CN115665086A

CN115665086A - Domain name resolution method and device based on network management equipment and electronic equipment

Info

Publication number: CN115665086A
Application number: CN202211281874.XA
Authority: CN
Inventors: 范林美; 蒋宇轩; 张婷; 杨升
Original assignee: Hillstone Networks Co Ltd
Current assignee: Hillstone Networks Co Ltd
Priority date: 2022-10-19
Filing date: 2022-10-19
Publication date: 2023-01-31

Abstract

The invention discloses a domain name resolution method based on network management equipment, a device thereof and electronic equipment, wherein the resolution method comprises the following steps: receiving and analyzing a domain name request message sent by a target terminal, updating an IP tree of a domain name inlet matched with a request domain name in a preset configuration domain name tree under the condition that the request domain name is matched from the preset configuration domain name tree to obtain a first updating result, or updating a parent tree of an alias domain name inlet matched with the request domain name in the preset alias domain name tree under the condition that the request domain name is matched from the preset alias domain name tree to obtain a second updating result, and returning an IP address to the target terminal under the condition that the first updating result or the second updating result indicates that the IP address corresponding to the request domain name is newly added on the IP tree. The invention solves the technical problem that the corresponding server can not be automatically accessed through network management equipment when the request domain name has the alias domain name in the related technology.

Description

Domain name resolution method and device based on network management equipment and electronic equipment

Technical Field

The invention relates to the technical field of network management equipment, in particular to a domain name resolution method based on network management equipment, a device thereof and electronic equipment.

Background

Early internets identified a host with an IP address, which was not easily remembered. As the number of hosts in a network gradually increases, it is very difficult to identify a host by an IP address, and thus a DNS (Domain Name System) System has appeared, which identifies a host by a Domain Name that is easy to remember and records a mapping relationship between the Domain Name and the IP address.

An important function in a gateway device is policy, i.e. an administrator may configure rules to control (e.g. release, block, enter a tunnel, need authentication, etc.) traffic through the device, the matching items of each rule being source/destination address, source/destination security domain, destination domain name, service, application, etc. The configurability of the destination domain name is beneficial to improving the usability of the function, and can avoid the situation that an administrator memorizes and configures an IP address, but the configuration also provides higher challenges for the gateway equipment, and the gateway equipment is required to have the capability of learning the mapping relation between the domain name and the IP.

For example: the administrator can configure the policy: 1 allows all DNS traffic to pass through; 2, allowing www.x.com traffic to pass through; 3 the rest of the flow is not allowed to pass.

Fig. 1 is a schematic diagram of an alternative flow of user access www.x.com in the prior art, as shown in fig. 1, a user terminal sends a DNS request of a domain name to a local DNS server (i.e. a local DNS server) (step 1), the local DNS server sends the DNS request to the DNS server for resolution (step 2), the DNS server returns an IP address corresponding to the resolved domain name to the local DNS server (step 3), the local DNS server returns the IP address to the user terminal (step 4), and the above flows are DNS flows, which are released by the above policy 1; and the user terminal accesses www.x.com service server through IP address (steps 5 and 6), the gateway device needs to learn the IP address of www.x.com, and can be released normally by the policy 2, otherwise, the user terminal can only block according to the policy 3.

Besides the Policy function, other modules such as Policy Based Routing (PBR) and link load balancing module need to learn the mapping relationship between domain name and IP. Therefore, the module for learning the mapping relationship between the domain name and the IP is a basis for supporting the upper layer service module, and these modules may be referred to as a DNS snooping module (i.e. a DNS detecting module) and a DNS sniffing module.

In a DNS protocol, A records a mapping relation used for recording a domain name and an IPv4 address; the AAAA record is used for recording the mapping relation between the domain name and the IPv6 address, and the A record and the AAAA record are resource records used for learning the mapping relation between the domain name and the IP. In addition, the CNAME record is used to record the domain name alias and the mapping relationship of the domain name, and is mainly used in the following scenarios:

a) A host provides multiple services at the same time, and different domain names are displayed for the user to help the user to remember.

For example, if there is a computer named host, and its domain is h × s.com, which provides both WWW and MAIL services, two aliases (CNAME) may be set for the computer: WWW and MAIL. Com makes a record pointing to server IP, and then maps other domain names (i.e., CNAME) to domain name host.h.

host A 1.2.3.4；

WWW CNAME host；

MAIL CNAME host；

When the server IP address changes, it is not necessary to change the direction of multiple domain names (e.g., www.h s com and mail.h s com), but only to change the domain name host.h s com to the new IP of the server, and the rest of the domain names that are aliased (i.e., CNAME) will be automatically updated to the new IP.

b) Large websites employ CDN (content delivery network) solutions to increase response speed.

The basic scenario of a CDN is as follows:

1. the user terminal wants to access the domain name www.web.com, and requests a local DNS server if finding that the local DNS cache does not exist;

the local DNS server finds an authoritative DNS server which is responsible for resolving www.web.com, and the authoritative DNS server is assumed to be NSWEB;

CNAME with NSWEB setting www.web.com is www.web.51cdn.com. Suppose that domain name resolution of www.web.51cdn.com is responsible for by the intelligent DNS load balancing system NSWEB51CDN in the CDN network;

the local DNS server initiates an IP address resolution request of www.web.51cdn.com to the NSWEB51 CDN;

the NSWEB51CDN returns the IP with the fastest response speed to the local DNS (theoretically, the IP with the fastest response speed to the user terminal) to the local DNS server;

local DNS server makes local buffer store for www.web.com CNAME record and A record, and returns to end user, the return result is as follows:

www.web.com CNAME www.web.51cdn.com；

www.web.51cdn.com A 2.3.4.5；

the DNS protocol does not encourage CNAME pointing to CNAME, which may result in CNAME loop (i.e., alias rotation) that increases the processing difficulty and resolution time of the DNS system and affects the speed of the user terminal accessing the internet. In practice, there is inevitably a cascade of CNAMEs as follows:

www.web.com CNAME www.webcdn1.com；

www.web cdn1.com CNAME www.webcdn2.com；

www.web cdn2.com A 3.4.5.6；

c) There are cases where one domain name corresponds to multiple CNAMEs as follows:

www.web.com CNAME www.webcname1.com；

www.web.com CNAME www.webcname2.com

www.web.com CNAME www.webcname3.com；

this configuration enables the resolution of a domain name by the DNS server to achieve CNAME-based load balancing. As in the above example, for a request to resolve an IP address of www.web.com., the DNS server may return one of the three CNAMEs randomly or according to a certain balancing policy.

The above mentioned three cases that a plurality of domain names make CNAME pointing to the same domain name, CNAME is cascaded, and one domain name corresponds to a plurality of CNAME provide great flexibility for domain name resolution service of DNS system, as a result, the original domain name displayed to the outside and the CNAME domain name used in the DNS system share the same group of IP addresses, which brings great challenge to DNS snooping function on gateway device.

In the related art, fig. 2 is a schematic diagram of an optional workflow of a network management device according to the first prior art, and as shown in fig. 2, the network management device includes: control plane, data plane, the control plane includes: policy, DNSd; the data plane includes: DNS snooping, policy. The upper layer module initiates a policy to register domain name www.x.com (1 register domain www.x.com) to the control plane, the policy of the control plane sends register domain name www.x.com (2 register domain www.x.com) to DNSd, DNSd initiates a DNS request to DNS server 1 (3.1 DNS request. The user terminal sends a DNS request to the local DNS server (5.1 DNS request. The user terminal accesses www.x.com service server through the destination IP address (dst-IP: 3.4.5.6), but the IP address stored by the strategy of the data plane is 2.3.4.5, so the service flow is blocked by the gateway device (6 IP pak (dst-IP: 3.4.5.6)).

The DNS module in the network management equipment is responsible for converting domain names configured by other service modules into IP addresses. In implementation, the other service module registers the domain name configured by the administrator to the DNS module (DNSd in fig. 2); the DNS module is used as a DNS client, domain name inquiry is carried out regularly through a DNS server configured by gateway equipment, and the inquired IP address is notified to the corresponding service module.

However, many websites will request multiple IP addresses, and the DNS server will often use some intelligent algorithm or equalization algorithm to return IP addresses.

The intelligence/equalization algorithm used on the DNS server side can cause the following two situations to occur:

1) Different DNS clients may obtain different results when requesting the IP address of the same domain name;

2) The same DNS client may also obtain different results by requesting an IP address of a domain name multiple times.

Therefore, the IP addresses acquired by the DNS module on the gateway device and the DNS client of the user terminal may be inconsistent, and the final expression is: although the network administrator configures the device allowing the service traffic of a certain domain name to pass through, the gateway device learns that the IP address (step 3.2 in fig. 2) 2.3.4.5 does not coincide with the IP address (step 6 in fig. 2) 3.4.5.6 used when the user terminal initiates the service traffic to the domain name, so that the service traffic of step 6 in fig. 2 going to the www.x.com service server is blocked by the gateway device.

In addition, the above scheme can not effectively solve the problem that a plurality of domain names are CNAME directed to the same domain name, CNAME is cascaded, and one domain name corresponds to a plurality of CNAME.

Fig. 3 is a schematic diagram of an optional workflow of a network management device according to a second prior art, and as shown in fig. 3, the network management device includes: control plane, data plane, the control plane includes: strategy, DNSsnpd; the data plane includes: DNS snooping, policy.

In the second prior art, a function of learning a corresponding relationship between a domain name and an IP is put on a data plane, that is, an IP address learned by a gateway is guaranteed to be consistent with an IP address seen by a user terminal by analyzing a DNS reply message received by the user terminal.

As shown in fig. 3, after the policy module in

steps

1, 2, and 3 receives a configuration instruction that the network administrator needs to allow www.x.com traffic, a process of registering www.x.com to the DNSsnpd, which is issued to the DNS snooping module in the data plane (i.e., the upper layer module initiates a policy of registering domain name www.x.com (1 register domain w.x.com) to the control plane, the policy of the control plane sends registering domain name www.x.com (2 register domain w.x.com) to the DNSsnpd, and the DNSsnpd sends registering domain name www.x.com (3 register domain w.x.com) to the data plane) is performed).

Step 4 is that the DNS snooping module monitors that the IP address corresponding to the registered domain name www.x.com is 2.3.4.5, and returns the mapping relationship between www.x.com and IP address 2.3.4.5 to the policy module of the control plane, the policy module of the control plane synchronizes this IP address 2.3.4.5 to the policy module of the data plane, and after receiving the synchronization message, the policy module of the data plane adds the IP to the allowed list (i.e. the user terminal sends a DNS request to the local DNS server (4.1 DNS request is w.x.com a), the local DNS server sends a DNS request to the DNS server (4.2 DNS request w.x.com a), the DNS server returns a DNS response to the local DNS server (4.3. Response is DNS request w.x.com a 2.3.3.3.4.4.5) and the DNS response is sent to the DNS server DNS network mapping relationship between DNS network and DNS home DNS network side 2 w.3.5.4.4.4.4.4.5).

Step 5, when a message sent by the user terminal and destined to 2.3.4.5 this IP address comes to the network management device, the policy module of the data plane finds that 2.3.4.5 is in the allowed list, and allows the message to pass normally (i.e. 5IP pak (dst-IP: 2.3.4.5)).

The second prior art solves the problem that the IP address learned by the gateway is inconsistent with the IP address used by the user terminal in the first prior art, but still cannot solve the problem that the CNAME exists in the domain name.

Fig. 4 is a schematic diagram of a workflow of a network management device in the presence of a CNAME, which is optional according to a second prior art, as shown in fig. 4, the network management device includes: control plane, data plane, the control plane includes: strategy, DNSsnpd; the data plane includes: DNS snooping, policy.

As shown in fig. 4, in

steps

1, 2, 3, the upper layer module initiates a policy to register domain name www.x.com (1 register domain www.x.com) to the control plane, which sends register domain name www.x.com (2 register domain www.x.com) to DNSsnpd, which sends register domain name www.x.com (3 register domain www.x.com) to the data plane).

In step 4, the user terminal sends a DNS request (4.1 DNS request.

Since the DNS response message of step 4.3 contains 2 resource records, one is CNAME www.y.com of www.x.com, and the other is a record 2.3.4.5 of www.y.com, steps 5 to 7 notify the policy module of the data plane of the mapping relationship between www.x.com and the IP address 2.3.4.5, the policy module of the data plane will add 2.3.4.5 to the permission list (i.e. DNS mapping.

When the initiator in step 4.1 is a localDNS server, if the DNS response message with CNAME in step 4.3 is received, it will iteratively request www.y.com for IP address, as in step 4.4. Since www.y.com is not configured manually by the administrator, the DNS snooping module does not pay attention to the DNS response message of step 4.5, and there is no processing similar to steps 5 to 7.

After receiving the message of step 4.5, the localDNS server finally returns the CNAME record www.y.com and A record 3.4.5.6 of www.x.com to the end user.

The user terminal uses the IP address 3.4.5.6 to access www.x.com, the policy module of the data plane finds that the IP address is not in the allowed list, the message is discarded, and the user terminal cannot normally access www.x.com (i.e. 8IP pak (ds t-IP: 3.4.5.6)).

Although the administrator can manually configure www.x.com with CNAME domain name www.y.com, the DNS snooping module will look at www.y.com's IP address and notify the policy module of the IP address 3.4.5.6 seen in step 4.5. However, it is necessary for an administrator to be familiar with the mapping relationship between domain names in the DNS system, and manually configure a domain name allowed to pass through a device and a domain name mapped inside the DNS system by the domain name (if there are multiple levels of the CNAME domain names, it is necessary to configure each level of the CNAME domain names), so that policy control based on the domain name can be implemented. The complexity of configuring the gateway equipment is increased, and the use experience of the gateway equipment is reduced.

In view of the above problems, no effective solution has been proposed.

Disclosure of Invention

The embodiment of the invention provides a domain name resolution method based on network management equipment, a device thereof and electronic equipment, which at least solve the technical problem that the corresponding server cannot be automatically accessed through the network management equipment when an alias domain name exists in a request domain name in the related technology.

According to an aspect of the embodiments of the present invention, a domain name resolution method based on network management equipment is provided, including: receiving a domain name request message sent by a target terminal, and analyzing the domain name request message to obtain an analysis result, wherein the analysis result at least comprises: requesting a domain name; under the condition that the request domain name is matched from a preset configuration domain name tree, updating an IP tree of a domain name inlet matched with the request domain name in the preset configuration domain name tree to obtain a first updating result; or under the condition that the request domain name is matched from a preset alias domain name tree, updating a parent tree of an alias domain name inlet matched with the request domain name in the preset alias domain name tree, and updating an IP tree of each parent domain name in the parent tree to obtain a second updating result; and returning the IP address to the target terminal under the condition that the first updating result or the second updating result indicates that the IP address corresponding to the request domain name is newly added on the IP tree, wherein the target terminal accesses the server indicated by the request domain name through the IP address.

Optionally, before receiving the domain name request packet sent by the target terminal, the method further includes: receiving a domain name registration request sent by the target terminal, wherein the domain name registration request comprises: a domain name to be registered, an IP address type and a terminal identifier; responding the domain name registration request, and registering the domain name to be registered; and under the condition that the domain name to be registered is successfully registered, characterizing the domain name to be registered as the request domain name.

Optionally, before receiving the domain name request packet sent by the target terminal, the method further includes: configuring a first class domain name and a second class domain name; generating a preset configuration domain name tree based on the first class domain name and the second class domain name, wherein domain name entries in the preset configuration domain name tree are the first class domain name or derivative domain names matched with the second class domain name, each domain name entry corresponds to an IP tree, and the IP tree is used for storing an IP address of a domain name indicated by the domain name entry; acquiring a historical domain name request message, wherein the historical domain name request message carries an alias domain name of a first class of domain name or an alias domain name of a derivative domain name matched with a second class of domain name; and generating a preset alias domain name tree based on the alias domain name, wherein an alias domain name inlet in the preset alias domain name tree corresponds to a parent tree, the parent tree is used for recording a parent domain name corresponding to the alias domain name indicated by the alias domain name inlet, and each parent domain name in the parent tree corresponds to an IP tree.

Optionally, after analyzing the domain name request packet and obtaining an analysis result, the method further includes: and under the condition that the resolution result further comprises an alias record, judging whether the request domain name is matched from the preset configuration domain name tree, wherein the alias record at least comprises: a multi-level domain name; under the condition of successful matching, judging whether the multi-level domain name is stored in the preset alias domain name tree or not; under the condition that the multi-level domain name is not stored in the preset alias domain name tree, inserting the multi-level domain name into the preset alias domain name tree, and inserting the request domain name into a parent tree of an alias domain name inlet represented by the multi-level domain name; updating the survival time of the request domain name to the survival time of the father domain name of the multi-level domain name; or updating the survival time of the request domain name to the survival time of the parent domain name of the multi-level domain name under the condition that the multi-level domain name is stored in the preset alias domain name tree.

Optionally, after determining whether the requested domain name is matched from the preset configuration domain name tree, the method further includes: under the condition that the matching is unsuccessful, judging whether the request domain name is matched from the preset alias domain name tree or not; under the condition of successful matching, judging whether the multi-level domain name exists in the preset alias domain name tree or not; under the condition that the multi-level domain name does not exist in the preset alias domain name tree, inserting the multi-level domain name into the preset alias domain name tree, and inquiring all parent domain names of the request domain name from the preset alias domain name tree; adding all the parent domain names of the request domain names into a parent tree of the multi-level domain names; and under the condition that any target parent domain name of the request domain name exists in the parent tree of the multi-level domain name, updating the survival time of the target parent domain name based on the survival time of the alias record.

Optionally, after analyzing the domain name request packet and obtaining an analysis result, the method further includes: under the condition that the analysis result further comprises a preset record, judging whether the request domain name is matched from the preset configuration domain name tree or not; updating an IP tree of a domain name inlet matched with the request domain name under the condition of successful matching; under the condition that the matching is unsuccessful, judging whether the request domain name is matched from the preset alias domain name tree or not; under the condition that the request domain name is matched from the preset alias domain name tree, inquiring all parent domain names of the request domain name from the preset alias domain name tree; and traversing all the parent domain names, and updating the IP tree of each parent domain name.

Optionally, the step of updating the IP tree of the domain name entry matching the request domain name includes: judging whether the IP tree has a current IP address or not; inserting the current IP address into the IP tree if the current IP address does not exist in the IP tree; and under the condition that the current IP address exists in the IP tree, updating the survival time of the IP address which is consistent with the current IP address in the IP tree.

Optionally, the method further comprises: under the condition that the survival time of the IP address of the domain name inlet in the preset configuration domain name tree exceeds a first preset threshold value, carrying out aging treatment on the IP address; deleting the derived domain name from the preset configuration domain name tree under the condition that the domain name inlet is the derived domain name and all IP addresses in the IP tree corresponding to the derived domain name are aged; under the condition that the survival time of a parent domain name of the alias domain name inlet in the preset alias domain name tree exceeds a second preset threshold value, carrying out aging treatment on the parent domain name; and deleting the alias domain name entry from the preset alias domain name tree under the condition that all the parent domain names in the parent tree corresponding to the alias domain name entry are aged.

According to another aspect of the embodiments of the present invention, there is also provided a domain name resolution device based on a network management device, including: the analysis unit is used for receiving a domain name request message sent by a target terminal and analyzing the domain name request message to obtain an analysis result, wherein the analysis result at least comprises: requesting a domain name; the first updating unit is used for updating an IP tree of a domain name inlet matched with the request domain name in a preset configuration domain name tree under the condition that the request domain name is matched in the preset configuration domain name tree to obtain a first updating result; or, the second updating unit is configured to, in a case that the request domain name is matched from a preset alias domain name tree, update a parent tree of an alias domain name entry in the preset alias domain name tree, which is matched with the request domain name, and update an IP tree of each parent domain name in the parent tree, to obtain a second update result; and a returning unit, configured to return the IP address to the target terminal when the first update result or the second update result indicates that an IP address corresponding to the request domain name is newly added to the IP tree, where the target terminal accesses the server indicated by the request domain name through the IP address.

Optionally, the parsing apparatus further includes: a first receiving module, configured to receive a domain name registration request sent by a target terminal before receiving a domain name request packet sent by the target terminal, where the domain name registration request includes: a domain name to be registered, an IP address type and a terminal identification; the first response module is used for responding to the domain name registration request and registering the domain name to be registered; and the first characterization module is used for characterizing the domain name to be registered as the request domain name under the condition that the domain name to be registered is successfully registered.

Optionally, the parsing apparatus further includes: the first configuration module is used for configuring a first domain name and a second domain name before receiving a domain name request message sent by a target terminal; a first generating module, configured to generate a preset configuration domain name tree based on the first class domain name and the second class domain name, where a domain name entry in the preset configuration domain name tree is the first class domain name or a derivative domain name matched with the second class domain name, each domain name entry corresponds to an IP tree, and the IP tree is used to store an IP address of a domain name indicated by the domain name entry; the system comprises a first acquisition module, a second acquisition module and a third acquisition module, wherein the first acquisition module is used for acquiring a historical domain name request message, and the historical domain name request message carries an alias domain name of a first class of domain name or an alias domain name of a derivative domain name matched with a second class of domain name; and the second generation module is used for generating a preset alias domain name tree based on the alias domain name, wherein a parent tree is corresponding to an alias domain name inlet in the preset alias domain name tree, the parent tree is used for recording a parent domain name corresponding to the alias domain name indicated by the alias domain name inlet, and each parent domain name in the parent tree corresponds to an IP tree.

Optionally, the parsing apparatus further includes: a first determining module, configured to determine, after the domain name request packet is analyzed to obtain an analysis result, whether the requested domain name is matched from the preset configuration domain name tree under the condition that the analysis result further includes an alias record, where the alias record at least includes: a multi-level domain name; the second judging module is used for judging whether the multi-level domain name is stored in the preset alias domain name tree or not under the condition of successful matching; the first inserting module is used for inserting the multi-level domain name into the preset alias domain name tree and inserting the request domain name into a parent tree of an alias domain name inlet represented by the multi-level domain name under the condition that the multi-level domain name is not stored in the preset alias domain name tree; the first updating module is used for updating the survival time of the request domain name to the survival time of a parent domain name of the multi-level domain name; and the second updating module is used for updating the survival time of the request domain name to the survival time of the parent domain name of the multi-level domain name under the condition that the multi-level domain name is stored in the preset alias domain name tree.

Optionally, the parsing apparatus further includes: a third determining module, configured to determine whether the request domain name is matched from the preset alias domain name tree or not, if the matching is unsuccessful after determining whether the request domain name is matched from the preset configuration domain name tree or not; a fourth judging module, configured to, in a case that matching is successful, judge whether the multi-level domain name exists in the preset alias domain name tree; a second inserting module, configured to insert the multi-level domain name into the preset alias domain name tree and query all parent domain names of the requested domain name from the preset alias domain name tree when the multi-level domain name does not exist in the preset alias domain name tree; a first adding module, configured to add all the parent domain names of the requested domain names to a parent tree of the multi-level domain names; and the third updating module is used for updating the survival time of the target parent domain name based on the survival time of the alias record under the condition that any target parent domain name of the request domain name exists in the parent tree of the multi-level domain name.

Optionally, the parsing apparatus further includes: a fifth judging module, configured to, after analyzing the domain name request packet to obtain an analysis result, judge whether the request domain name is matched from the preset configuration domain name tree or not when the analysis result further includes a preset record; the fourth updating module is used for updating the IP tree of the domain name inlet matched with the request domain name under the condition of successful matching; a sixth determining module, configured to determine whether the request domain name is matched from the preset alias domain name tree or not in the case that matching is unsuccessful; the first query module is used for querying all parent domain names of the request domain names from the preset alias domain name tree under the condition that the request domain names are matched from the preset alias domain name tree; and the fifth updating module is used for traversing all the parent domain names and updating the IP tree of each parent domain name.

Optionally, the fourth updating module includes: the first judgment sub-module is used for judging whether the current IP address exists in the IP tree or not; a first inserting sub-module, configured to insert the current IP address into the IP tree when the current IP address does not exist in the IP tree; and the first updating submodule is used for updating the survival time of the IP address which is consistent with the current IP address in the IP tree under the condition that the current IP address exists in the IP tree.

Optionally, the parsing apparatus further includes: the first processing module is used for carrying out aging processing on the IP address under the condition that the survival time of the IP address of the domain name inlet in the preset configuration domain name tree exceeds a first preset threshold value; a first deleting module, configured to delete the derived domain name from the preset configuration domain name tree when the domain name entry is the derived domain name and all IP addresses in the IP tree corresponding to the derived domain name are subjected to aging processing; the second processing module is used for carrying out aging processing on the parent domain name under the condition that the survival time of the parent domain name of the alias domain name inlet in the preset alias domain name tree exceeds a second preset threshold value; a second deleting module, configured to delete the alias domain name entry from the preset alias domain name tree when all the parent domain names in the parent tree corresponding to the alias domain name entry are aged.

According to another aspect of the embodiments of the present invention, there is also provided an electronic device, including one or more processors and a memory, where the memory is used to store one or more programs, and when the one or more programs are executed by the one or more processors, the one or more processors are enabled to implement the above-mentioned domain name resolution method based on a network management device.

In the disclosure, a domain name request message sent by a target terminal is received, the domain name request message is analyzed to obtain an analysis result, an IP tree of a domain name inlet matched with a request domain name in a preset configuration domain name tree is updated to obtain a first update result under the condition that the request domain name is matched from the preset configuration domain name tree, or a parent tree of an alias domain name inlet matched with the request domain name in the preset alias domain name tree is updated under the condition that the request domain name is matched from the preset alias domain name tree, an IP tree of each parent domain name in the parent tree is updated to obtain a second update result, and an IP address is returned to the target terminal under the condition that the first update result or the second update result indicates that an IP address corresponding to the request domain name is newly added to the IP tree.

In the disclosure, the resolved request domain name may be matched with a domain name in a preset configuration domain name tree, after matching is successful, the IP address resolved by the DNS server may be updated to the IP tree of the domain name entry in the preset configuration domain name tree that is matched with the request domain name, if the request domain name is successfully matched with the domain name row in the preset alias domain name tree, the request domain name is updated to the parent tree of the alias domain name entry that is matched, and the IP address resolved by the DNS server is updated to the IP tree of each parent domain name in the parent tree, so that the IP address corresponding to the request domain name can also correspond to the alias domain name of the request domain name, thereby ensuring that the target terminal can automatically access the corresponding server by using the newly added IP address, and further solving the technical problem that the corresponding server cannot be automatically accessed by the network management device when the request domain name exists in the related art.

Drawings

The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:

FIG. 1 is a schematic diagram of an alternative user access www.x.com flow in accordance with the prior art;

fig. 2 is a schematic diagram of an alternative network management device workflow according to the prior art one;

fig. 3 is a schematic diagram of an alternative network management device workflow according to the second prior art;

fig. 4 is a schematic diagram of the workflow of the network management device in the presence of an optional CNAME according to the second prior art;

fig. 5 is a flowchart of an alternative domain name resolution method based on a network management device according to an embodiment of the present invention;

fig. 6 is a schematic diagram of an alternative network management device structure according to an embodiment of the present invention;

FIG. 7 is a schematic diagram of an alternative process for updating an IP tree, according to an embodiment of the invention;

fig. 8 is a schematic diagram of an optional processing procedure of the configured domain name IP update module and the CNAME domain name parent update module according to the embodiment of the present invention;

FIG. 9 is a schematic diagram of an alternative distributed processing flow according to an embodiment of the invention;

FIG. 10 is a schematic diagram of an alternative application scenario in accordance with an embodiment of the present invention;

fig. 11 is a schematic diagram of an alternative domain name resolution device based on a network management device according to an embodiment of the present invention.

Detailed Description

In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, shall fall within the protection scope of the present invention.

It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.

The invention provides a method for gateway equipment capable of automatically sensing the corresponding relation between a domain name and an alias domain name in a DNS (domain name system) and the corresponding relation between the domain name and an IP (Internet protocol) address, which can use a configuration domain name tree to store the configured precise domain name or a derivative domain name capable of being matched with a wildcard domain name, wherein each domain name inlet maintains an IP tree and can store the IP address corresponding to the domain name. The alias domain name tree may be used to store alias domain names of precise domain names or derivative domain names learned according to the DNS packet, and each alias domain name entry may maintain a parent tree for recording which precise domain names or derivative domain names correspond to the alias domain name. And when the gateway equipment is a distributed system, the DNS domain name resolution can be carried out by adopting the service card and the master control card. The service card is used for analyzing the DNS response message passing through, reporting the IP address and the alias domain name of the request domain name needing attention to the main control card, the main control card receives the message of the service card, finishing updating the IP tree in the configuration domain name tree and the parent tree in the alias domain name tree, finishing message reporting to a policy module of a control plane, and the main control card can also issue the alias domain name needing attention to the service card to all the service cards.

The method for gateway equipment capable of automatically sensing the corresponding relation between the domain name and the alias domain name in the DNS system and the corresponding relation between the domain name and the IP address can solve the following problems: (1) When a domain name is mapped to a CNAME domain name through a CNAME record in a DNS system and then the CNAME domain name is used as an A/AAAA record to point to an IP address, gateway equipment can learn the CNAME domain name and the A/AAAA record of the domain name in the DNS system by analyzing a DNS message, so that the IP address of the domain name can be accurately acquired; (2) The work can also be well finished in the scenes that a plurality of domain names point to the same domain name by performing CNAME, CNAME cascade connection, one domain name corresponds to a plurality of CNAME and the like.

The present invention will be described in detail with reference to examples.

Example one

According to an embodiment of the present invention, there is provided an embodiment of a domain name resolution method based on a network management device, it should be noted that the steps shown in the flowchart of the drawings may be executed in a computer system such as a set of computer executable instructions, and although a logical order is shown in the flowchart, in some cases, the steps shown or described may be executed in an order different from that here.

Fig. 5 is a flowchart of an optional domain name resolution method based on a network management device according to an embodiment of the present invention, and as shown in fig. 5, the method includes the following steps:

step S501, receiving a domain name request message sent by a target terminal, and analyzing the domain name request message to obtain an analysis result, where the analysis result at least includes: a domain name is requested.

Step S502, under the condition that the request domain name is matched from the preset configuration domain name tree, updating an IP tree of a domain name inlet matched with the request domain name in the preset configuration domain name tree to obtain a first updating result.

Step S503, when the request domain name is matched from the preset alias domain name tree, updating a parent tree of the alias domain name entry matched with the request domain name in the preset alias domain name tree, and updating an IP tree of each parent domain name in the parent tree to obtain a second update result.

Step S504, when the first update result or the second update result indicates that the IP address corresponding to the request domain name is newly added on the IP tree, the IP address is returned to the target terminal, wherein the target terminal accesses the server indicated by the request domain name through the IP address.

Through the steps, a domain name request message sent by a target terminal can be received, the domain name request message is analyzed to obtain an analysis result, under the condition that the request domain name is matched from the preset configuration domain name tree, the IP tree of a domain name inlet matched with the request domain name in the preset configuration domain name tree is updated to obtain a first update result, or under the condition that the request domain name is matched from the preset alias domain name tree, the parent tree of an alias domain name inlet matched with the request domain name in the preset alias domain name tree is updated, the IP tree of each parent domain name in the parent tree is updated to obtain a second update result, and under the condition that the first update result or the second update result indicates that an IP address corresponding to the request domain name is newly added to the IP tree, the IP address is returned to the target terminal. In the embodiment of the invention, the resolved request domain name can be matched with the domain name in the preset configuration domain name tree, the IP address resolved by the DNS server can be updated to the IP tree of the domain name entry matched with the request domain name in the preset configuration domain name tree after the matching is successful, the request domain name is updated to the parent tree of the matched alias domain name entry if the matching of the request domain name and the domain name row in the preset alias domain name tree is successful, and the IP address resolved by the DNS server is updated to the IP tree of each parent domain name in the parent tree, so that the IP address corresponding to the request domain name can be simultaneously corresponding to the alias domain name of the request domain name, the target terminal is ensured to automatically access the corresponding server by adopting the newly added IP address, and the technical problem that the corresponding server cannot be automatically accessed by network management equipment when the alias domain name exists in the request domain name in the related technology is solved.

The following will explain the embodiments of the present invention in detail with reference to the above steps.

Fig. 6 is a schematic diagram of an alternative network management device structure according to an embodiment of the present invention, as shown in fig. 6, including: control plane, data plane, wherein, the control plane includes: a DNSsnpd module, the DNSsnpd module comprising: modules for registration management, IP reporting and the like; the data plane includes: a DNS snooping module, the DNS snooping module comprising: modules for configuration management, message analysis, domain name matching, IP address reporting, configured domain name IP updating, CNAME domain name father updating, aging and the like.

Optionally, before receiving the domain name request packet sent by the target terminal, the method further includes: receiving a domain name registration request sent by a target terminal, wherein the domain name registration request comprises: a domain name to be registered, an IP address type and a terminal identification; responding to the domain name registration request, and registering the domain name to be registered; and under the condition that the domain name to be registered is successfully registered, representing the domain name to be registered as a request domain name.

In this embodiment of the present invention, the DNSsnpd module of the control plane may provide a uniform API (application Programming Interface), and receive a registration request of each upper module (i.e., receive a domain name registration request sent by a target terminal), where the domain name registration request includes: the domain name to be registered (which may be an accurate domain name or a wildcard domain name), the IP address type, and the terminal identifier (i.e., the upper module ID), and the domain name to be registered and the IP address type are sent to the DNS snooping module of the data plane, so as to register the domain name to be registered (i.e., respond to a domain name registration request, register the domain name to be registered), and when the domain name to be registered is successfully registered, characterize the domain name to be registered as a request domain name.

In this embodiment, after receiving the IP address reporting message of the DNS snooping module, the IP reporting module may add or delete the IP address of the domain name, and send the message to the upper module in which the domain name is registered.

Optionally, before receiving the domain name request packet sent by the target terminal, the method further includes: configuring a first class domain name and a second class domain name; generating a preset configuration domain name tree based on the first class domain name and the second class domain name, wherein domain name entries in the preset configuration domain name tree are the first class domain name or derivative domain names matched with the second class domain name, each domain name entry corresponds to an IP tree, and the IP tree is used for storing an IP address of a domain name indicated by the domain name entry; acquiring a historical domain name request message, wherein the historical domain name request message carries an alias domain name of a first class of domain name or an alias domain name of a derivative domain name matched with a second class of domain name; and generating a preset alias domain name tree based on the alias domain name, wherein a parent tree is corresponding to an alias domain name inlet in the preset alias domain name tree, the parent tree is used for recording a parent domain name corresponding to the alias domain name indicated by the alias domain name inlet, and each parent domain name in the parent tree corresponds to an IP tree.

In the embodiment of the present invention, a configured domain name tree and a CNAME domain name tree (i.e. an alias domain name tree, specifically: a precisely configured domain name (i.e. a first class of domain names) or a wildcard domain name (i.e. a second class of domain names) similar to the precisely configured domain name (i.e. a first class of domain names) or h.

In this embodiment, the configured domain name tree may be generated based on the first-class domain name and the second-class domain name, entries in the configured domain name tree are configured accurate domain names or derived domain names that can be matched with the upper wildcard domain name (that is, domain name entries in the preset configured domain name tree are the first-class domain name or derived domain names that are matched with the second-class domain name), and each entry maintains an IP tree for storing an IP address corresponding to the domain name (that is, each domain name entry corresponds to an IP tree, and the IP tree is used to store an IP address of a domain name indicated by the domain name entry).

In this embodiment, a history domain name request packet may be obtained, where the history domain name request packet carries an alias domain name of the first class of domain name or an alias domain name of a derivative domain name matched with the second class of domain name, and then a preset alias domain name tree may be generated based on the alias domain name. The alias domain name tree is used for storing the CNAME domain names of the precise domain names or the derivative domain names learned according to the DNS packet, each CNAME domain name entry maintains a parent tree to record which precise domain names or derivative domain names it corresponds to (i.e., the alias domain name entry in the preset alias domain name tree corresponds to the parent tree, and the parent tree is used for recording the parent domain name corresponding to the alias domain name indicated by the alias domain name entry), and each parent domain name in the parent tree corresponds to an IP tree.

In this embodiment, the precise domain name may be inserted into the configured domain name table (i.e., configured domain name tree) through the configuration management module, the wildcard domain name may be written into the linked list for storage, and the wildcard domain name may also be compiled into a hyperscan db (i.e., a regular matching library), so as to improve the speed of the message parsing module in matching the domain name.

In this embodiment, the domain name matching may be performed by the domain name matching module, and the domain name may be first searched in the configured domain name table (for example, the search may be performed by using a red-black tree, which is relatively fast), and then whether the requested domain name can be matched with the configured wildcard domain name may be searched in the hyperscan db, and if the requested domain name can be matched with the wildcard domain name, the requested domain name is marked as a derived domain name and then inserted into the configured domain name table, so as to accelerate the subsequent search rate.

In the embodiment of the invention, the network management equipment can receive the domain name request message sent by the target terminal and analyze the domain name request message to obtain the requested domain name.

Optionally, after analyzing the domain name request packet and obtaining an analysis result, the method further includes: and under the condition that the resolution result further comprises an alias record, judging whether the request domain name is matched from a preset configuration domain name tree, wherein the alias record at least comprises: a multi-level domain name; under the condition of successful matching, judging whether the multi-level domain name is stored in a preset alias domain name tree or not; under the condition that the multi-level domain name is not stored in a preset alias domain name tree, inserting the multi-level domain name into the preset alias domain name tree, and inserting the request domain name into a parent tree of an alias domain name inlet represented by the multi-level domain name; updating the survival time of the request domain name to the survival time of the parent domain name of the multi-level domain name; or, in the case that the multi-level domain name is stored in the preset alias domain name tree, updating the lifetime of the request domain name to the lifetime of the parent domain name of the multi-level domain name.

In the embodiment of the present invention, when the domain name request packet is analyzed to have alias records (i.e., CNAME records, where multi-level domain names are recorded) (i.e., when the analysis result further includes alias records), whether a requested domain name is matched from a preset configuration domain name tree may be determined, if the matching is successful, whether the multi-level domain name is stored in the preset alias domain name tree may be determined, if the multi-level domain name is not stored in the preset alias domain name tree, the multi-level domain name is inserted into the preset alias domain name tree, and the requested domain name is inserted into a parent tree of an alias domain name entry represented by the multi-level domain name (i.e., when the requested domain name of the packet can be matched to a configuration domain name (an accurate domain name or a wildcard domain name), the multi-level domain name is added into a CNAME domain name table, and the requested domain name is inserted into the parent tree of the multi-level domain name), and then the lifetime of the requested domain name may be updated to the lifetime of the parent domain name of the multi-level domain name; and under the condition that the multi-level domain name is stored in the preset alias domain name tree, updating the survival time of the request domain name into the survival time of the parent domain name of the multi-level domain name.

In this embodiment, when the requested domain name already exists in the parent tree of the multi-level domain name, whether the TTL value of the requested domain name needs To be increased may be determined according To a TTL value (Time To Live value) recorded in the message CNAME.

In this embodiment, it is assumed that when an IP address of www.h × s is requested, the DNS reply message includes the following CNAME record: com, and hostcdn. H.s.com. Are RR domain names (i.e., multi-level domain names). Namely, it is

www.hh**s**.com CNAME host.h**s**.com；

host.h**s**.com CNAME hostcdn.h**s**.com。

Optionally, after determining whether the requested domain name is matched from the preset configuration domain name tree, the method further includes: under the condition of unsuccessful matching, judging whether the request domain name is matched from a preset alias domain name tree or not; under the condition of successful matching, judging whether the multi-level domain name exists in a preset alias domain name tree or not; under the condition that the multi-level domain name does not exist in the preset alias domain name tree, inserting the multi-level domain name into the preset alias domain name tree, and inquiring all parent domain names of the request domain name from the preset alias domain name tree; adding all father domain names of the requested domain names into a father tree of the multi-level domain names; and under the condition that any target parent domain name of the request domain name exists in the parent tree of the multi-level domain name, updating the survival time of the target parent domain name based on the survival time of the alias record.

In the embodiment of the invention, if the request domain name is not matched in the preset configuration domain name tree, whether the request domain name is matched in the preset alias domain name tree or not is judged, if the matching is successful, whether the multi-level domain name exists in the preset alias domain name tree or not is judged, if the multi-level domain name does not exist in the preset alias domain name tree, the multi-level domain name is inserted into the preset alias domain name tree, all parent domain names of the request domain name are inquired from the preset alias domain name tree, and then all the parent domain names of the request domain name are added into the parent tree of the multi-level domain name (namely, if the configured domain name has CNAME cascade in the DNS system, the multi-level domain name is added into a CNAME domain name table, and all the parent of the request domain name are added into the parent tree of the multi-level domain name). And under the condition that any target parent domain name requesting the domain name already exists in the parent tree of the multi-level domain name, updating the survival time of the target parent domain name based on the survival time of the alias record (namely, if a certain parent domain name already exists in the parent tree of the multi-level domain name, determining whether the TTL value of the parent domain name needs to be increased according to the TTL value recorded by the current CNAME of the message).

Optionally, after analyzing the domain name request packet and obtaining an analysis result, the method further includes: under the condition that the analysis result also comprises a preset record, judging whether the request domain name is matched from a preset configuration domain name tree or not; updating the IP tree of the domain name inlet matched with the request domain name under the condition of successful matching; under the condition of unsuccessful matching, judging whether the request domain name is matched from a preset alias domain name tree or not; under the condition that the request domain name is matched from the preset alias domain name tree, inquiring all parent domain names of the request domain name from the preset alias domain name tree; and traversing all the parent domain names, and updating the IP tree of each parent domain name.

In the embodiment of the present invention, if the resolved domain name request packet includes a preset record (i.e., an a/AAAA record), it may be determined whether the requested domain name is matched from a preset configuration domain name tree, and when the requested domain name is in the configuration domain name tree, the IP tree of the requested domain name entry is updated (i.e., the IP tree of the domain name entry matched with the requested domain name is updated in case of successful matching). When the request domain name is in the CNAME domain name tree, traversing the parent tree of the request domain name entry, and updating the IP tree of each parent (namely, judging whether the request domain name is matched from the preset alias domain name tree or not in the case of unsuccessful matching, and inquiring all the parent domain names of the request domain name from the preset alias domain name tree, traversing all the parent domain names, and updating the IP tree of each parent domain name in the case of matching the request domain name from the preset alias domain name tree).

Optionally, the step of updating the IP tree of the domain name entry matching the request domain name includes: judging whether the IP tree has a current IP address or not; under the condition that the current IP address does not exist in the IP tree, inserting the current IP address into the IP tree; and updating the survival time of the IP address consistent with the current IP address in the IP tree under the condition that the current IP address exists in the IP tree.

In the embodiment of the present invention, the step of updating the IP tree specifically includes: whether the current IP address exists in the IP tree or not can be judged, and if the current IP address does not exist in the IP tree, the current IP address is inserted into the IP tree; and if the IP tree has the current IP address, updating the survival time of the IP address which is consistent with the current IP address in the IP tree.

Fig. 7 is a schematic diagram of an optional IP tree updating process according to an embodiment of the present invention, as shown in fig. 7, after finding the entry of the requested domain name, determining whether the corresponding IP tree has a current IP address, and if yes, updating the TTL value of the IP address in the IP tree, which is consistent with the current IP address; otherwise, an IP is created and inserted into the IP tree.

Fig. 8 is a schematic diagram of a processing procedure of an optional configured domain name IP update module and a CNAME domain name parent update module according to an embodiment of the present invention, and as shown in fig. 8, a requested domain name in a domain name request message is analyzed, and it is determined whether the requested domain name matches the configured domain name/CNAME domain name, if matching is successful, a processing procedure in which the message has an a/AAAA record is entered, otherwise, the processing procedure is directly ended.

The processing process of the message with A/AAAA record is as follows: judging whether the response part contains A/AAAA records, if not, directly entering a processing process that the message contains CNAME records and requests the domain name to be matched with the configuration domain name; otherwise, judging whether the request domain name is successfully matched with the configuration domain name, and if so, updating the IP tree of the domain name inlet matched with the request domain name; if not, judging whether the request domain name is successfully matched with the CNAME domain name, if so, inquiring all parent domain names of the request domain name from the alias domain name tree, traversing all the parent domain names, and updating the IP tree of each parent domain name; and if the request domain name is not successfully matched with the CNAME domain name, directly entering a processing process that the message has a CNAME record and the request domain name is matched with the configuration domain name.

The message has CNAME records, and the processing procedure of requesting the domain name to match the configuration domain name is as follows: judging whether the response part contains CNAME records, if not, directly ending, otherwise, judging whether the request domain name is successfully matched with the configuration domain name, if not, directly entering a processing process that the message contains CNAME records and the request domain name is matched with the CNAME domain name; if the request domain name is successfully matched with the configuration domain name, judging whether the multi-level domain name is stored in the alias domain name tree, and if the multi-level domain name is stored in the alias domain name tree, updating the survival time of the request domain name to the survival time of a parent domain name of the multi-level domain name; if the multi-level domain name is not stored in the alias domain name tree, inserting the multi-level domain name into the alias domain name tree, inserting the request domain name into a parent tree of an alias domain name inlet represented by the multi-level domain name, updating the survival time of the request domain name into the survival time of the parent domain name of the multi-level domain name, then directly entering a processing process that a message has a CNAME record and the request domain name is matched with the CNAME domain name.

The message has a CNAME record, and the processing procedure of requesting the domain name to match the CNAME domain name is as follows: judging whether the request domain name is successfully matched with the CNAME domain name or not, if so, judging whether the multi-level domain name is stored in an alias domain name tree or not, if so, inquiring all parent domain names of the request domain name from the alias domain name tree, traversing the found parent domain names, judging whether the parent domain names exist in the parent tree of the multi-level domain name or not, if so, updating the survival time of the parent domain names based on the survival time of alias records, otherwise, inserting the parents into the parent tree of the multi-level domain name; if the multi-level domain name is not stored in the alias domain name tree, inserting the multi-level domain name into the alias domain name tree, and then performing a subsequent process of inquiring all parent domain names of the request domain name from the alias domain name tree; and if the request domain name does not successfully match the CNAME domain name, directly ending.

Step S502, under the condition that the request domain name is matched from the preset configuration domain name tree, updating the IP tree of the domain name inlet matched with the request domain name in the preset configuration domain name tree to obtain a first updating result.

In the embodiment of the present invention, if the requested domain name can be matched with the configured domain name in the preset configured domain name tree, the IP address resolved by the DNS server may be updated to the IP tree of the domain name entry matched with the requested domain name in the preset configured domain name tree, so as to obtain the first update result.

In the embodiment of the present invention, if the request domain name can be matched with the alias domain name in the preset alias domain name tree, the request domain name may be updated to the parent tree of the matched alias domain name entry, and the IP address resolved by the DNS server is updated to the IP tree of each parent domain name in the parent tree, so as to obtain the second update result. Therefore, the analyzed IP address corresponding to the request domain name can also correspond to the alias domain name of the request domain name.

In the embodiment of the present invention, if the first update result or the second update result indicates that an IP address corresponding to the requested domain name is newly added to the IP tree, the IP address may be returned to the target terminal, and then the target terminal may access the server indicated by the requested domain name through the IP address. If the first update result or the second update result indicates that the resolved IP address already exists on the IP tree, the target terminal may directly access the server indicated by the request domain name using the IP address.

In the embodiment of the invention, in order to reduce the communication traffic from the data plane to the control plane, only when the number of the IP requesting the domain name is increased, the IP address reporting module notifies the increased IP address to the DNSsnpd module, and in order to ensure that the communication traffic does not burst, a newly increased notification message can be added into a linked list, and the rate is limited to be sent out in daily tasks.

Optionally, under the condition that the lifetime of the IP address of the domain name entry in the preset configuration domain name tree exceeds a first preset threshold, performing aging processing on the IP address; deleting the derived domain name from a preset configuration domain name tree under the condition that the domain name inlet is the derived domain name and all IP addresses in an IP tree corresponding to the derived domain name are subjected to aging treatment; under the condition that the survival time of a parent domain name of an alias domain name inlet in a preset alias domain name tree exceeds a second preset threshold value, carrying out aging treatment on the parent domain name; and under the condition that all the parent domain names in the parent tree corresponding to the alias domain name entry are aged, deleting the alias domain name entry from the preset alias domain name tree.

In the embodiment of the invention, the aging of the configuration domain name tree and the aging of the father in the CNAME domain name tree can be carried out through the aging module.

For the aging of the configured domain name tree, in a daily task, the aging of the IP address of each entry in the configured domain name tree can be added, the aging time depends on the TTL value of the IP address (that is, when the lifetime of the IP address of a domain name entry in the preset configured domain name tree exceeds a first preset threshold, the IP address is aged), when the IP address is aged, an aging message is reported to the DNSsnpd module, and the DNSsnpd module receives the message and then notifies the upper layer registration module concerning the domain name.

In this embodiment, when all IP addresses of a certain derived domain name have been aged, the derived domain name is deleted from the configured domain name tree (that is, the derived domain name is deleted from the preset configured domain name tree under the condition that the domain name entry is the derived domain name and all IP addresses in the IP tree corresponding to the derived domain name are aged), and in addition, the accurate domain name entry is not aged.

For the aging of the father in the CNAME domain name tree, in a daily task, the aging of the father of each entry in the CNAME domain name tree can be added, the aging time depends on the TTL value of the father (that is, when the lifetime of the father domain name of the alias domain name entry in the preset alias domain name tree exceeds a second preset threshold, the father domain name is aged), and when all the fathers of a certain entry are aged, the entry is deleted from the CNAME domain name tree (that is, when all the father domain names in the father tree corresponding to the alias domain name entry are aged, the alias domain name entry is deleted from the preset alias domain name tree).

The network management device proposed in this embodiment can also be used for distributed processing, and fig. 9 is a schematic diagram of an optional distributed processing flow according to an embodiment of the present invention, as shown in fig. 9, including: the system comprises a plurality of service cards and a master control card, wherein each service card comprises: DNS snooping, the master control card includes: upper module, DNSsnpd, DNS snooping.

When a plurality of service cards exist in the gateway device, the service cards are only responsible for resolving the passing DNS reply messages (e.g. 1w.a.com IP; and the master control card finishes updating the IP tree in the configuration domain name table and the parent tree in the CNAME domain name table and finishes reporting the DNSsnpd message.

In addition, in order to enable all the service cards to pay attention to the CNAME domain name, when the master control card receives the CNAME domain name report of a single service card for the first time, the CNAME domain name (carrying a TTL value) is issued to all the service cards so as to know that all the service cards pay attention to the IP address and the CNAME domain name of the CNAME domain name (for example, 3w.c. com party w.a.com in fig. 9); when the master control card finds that the TTL of the CNAME domain name is prolonged, broadcast messages can be sent to all the service cards. And, in order to reduce the unnecessary message between main control card and business card, every business card ages the entry in CNAME domain name tree according to the TTL value of CNAME domain name.

In this embodiment, when one domain name has the following three CNAME conditions, the network management device in this embodiment can solve the following problems:

(1) And a plurality of configured domain names are CNAME domain names pointing to the same CNAME domain name.

When the mapping relation between the domain name 1 and the CNAME domain name is analyzed through the DNS response message, the domain name 1 is added into a parent tree of the CNAME domain name, and when the mapping relation between the domain name 2 and the CNAME domain name is analyzed, the domain name 2 is also added into the parent tree of the CNAME domain name. When the CNAME domain name discovers an IP address, it will traverse the parent tree, informing

domain names

1 and 2 of the IP address.

(2) There is a CNAME cascade for the configured domain name.

When the domain name has a CNAME cascade condition, such as:

A CNAME C1；C1 CNAME C2；C2 A IP1；

c1, C2 are added to the CNAME domain name tree, and both parent trees of C1, C2 have a, and when C1 or C2 finds an IP address, it will notify the IP address to a.

(3) The configuration domain name corresponds to a plurality of CNAMEs. Such as:

A CNAME C1；A CNAME C2；

The following description is made in conjunction with a certain application scenario.

Fig. 10 is a schematic diagram of an alternative application scenario according to an embodiment of the present invention, as shown in fig. 10, when a user accesses a service server through a firewall, multiple links may be selected (for example, link1, link2, and the like), and the user desires to access a traffic of "test. Com traffic destined for test is directed to link1 by the firewall configuration policy routing (i.e., PBR module). Com, DNS flow passes through firewall, DNS server detects DNS response message, obtains IP of com and stores mapping relation, and returns IP to PBR module. After the user acquires the IP, when the user uses the IP to access the service server, the strategy route is matched, and the flow is guided to link1.

In the embodiment of the invention, a method for performing traffic processing for configured domain names for gateway equipment is provided, when a network administrator wants to perform traffic processing for some domain names, the network administrator only needs to configure domain names externally shown by a DNS system without concerning the domain name mapping relation in the DNS system. And by analyzing the DNS response message, the CNAME for configuring the domain name is learned, and after the CNAME acquires the IP address, the mapping relation between the IP address and the configured domain name can be notified to the service module. Meanwhile, the method can work well when a plurality of configured domain names are used for indicating the same CNAME domain name as the CNAME, the configured domain names have CNAME cascade connection, the configured domain names correspond to a plurality of CNAME and the like. In addition, distributed systems may also be supported.

The following is a detailed description of another embodiment.

Example two

The domain name resolution device based on the network management equipment provided in this embodiment includes multiple implementation units, and each implementation unit corresponds to each implementation step in the first embodiment.

Fig. 11 is a schematic diagram of an optional domain name resolution device based on a network management device according to an embodiment of the present invention, and as shown in fig. 11, the resolution device may include: a parsing unit 110, a first updating unit 111, a second updating unit 112, a returning unit 113, wherein,

the parsing unit 110 is configured to receive a domain name request packet sent by a target terminal, and parse the domain name request packet to obtain a parsing result, where the parsing result at least includes: requesting a domain name;

a first updating unit 111, configured to update an IP tree of a domain name entry in the preset configuration domain name tree, which is matched with the request domain name, to obtain a first updating result when the request domain name is matched in the preset configuration domain name tree; alternatively, the first and second electrodes may be,

a second updating unit 112, configured to update a parent tree of an alias domain name entry in the preset alias domain name tree, which is matched with the request domain name, and update an IP tree of each parent domain name in the parent tree, to obtain a second update result, when the request domain name is matched in the preset alias domain name tree;

a returning unit 113, configured to return the IP address to the target terminal when the first update result or the second update result indicates that the IP address corresponding to the request domain name is newly added to the IP tree, where the target terminal accesses the server indicated by the request domain name through the IP address.

The above-mentioned resolution apparatus may receive, by the resolution unit 110, a domain name request packet sent by a target terminal, and resolve the domain name request packet to obtain a resolution result, and update, by the first updating unit 111, an IP tree of a domain name entry in the preset configuration domain name tree that matches the requested domain name to obtain a first update result in a case where the requested domain name is matched from the preset configuration domain name tree, or update, by the second updating unit 112, a parent tree of an alias domain name entry in the preset alias domain name tree that matches the requested domain name and update an IP tree of each parent domain name in the parent tree to obtain a second update result in a case where the first update result or the second update result indicates that an IP address corresponding to the requested domain name is newly added to the IP tree, and return, by the returning unit 113, the IP address to the target terminal in a case where the first update result or the second update result indicates that an IP address corresponding to the requested domain name is newly added to the IP tree. In the embodiment of the invention, the resolved request domain name can be matched with the domain name in the preset configuration domain name tree, the IP address resolved by the DNS server can be updated to the IP tree of the domain name inlet matched with the request domain name in the preset configuration domain name tree after the matching is successful, the request domain name is updated to the parent tree of the matched alias domain name inlet if the matching of the request domain name with the domain name row in the preset alias domain name tree is successful, and the IP address resolved by the DNS server is updated to the IP tree of each parent domain name in the parent tree, so that the IP address corresponding to the request domain name can be simultaneously corresponding to the alias domain name of the request domain name, the target terminal is ensured to automatically access the corresponding server by adopting the newly added IP address, and the technical problem that the corresponding server cannot be automatically accessed by network management equipment when the alias domain name exists in the request domain name in the related technology is solved.

Optionally, the parsing apparatus further includes: a first receiving module, configured to receive a domain name registration request sent by a target terminal before receiving a domain name request packet sent by the target terminal, where the domain name registration request includes: a domain name to be registered, an IP address type and a terminal identifier; the first response module is used for responding to the domain name registration request and registering the domain name to be registered; the first characterization module is used for characterizing the domain name to be registered as the request domain name under the condition that the domain name to be registered is successfully registered.

Optionally, the parsing apparatus further includes: the first configuration module is used for configuring a first domain name and a second domain name before receiving a domain name request message sent by a target terminal; the first generation module is used for generating a preset configuration domain name tree based on a first class domain name and a second class domain name, wherein domain name entries in the preset configuration domain name tree are the first class domain name or derivative domain names matched with the second class domain name, each domain name entry corresponds to an IP tree, and the IP tree is used for storing IP addresses of the domain names indicated by the domain name entries; the system comprises a first acquisition module, a second acquisition module and a third acquisition module, wherein the first acquisition module is used for acquiring a historical domain name request message, and the historical domain name request message carries an alias domain name of a first class domain name or an alias domain name of a derivative domain name matched with a second class domain name; and the second generation module is used for generating a preset alias domain name tree based on the alias domain name, wherein a parent tree is corresponding to an alias domain name entry in the preset alias domain name tree, the parent tree is used for recording a parent domain name corresponding to the alias domain name indicated by the alias domain name entry, and each parent domain name in the parent tree corresponds to an IP tree.

Optionally, the parsing apparatus further includes: a first determining module, configured to determine whether a requested domain name is matched from a preset configuration domain name tree or not under the condition that an analysis result further includes an alias record after analyzing the domain name request packet to obtain the analysis result, where the alias record at least includes: a multi-level domain name; the second judging module is used for judging whether the multi-level domain names are stored in a preset alias domain name tree or not under the condition of successful matching; the first inserting module is used for inserting the multi-level domain name into a preset alias domain name tree and inserting the request domain name into a parent tree of an alias domain name inlet represented by the multi-level domain name under the condition that the multi-level domain name is not stored in the preset alias domain name tree; the first updating module is used for updating the survival time of the request domain name into the survival time of a parent domain name of the multi-level domain name; and the second updating module is used for updating the survival time of the request domain name to the survival time of the parent domain name of the multi-level domain name under the condition that the multi-level domain name is stored in the preset alias domain name tree.

Optionally, the parsing apparatus further includes: the third judging module is used for judging whether the request domain name is matched from the preset alias domain name tree or not under the condition of unsuccessful matching after judging whether the request domain name is matched from the preset configuration domain name tree or not; the fourth judging module is used for judging whether the multi-level domain name exists in the preset alias domain name tree or not under the condition of successful matching; the second insertion module is used for inserting the multi-level domain name into the preset alias domain name tree under the condition that the multi-level domain name does not exist in the preset alias domain name tree, and inquiring all parent domain names of the request domain name from the preset alias domain name tree; the first adding module is used for adding all father domain names of the requested domain names into the father tree of the multi-level domain names; and the third updating module is used for updating the survival time of the target parent domain name based on the survival time of the alias record under the condition that any target parent domain name of the request domain name exists in the parent tree of the multi-level domain name.

Optionally, the parsing apparatus further includes: the fifth judgment module is used for judging whether the request domain name is matched from the preset configuration domain name tree or not under the condition that the analysis result also comprises a preset record after the domain name request message is analyzed to obtain the analysis result; the fourth updating module is used for updating the IP tree of the domain name inlet matched with the request domain name under the condition of successful matching; a sixth judging module, configured to, in a case that matching is unsuccessful, judge whether the request domain name is matched from the preset alias domain name tree; the first query module is used for querying all parent domain names of the request domain names from the preset alias domain name tree under the condition that the request domain names are matched from the preset alias domain name tree; and the fifth updating module is used for traversing all the parent domain names and updating the IP tree of each parent domain name.

Optionally, the fourth updating module includes: the first judgment submodule is used for judging whether the IP tree has a current IP address or not; the first inserting submodule is used for inserting the current IP address into the IP tree under the condition that the current IP address does not exist in the IP tree; and the first updating submodule is used for updating the survival time of the IP address which is consistent with the current IP address in the IP tree under the condition that the current IP address exists in the IP tree.

Optionally, the parsing apparatus further includes: the first processing module is used for carrying out aging processing on the IP address under the condition that the survival time of the IP address of the domain name inlet in the preset configuration domain name tree exceeds a first preset threshold value; the first deleting module is used for deleting the derived domain name from the preset configuration domain name tree under the condition that the domain name inlet is the derived domain name and all IP addresses in the IP tree corresponding to the derived domain name are subjected to aging treatment; the second processing module is used for carrying out aging processing on the father domain name under the condition that the survival time of the father domain name of the alias domain name inlet in the preset alias domain name tree exceeds a second preset threshold value; and the second deleting module is used for deleting the alias domain name entry from the preset alias domain name tree under the condition that all the parent domain names in the parent tree corresponding to the alias domain name entry are aged.

The analysis device may further include a processor and a memory, the analysis unit 110, the first updating unit 111, the second updating unit 112, the returning unit 113, and the like are all stored in the memory as program units, and the processor executes the program units stored in the memory to implement corresponding functions.

The processor comprises a kernel, and the kernel calls a corresponding program unit from the memory. The kernel can set one or more than one, and returns the IP address to the target terminal by adjusting the kernel parameters under the condition that the first updating result or the second updating result indicates that the IP address corresponding to the request domain name is newly added on the IP tree.

The memory may include volatile memory in a computer readable medium, random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip.

The present application further provides a computer program product adapted to perform a program for initializing the following method steps when executed on a data processing device: receiving a domain name request message sent by a target terminal, analyzing the domain name request message to obtain an analysis result, updating an IP tree of a domain name inlet matched with a request domain name in a preset configuration domain name tree to obtain a first update result under the condition that the request domain name is matched in the preset configuration domain name tree, or updating a parent tree of an alias domain name inlet matched with the request domain name in the preset alias domain name tree and updating the IP tree of each parent domain name in the parent tree to obtain a second update result under the condition that the first update result or the second update result indicates that an IP address corresponding to the request domain name is newly added on the IP tree.

According to another aspect of the embodiments of the present invention, there is also provided an electronic device, including one or more processors and a memory, where the memory is used to store one or more programs, and when the one or more programs are executed by the one or more processors, the one or more processors implement the above-mentioned domain name resolution method based on a network management device.

The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.

In the above embodiments of the present invention, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.

In the embodiments provided in the present application, it should be understood that the disclosed technology can be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units may be a logical division, and in actual implementation, there may be another division, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.

The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.

The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.

The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.

Claims

1. A domain name resolution method based on network management equipment is characterized by comprising the following steps:

receiving a domain name request message sent by a target terminal, and analyzing the domain name request message to obtain an analysis result, wherein the analysis result at least comprises: requesting a domain name;

under the condition that the request domain name is matched from a preset configuration domain name tree, updating an IP tree of a domain name inlet matched with the request domain name in the preset configuration domain name tree to obtain a first updating result; alternatively, the first and second electrodes may be,

under the condition that the request domain name is matched from a preset alias domain name tree, updating a parent tree of an alias domain name inlet matched with the request domain name in the preset alias domain name tree, and updating an IP tree of each parent domain name in the parent tree to obtain a second updating result;

and returning the IP address to the target terminal under the condition that the first updating result or the second updating result indicates that the IP address corresponding to the request domain name is newly added on the IP tree, wherein the target terminal accesses the server indicated by the request domain name through the IP address.

2. The resolution method according to claim 1, wherein before receiving the domain name request packet sent by the target terminal, the method further comprises:

receiving a domain name registration request sent by the target terminal, wherein the domain name registration request comprises: a domain name to be registered, an IP address type and a terminal identifier;

responding the domain name registration request, and registering the domain name to be registered;

and under the condition that the domain name to be registered is successfully registered, representing the domain name to be registered as the request domain name.

3. The parsing method according to claim 1, before receiving the domain name request packet sent by the target terminal, further comprising:

configuring a first class domain name and a second class domain name;

generating a preset configuration domain name tree based on the first class domain name and the second class domain name, wherein domain name entries in the preset configuration domain name tree are the first class domain name or derivative domain names matched with the second class domain name, each domain name entry corresponds to an IP tree, and the IP tree is used for storing an IP address of a domain name indicated by the domain name entry;

acquiring a historical domain name request message, wherein the historical domain name request message carries an alias domain name of a first class of domain name or an alias domain name of a derivative domain name matched with a second class of domain name;

and generating a preset alias domain name tree based on the alias domain name, wherein an alias domain name inlet in the preset alias domain name tree corresponds to a parent tree, the parent tree is used for recording a parent domain name corresponding to the alias domain name indicated by the alias domain name inlet, and each parent domain name in the parent tree corresponds to an IP tree.

4. The parsing method according to claim 1, after parsing the domain name request packet to obtain a parsing result, further comprising:

and under the condition that the resolution result further comprises an alias record, judging whether the request domain name is matched from the preset configuration domain name tree, wherein the alias record at least comprises: a multi-level domain name;

under the condition of successful matching, judging whether the multi-level domain name is stored in the preset alias domain name tree or not;

under the condition that the multi-level domain name is not stored in the preset alias domain name tree, inserting the multi-level domain name into the preset alias domain name tree, and inserting the request domain name into a parent tree of an alias domain name inlet represented by the multi-level domain name;

updating the survival time of the request domain name to the survival time of the father domain name of the multi-level domain name; alternatively, the first and second liquid crystal display panels may be,

and under the condition that the multi-level domain name is stored in the preset alias domain name tree, updating the survival time of the request domain name to the survival time of the parent domain name of the multi-level domain name.

5. The resolution method according to claim 4, wherein after determining whether the requested domain name is matched from the preset configuration domain name tree, the method further comprises:

under the condition that the matching is unsuccessful, judging whether the request domain name is matched from the preset alias domain name tree or not;

under the condition of successful matching, judging whether the multi-level domain name exists in the preset alias domain name tree or not;

under the condition that the multi-level domain name does not exist in the preset alias domain name tree, inserting the multi-level domain name into the preset alias domain name tree, and inquiring all parent domain names of the request domain name from the preset alias domain name tree;

adding all the parent domain names of the request domain names into a parent tree of the multi-level domain names;

and under the condition that any target parent domain name of the request domain name exists in the parent tree of the multi-level domain name, updating the survival time of the target parent domain name based on the survival time of the alias record.

6. The parsing method according to claim 1, after parsing the domain name request packet to obtain a parsing result, further comprising:

under the condition that the analysis result further comprises a preset record, judging whether the request domain name is matched from the preset configuration domain name tree or not;

updating an IP tree of a domain name inlet matched with the request domain name under the condition of successful matching;

under the condition that the request domain name is matched from the preset alias domain name tree, inquiring all parent domain names of the request domain name from the preset alias domain name tree;

and traversing all the parent domain names, and updating the IP tree of each parent domain name.

7. The resolution method according to claim 6, wherein the step of updating the IP tree of the domain name entry matching the requested domain name comprises:

judging whether the IP tree has a current IP address or not;

inserting the current IP address into the IP tree if the current IP address does not exist in the IP tree;

and under the condition that the current IP address exists in the IP tree, updating the survival time of the IP address which is consistent with the current IP address in the IP tree.

8. The parsing method according to claim 3, further comprising:

under the condition that the survival time of the IP address of the domain name inlet in the preset configuration domain name tree exceeds a first preset threshold value, carrying out aging treatment on the IP address;

deleting the derived domain name from the preset configuration domain name tree under the condition that the domain name inlet is the derived domain name and all IP addresses in the IP tree corresponding to the derived domain name are aged;

performing aging processing on the parent domain name under the condition that the survival time of the parent domain name of the alias domain name inlet in the preset alias domain name tree exceeds a second preset threshold;

and deleting the alias domain name entry from the preset alias domain name tree under the condition that all the parent domain names in the parent tree corresponding to the alias domain name entry are aged.

9. A domain name resolution device based on network management equipment is characterized by comprising:

the analysis unit is used for receiving a domain name request message sent by a target terminal and analyzing the domain name request message to obtain an analysis result, wherein the analysis result at least comprises: requesting a domain name;

the first updating unit is used for updating an IP tree of a domain name inlet matched with the request domain name in a preset configuration domain name tree under the condition that the request domain name is matched in the preset configuration domain name tree to obtain a first updating result; alternatively, the first and second electrodes may be,

the second updating unit is used for updating a parent tree of an alias domain name inlet matched with the request domain name in a preset alias domain name tree and updating an IP tree of each parent domain name in the parent tree to obtain a second updating result under the condition that the request domain name is matched in the preset alias domain name tree;

and a returning unit, configured to return the IP address to the target terminal when the first update result or the second update result indicates that an IP address corresponding to the request domain name is newly added to the IP tree, where the target terminal accesses the server indicated by the request domain name through the IP address.

10. An electronic device, comprising one or more processors and memory for storing one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method for domain name resolution based on a network management device of any of claims 1 to 8.