CN116055449A - DNS packet forwarding method and device - Google Patents
DNS packet forwarding method and device Download PDFInfo
- Publication number
- CN116055449A CN116055449A CN202211703423.0A CN202211703423A CN116055449A CN 116055449 A CN116055449 A CN 116055449A CN 202211703423 A CN202211703423 A CN 202211703423A CN 116055449 A CN116055449 A CN 116055449A
- Authority
- CN
- China
- Prior art keywords
- dns
- server
- group
- packet
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a DNS packet forwarding method and a DNS packet forwarding device, wherein a DNS server can support a packet forwarding function, and forwards an accurate request to a recursive server group nearest to a client according to an IP address of the client, so that an authoritative server can still return an analytical IP nearest to the client according to the address of the recursive server under the condition of not supporting ECS, and CDN accurate scheduling is realized.
Description
Technical Field
The present invention relates to the field of emerging information technologies, and in particular, to a DNS packet forwarding method and apparatus, a computing device, and a storage medium.
Background
The domain name system (Domai n Name System, DNS) is an online distributed database that maps domain names and IP addresses to each other, facilitating access to the internet by users.
Local DNS (Loca l DNS) assists the user in implementing the domain name to I P resolution process, typically deploying an architecture as in fig. 1. Caching and recursion are deployed respectively, a DNS cache server provides caching of resolution results and directly provides domain name resolution service for users, and when caching of domain name resolution without request is performed, a DNS recursion server inquires final resolution results; the DNS recursion server provides a recursion process for inquiring the domain name resolution from the domain name root server until the final authoritative DNS server is inquired, and the domain name resolution result is obtained from the authoritative DNS. The recursive server does not directly serve internet users, who access DNS cache servers.
The forwarding function is one of the important functions of DNS implementation queries. In the DNS analysis process, after receiving a user request and checking cache miss, the cache DNS in all regions of the country can directly forward the user query to a downstream recursive DNS server according to a specified strategy, the recursive DNS replaces the user to initiate the query to authoritative DNS at all levels, and finally the acquired analysis result is returned.
In DNS-based CDN accurate scheduling, requiring resolution of the same domain name may return the IP closest to the user depending on the visitor location. In early DNS resolution, the authority cannot know the user specific I P, and only can return the latest result according to the recursive server IP, and there may be an inaccurate situation. To further solve the problem, the ECS (edge-c client-subnet) protocol allows the local DNS (including caching and recursion) to carry the user 'S real IP when the query is initiated to the authoritative DNS, so that the authoritative user I P can return the resolution result closest to the user' S location.
However, in the case where the authoritative DNS does not support ECS, resolution and return can still only be performed based on the IP address of the recursive DNS. Thus, if the local DNS of the user is improperly configured or otherwise causes the recursive DNS and the user to be not in a geographic location, the user may get a I P address where the recursive DNS is closest to the location of the user instead of I P addresses where the user is closest to the location of the user, thereby affecting the final website access effect.
Disclosure of Invention
In view of this, in order to solve the problem of CDN accurate scheduling in the case where the authority does not support ECS, the caching DNS is required to accurately forward the request to the recursive DNS closest to the client according to the user I P, so that the user and the recursive DNS server are guaranteed to be in the same area, and subsequent accurate scheduling is achieved.
The invention provides a DNS packet forwarding method, which comprises the following steps:
s1, loading relevant function configuration when DNS starts service; the function configuration at least comprises forward-zone forwarding configuration, corresponding data configuration of nationwide client address segments and v iew views, and corresponding data configuration of view and packet label group.
S2, after receiving a client DNS request, if no corresponding cache exists, if no corresponding query domain name is searched in a forward ard-zone domain name tree, the server analyzes the query domain name; otherwise, obtaining forwarding configuration information in the corresponding forward-zone node, and entering into S3;
s3, judging whether the forward packet forwarding is started or not by the corresponding zone, and if not, selecting a server group configured by a forward card-addr for subsequent analysis; if the method is started, searching the address of the client I P in the national address library to determine the view of vi ew where the address is located, and further acquiring a server group pointed by the vi ew area in the corresponding zone;
s4, if the corresponding view is not searched or the acquisition of the server group fails, selecting a first server group in the zone forwarding grouping list for DNS analysis; if the search is successful, the server group corresponding to the client I P in the zone is selected for DNS resolution.
The invention also provides a DNS packet forwarding device, which comprises:
the starting module is used for loading relevant function configuration when the DNS starts the service; the function configuration at least comprises forward-zone forwarding configuration, corresponding data configuration of nationwide client address segments and view views, and corresponding data configuration of v iew and packet label group.
The judging module is used for analyzing the local machine if the corresponding query domain name is not searched in the forward-zone domain name tree under the condition that no corresponding cache exists after the server receives the client DNS request; otherwise, obtaining forwarding configuration information in the corresponding forward-zone node, and entering into S3;
the selection module 1 is used for judging whether the forward packet forwarding is started by the corresponding zone, and if not, selecting a server group configured to forward-addr for subsequent analysis; if the method is started, searching the address of the client I P in the national address library to determine the view of vi ew where the address is located, and further acquiring a server group pointed by the vi ew area in the corresponding zone;
a selection module 2, configured to select a first server group in the zone forwarding packet list for DNS resolution if the corresponding v iew view cannot be searched or the server group fails to be acquired; if the search is successful, the server group corresponding to the client I P in the zone is selected for DNS resolution.
The invention also proposes a computing device comprising: the device comprises a processor, a memory, a communication interface and a communication bus, wherein the processor, the memory and the communication interface complete communication with each other through the communication bus; the memory is used for storing at least one executable program, and the executable program enables the processor to execute the operation corresponding to the DNS packet forwarding method.
The invention also provides a computer storage medium, wherein at least one executable program is stored in the storage medium, and the executable program enables a processor to execute the operation corresponding to the DNS packet forwarding method.
The invention has the advantages that the DNS server can support the packet forwarding function, and forwards the accurate request to the recursive server group nearest to the client according to the address of the client I P, so that the authoritative server can still return the analysis I P nearest to the client according to the address of the recursive server under the condition of not supporting ECS, thereby realizing CDN accurate scheduling.
Drawings
In order to more clearly illustrate the invention or the technical solutions of the prior art, the drawings used in the description of the invention or the prior art will be briefly described, it being obvious that the drawings in the description below are some embodiments of the invention, and that other drawings can be obtained from these drawings without inventive effort for a person skilled in the art.
FIG. 1 Local DNS deployment schematic;
FIG. 2 is a schematic diagram of packet forwarding for CDN precision scheduling;
fig. 3 is a flow chart of a DNS packet forwarding method.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The terminology used in the embodiments of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in this application and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise, the "plurality" generally includes at least two.
It should be understood that the term "and/or" as used herein is merely one relationship describing the association of the associated objects, meaning that there may be three relationships, e.g., a and/or B, may represent: a exists alone, A and B exist together, and B exists alone. In addition, the character "/" herein generally indicates that the front and rear associated objects are an "or" relationship.
The words "if", as used herein, may be interpreted as "at … …" or "at … …" or "in response to a determination" or "in response to a detection", depending on the context. Similarly, the phrase "if determined" or "if detected (stated condition or event)" may be interpreted as "when determined" or "in response to determination" or "when detected (stated condition or event)" or "in response to detection (stated condition or event), depending on the context.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a product or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such product or system. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of additional identical elements in a commodity or system comprising such elements.
In addition, the sequence of steps in the method embodiments described below is only an example and is not strictly limited.
The technical scheme flow of the forwarding method provided by the embodiment is shown in figure 3, and packet forwarding is supported on the basis of forward-zone forwarding. The detailed steps are as follows:
and S1, loading relevant function configuration when the DNS starts the service.
It will be appreciated that when the DNS initiates a service, the server loads the relevant functional configuration to complete the initialization. Preferably, a forwarding domain forward-zone forwarding configuration is loaded; loading corresponding data configuration of nationwide client address segments and v i ew views; and loading the corresponding data configuration of the view and the packet label group and other configurations.
Illustratively, the present functionality involves the following configuration:
the forwarding-zone is configured for a forwarding domain, and is aimed at the zone; global configuration under server.
S2, after receiving a client DNS request, if no corresponding cache exists, if no corresponding query domain name is searched in a forward d-zone domain name tree, the server analyzes the corresponding query domain name; otherwise, obtaining forwarding configuration information in the corresponding forward d-zone node, and entering S3.
When the server receives the client DNS request, processing begins. The newly added timeout grouping quantity fail_group_count member variable is used for recording the timeout grouping quantity in the initial inquiry state, and preferably, the initial value of fail_group_count is 0.
In the request processing process, under the condition of no corresponding cache, searching the corresponding query domain name in the forward-zone domain name tree to determine whether to forward the query. If not, the local machine analyzes; and if so, acquiring forwarding configuration information in the corresponding forward-zone node.
S3, judging whether the forward packet forwarding is started by the corresponding zone, if not, selecting a server group configured by forward-addr for subsequent analysis; if so, the client I P address is searched in the national address library to determine the view of v i ew it is in, and further obtaining the server group pointed by the view area in the corresponding zone.
Preferably, in the process of selecting the forwarding packet, the view v i ew is used as an intermediate component to establish a correspondence between the client address and the forwarding packet, and the request may be forwarded to the server packet nearest to the client according to the client I P.
Specifically, after the forwarding configuration information of the corresponding forward-zone node is obtained, whether the forward packet forwarding is started by the corresponding zone can be determined according to the forward-group parameter in the configuration information, and if the forward packet forwarding is not started by the corresponding zone, a server group configured to forward-addr is selected for subsequent analysis according to the original flow; if the packet forwarding mode is started, searching the address of the client I P in the national address library according to the access-control l-v iew configuration information to determine the view of the v iew where the client I P is located, further acquiring a server group pointed by the v iew area in the corresponding zone according to the forward ard-group-v iew configuration information, and proceeding to S4.
S4, if the corresponding view is not searched or the acquisition of the server group fails, selecting a first server group in the zone forwarding packet list for DNS analysis; if the search is successful, the server group corresponding to the client I P in the zone is selected for DNS resolution.
After the server group is selected, DNS servers select the available servers I P in the group by the existing algorithm and issue a recursive query request to the I P. If the response is received within the timeout period, directly sending the response to the client; if the server I P queries over time, it attempts to query again with the other servers I P of the group.
In an implementation, after a server group (possibly containing 1 or more servers I P within the group) is selected, DNS servers select available servers I P within the group through existing algorithms, forward requests to the target I P, and wait for resolution results. If the result is successfully returned, directly responding to the client; if the server I P times out, an attempt is made to query again with the other servers I P of the group. When all forwarding servers I P in the group are not available for timeout, the fail_group_count variable in the query state is incremented by 1, and the number of packets for timeout is recorded.
Preferably, the forwarded packets may also be reselected according to the number of timeout packets fa_group_count. If the selection is successful, re-performing DNS analysis by using the newly selected forwarding packet; if the selection fails, returning to failure.
In particular implementations, when forwarding packets are selected, the packet selections may be performed sequentially in accordance with the order of the forwarding packet list. Based on this, the timed-out packets can be skipped in the ordered forwarding packet list according to the recorded number of timed-out packets fa_group_count, and the next unused server group can be selected. If the selection is successful, re-performing DNS analysis by using the newly selected forwarding packet, namely repeating the previous step of performing DNS analysis by using the forwarding packet; if the selection fails, i.e. all packets use the over or non-packet forwarding mode, a failure is returned.
Furthermore, in implementations, since a partial domain name may have a CNAME record, which is a type of DNS record, an alias name may be mapped to a real or canonical domain name. CNAME records are typically used to map a sub-domain name (e.g., www or maiI) to a network domain hosting the sub-network domain content. Based on this, if the analysis result obtained is the CNA ME record, the internal query needs to be initiated again according to the CNAME. At this time, the time-out packet in the forwarding packet list can be skipped according to the time-out packet number fail_group_count in the query state, so that the server packet capable of successfully resolving the domain name can be directly selected, and the time consumption for trying to break down the packet again can be avoided.
The invention also provides a DNS packet forwarding device, which is characterized in that the device comprises:
the starting module is used for loading relevant function configuration when the DNS starts the service; the function configuration at least comprises forward-zone forwarding configuration, corresponding data configuration of nationwide client address segments and view of v iew, and corresponding data configuration of v iew and packet label group.
The judging module is used for analyzing the local machine if the corresponding query domain name is not searched in the forward-zone domain name tree under the condition that no corresponding cache exists after the server receives the client DNS request; otherwise, obtaining forwarding configuration information in the corresponding forward-zone node, and entering into S3;
the selection module 1 is used for judging whether the forward packet forwarding is started by the corresponding zone, and if not, selecting a server group configured to forward-addr for subsequent analysis; if so, the client I P address is searched in the national address library to determine the view of v i ew it is in, further acquiring a server group pointed by the view area in the corresponding zone;
a selection module 2, configured to select a first server group in the zone forwarding packet list for DNS resolution if the search for the corresponding vi ew view or the acquisition of the server group fails; if the search is successful, the server group corresponding to the client I P in the zone is selected for DNS resolution.
Preferably, the selecting the server group corresponding to the client I P in the zone for DNS resolution includes:
after selecting the server group, DNS servers select available servers I P in the group and issue recursive query requests to the I P; if the response is received within the timeout period, directly sending the response to the client; if the server I P queries over time, it attempts to query again with the other servers I P of the same group.
It will be appreciated that the DNS resolution device provided by the present invention may also be used to implement the steps in the methods provided by other embodiments of the present invention.
The invention also provides computer equipment. The computer device is in the form of a general purpose computing device. Components of a computer device may include, but are not limited to: one or more processors or processing units, system memory, and buses connecting the different system components.
Computer devices typically include a variety of computer system readable media. Such media can be any available media that can be accessed by the computer device and includes both volatile and nonvolatile media, removable and non-removable media.
The system memory may include a computer system readable medium in the form of volatile memory and the memory may include at least one program product having a set (e.g., at least one) of program modules configured to carry out the functions of the embodiments of the invention.
The processing unit executes various functional applications and data processing by running programs stored in the system memory, such as the methods provided by other embodiments of the present invention.
The present invention also provides a storage medium containing computer-executable instructions, on which a computer program is stored which, when executed by a processor, implements methods provided by other embodiments of the present invention.
Note that the above is only a preferred embodiment of the present invention and the technical principle applied. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, while the invention has been described in connection with the above embodiments, the invention is not limited to the embodiments, but may be embodied in many other equivalent forms without departing from the spirit or scope of the invention, which is set forth in the following claims.
Claims (10)
1. A DNS packet forwarding method, the method comprising the steps of:
s1, loading relevant function configuration when DNS starts service; the function configuration at least comprises forward-zone forwarding configuration, corresponding data configuration of nationwide client address segments and view views, and corresponding data configuration of view and packet label group;
s2, after receiving a client DNS request, if no corresponding cache exists, if no corresponding query domain name is searched in a forward ard-zone domain name tree, the server analyzes the query domain name; otherwise, obtaining forwarding configuration information in the corresponding forward-zone node, and entering into S3;
s3, judging whether the forward packet forwarding is started or not by the corresponding zone, and if not, selecting a server group configured by a forward card-addr for subsequent analysis; if the client is started, searching the IP address of the client in the national address library to determine the view of the client, and further acquiring a server group pointed by the view area in the corresponding zone;
s4, if the corresponding view is not searched or the acquisition of the server group fails, selecting a first server group in the zone forwarding grouping list for DNS analysis; if the search is successful, a server group corresponding to the client IP in the zone is selected for DNS analysis.
2. The DNS packet forwarding method according to claim 1, wherein the selecting the server group corresponding to the client IP in the zone for DNS resolution includes:
after selecting a server group, a DNS server selects an available server IP in the group and sends out a recursive query request to the IP; if the response is received within the timeout period, directly sending the response to the client; if the server IP query times out, the other servers I P in the same group are tried to query again.
3. The DNS packet forwarding method according to claim 1, wherein when the server receives the client DNS request, the method further comprises:
and in the initial inquiry state, newly adding a timeout packet quantity fail_group_count member variable for recording the overtime packet quantity in the inquiry, wherein the initial value of fail_group_count is 0.
4. A DNS packet forwarding method according to claim 3, wherein attempting to query again with other server IPs of the same group if the server IP query is timeout comprises:
if all forwarding servers IP in the group are unavailable due to overtime, adding 1 to the fail_group_cou nt variable in the query state, and recording the overtime packet number;
reselecting a forwarding packet according to the fail_group_count; if the selection is successful, re-performing DNS analysis by using the newly selected forwarding packet; if the selection fails, returning to failure.
5. The DNS packet forwarding method according to claim 4, wherein the reselecting forwarding packet includes:
when selecting a forwarding packet, skipping the timed-out packet in the ordered forwarding packet list according to the recorded timed-out packet quantity fai_group_count, and selecting the next unused server group.
6. The DNS packet forwarding method according to any of the claims 1-5, wherein:
if the analysis result is CNAME record, directly selecting server grouping which can successfully analyze domain name according to the timeout grouping quantity fai_group_co unit, and initiating internal inquiry again to the CNAME.
7. A DNS packet forwarding device, the device comprising:
the starting module is used for loading relevant function configuration when the DNS starts the service; the function configuration at least comprises forward-zone forwarding configuration, corresponding data configuration of nationwide client address segments and view views, and corresponding data configuration of view and packet label group;
the judging module is used for analyzing the local machine if the corresponding query domain name is not searched in the forward-zone domain name tree under the condition that no corresponding cache exists after the server receives the client DNS request; otherwise, obtaining forwarding configuration information in the corresponding forward-zone node, and entering into S3;
the selection module 1 is used for judging whether the forward packet forwarding is started by the corresponding zone, and if not, selecting a server group configured to forward-addr for subsequent analysis; if the client is started, searching the IP address of the client in the national address library to determine the view of the client, and further acquiring a server group pointed by the view area in the corresponding zone;
a selection module 2, configured to select a first server group in the zone forwarding packet list for DNS resolution if the search for the corresponding view or the acquisition of the server group fails; if the search is successful, a server group corresponding to the client IP in the zone is selected for DNS analysis.
8. The DNS packet forwarding device according to claim 7, wherein the selecting the server group corresponding to the client IP in the zone for DNS resolution includes:
after selecting a server group, a DNS server selects an available server IP in the group and sends out a recursive query request to the IP; if the response is received within the timeout period, directly sending the response to the client; if the server IP query times out, the other servers I P in the same group are tried to query again.
9. A computing device, comprising: the device comprises a processor, a memory, a communication interface and a communication bus, wherein the processor, the memory and the communication interface complete communication with each other through the communication bus;
the memory is configured to store at least one executable program, where the executable program causes the processor to perform operations corresponding to the DNS packet forwarding method according to any of claims 1 to 6.
10. A computer storage medium having stored therein at least one executable program that causes a processor to perform operations corresponding to the DNS packet forwarding method according to any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211703423.0A CN116055449A (en) | 2022-12-29 | 2022-12-29 | DNS packet forwarding method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211703423.0A CN116055449A (en) | 2022-12-29 | 2022-12-29 | DNS packet forwarding method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116055449A true CN116055449A (en) | 2023-05-02 |
Family
ID=86117513
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211703423.0A Pending CN116055449A (en) | 2022-12-29 | 2022-12-29 | DNS packet forwarding method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116055449A (en) |
-
2022
- 2022-12-29 CN CN202211703423.0A patent/CN116055449A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11811657B2 (en) | Updating routing information based on client location | |
| CN111314472B (en) | Domain name resolution method, domain name resolution server and terminal equipment | |
| US7769826B2 (en) | Systems and methods of providing DNS services using separate answer and referral caches | |
| CN107395683B (en) | Method for selecting return path and server | |
| US20100088405A1 (en) | Determining Network Delay and CDN Deployment | |
| EP3567881B1 (en) | Request routing and updating routing information utilizing client location information | |
| US8423670B2 (en) | Accessing distributed services in a network | |
| CN110855636B (en) | DNS hijacking detection method and device | |
| CN108667946B (en) | Multi-domain name mutual backup analysis management method, device and system | |
| CN110557464A (en) | DNS (Domain name Server) resolution method, authoritative DNS server and DNS resolution system | |
| CN114205330A (en) | Domain name resolution method, domain name resolution device, server, and storage medium | |
| CN113315852B (en) | Domain name resolution method, device and system | |
| CN111787129A (en) | Method and system for configuring local DNS server for client | |
| CN116319113B (en) | Domain name resolution abnormality detection method and electronic equipment | |
| CN111049941A (en) | DNS scheduling method, domain name server and computer readable storage medium | |
| CN116055449A (en) | DNS packet forwarding method and device | |
| KR100342107B1 (en) | Methods for deciding Internet address groups distinguished by assigned organizations or locations and for resolving the geographical information for each address group, which are intended to set up Internet address supplementary system and its applications | |
| CN111447291B (en) | DNS-based scheduling method and system and electronic equipment | |
| CN110392074B (en) | Scheduling method and device based on dynamic acceleration | |
| KR100347985B1 (en) | System for Providing the Internet Address Supplementary Services and Method thereof | |
| CN117061247B (en) | DNS-based traceability positioning method and device, electronic equipment and storage medium | |
| CN113839938B (en) | Method and device for detecting domain name takeover vulnerability | |
| JP3834770B2 (en) | Name resolution method and apparatus | |
| CN117614932A (en) | Domain name resolution method, device, electronic equipment and readable storage medium | |
| CN114143230A (en) | Method and device for calculating DNS (Domain name Server) resolution time of dual-stack user |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |