the various fields below the second layer. 2.1.2 Entrust authorization The division of this subdomain can lead to a formal method of distributing workloads between several servers in the domain in the field and subdomains: entrusting authorization. The primary server is also called an authorization server, or is called S O A in D N s. A authorized server has an unrequently restricted responsibility to answer all the query requests it proposed. But it can also entrust some of the authorization to other servers. The authorization server can contain all the data of the domain, or part of the data can be delegated to other servers. Each top field is actually a part of the root domain, and each top-level domain can be further divided into a second domain name. The entrusted authorization is a method for sharing responsibility for root domain servers and other domain name servers. The result is that the authorization to find all I n t e R n e T hostnames to many servers. Through this distribution method, a key concept of D N S is formed. Such a single server's failure does not cause system failure, and the root server is equivalent to many, and the top field and subdomains are in most cases. If a D n S server cannot answer a query request, it automatically indicates that the client to another server that has authorized part of a part of the subdomain record. Subdomains are often processed by a server that is authorized. The authorization server determines which server that should be queried to a domain name, which determines the server that should be queried if necessary. If the authorization server does not contain the relevant data of the query name, the entrusted authorization will determine the next step to query the server. The entrusted authorization will announce all authorized servers in the domain, but in fact, most queries only need to turn to a server. If the answer received by the client (parser) is that the host or domain does not exist, the customer will stop looking up immediately. The parser will no longer point to any other delegate authorization server, regardless of how much domain name server has been accessed. The entrusted authorization will cause the query to point down the top layer D N S by the root server located at the root of D N s. The sub-domain DNS server will be registered with the parent domain server through the domain name server, just as a mechanism registers its second layer domain name and the D n S server from the top-level domain to I N T E R N I C (I N TE R N E T Network Information Center). As previously mentioned, there may be multiple authorizations in the second level. The entrusted authorization can be the same, or it can be next level. The entry of the same level will determine the other servers of the same layer to share the authorization of the domain, and the next level of the delegate authorization will determine the subdomain (see Appendix C). Any D n S server used by any user may be authorized to authorize a subdomain for its top D n S server. 16 counting the first part of understanding the domain name system
Give a domain name server to a domain name server (N S record) to delegate authorization (Chapter 4 will describe N s records and their use). N s records can give a list of all authorization servers in the domain. In order to configure a subdomain of a mechanism, authorization must be authorized from the parent domain to the subdomain, otherwise, these subdomains cannot be parsed by any host of the outside world. For a D n S client, it seems that all registered host addresses are on its local D n S server. But this is just a feeling of surface. The delegate authorization tells the local D n S server how to find non-local hosts, so that the client can resolve the address other than the domains they are located. 2.2 Domain and Domain Area Area Comprehension Domains and Domain Areas The Differences require a little effort. The branch of D N s domain tree is used for domain names, while leaves are used for hosts. In the domain tree, the subdomains and hosts are members of all domains in the tree. The domain zone is logically overridden part of the D n S tree structure to determine the name (sub domain name and host name) supported by each D n S server. D N s servers' domain area determines the branch, the area of the tree it covers the tree, and how much it is authorized. The authorization domain zone of one server in Figure 2 - 3 includes two domains of M K T and S A L e s. A D n S server can also have only one domain in a domain area. Figure 2 - 3 E N g is an example of only one domain in a domain area, although it has two subdomains. Because the domain area in Windows 2000 is used to control adjacent branches, the M K T and S A L E S domains are required to be in different domains, which is slightly different from the general domain rules. Since the interaction between the DNS server and the interaction between the DNS server and the DNS client determines that there must be domain zones and entrusted authorization, where the name is stored where the name is stored (ie, which DNS server has these names), The entrusted authorization determines which path to the client and server communicate with other DNS servers. The records included in one domain area can be a single domain record, a portion of a domain record, a record of one or several subdomains or a combination of parent domain and subdomain records. For a class of specially used in reverse address domains parsing from the address to the name, there is often a record of multiple domains. The reverse address domain area will be described in Chapter 4. Figure 2-3 The domain area determines that the domain name domain area managed by the D n S server provides the name it managed to the D n S server, and the delegate authorization tells the D N S server when a query is outside the domain area. Domain and entrustment authorizations do not decide which D n S server is the original source of domain record authorization, which servers are just backups. You need to specify a server as the primary server and give it this authorization, and specify a chapter 2 DNS how to work counting 17
A server is a secondary server as a backup of the primary server. 2.2.1 Main D N S Servers As mentioned earlier, the primary D n S server (ie S O a) is responsible for the authorization of the name in the domain, and all information about the name of that domain is obtained from this server. When a primary D n S server is started, it acquires domain data from the local data file (or active directory) it runs. A D N S server can be a primary server in one or several domains, or both a primary server of a domain, another domain auxiliary server. Chapter 3 will explain the type of D N s servers in more detail. But now at least recognizes that the domain and domain district does not exist, only the D n S server has the concept of the master or auxiliary, the main D n S server is an authorized source of a domain name. If you want to configure the hierarchy of the domain's domain, it is best to first configure a primary domain server for the entire domain. D N S server management domain zone should contain all domain names, perhaps one or more servers should be configured for subdomains. If the subdomain is to be established for the individual departments of the organization, each subdomain should have a primary D N S server. If the server does not contain all the records of this domain, you must specify a subdomain authorization (for example, e x a m p L e. N e T is divided into S A L e s. E x a m p L e. N e T, O P, E x a m p L e. N e T, E N g. E x a m p L E. N e t, E x a m p L e. N e t, E x a m p L E. N e t, E x a m p L e. N e t, E x a m p L The choice of subdomains improves the flexibility of the user. At the same time, because each subdomain has an authorized start, the load is potentially increased. Therefore, each time you change, you must enter the specified primary server. The use of M s on the "Domain Zone" item is sometimes puzzling. Pay attention to the way of use when implementing. 2.2.2 Auxiliary D N S Servers Auxiliary D N S Gets Data from the primary server. When a secondary D N S server is started, it first obtains domain zone data from the primary server and compares its own version number and the version number of the primary server. If you feel that it is necessary, the secondary server is replaced by the domain zone data, covers the original data with the data of the primary server. Auxiliary server can communicate with primary server because the auxiliary server is saved in its file along with S O A and N S resource records. The auxiliary server is only represented by a N s record, and it does not assume the responsibility of S O A, only the primary server is entitled. Of course, if the secondary server still does not have domain zone data, it needs to use an indication to locate the primary server when its startup file is established to obtain the domain zone data. Similar to the main D n S server, the auxiliary service device is also a place to find a domain name. Its difference is that the primary server is the source of the server that needs to enter a server server, and the secondary server is not the source of the delivery domain area data. The presence of the auxiliary server is just for backup and provides a query service. 2.2.3 After transmitting data from the primary D N S server, the DN server transmits data on the domain, domain area, and entrust authorization, and can turn to discuss the distributed database model of D N s. The domain area file is essentially D N s database list, and the primary server has the source domain area of its own domains. The sub-domain domain server can have the function of the main server, which can effectively divide a large number of domain names into several smaller parts and become several domain district files. If a large agency uses only one domain when establishing its domain name, there is no division into several subdomains, the domain area file will be very large. Such a large number of non-hierarchical spaces will have another question: a DN branch that is no longer divided cannot support two same hostnames. If you do not divide the domain, a large agency will encounter problems that have been encountered like A R PA N e t to establish a D n S architecture. However, the same large mechanism can divide its domain space into several subdomains, but still use only one domain area file, as shown in Figure 2 - 3. This can only solve one of two problems. 18 counting the first part to understand the domain name system
Divide the domain can improve performance due to domain zone files and easy to manage. A domain name server should not parse the huge domain area file. Although it is also affected by other factors, in general, the smaller the domain area file, the faster the response obtained from the domain name server. However, the sub-domain will also bring certain problems, namely data issues. The entrusted authorization solves the coordination of the parent domain and subdomains, but how a secondary server is from the data source - its primary server - to get data? The answer is the domain area file of the main server. This is also known as the zone zone transmission. Domain area transmission can be partial or complete, mainly depending on the demand and the time of the most recent total delivery. Divide large domain districts into several small files can also improve the efficiency of the domain zone transmission. This is also one of the important reasons for avoiding large and flattening domain space. When a primary server is started, it only needs to respond to the name query request. When a secondary server is started, it will look at the authorization data of the primary server and get a path and file name so that when the copy is received, saved as a local backup. This is provided by the server's startup information, will be mentioned in Chapter 4. If the secondary server is the first start or someone clears its data directory, the secondary server issues a request to the primary server to obtain a copy of the domain area file. The domain zone transmission operation is very similar to file replication of Windows (NT or 2 0 0), or W i N s data replication between Windows between the domain name server. When the auxiliary server gets a copy of the primary server domain file, it can also provide an authorized response to the name query. If the domain area file of the primary server has changed or updated, how will the secondary server handle? Several information fields included in the Authorization Start Resource Record (SOA RR) can indicate how long the servers have detected the change of the primary server, these fields are set. Over-term time limit and refresh frequency. S O A resource record also has a version number or serial number. For more information on S O A resource record, please see Chapter 4. The secondary server will periodically query the domain area file it needs to the primary server. The specific is to check if the serial number changes, the serial number is a number of increments that indicate the database version. If the serial number changes, the secondary server knows that the domain zone data has changed, and the new copy is activated (may be partial, or it may be completely transmitted). Part transfer is a gradually increasing transmission defined in RFC 1995, ie, is only changed, not the entire domain area file being transmitted. Only when the serial number increases the rear-service server to transmit. If the serial number is reduced because of some reason, the secondary server will consider its domain area file replica to be the latest and will continue to use until the expires. If the serial number of the secondary server becomes 0 due to some reason, the local area file of the secondary server will be deleted, and the secondary server will initiate a full new domain data file from the primary server. But no matter which case, it is obtained from its primary server. Windows 2000 DNS Server and Bind 8.0 have a "Notification" option to start the secondary server update. That is to say, the primary server can notify the secondary server data has changed to accelerate the transfer of new information. The Notice option can also improve security because it is transmitted by the primary server. The primary server administrator provides a list of secondary servers that should be notified, and the secondary servers in the list are limited to those already authorized servers. Transferring the startup data from the secondary service device to the primary server, helps prevent the domain area file from being illegally stealing. This is a convincing reason for using the "Notice" option to improve transmission efficiency. However, some BIND 8.1.1 servers discard all of their data when receiving such transmissions from Windows 2000 DNs. Therefore, when the plan is used to use the B i n d auxiliary service, BIND 8.1.2 should be used. It is desirable that D N s is in a global basis to obtain a quick-handed mechanism to configure D N s servers in different geographic locations, perhaps the partial area data is placed on the server of other partnerships.
This provides better local query performance, and the redundancy configures helps continue to work when I N t e R n e t is not normal. When there is a fault, even if the host is not turned on, the secondary D n S server can still be parsed. This is useful for services such as sending emails, because if you resolve the host name when sending mail, you cannot start a chapter 2 DNS how to work counting 19 mail delivery procedures, just send mail to send Continue in the queue, send it later. When you send a message, if you don't resolve the host name, you can only return the email and give the "host unknown" error. Windows 2000 integrates domain zone data into the active directory as a third type of domain area, which has gradually blurred the difference between the standard primary auxiliary server. After integration, there may still be a standard auxiliary server, but there may be multiple equivalent auxiliary servers with multiple equivalent use of the active directory. This will be mentioned in Chapter 7, there will be some D n s issues related to the active directory technology. This chapter is here about the discussion of domain name space and domain name servers. The rest will focus on the client. How the client's query and D n s server work together. 2.3 Analysis Client Request When the client is going to communicate with the remote system, such as a user with a mouse to click a link to a WE B node, there is a series of steps before the actual and remote system starts communicating. The first step is to analyze the distal system name I P address. The client is the parser. To parse the remote system name, the client has issued a query to a D n S server of it, at least a D n S server needs to specify a D n S server. A client's D n S server search order can be seen in the T C P / I P Properties window of the D N S network control panel, as shown in Figure 2 - 4. Chapter 1 4 will give pointers in different Wi N D O W S client space locations. Figure 2-4 A Wi NDOWS 9 5/9 8 Client to DNS TCP / IP attributes in Figure 2 - 5, you can see the IP address listing one or more DNS servers, indicating where the client is looking for Unforeseen the address of the name. The client will first query the first domain name server in the list. If the parser does not receive a confirmation within the specified time, it will query the next server in the list until a domain name server accepts the query. When a domain name server accepts the client's query, the client usually waits, and the domain name server finds the IP address of the host name of the query, or gets the host name that matches the received query from other DNS servers. . If the first D N S server accepts the query request but cannot resolve the host name, it returns "Domain Name Error" to indicate that the domain name is not existent. When this occurs, the client will no longer issue a query to the second D n S server. If the host name also contains the domain name of the host, the DNS server uses this additional information to speed its search, and may even submit the query directly to another DNS server, or tell the client another DNS server address to query (remember the whole country name) See Chapter 1). If you do not specify a domain name, the D n S server will consider queries in your own domain area file. 20 counting the first part to understand the domain name system
Figure 2-5 Advanced D N S Configuration of Windows 2000 Client 2.3.1 The client request parsing is a detailed example to help readers understand the process of domain name resolution. This example shows how D N s works, and the reader should read this example carefully to understand the role of each step. Review the previous discussion about the domain name and root domain, the host name with the end of the end should be a whole domain, that is, all the ingredients of all the domains that should have in the name are complete. If the client has ".", Its DNS server does not further assume the components of the domain, but when starting the parsing, send the host name directly to the root server, from there The authorization server of the host can be reached along a shortest path in the DNS tree. If the domain name is just a relatively domain name, that is, the end of the end, the D n S server will make a series of intelligent assumptions for the all-domain name of the reconstructed host. Due to the different source code used by the parser library function, the work of the parser will be different. Many standard parsers can complete parsing according to the input received from the application. For example, to query the host name W w W, follow the default settings, plus the client's domain name. If the host name of the query is W W W. I S i. E d u, the parser will parse the w w w. I s i. E d. If the server can't find W W W. I S i. E d u, add the client's domain name and continue the query again. Differences are that some parsers distinguish the whole domain name and host name by viewing the entire string, if it is like W w w. E x a m p L e. N e t thinks that the domain name is considered to be a domain name, such as W W W is considered to be just a local host name. For example, assume that the domain where the client is located is C N R i. R e s t o n .. V a. U S, it is to access W W W. I S i. E D u 's WE B Node. If the lookup is not a domain name, the server will try to construct a domain name. Because the DNS server that this client starts query is in the CNRI. RESTON. VA. US Domain, and does not use the whole domain name, the initial search string used by the DNS server is: Note that this DNS server has made its domain name CNRI. RESTON. Va. US is added to the back of the host name. The D n S server will consider that this name is not a domain name unless the lookup name is ".". Only the end of the tail "." Can confirm the whole domain name. Alternatively, W W W. I S i. E d u and w w w are relatively domain names, which may be parsed in the current domain, or may not be resolved in the current domain. If the name is not ".", The relativity of the name can be set by the parser, and it usually leaves the D n S server to set. By the primary search in C N R i. R e s t o n. V a. U s domain, the domain name server can not be chapter 2 DNS How to Work Match 21
Parked the combined host name it received. This indicates that the all-domain name of the reconstructed lookup host is not successful. When the next query, the D n S server must find in the high-level domain. Therefore, the second lookup name should be: note, the "C N R I" section of the first query has now disappeared. If this completes the DNS server search for the client to the RESTON. VA. US domain is not the primary DNS server, it will transfer the query to another server, but if this server is the primary server, while the second search Failure, then it will assume that a higher level domain may resolve, and will then delete a portion from the current search name, and then perform the third lookup. If the third look is still unsuccessful, the fourth lookup in this case will be different. Because there is virtually no U s (U S is processed by root domain), the fourth query is actually going to the root domain server to query W W W. I S i. E d u. However, the D N S server does not obtain parsing W W W. I S i. E D u. It will be directed to one I S i. E d u domain authorization server. Then, the D n S server will be sent to the query of W W W. I S i. E d u. e d u domain name server. Because W W W. I S i. E D is a valid host of the I S i. E D u domain, this I S i. E D u domain's domain name server will respond to the I P address of W W. I S i. E d u. The local D n S server feeds the result back to the client so that the client machine is used to connect the WE B server and the WE B page. In the next section, a more detailed process of the host-I P address query will be described. The above is an instance of the D n S server recursive query, or it can also be set to the superimposed query or non-recursive query. In fact, the superimposed query is like the D n S server queries root domain server. The root domain server is not directly inquiring the client, but provides a best guess, indicating where you can get more information. D N S servers can work in recursive query or superiry. In recursive mode, D n s servers becomes a client's agent and communicate with other D n s servers as needed to obtain results, while the client is just waiting. When recursring queries, a D n S server itself will become a parser, or the D n S client that turns other D n s servers. The default way of the Windows 2000 DNS server is to send a superiratory query from the client to other D n s servers other than its forward server (F O R w A R d E R s). When working in the superimposition method, the D n S server is just the best guess it can authorize, usually this answer just points to another D N S server so that the parser can continue to query. This parser can be the original client, or another D n S server. The re-pointing of this query will gradually enable the query to close the last goal. The overlay query makes the D n S server do not have to work for the query, because the client itself will continue to query the clues provided by D N s. Note that the parser can work differently, depending on the design of the parser and settings in the network control panel. The example of this chapter will display the general process of the parser work. There are many factors that affect the methods used by the parser, but rarely affect the final result. For example, some parsers believe that if the internal group of a domain name ".", It is a domain name, and then gives it to a D n S server. Some parsers assume that if there is no period at the end of the host name, it must not be a whole domain, and the client adds her domain name to the host name and is sent to a D n S server. Both hypothesis may be wrong. Fortunately, the combination of the client parser and the D N S server can successfully resolve most of the domain names.
2.3.2 Host-I P Address Query Instance The program N S L O K Up used in the following example will be described in 2. 4. In Chapter 1 2, there is a more detailed introduction. 22 Message Part 1 Understanding Domain Name System Program Listing 2 - 1 is the detailed output of the host-i p address query obtained from the tool software N S L O o K u P. The host of the query is W W W. I S i. E D u, the primary domain server is C N R i. R e s t o n. V a. U s. This example shows how communication between clients and servers during parsing processes. Figure 2 - 6 is a diagram of program list 2 - 1. Figure 2-6 Press the instance program list 2-1 of the entrusted authorization in the D n S tree list 2-1 recursive query instance (output by N S L O K K u P) Chapter 2 DNS How to Working Match 23
The domain zone of the root DNS server includes .us and .edu in the CNRI client in this example, CNRI's D n S server represents a recursive query on behalf of its client. Other DNS servers for iteration, return the best guess to indicate that CNRI's DNS server sequentially queries the order of other server events: 1) CNRI's client Query www.isi.edu2) CNRI's DNS for CNRI client Server Query DNS Server RESTON.VA.US3) According to prompts, CNRI's DNS server query DNS server VA.US4) According to prompts, CNRI's DNS server queries root server, the main server 5 of US and EDU 5) According to prompt, CNRI's DNS Server Query DNS Server Isi.edu6) DNS Server ISI.edu Returns Www.isi.edu's Address 7) CNRI's DNS Server Returns the address of www.isi.edu to client 24 counting the first part to understand domain name system
Chapter 2 DNS How to Work Match 25
From program list 2 - 1 and Figure 2 - 6, you can effectively see how domain name servers have traced back to the root domain, and how to enter another branch down. You can also see an interesting thing: Domain Name Server V e n e r a. I S i. E d u appears in several positions. The query of the V a. U S layer points to V e n e r a. I s1. E d u. V e n e r a. I S i. E D is one of a number of domain servers in V a. U s domain. In addition, you can also see from the root domain cache file, server V e n e r a. I S i. E D u is also one of the original root fields. This root server maintained by I S i is now referred to as B. R O O t. S e r v E r. N e t. 2.4 Tool Overview Tools associated with D n s have a lot. These tools make it easy to understand what will continue and what will generate errors. Understand the basic working principle of these tools allows us to use them better. The contents described in this section include: D i g, I P C O N f I g, N E T L A B, N S L O O K Up, P I N g, T R A C E R O U T E (T R A C E R), N E Ts S T A T and N B T S T A T. This section is just an overview of these tools. More information can be obtained in Chapter 1 2. The specific usage of these tools is as follows: • D i g-dig is a better N S L O O K up. It can acquire more information and is easily used than N S L O O K u P. D i g also uses a parser to perform a query on a distributed D n s database. D i g also provides some options to improve the flexibility of the command line. • I P C O N F I G-I P C O N f I g shows information when the network configuration is performed in the system. It includes: I P, D N S server, routing information, subnet mask, and more. I P C O N f I g can reset or release all adapters or specified adapters, or output data to the specified file. Microsoft adds some additional features to I P C O N f I g in Windows 2000. Two of these are related to the client parser cache: a) / displaydns- If the parser is not empty, it displays its content. b) / flushdns - Clear the cache, this command is useful when the system crashes or information has changed. • N e t L A b- This tool is a free software that consists of a series of tools that can be easily operated by a graphical interface. It can easily switch between tools for tracking network issues and tools to provide more network environment information. N e T L A b integrates these tools in a software for use. These tools include: F I n g E R, W H O I S, T I M E, Q U O T E, P I N g, T R A c E, D N S, S C A N E R, and I N f O can operate in U S E R @ H O S T and H O S mode, F I N g E R.
In User @ host mode it will return information to specify the user on a host; in Host mode it will return to the user on the host; WHOIS returns information about the specified domain from the Whois database, which is capable of different types of WHOIS The server queries forward or backward information; TIME consists of two parts, which prints the date and time of the location of the remote server, which makes the native clock with the specified clock; Quote and one Quote - of - The - Day server is connected, which is a very interesting service provided by some of the server; ping executes the ping commands, the ping section has a GUI to better control the ping command; Trace It is a tool similar to ping but can perform tracerts; DNS performs basic NSLookups; Scanner performs network scan and feature control, such as port scan, etc .; INFO gives out the stack version and system name information. • N S L O O K U P-N S L O O K U P Tool Performs D N S Query for Different Server. When N S L O O K up is executed, it will query 26 count the first part to understand the default server default domain system, unless a different server is specified. In both basic modes, N S L O O K u p: interactive and non-interactive mode. In interactive mode, many queries and set a lot of control N S L O o K u p tools can be queried to the database query. N S L O o K u p Executes the query using its own parser. • P i N G-P I N G is a tool for controlling message protocol (i c m p) using I N T E R N e t. P i N g Sends an address of I C M PE C H O - R e q u e s to a address as a parameter, and P i n g has some options for controlling its behavior. P i n g is basically used to check if a machine on the network is up. • T R A c E R T-T R A c E R T (sometimes T R A c E R O U.) is a tool for transmitting a U D P packet to the specified address. Typically, the group consisting of three packets is issued. Each packet obtains the effective time (T t L) than his previous packet. The effective time parameter is used to determine if a message is up to. If a message is marked as unreachable, an I c m p timeout information will be returned to the source. This makes it possible to track the router passed by the packet transfer process. After the destination address arrives, T R A c e r t stops sending a message setting. • N e T S T A T-N E T S T A T Displays the protocol statistics table and open T C P / I P network connections, and there are many options to control the display of N e T S t a t. Can I use n e t s t a t /? To get all the options. • N B T S T a T-N B T S T A T displays a statistical table for N e T Bi O S (N e t b t) on T C P / I P. It also provides a lot of options that use N B T S T a T /? All options are available. 2.5 Summary This chapter introduces how D N s works. The following chapters will explain the type of D N S servers, their purpose, how to work together, and details about D n s domain files. Chapter 8 will re-discuss the client name resolution and explain the recursive query and iterative query. Chapter 2 How does DNS work counting 27
