CN103095608A - Delegation forwarding method for domain name system (DNS) data package - Google Patents
Delegation forwarding method for domain name system (DNS) data package Download PDFInfo
- Publication number
- CN103095608A CN103095608A CN2013100039346A CN201310003934A CN103095608A CN 103095608 A CN103095608 A CN 103095608A CN 2013100039346 A CN2013100039346 A CN 2013100039346A CN 201310003934 A CN201310003934 A CN 201310003934A CN 103095608 A CN103095608 A CN 103095608A
- Authority
- CN
- China
- Prior art keywords
- domain name
- data package
- mark value
- request data
- socket
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a delegation forwarding method for a domain name system (DNS) data package. The delegation forwarding method includes a first step of reading a mark value corresponding to a socket buffer (skb) data package in a linux kernel and storing a domain name resolution request data package and the corresponding mark value into a buffer chain table when a delegation process receives the domain name resolution request data package, and a second step of reading the marked mark value from the buffer chain table with regards to the domain name resolution request data package marked with the mark value before the data package is forwarded, setting the mark value in a property option of a socket corresponding to the domain name resolution request data package, and then forwarding the domain name resolution request data package through the socket. Through application of passthrough technology, when the data package is forwarded, the mark value can be set into the socket option, so the domain name resolution request data package can carry out strategy routing according to an original mark value, and validity of the domain name resolution can be guaranteed.
Description
Technical field
The present invention relates to communication technical field, relate in particular to a kind of agency retransmission method of DNS packet.
Background technology
DNS (domain name system, Domain Name System) be a kind of for TCP/IP (transmission control protocol/Internet Interconnection agreement, the distributed data base of application program Transmission Control Protocol/Internet Protocol), it provides the transitional information between host name and IP address.
Usually the domain name analytic method that adopts at present is as follows: 1) client sends the domain name mapping request to dns server; 2) the DNS server is resolved domain name; 3) dns server returns to client with analysis result; And 4) client selects an IP address to conduct interviews from this result.
In the use of home gateway, often can use family gateway equipment (CPE, Customer Premise Equipment) as the agency, resolve LAN side user's domain name mapping request.Can carry out certain control to user's internet behavior like this, or the business of common carrier is supported (such as by registration just can surf the Net etc.).
And in CPE, often need to set up many wan to connect, be used for online, be used for IPTV, with the TR069 management etc.Every wan connects the different business of use, and corresponding DNS request analysis is arranged.These requests can be from CPE, may be also LAN side user requests.For the request from the user, the CPE agency unifies to use the wan connection of gateway by default to resolve.
In order to divide different business to use in the LAN lateral areas, usually use port binding, the LAN port is connected and bound with corresponding WAN.Like this, as shown in Figure 1, by the packet that specific LAN port is come in, can be labeled corresponding mark value, then walk tactful route according to this mark value, the final corresponding wan interface that arrives binding; And be not labeled the packet of mark value, send by default route.
But, because the agency has been used in dns resolution, because agent process belongs to application layer, agent process can not read the skb packet when receiving kernel data (skb is the abbreviation of socket buffer (socket buffer memory), it is the structure of packing data in the protocol stack of whole linux, represent a packet with skb traditionally) the mark property value, the mark value that before so the DNS packet that process receives is not known, ebtables arranges, making the packet that sends when forwarding is not to be with the mark value.Thereby agent process can make mark value lose when receiving the DNS packet and forwarding, then the packet that forwards finally can send by default route, rather than the wan interface of binding.
If it is all identical that all WAN connect the dns server that uses, so no matter walks that WAN and connect and correctly to resolve.But, if the dns server that different WAN connects is different, and the business tine of each dns server also different (operator builds the dns servers of oneself sometimes on some business), exception error can appear, finally can not resolve or parse error.Thereby being necessary provides a kind of effective solution for this problem.
Summary of the invention
The object of the present invention is to provide a kind of agency retransmission method of DNS packet, overcome the defective of the parsing failure that in the agency retransmission method process that has the DNS packet now, mark value loss causes.
The objective of the invention is to be achieved through the following technical solutions:
A kind of agency retransmission method of DNS packet comprises step:
When agent process acceptance domain name analysis request data package, read the mark value of corresponding skb packet in the linux kernel, the mark value that this domain name mapping request data package is corresponding with it is stored in the buffering chained list in the lump;
Before package forward, for the domain name mapping request data package of mark mark value is arranged in the buffering chained list, read the mark value of mark from the buffering chained list, this mark value is arranged in the attributes section of socket corresponding to this domain name mapping request data package, then forwards the domain name mapping request data package by socket.
In said method, read the mark value of corresponding skb packet in the linux kernel by system call recvmsg function.
In said method, for the unmarked domain name mapping request data package that the mark value is arranged in the buffering chained list, this domain name mapping request data package is forwarded to name server by default route.
In said method, in forwarding the process of domain name mapping request data package by socket, the mark value in socket is arranged in the mark option of corresponding skb packet, is selected the tactful route of coupling by linux kernel routing module according to this mark value.
Compared with prior art, the embodiment of the present invention has following beneficial effect:
Lose for fear of DNS packet its mark value in repeating process, the invention process is utilized the packet Signal Transparent Transmission Technology: adopt the option configuration of expansion linux socket, make agent process to read when reading LAN side data bag and record the mark value; In the forwarding data bag, the mark value is set in socket option.Can guarantee that like this mark value can not lose, the DNS packet can be walked tactful route according to original mark value, thereby has guaranteed the correctness of domain name mapping.
Description of drawings
Fig. 1 is the agency retransmission method flow chart of DNS packet in prior art.
Fig. 2 is the agency retransmission method flow chart of DNS packet in the embodiment of the present invention.
Embodiment
In order to make purpose of the present invention, technical scheme and advantage clearer, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, is not intended to limit the present invention.
See also shown in Figure 2ly, in the present embodiment, the agency retransmission method of DNS packet comprises the following steps:
At initial time, be the corresponding mark value of bundling port mark in the LAN side ports according to the port binding configuration information.
201, when the LAN side ports receives the domain name mapping request data package of user's transmission, according to the port binding setting, give each domain name mapping request data package corresponding mark value of mark respectively.
In this process, CPE is by the mark module of linux ebtables, put on a mark value for the LAN side ports of binding, when this bundling port was received the domain name request resolution data bag of LAN side user transmission, the mark module arranged corresponding mark value for the mark option of each skb packet.
202, in the agent process acceptance domain name analysis request data package on CPE, CPE uses system call recvmsg(system function) read the mark value of corresponding skb packet in the linux kernel.Recvmsg finally can call the function ip_cmsg_recv of kernel/linux/net/ipv4/ip_sockglue.c file, and the mark value that reads skb by expanding this function gets final product.
203, CPE stores domain name mapping request data package and its mark value that reads in a buffering chained list in the lump.
204, read the domain name mapping request data package from the buffering chained list.Whether the mark value that judges this packet is set up, if do not have, execution in step 205; If have, execution in step 206.
205, the mark value due to this packet is not set up (being 0), shows that this packet is not to come from bundling port, so forward this packet by default route.
206, for the domain name mapping request data package that is provided with the mark value, can not forward at once.This moment, socket did not also identify this mark value, forwarded the mark value that can lose or indicate upper (the last mark value that arranges that sends does not have to revise, and can be used by send next time) mistake.Socket is the sendaisle of data message, when packet sends by socket, the attribute of socket just can be set in message attribute, thereby in the present embodiment before the domain name mapping request data package is forwarded, the mark value of socket corresponding to this packet is set by system call setsockopt.Like this when packet sends by socket, the property value of socket will be set in message attribute (at this moment, the domain name mapping request data package has been packaged into a skb packet, can set a property), thus stamped the mark value for the domain name mapping request data package.This setting operation is realized by the function do_ip_setsockopt of expansion kernel/linux/net/ipv4/ip_sockglue.c file.
207, linux kernel routing module is searched the tactful route of coupling according to the mark value, if the tactful route of not mating forwards current packet by default route; If the tactful route of coupling is arranged, the tactful route by coupling forwards current packet.
The above is only preferred embodiment of the present invention, not in order to limiting the present invention, all any modifications of doing within the spirit and principles in the present invention, is equal to and replaces and improvement etc., within all should being included in protection scope of the present invention.
Claims (4)
1. the agency retransmission method of a DNS packet, is characterized in that, the method comprising the steps of:
When agent process acceptance domain name analysis request data package, read the mark value of corresponding skb packet in the linux kernel, the mark value that this domain name mapping request data package is corresponding with it is stored in the buffering chained list in the lump;
Before package forward, for the domain name mapping request data package of mark mark value is arranged in the buffering chained list, read the mark value of mark from the buffering chained list, this mark value is arranged in the attributes section of socket corresponding to this domain name mapping request data package, then forwards the domain name mapping request data package by socket.
2. the agency retransmission method of DNS packet as claimed in claim 1, is characterized in that, in the method, reads the mark value of corresponding skb packet in the linux kernel by system call recvmsg function.
3. the agency retransmission method of DNS packet as claimed in claim 1, it is characterized in that, in the method, for the unmarked domain name mapping request data package that the mark value is arranged in the buffering chained list, this domain name mapping request data package is forwarded to name server by default route.
4. the agency retransmission method of described DNS packet as arbitrary in claims 1 to 3, it is characterized in that, in the method, in forwarding the process of domain name mapping request data package by socket, mark value in socket is arranged in the mark option of corresponding skb packet, is selected the tactful route of coupling by linux kernel routing module according to this mark value.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310003934.6A CN103095608B (en) | 2013-01-07 | 2013-01-07 | A kind of agency retransmission method of DNS data bag |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310003934.6A CN103095608B (en) | 2013-01-07 | 2013-01-07 | A kind of agency retransmission method of DNS data bag |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103095608A true CN103095608A (en) | 2013-05-08 |
CN103095608B CN103095608B (en) | 2016-06-29 |
Family
ID=48207759
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310003934.6A Active CN103095608B (en) | 2013-01-07 | 2013-01-07 | A kind of agency retransmission method of DNS data bag |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103095608B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104113475A (en) * | 2014-07-30 | 2014-10-22 | 深圳市共进电子股份有限公司 | Linux based home gateway network route achieving method and system |
CN105142183A (en) * | 2015-10-09 | 2015-12-09 | 烽火通信科技股份有限公司 | Method and system capable of automatically identifying WIFI data frame and dividing priority |
CN105721298A (en) * | 2016-02-19 | 2016-06-29 | 烽火通信科技股份有限公司 | Method and system for CPE (Customer Premises Equipment) to realize Internet surfing through two WAN (Wide Area Network) ports |
CN105871780A (en) * | 2015-01-21 | 2016-08-17 | 杭州迪普科技有限公司 | Method and device for sending session log |
CN106789528A (en) * | 2016-12-13 | 2017-05-31 | 上海市共进通信技术有限公司 | The method and apparatus that many bridges are surfed the Net are realized by kernel |
WO2018045724A1 (en) * | 2016-09-09 | 2018-03-15 | 中国互联网络信息中心 | Dns query forwarding method |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101316272A (en) * | 2008-07-09 | 2008-12-03 | 南京邮电大学 | Multi-protocol layer interpretation method for constructing hybrid network of internet protocol version four and version six |
CN102292961A (en) * | 2008-11-25 | 2011-12-21 | 思杰系统有限公司 | Systems and methods for applying transformations to IP addresses obtained by domain name service (DNS) |
EP2437470A1 (en) * | 2010-09-30 | 2012-04-04 | British Telecommunications Public Limited Company | Network element and method for deriving quality of service data from a distributed hierarchical naming system |
CN102739523A (en) * | 2012-06-05 | 2012-10-17 | 深圳市共进电子股份有限公司 | Method for linux kennel to position customer premises equipment (CPE) service stream types |
CN102752411A (en) * | 2012-06-29 | 2012-10-24 | 华为终端有限公司 | Redirection method and device |
-
2013
- 2013-01-07 CN CN201310003934.6A patent/CN103095608B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101316272A (en) * | 2008-07-09 | 2008-12-03 | 南京邮电大学 | Multi-protocol layer interpretation method for constructing hybrid network of internet protocol version four and version six |
CN102292961A (en) * | 2008-11-25 | 2011-12-21 | 思杰系统有限公司 | Systems and methods for applying transformations to IP addresses obtained by domain name service (DNS) |
EP2437470A1 (en) * | 2010-09-30 | 2012-04-04 | British Telecommunications Public Limited Company | Network element and method for deriving quality of service data from a distributed hierarchical naming system |
CN102739523A (en) * | 2012-06-05 | 2012-10-17 | 深圳市共进电子股份有限公司 | Method for linux kennel to position customer premises equipment (CPE) service stream types |
CN102752411A (en) * | 2012-06-29 | 2012-10-24 | 华为终端有限公司 | Redirection method and device |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104113475A (en) * | 2014-07-30 | 2014-10-22 | 深圳市共进电子股份有限公司 | Linux based home gateway network route achieving method and system |
CN104113475B (en) * | 2014-07-30 | 2018-09-11 | 深圳市共进电子股份有限公司 | The network route implementation method and system of home gateway based on Linux |
CN105871780A (en) * | 2015-01-21 | 2016-08-17 | 杭州迪普科技有限公司 | Method and device for sending session log |
CN105871780B (en) * | 2015-01-21 | 2020-01-03 | 杭州迪普科技股份有限公司 | Session log sending method and device |
CN105142183A (en) * | 2015-10-09 | 2015-12-09 | 烽火通信科技股份有限公司 | Method and system capable of automatically identifying WIFI data frame and dividing priority |
CN105142183B (en) * | 2015-10-09 | 2018-11-06 | 烽火通信科技股份有限公司 | Automatic identification WIFI data frames and the method and system for dividing priority |
CN105721298A (en) * | 2016-02-19 | 2016-06-29 | 烽火通信科技股份有限公司 | Method and system for CPE (Customer Premises Equipment) to realize Internet surfing through two WAN (Wide Area Network) ports |
CN105721298B (en) * | 2016-02-19 | 2019-05-10 | 烽火通信科技股份有限公司 | A kind of cpe device realizes the method and system of double WAN mouthfuls of online |
WO2018045724A1 (en) * | 2016-09-09 | 2018-03-15 | 中国互联网络信息中心 | Dns query forwarding method |
CN106789528A (en) * | 2016-12-13 | 2017-05-31 | 上海市共进通信技术有限公司 | The method and apparatus that many bridges are surfed the Net are realized by kernel |
Also Published As
Publication number | Publication date |
---|---|
CN103095608B (en) | 2016-06-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110999265B (en) | Managing network connectivity between cloud computing service endpoints and virtual machines | |
AU2015267341B2 (en) | Network packet encapsulation and routing | |
CN103095608B (en) | A kind of agency retransmission method of DNS data bag | |
CN109218261B (en) | Data processing method and data processing device | |
US20050058132A1 (en) | Network repeater apparatus, network repeater method and network repeater program | |
US11405314B2 (en) | Packet processing method and apparatus | |
US9197442B2 (en) | Relay apparatus and relay method | |
US8724631B2 (en) | Method, system and apparatus for transmitting data | |
CN105227466B (en) | Communication processing method and device | |
CN107147655A (en) | A kind of network dual stack parallel process model and its processing method | |
CN110011941B (en) | Message forwarding method and device | |
CN103581361A (en) | Domain name resolution proxy method, device and system | |
CN107547346A (en) | A kind of message transmitting method and device | |
CN107733765B (en) | Mapping method, system and related equipment | |
CN103368872A (en) | Data packet forwarding system and method | |
CN109076022A (en) | Network address conversion device, setting request unit, communication system, communication means and the storage medium for storing program | |
CN110247926A (en) | A kind of exchange method and system | |
CN102821055B (en) | Method for inter-board communication | |
JP2009130501A (en) | Terminating device | |
CN108737347B (en) | Data communication method, device and equipment | |
CN105939316A (en) | Message forwarding method and device | |
CN111654390B (en) | Data transmission method, device, terminal equipment and storage medium | |
CN105978957A (en) | Public network IP sharing method suitable for multiple tenants of cloud data center and device | |
CN102143246B (en) | Method for end-to-end communication between internet protocol version (IPV) 4 network and IPV6 network | |
CN100512155C (en) | Route diagnosis method for supporting tac tful route selection |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |