CN106470251B - Domain name resolution method and virtual DNS authoritative server - Google Patents
Domain name resolution method and virtual DNS authoritative server Download PDFInfo
- Publication number
- CN106470251B CN106470251B CN201510512839.8A CN201510512839A CN106470251B CN 106470251 B CN106470251 B CN 106470251B CN 201510512839 A CN201510512839 A CN 201510512839A CN 106470251 B CN106470251 B CN 106470251B
- Authority
- CN
- China
- Prior art keywords
- server
- domain name
- address
- response message
- virtual dns
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a domain name resolution method and a virtual DNS authoritative server. The domain name resolution method comprises the following steps: the method comprises the steps that a virtual Domain Name System (DNS) authoritative server receives a first domain name resolution request sent by a recursive server, wherein the first domain name resolution request comprises a domain name to be resolved; the virtual DNS authoritative server inquires whether a network protocol IP address of a domain name exists in a cache or not according to the first domain name resolution request; and the virtual DNS authoritative server sends a first response message to the recursive server according to the query result, wherein the first response message comprises the IP address of the domain name. The invention can improve the domain name resolution performance.
Description
Technical Field
The invention relates to a computer technology, in particular to a domain name resolution method and a virtual DNS authoritative server.
Background
When a client needs to access a network, after a domain name is input in a browser, the domain name needs to be resolved first, and a network Protocol (Internet Protocol, IP for short) address corresponding to the domain name is resolved, so that the client can access a server corresponding to the IP address.
In the prior art, a Domain Name System (DNS) includes a root server, a DNS authority server, a recursive server, and a local DNS server. The DNS authority servers comprise top-level domain name authority servers, such as domain authority servers of. The domain name resolution process is as follows: the client side initiates a domain name resolution request, the resolution request comprises a domain name, and if the client side cache does not have the IP address corresponding to the domain name, the client side initiates a DNS query request to the local DNS server. After receiving the request, the local DNS server first checks whether the IP address corresponding to the domain name to be queried is in its cache, and if so, the local DNS server will directly respond to the client, if there is no cache, the local DNS server will initiate a recursive query request to the recursive server, and the recursive server checks whether there is content queried in its cache, and if there is content queried, and directly responding to the local DNS, if the cache does not exist, initiating a query request to a root server by a recursive server, sending an address of a top-level domain name authority server corresponding to the domain name to the recursive server by the root server, initiating the query request to the top-level domain name authority server by the recursive server until the authority server returns an IP address corresponding to the domain name to the recursive server, and feeding the IP address back to the client by the recursive server to finish the process of domain name resolution.
However, in the above domain name resolution process, the query traffic of the DNS authority server is large, and the repeated query of the domain name is also many, so the load of the DNS authority server is large, the time required for domain name resolution is long, and the performance of domain name resolution is affected.
disclosure of Invention
The invention provides a domain name resolution method and a virtual DNS authoritative server, which are used for improving the performance of domain name resolution.
the invention provides a domain name resolution method, which comprises the following steps:
the method comprises the steps that a virtual DNS authoritative server receives a first domain name resolution request sent by a recursive server, wherein the first domain name resolution request comprises a domain name needing resolution;
the virtual DNS authoritative server inquires whether a network protocol IP address of the domain name exists in a cache or not according to the first domain name resolution request;
and the virtual DNS authoritative server sends a first response message to the recursive server according to the query result, wherein the first response message comprises the IP address of the domain name.
further, the sending, by the virtual DNS authority server, the first response message to the recursive server according to the query result includes:
If the virtual DNS authoritative server inquires that the IP address of the domain name exists in the cache of the virtual DNS authoritative server, the virtual DNS authoritative server sends the first response message to the recursive server;
If the virtual DNS authoritative server inquires that the IP address of the domain name does not exist in the cache of the virtual DNS authoritative server, the virtual DNS authoritative server judges whether the user authoritative server works normally or not, and sends the first response message to the recursive server according to a judgment result.
further, the virtual DNS authoritative server determining whether the user authoritative server is working normally, and sending the first response message to the recursive server according to the determination result, includes:
If the virtual DNS authoritative server judges that the user authoritative server can work normally, the method comprises the following steps:
the virtual DNS authoritative server modifies a target IP address in the first domain name resolution request into an IP address of the user authoritative server to form a second domain name resolution request;
The virtual DNS authoritative server sends the second domain name resolution request to the user authoritative server, and receives a second response message sent by the user authoritative server, wherein the second response message comprises the IP address of the domain name;
the virtual DNS authoritative server modifies the IP address of the user authoritative server in the second response message into the IP address of the virtual DNS authoritative server, and sets an authoritative zone bit AA in the second response message to be 1 to form the first response message;
the virtual DNS authoritative server sends the first response message to the recursive server.
Further, the virtual DNS authoritative server determining whether the user authoritative server is working normally, and sending the first response message to the recursive server according to the determination result, includes:
If the virtual DNS authoritative server judges that the user authoritative server can not work normally, the method comprises the following steps:
the virtual DNS authoritative server modifies a target IP address in the first domain name resolution request into an IP address of a disaster recovery center to form a third domain name resolution request, wherein the disaster recovery center is a backup of the user authoritative server;
The virtual DNS authoritative server sends the third domain name resolution request to the disaster recovery center and receives third response information sent by the disaster recovery center, wherein the third response information comprises the IP address of the domain name;
the virtual DNS authoritative server modifies the IP address of the disaster recovery center in the third response message into the IP address of the virtual DNS authoritative server, and sets an authoritative zone bit AA in the third response message to be 1 to form the first response message;
The virtual DNS authoritative server sends the first response message to the recursive server.
The present invention also provides a virtual DNS authoritative server, comprising:
the receiving module is used for receiving a first domain name resolution request sent by a recursive server, wherein the first domain name resolution request comprises a domain name to be resolved;
the query module is used for querying whether a network protocol IP address of the domain name exists in a cache or not according to the first domain name resolution request;
and the sending module is used for sending a first response message to the recursive server according to the query result, wherein the first response message comprises the IP address of the domain name.
Further, if the query module queries that the cache has the IP address of the domain name, the sending module is configured to send the first response message to the recursive server;
if the query module queries that the cache does not have the IP address of the domain name, the virtual DNS authoritative server further comprises a judging module, the judging module is used for judging whether the user authoritative server works normally, and the sending module is further used for sending the first response message to the recursive server according to the judging result of the judging module.
further, if the determining module determines that the user authority server can work normally, the sending module further includes:
A first modifying unit, configured to modify a destination IP address in the first domain name resolution request to an IP address of the user authoritative server, so as to form a second domain name resolution request;
A first sending and receiving unit, configured to send the second domain name resolution request to the user authority server, and receive a second response message sent by the user authority server, where the second response message includes an IP address of the domain name;
A second modification unit, configured to modify the IP address of the user authoritative server in the second response message to the IP address of the virtual DNS authoritative server, and set an authoritative flag bit AA in the second response message to 1, to form the first response message;
A first sending unit, configured to send the first response message to the recursive server.
further, if the determining module determines that the user authority server cannot work normally, the sending module further includes:
A third modifying unit, configured to modify a destination IP address in the first domain name resolution request into an IP address of a disaster recovery center, so as to form a third domain name resolution request, where the disaster recovery center is a backup of the user authority server;
a second sending and receiving unit, configured to send the third domain name resolution request to the disaster recovery center, and receive third response information sent by the disaster recovery center, where the third response information includes an IP address of the domain name;
A fourth modification unit, configured to modify the IP address of the disaster recovery center in the third response message to the IP address of the virtual DNS authoritative server, and set an authoritative identifier AA in the third response message to 1, to form the first response message;
A second sending unit, configured to send the first response message to the recursive server.
the invention provides a domain name resolution method and a virtual DNS authoritative server, which receive a first domain name resolution request sent by a recursive server through a virtual domain name system DNS authoritative server, wherein the first domain name resolution request comprises a domain name to be resolved, the virtual DNS authoritative server inquires whether a network protocol IP address corresponding to the domain name exists in a cache according to the first domain name resolution request, the virtual DNS authoritative server sends a first response message to the recursive server according to an inquiry result, the first response message comprises the IP address, receives the first domain name resolution request of the recursive server through the virtual DNS authoritative server, and sends the first response message to the recursive server according to whether the IP address corresponding to the domain name to be resolved exists in the cache, so that the virtual DNS authoritative server shares the inquiry flow of the DNS authoritative server and reduces the load of the virtual DNS authoritative server, the time of domain name resolution is shortened, and the performance of domain name resolution is improved.
drawings
in order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
fig. 1 is a flowchart of a first embodiment of a domain name resolution method according to the present invention;
FIG. 2 is a flowchart of a second embodiment of a domain name resolution method according to the present invention;
Fig. 3 is a flowchart of an implementation manner of S202 in the second embodiment of the domain name resolution method according to the present invention;
Fig. 4 is a flowchart of another implementation manner of S202 in the second embodiment of the domain name resolution method according to the present invention;
FIG. 5 is a schematic structural diagram of a first embodiment of a virtual DNS authoritative server according to the present invention;
FIG. 6 is a schematic structural diagram of a second embodiment of the virtual DNS authoritative server according to the present invention;
Fig. 7 is a schematic structural diagram of an implementation manner of a sending module in a second embodiment of the virtual DNS authoritative server according to the present invention;
Fig. 8 is a schematic structural diagram of another implementation manner of a sending module in a second embodiment of the virtual DNS authority server according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
fig. 1 is a flowchart of a first embodiment of a domain name resolution method according to the present invention. As shown in fig. 1, the domain name resolution method provided in this embodiment includes:
S101: the virtual DNS authoritative server receives a first domain name resolution request sent by the recursive server.
the first domain name resolution request comprises a domain name to be resolved.
specifically, the virtual DNS authoritative server is arranged between the recursive server and the user authoritative server. The user authority server refers to a domain authority server such as baidu.com, sina.com or AAA.com which belongs to the top-level domain name server, and the user refers to a company or an organization such as baidu, sina or AAA which applies for domain name resolution by using a virtual DNS authority server. After the domain name resolution request sent by the client reaches the recursive server, the recursive server sends a first domain name resolution request to the virtual DNS authoritative server. The first domain name resolution request comprises a domain name needing resolution, wherein the domain name needing resolution represents a domain name accessed by a client. The client can be a computer, a mobile phone and the like. The first domain name resolution request may further include: the source IP address is the IP address of the recursive server and the destination IP address is the IP address of the virtual DNS authoritative server.
It should be noted that, before the user uses the domain name resolution method provided in this embodiment, the domain name registrar needs to be informed to modify the IP address of the user authoritative server to the IP address of the virtual DNS authoritative server, so that the virtual DNS authoritative server is located in the DNS framework.
s102: and the virtual DNS authoritative server inquires whether the IP address of the domain name exists in the cache or not according to the first domain name resolution request.
Specifically, the virtual DNS authority server queries in its cache whether there is an IP address corresponding to the domain name to be resolved included in the first domain name resolution request. Optionally, if the client frequently initiates a domain name resolution request including a certain domain name, the cache of the virtual DNS authority server may store an IP address corresponding to the domain name.
s103: and the virtual DNS authoritative server sends a first response message to the recursive server according to the query result, wherein the first response message comprises the IP address of the domain name.
Specifically, the virtual DNS authoritative server sends a first response message to the recursive server according to different query results. The first response message includes an IP address corresponding to the domain name included in the first domain name resolution request. The first response message may further include: the destination address is the IP address of the recursive server and the source address is the IP address of the virtual DNS authoritative server.
and the virtual DNS authoritative server sends the first response message to the recursive server, and the recursive server repackages the first response message and sends the repackaged response message to the local DNS server. And the local DNS server is encapsulated again and then is sent to the client side to finish the domain name resolution once.
The domain name resolution method provided by this embodiment receives, by a virtual domain name system DNS authority server, a first domain name resolution request sent by a recursive server, where the first domain name resolution request includes a domain name to be resolved, the virtual DNS authority server queries whether an IP address of the domain name exists in a cache according to the first domain name resolution request, and sends a first response message to the recursive server according to a query result, where the first response message includes the IP address of the domain name, receives, by the virtual DNS authority server, the first domain name resolution request of the recursive server, and sends the first response message to the recursive server according to whether an IP address corresponding to the domain name to be resolved exists in the cache, so that the virtual DNS authority server shares a query traffic of a user authority server, and reduces a load of the user authority server, the time of domain name resolution is shortened, and the performance of domain name resolution is improved.
Fig. 2 is a flowchart of a second embodiment of a domain name resolution method according to the present invention. As shown in fig. 2, in the domain name resolution method provided in this embodiment, on the basis of the first embodiment, S103 specifically includes:
S201: and if the virtual DNS authoritative server inquires that the IP address of the domain name exists in the cache of the virtual DNS authoritative server, the virtual DNS authoritative server sends a first response message to the recursive server.
specifically, if the IP address of the domain name exists in the cache of the virtual DNS authoritative server, the IP address in the cache is encapsulated in the first response message and sent to the recursive server.
s202: if the virtual DNS authoritative server inquires that the virtual DNS authoritative server cache does not have the IP address of the domain name, the virtual DNS authoritative server judges whether the user authoritative server works normally or not, and sends a first response message to the recursive server according to a judgment result.
specifically, if there is no IP address of the domain name in the cache of the virtual DNS authoritative server, the virtual DNS authoritative server needs to send a domain name resolution request to the user authoritative server. However, a user authoritative server may have a fault, and if the user authoritative server has a fault, the user authoritative server may not respond to the domain name resolution request sent by the virtual DNS authoritative server, at this time, the virtual DNS authoritative server is required to determine whether the user authoritative server is working normally, and send a first response message to the recursive server according to the determination result.
The virtual DNS authoritative server can detect whether the user authoritative server is in normal operation or not at a certain frequency. For example, the virtual DNS authoritative server may determine whether the user authoritative server is working normally by sending a probe message, where the probe message may include a probe domain name. If the user authority server can normally analyze the detection domain name in the detection message and correctly feed back the detection domain name to the virtual DNS authority server, the user authority server is considered to be in normal work, otherwise, the user authority server is considered to be possibly out of order, such as power failure or downtime. Of course, the virtual DNS authority server may also determine whether the user authority server is working normally in other manners, which is not limited in this embodiment.
In the domain name resolution method provided by this embodiment, if the virtual DNS authority server queries that there is an IP address of a domain name in the cache of the virtual DNS authority server, the virtual DNS authority server sends the first response message to the recursive server, and if the virtual DNS authority server queries that there is no IP address of a domain name in the cache of the virtual DNS authority server, the virtual DNS authority server determines whether the user authority server is working normally, and sends the first response message to the recursive server according to the determination result, so that the virtual DNS authority server shares the query traffic of the user authority server, reduces the load of the user authority server, shortens the time of domain name resolution, and improves the performance of domain name resolution.
According to the difference of the judgment result of judging whether the user authoritative server is in the normal working state by the virtual DNS authoritative server, in the second embodiment, the S202 has the following two implementation manners:
Fig. 3 is a flowchart of an implementation manner of S202 in the second embodiment of the domain name resolution method according to the present invention. As shown in fig. 3, the implementation manner is that if the virtual DNS authoritative server determines that the user authoritative server can work normally, the method includes:
s301: and the virtual DNS authoritative server modifies the destination IP address in the first domain name resolution request into the IP address of the user authoritative server to form a second domain name resolution request.
And the second domain name resolution request comprises the domain name to be resolved.
s302: and the virtual DNS authoritative server sends the second domain name resolution request to the user authoritative server and receives a second response message sent by the user authoritative server.
Wherein, the second response message contains the IP address of the domain name.
S303: and the virtual DNS authoritative server modifies the IP address of the user authoritative server in the second response message into the IP address of the virtual DNS authoritative server, and sets an authoritative zone bit AA in the second response message to be 1 to form a first response message.
Specifically, the authority flag AA in the second response message may be set to 1 to indicate that the first response message is an authority response. The user authority server can be hidden for the client by modifying the IP address of the user authority server into the IP address of the virtual DNS authority server, so that the user authority server is prevented from being attacked by the client.
It is understood that the authority flag AA in the first response message in the first embodiment and the first response message in the present embodiment is 1, so as to indicate that the response of the virtual DNS authority server is an authority response.
S304: the virtual DNS authority server sends a first response message to the recursive server.
optionally, before S302, the virtual DNS authority server may further analyze the route of the user authority server.
Specifically, the number of the user authority servers may be multiple, each access load is different, and a situation of unbalanced load may exist, at this time, the virtual DNS authority server performs intelligent resolution on the line between the virtual DNS authority server and a plurality of different user authority servers, and may perform intelligent resolution by counting the line of the user authority server to determine which line has less load, so that the second domain name resolution request is sent to the user authority server corresponding to the line through the line, the purpose of load balancing is achieved, and the speed of domain name resolution is further improved. Wherein, different line IP outlets in the virtual DNS authoritative server correspond to different lines between the virtual DNS authoritative server and the user authoritative server.
in the implementation mode, the virtual DNS authoritative server modifies the IP address of the user authoritative server into the IP address of the virtual DNS authoritative server, so that the user authoritative server can be hidden in the client side, and compared with the DNS without the virtual DNS authoritative server, the client side cannot obtain the address of the user authoritative server, therefore, the user authoritative server is prevented from being attacked by the client side, and the domain name resolution performance is further improved.
Fig. 4 is a flowchart of another implementation manner of S202 in the second embodiment of the domain name resolution method according to the present invention. As shown in fig. 4, if the virtual DNS authoritative server determines that the user authoritative server cannot work normally, the method includes:
S401: and the virtual DNS authoritative server modifies the target IP address in the first domain name resolution request into the IP address of the disaster recovery center to form a third domain name resolution request.
Wherein, the disaster recovery center is the backup of the user authority server.
The disaster recovery center can periodically inquire whether the data in the disaster recovery center is consistent with the data in the user authority server, and if the data in the disaster recovery center is not consistent with the data in the user authority server, the data synchronization is carried out so as to ensure that the data in the disaster recovery center is consistent with the data in the user authority server. For example, whether the data in the server is consistent with the data in the user authority server can be inquired by periodically initiating inquiry requests.
S402: and the virtual DNS authoritative server sends the third domain name resolution request to the disaster recovery center and receives third response information sent by the disaster recovery center.
wherein, the third response message includes the IP address of the domain name.
S403: and the virtual DNS authoritative server modifies the IP address of the disaster recovery center in the third response message into the IP address of the virtual DNS authoritative server, and sets an authoritative zone bit AA in the third response message to be 1 to form a first response message.
Specifically, the authority flag AA in the third response message may be set to 1 to indicate that the first response message is an authority response.
S404: the virtual DNS authority server sends a first response message to the recursive server.
according to the implementation mode, when the user authoritative server cannot work normally, the virtual DNS authoritative server sends the resolution request to the disaster recovery center, so that the client cannot sense the fault of the user authoritative server, and the stability of domain name resolution is guaranteed.
it should be noted that, in any of the above embodiments, the user may set the cache of the virtual DNS authoritative server, for example, may set a storage time of the cache data and an update frequency of the data in the cache.
fig. 5 is a schematic structural diagram of a virtual DNS authority server according to a first embodiment of the present invention. As shown in fig. 5, the virtual DNS authority server provided in this embodiment includes:
A receiving module 501, configured to receive a first domain name resolution request sent by a recursive server.
the first domain name resolution request comprises a domain name to be resolved.
The querying module 502 is configured to query whether the cache has an IP address of the domain name according to the first domain name resolution request.
A sending module 503, configured to send a first response message to the recursive server according to the query result, where the first response message includes the IP address of the domain name.
The virtual DNS authoritative server of this embodiment may correspondingly execute the method embodiment shown in fig. 1. The implementation principle is the same, and the detailed description is omitted here.
the virtual DNS authoritative server provided in this embodiment is configured to receive a first domain name resolution request sent by the recursive server by setting a receiving module, where the first domain name resolution request includes a domain name to be resolved. And the query module is used for querying whether the IP address of the domain name exists in the cache or not according to the first domain name resolution request. And the sending module is used for sending a first response message to the recursive server according to the query result, wherein the first response message comprises the IP address of the domain name. The virtual DNS authoritative server receives a first domain name resolution request of the recursive server, and the sending module sends a first response message to the recursive server according to whether the IP address corresponding to the domain name to be resolved exists in the cache, so that the virtual DNS authoritative server shares the query flow of the user authoritative server, the burden load of the user authoritative server is reduced, the domain name resolution time is shortened, and the domain name resolution performance is improved.
Fig. 6 is a schematic structural diagram of a second embodiment of the virtual DNS authority server according to the present invention. As shown in fig. 6, in the virtual DNS authoritative server provided in this embodiment, on the basis of the foregoing embodiment, if the querying module 502 queries an IP address with a domain name in the cache, the sending module 503 is configured to send a first response message to the recursive server. If the query module 502 queries that there is no IP address of the domain name in the cache, the virtual DNS authority server further includes a determining module 601 configured to determine whether the user authority server normally works, and the sending module 503 is further configured to send a first response message to the recursive server according to a determination result of the determining module 601.
the virtual DNS authoritative server of this embodiment may correspondingly execute the method embodiment shown in fig. 2. The implementation principle is the same, and the detailed description is omitted here.
in the virtual DNS authority server provided in this embodiment, if the query module queries that there is an IP address of a domain name in the cache of the virtual DNS authority server, the sending module is configured to send a first response message to the recursive server, and if the query module queries that there is no IP address of a domain name in the cache of the virtual DNS authority server, the virtual DNS authority server further includes a determining module configured to determine whether the user authority server is working normally, and the sending module is further configured to send a first response message to the recursive server according to a determination result of the determining module, so that the virtual DNS server shares query traffic of the user authority server, reduces a load of the user authority server, shortens time for domain name resolution, and improves performance of domain name resolution.
fig. 7 is a schematic structural diagram of an implementation manner of a sending module in a second embodiment of the virtual DNS authority server according to the present invention. As shown in fig. 7, if the determining module determines that the user authority server can work normally, the sending module in the second embodiment further includes:
and the first modifying unit 7001 is configured to modify the destination IP address in the first domain name resolution request into the IP address of the user authoritative server, so as to form a second domain name resolution request.
the first sending and receiving unit 7002 is configured to send the second domain name resolution request to the user authority server, and receive a second response message sent by the user authority server, where the second response message includes an IP address of the domain name.
And a second modifying unit 7003, configured to modify the IP address of the user authoritative server in the second response message to the IP address of the virtual DNS authoritative server, and set the authoritative zone AA in the second response message to 1, so as to form the first response message.
A first sending unit 7004, configured to send a first response message to the recursive server.
The implementation manner can correspondingly execute the method embodiment shown in fig. 3. The implementation principle is the same, and the detailed description is omitted here.
in the implementation mode, the second modification unit modifies the IP address of the user authoritative server into the IP address of the virtual DNS authoritative server, so that the user authoritative server can be hidden in the client, and compared with the DNS without the virtual DNS authoritative server, the client cannot obtain the address of the user authoritative server, therefore, the user authoritative server is prevented from being attacked by the client, and the domain name resolution performance is further improved.
Fig. 8 is a schematic structural diagram of another implementation manner of a sending module in a second embodiment of the virtual DNS authority server according to the present invention. As shown in fig. 8, if the determining module determines that the user authority server can work normally, the sending module in the second embodiment further includes:
A third modifying unit 8001, configured to modify the destination IP address in the first domain name resolution request to an IP address of the disaster recovery center, so as to form a third domain name resolution request, where the disaster recovery center is a backup of the user authority server;
a second sending and receiving unit 8002, configured to send the third domain name resolution request to the disaster recovery center, and receive third response information sent by the disaster recovery center, where the third response information includes an IP address of the domain name;
a fourth modifying unit 8003, configured to modify the IP address of the disaster recovery center in the third response message to the IP address of the virtual DNS authoritative server, and set an authoritative flag bit AA in the third response message to 1, to form a first response message;
a second sending unit 8004, configured to send the first response message to the recursive server.
the implementation manner can correspondingly execute the method embodiment shown in fig. 4. The implementation principle is the same, and the detailed description is omitted here.
According to the implementation mode, when the user authoritative server cannot work normally, the virtual DNS authoritative server sends the resolution request to the disaster recovery center, so that the client cannot sense the fault of the user authoritative server, and the stability of domain name resolution is guaranteed.
those of ordinary skill in the art will understand that: all or a portion of the steps of implementing the above-described method embodiments may be performed by hardware associated with program instructions. The program may be stored in a computer-readable storage medium. When executed, the program performs steps comprising the method embodiments described above; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (4)
1. a domain name resolution method is characterized by comprising the following steps:
A virtual Domain Name System (DNS) authoritative server receives a first domain name resolution request sent by a recursive server, wherein the first domain name resolution request comprises a domain name to be resolved;
the virtual DNS authoritative server inquires whether a network protocol IP address of the domain name exists in a cache or not according to the first domain name resolution request;
the virtual DNS authoritative server sends a first response message to the recursive server according to the query result, wherein the first response message comprises the IP address of the domain name;
wherein, the virtual DNS authority server sends a first response message to the recursive server according to the query result, including:
if the virtual DNS authoritative server inquires that the IP address of the domain name exists in the cache of the virtual DNS authoritative server, the virtual DNS authoritative server sends the first response message to the recursive server;
If the virtual DNS authoritative server inquires that the IP address of the domain name does not exist in the cache of the virtual DNS authoritative server, the virtual DNS authoritative server judges whether the user authoritative server normally works or not, and sends the first response message to the recursive server according to a judgment result;
The virtual DNS authoritative server judges whether the user authoritative server works normally or not, and sends the first response message to the recursive server according to a judgment result, wherein the method comprises the following steps:
If the virtual DNS authoritative server judges that the user authoritative server can not work normally, the method comprises the following steps:
The virtual DNS authoritative server modifies a target IP address in the first domain name resolution request into an IP address of a disaster recovery center to form a third domain name resolution request, wherein the disaster recovery center is a backup of the user authoritative server;
the virtual DNS authoritative server sends the third domain name resolution request to the disaster recovery center and receives third response information sent by the disaster recovery center, wherein the third response information comprises the IP address of the domain name;
The virtual DNS authoritative server modifies the IP address of the disaster recovery center in the third response message into the IP address of the virtual DNS authoritative server, and sets an authoritative zone bit AA in the third response message to be 1 to form the first response message;
The virtual DNS authoritative server sends the first response message to the recursive server.
2. the method according to claim 1, wherein the virtual DNS authority server determines whether the user authority server is working normally, and sends the first response message to the recursive server according to the determination result, including:
if the virtual DNS authoritative server judges that the user authoritative server can work normally, the method comprises the following steps:
the virtual DNS authoritative server modifies a target IP address in the first domain name resolution request into an IP address of the user authoritative server to form a second domain name resolution request;
The virtual DNS authoritative server sends the second domain name resolution request to the user authoritative server, and receives a second response message sent by the user authoritative server, wherein the second response message comprises the IP address of the domain name;
the virtual DNS authoritative server modifies the IP address of the user authoritative server in the second response message into the IP address of the virtual DNS authoritative server, and sets an authoritative zone bit AA in the second response message to be 1 to form the first response message;
the virtual DNS authoritative server sends the first response message to the recursive server.
3. A virtual DNS authority server, comprising:
The receiving module is used for receiving a first domain name resolution request sent by a recursive server, wherein the first domain name resolution request comprises a domain name to be resolved;
the query module is used for querying whether a network protocol IP address of the domain name exists in a cache or not according to the first domain name resolution request;
a sending module, configured to send a first response message to the recursive server according to a query result, where the first response message includes the IP address of the domain name;
Wherein, if the query module queries that the cache has the IP address of the domain name, the sending module is configured to send the first response message to the recursive server;
if the query module queries that the cache does not have the IP address of the domain name, the virtual DNS authoritative server further comprises a judging module, wherein the judging module is used for judging whether the user authoritative server works normally, and the sending module is further used for sending the first response message to the recursive server according to the judging result of the judging module;
wherein, if the judging module judges that the user authority server can not work normally, the sending module further comprises:
A third modifying unit, configured to modify a destination IP address in the first domain name resolution request into an IP address of a disaster recovery center, so as to form a third domain name resolution request, where the disaster recovery center is a backup of the user authority server;
a second sending and receiving unit, configured to send the third domain name resolution request to the disaster recovery center, and receive third response information sent by the disaster recovery center, where the third response information includes an IP address of the domain name;
A fourth modification unit, configured to modify the IP address of the disaster recovery center in the third response message to the IP address of the virtual DNS authoritative server, and set an authoritative flag AA in the third response message to 1, to form the first response message;
a second sending unit, configured to send the first response message to the recursive server.
4. The virtual DNS authority server according to claim 3, wherein if the determining module determines that the user authority server can normally operate, the sending module further includes:
A first modifying unit, configured to modify a destination IP address in the first domain name resolution request to an IP address of the user authoritative server, so as to form a second domain name resolution request;
a first sending and receiving unit, configured to send the second domain name resolution request to the user authority server, and receive a second response message sent by the user authority server, where the second response message includes an IP address of the domain name;
A second modification unit, configured to modify the IP address of the user authoritative server in the second response message to the IP address of the virtual DNS authoritative server, and set an authoritative flag bit AA in the second response message to 1, to form the first response message;
a first sending unit, configured to send the first response message to the recursive server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510512839.8A CN106470251B (en) | 2015-08-19 | 2015-08-19 | Domain name resolution method and virtual DNS authoritative server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510512839.8A CN106470251B (en) | 2015-08-19 | 2015-08-19 | Domain name resolution method and virtual DNS authoritative server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106470251A CN106470251A (en) | 2017-03-01 |
| CN106470251B true CN106470251B (en) | 2019-12-17 |
Family
ID=58228762
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510512839.8A Active CN106470251B (en) | 2015-08-19 | 2015-08-19 | Domain name resolution method and virtual DNS authoritative server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106470251B (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019028683A1 (en) * | 2017-08-08 | 2019-02-14 | 深圳前海达闼云端智能科技有限公司 | Method and system for acquiring and collecting client local dns server |
| CN107689987B (en) * | 2017-08-11 | 2021-01-08 | 东软集团股份有限公司 | Virtual network service exposure method and device |
| CN110392123B (en) * | 2018-04-23 | 2022-06-14 | 阿里巴巴集团控股有限公司 | Method, device and system for detecting outlet IP address |
| CN112769967B (en) * | 2019-10-21 | 2023-06-27 | 阿里巴巴集团控股有限公司 | Domain name resolution processing method and device and electronic equipment |
| CN111092966B (en) * | 2019-12-30 | 2022-04-26 | 中国联合网络通信集团有限公司 | Domain name system, domain name access method and device |
| CN113301001B (en) * | 2020-04-07 | 2023-05-23 | 阿里巴巴集团控股有限公司 | Attacker determination method, attacker determination device, computing equipment and attacker determination medium |
| CN111726428B (en) * | 2020-06-12 | 2023-09-22 | 网宿科技股份有限公司 | Authoritative server selection method, device, equipment and storage medium |
| CN113301176B (en) * | 2020-11-12 | 2023-04-07 | 阿里巴巴集团控股有限公司 | Domain name resolution method and device for content distribution network, electronic equipment and medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101841575A (en) * | 2010-04-30 | 2010-09-22 | 中国科学院计算机网络信息中心 | Domain name resolution usability evaluation method, server and system |
| CN101984637A (en) * | 2010-11-02 | 2011-03-09 | 中兴通讯股份有限公司 | Content distribution implementation method and system |
| CN103957285A (en) * | 2014-04-18 | 2014-07-30 | 上海聚流软件科技有限公司 | Method and system for providing root domain name analysis services |
| CN104184775A (en) * | 2013-05-27 | 2014-12-03 | 电子科技大学 | CDN-based domain name parse service model |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9219781B2 (en) * | 2013-04-06 | 2015-12-22 | Citrix Systems, Inc. | Systems and methods for GSLB preferred backup list |
-
2015
- 2015-08-19 CN CN201510512839.8A patent/CN106470251B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101841575A (en) * | 2010-04-30 | 2010-09-22 | 中国科学院计算机网络信息中心 | Domain name resolution usability evaluation method, server and system |
| CN101984637A (en) * | 2010-11-02 | 2011-03-09 | 中兴通讯股份有限公司 | Content distribution implementation method and system |
| CN104184775A (en) * | 2013-05-27 | 2014-12-03 | 电子科技大学 | CDN-based domain name parse service model |
| CN103957285A (en) * | 2014-04-18 | 2014-07-30 | 上海聚流软件科技有限公司 | Method and system for providing root domain name analysis services |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106470251A (en) | 2017-03-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106470251B (en) | Domain name resolution method and virtual DNS authoritative server | |
| CN103051740B (en) | Domain name analytic method, dns server and domain name analysis system | |
| EP3418877B1 (en) | Data writing and reading method and apparatus, and cloud storage system | |
| EP2769307B1 (en) | Answer augmentation system for authoritative dns servers | |
| US8583801B2 (en) | DNS outage avoidance method for recursive DNS servers | |
| CN111327720A (en) | Network address conversion method, device, gateway equipment and storage medium | |
| US11368407B2 (en) | Failover management using availability groups | |
| CN103856569A (en) | Method and device for synchronizing domain name system resource information | |
| US10574570B2 (en) | Communication processing method and apparatus | |
| CN103780715A (en) | Domain name resolution implementing method, client side and cloud server | |
| CN104022891A (en) | Global load balancing equipment business coordination method and device | |
| WO2012058643A2 (en) | System and method for on the fly protocol conversion in obtaining policy enforcement information | |
| CN103905572A (en) | Domain name resolution request processing method and device | |
| WO2015085850A1 (en) | Application identification method and device | |
| US10673694B2 (en) | Private network mirroring | |
| US20140164645A1 (en) | Routing table maintenance | |
| CN105338128B (en) | Domain name analytic method and domain name mapping device | |
| US9130938B2 (en) | Method, switch, and system for processing a message | |
| CN102970387A (en) | Domain name resolution method, device and system | |
| CN104539462B (en) | It is a kind of to switch to method and device of the calamity for application example | |
| CN106686040A (en) | Message processing method and message processing device | |
| CN103795581A (en) | Address processing method and address processing device | |
| KR101846778B1 (en) | Method for ID Resolution Service and M2M System applying the same | |
| EP3481099B1 (en) | Load balancing method and associated device | |
| US10904037B2 (en) | Relaying apparatus, relaying method, and relaying system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20210510 Address after: 101407 room 322, building 1, yard 3, xingkenan 2nd Street, Yanqi Economic Development Zone, Huairou District, Beijing Patentee after: INTERNET DOMAIN NAME SYSTEM BEIJING ENGINEERING RESEARCH CENTER Address before: 101400 D9, 1st floor, 88 Yangyan Road, Yanqi Economic Development Zone, Huairou District, Beijing Patentee before: INTERNET DOMAIN NAME SYSTEM BEIJING ENGINEERING RESEARCH CENTER Patentee before: KNET Co.,Ltd. |