CN106487945A - A kind of DNS forwarding inquiries method - Google Patents
A kind of DNS forwarding inquiries method Download PDFInfo
- Publication number
- CN106487945A CN106487945A CN201610814683.3A CN201610814683A CN106487945A CN 106487945 A CN106487945 A CN 106487945A CN 201610814683 A CN201610814683 A CN 201610814683A CN 106487945 A CN106487945 A CN 106487945A
- Authority
- CN
- China
- Prior art keywords
- socket
- resource
- resource group
- dns
- group
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention proposes a kind of DNS forwarding inquiries method, and which comprises the following steps:Step 101, system initialization;Step 103, n socket resource group is set up, with N number of socket resource in each group;Step 105, the n resource group carry out DNS forwarding inquiries with cycle T rotation.By the present invention in that multiple queries are multiplexed same socket being forwarded, reduce using system socket descriptor quantity in the unit interval, so as to, under system process filec descriptor resource constraint, greater number of inquiry can be forwarded;While also reduce that the system call overhead that socket brings is set up, the forward efficiency of DNS is improve.
Description
Technical field
The present invention relates to DNS field, more particularly to a kind of DNS forwarding inquiries method.
Background technology
DNS (Domain Name System, domain name system), mutually mapped as domain name and IP address on internet
Individual distributed data base, can make user more easily access internet, and does not spend and remember can be directly read by machine
IP number string.By host name, the process for finally giving the corresponding IP address of the host name is called domain name mapping (or host name solution
Analysis).
Forwarding capability is one of critical function that DNS realizes inquiry.DNS query can be turned by forwarding server according to specified
Send out strategy and downstream recursion server is forwarded directly to, completed after this DNS recursive query by recursion server, and by Query Result
Forwarding server is back to, forwarding server is processed to Query Result, result to be responded user, to be stored in caching or straight
Connect discarding.
With the swift and violent growth that current internet needs, the data volume of internet access is sharply increased, single dns server
Visit capacity also significantly increase sharply, its QPS (query rate per second) has reached million or even ten million rank.The demand of high QPS, it is meant that
Dns server will provide the analysis software of high-performance, high security, forwarding capability as the important step of DNS query, its performance
Lifting most important to the internet demand that meets current high access.
Traditional dns resolution software, in order to ensure to forward port randomness, its forwarding performance is constantly subjected to limit, only
Thousand of between 10,000 QPS, the demand of high-performance dns server cannot be met.For ensureing to forward port randomness, tradition side
The each DNS query of method is required to re-establish socket, the method have following two point out inadequate:First, system is to process file
The restriction of descriptor resource so that create socket quantity in the unit interval and be restricted, limit significantly forwarding inquiries per second
Quantity.2nd, create socket the time overhead that called using system, also significantly reduce forwarding performance.
Content of the invention
The present invention proposes " socket multiplexing " technology, there is provided a kind of high-performance high safety for the shortcoming of conventional method
The forwarding solution of property, substantially increases forwarding performance.
The present invention proposes a kind of DNS forwarding inquiries method, and which comprises the following steps:
Step 101, system initialization;
Step 103, n socket resource group is set up, with N number of socket resource in each group;
Step 105, the n resource group carry out DNS forwarding inquiries with cycle T rotation.
Wherein, it is 0 that every group of socket resource group has reference count X, wherein X more than or equal to 0, X initial value, works as X=0
When, indicate nothing inquiry and take socket resource.
Wherein, step 103 includes:
Step 1031, use first socket resource group;
Step 1033, when there is the 1st DNS query, start timing, an and newly-built socket descriptor, quote meter
Number Jia one, takes first socket resource of the resource group, is forwarded using random port;
Step 1035, often there is a DNS query afterwards, then a newly-built socket descriptor, reference count sequentially add
One, and sequentially socket resource is taken, forwarded using new random port.
Wherein, step 1035 also includes:When there is the N+1 time inquiry, the inquiry will be multiplexed first socket resource
Group, and reference count is added one, the inquiry for occurring afterwards is sequentially multiplexed sokcet resource below.
Wherein, under each socket resource, safeguard that a hash divides table, when new inquiry is produced, by the inquiry insertion
In this hash table, when bag is responded for being successfully received downstream recursion server, quickly find corresponding query entity, and looking into
Inquiry is deleted after terminating from hash table.
Wherein, after one query terminates, its using socket quoting resource count subtract one.
Wherein, step 105 also includes:When timing reaches rotational cycle T, if first resource group has occurred and that again
With then currently used resource group being adjusted to second resource group, otherwise remains with first resource group, by that analogy to
N resource group.
Wherein, step 105 also includes:If timing reaches rotational cycle T again, if n-th resource group has been sent out
Raw multiplexing, then be adjusted to first resource group by currently used resource group, otherwise still using n-th resource group.
Wherein, step 105 also includes:If timing reaches rotational cycle T again, if being adjusted to use first
Individual resource group, now needs to judge whether reference count is 0, and if 0, then newly-built socket descriptor, while using new
Random port is forwarded, and is otherwise multiplexed current descriptor.
It is an advantage of the current invention that:Due to employing " socket multiplexing " technology, it is multiplexed by multiple queries same
Socket so that in process file descriptor is limited, forwarding inquiries as much as possible within the unit interval;While decreasing
The system call overhead that socket brings is set up, improves the forward efficiency of DNS.
By the present invention in that multiple queries are multiplexed same socket being forwarded, the system that uses was reduced in the unit interval
Socket descriptor quantity, so as to, under system process filec descriptor resource constraint, forwarding greater number of inquiry;With
When also reduce the system call overhead for setting up that socket brings, improve the forward efficiency of DNS.Moreover, in order to ensure DNS
Security, this method opens two groups of socket resources, and carries out rotation use at the appointed time.During generation rotation, i.e.,
Most of socket resource in the socket resource group that will be come into operation has discharged, then can set up on idling-resource
New socket, that is, obtain new random port and forwarded, so as to ensure that the security of DNS.By by " socket is multiple
With " technology combined with " random port " technology, has taken into account security while DNS forwarding performance is improved again.
Description of the drawings
By reading the detailed description of hereafter preferred embodiment, various other advantages and benefit are common for this area
Technical staff will be clear from understanding.Accompanying drawing is only used for illustrating the purpose of preferred embodiment, and is not considered as to the present invention
Restriction.And in whole accompanying drawing, it is denoted by the same reference numerals identical part.In the accompanying drawings:
The flow chart that accompanying drawing 1 shows the DNS forwarding inquiries method according to embodiment of the present invention.
Specific embodiment
The illustrative embodiments of the disclosure are more fully described below with reference to accompanying drawings.Although this public affairs is shown in accompanying drawing
The illustrative embodiments that opens, it being understood, however, that may be realized in various forms the disclosure and the reality that should do not illustrated here
The mode of applying is limited.Conversely, provide these embodiments to be able to be best understood from the disclosure, and can be by this public affairs
What the scope opened was complete conveys to those skilled in the art.
The present invention proposes a kind of DNS forwarding inquiries method, and which comprises the following steps:
Step 101, system initialization;
Step 103, n socket resource group is set up, with N number of socket resource in each group, n and N is natural number;
Step 105, the n resource group carry out DNS forwarding inquiries with cycle T rotation.
Wherein, every group of socket resource group has reference count X, and which is used for indicate currently taking X
Socket resource, wherein X are 0 more than or equal to 0, X initial value, as X=0, indicate nothing inquiry and take socket resource.
Wherein, step 103 includes:
Step 1031, use first socket resource group;
Step 1033, when there is the 1st DNS query, start timing, an and newly-built socket descriptor, quote meter
Number Jia one, takes first socket resource of the resource group, is forwarded using random port;
Step 1035, often there is a DNS query afterwards, then a newly-built socket descriptor, reference count sequentially add
One, and sequentially socket resource is taken, forwarded using new random port.
Wherein, step 1035 also includes:When there is the N+1 time inquiry, the inquiry will be multiplexed first socket resource
Group, and reference count is added one, the inquiry for occurring afterwards is sequentially multiplexed sokcet resource below.
Wherein, under each socket resource, safeguard that a hash divides table, when new inquiry is produced, by the inquiry insertion
In this hash table, when bag is responded for being successfully received downstream recursion server, quickly find corresponding query entity, and looking into
Inquiry is deleted after terminating from hash table.
Wherein, after one query terminates, its using socket quoting resource count subtract one.
Wherein, step 105 also includes:When timing reaches rotational cycle T, if first resource group has occurred and that again
With then currently used resource group being adjusted to second resource group, otherwise remains with first resource group, by that analogy to
N resource group.
Wherein, step 105 also includes:If timing reaches rotational cycle T again, if n-th resource group has been sent out
Raw multiplexing, then be adjusted to first resource group by currently used resource group, otherwise still using n-th resource group.
Wherein, step 105 also includes:If timing reaches rotational cycle T again, if being adjusted to use first
Individual resource group, now needs to judge whether reference count is 0, and if 0, then newly-built socket descriptor, while using new
Random port is forwarded, and is otherwise multiplexed current descriptor.
The present invention is illustrated as a example by using two socket resource groups below.Certain present invention is simultaneously limited to be divided into two
Individual resource group.
The currently used socket descriptor of each resource record in group, and safeguard a reference count.When there is one
When inquiry takes the resource, reference count adds 1, and during a poll-final, reference count subtracts 1.I.e. when reference count is more than 1,
One or more inquiry multiplexings are described, during equal to 0, have been illustrated that nothing inquiry takes, now needs to discharge the socket resource.
It is assumed that each socket resource group includes N number of socket resource, and rotation use is carried out as the T second with the cycle.When being
After system initialization, first by resource group 1.Often there is a DNS query, by newly-built socket descriptor, while using new
Random port is forwarded, and sequentially takes socket resource, and corresponding reference count adds 1.When there is the N+1 time inquiry, should
Inquiry is by first socket resource in multiplexing group 1, and increases reference count, and the inquiry for occurring afterwards is sequentially multiplexed below
Socket resource.After one query terminates, its using socket quoting resource count subtract 1.While in each socket money
Under source, safeguard that a hash divides table.When new inquiry is produced, inquiry is inserted in this hash table, be easy to be successfully received downstream and pass
When returning server response bag, corresponding query entity is quickly found.After poll-final, which is deleted from hash table.
When the time rotational cycle T is reached, if 1 resource of group is multiplexed, currently used resource group is adjusted to
Group 2, otherwise still using group 1.If being adjusted to group 2, its using method is identical with group 1.
When such as arriving again at rotational cycle T, if 2 resources of group are multiplexed, currently used resource group is adjusted to
Group 1, otherwise still using group 2.If group 1 has been adjusted to, now when using socket resource, need whether judgement quotes numeration
For 0, if 0, then newly-built socket descriptor, while being forwarded using new random port, is otherwise directly multiplexed current
Descriptor.
By above method, when transfer amount is larger, in the unit interval, a socket resource is responsible for turning for multiple queries
Send out, and not for another example in conventional method, a socket resource can only forward an inquiry, while also will not be as frequent in conventional method
Establishment socket is called by system, overhead has been saved, so as to substantially increase forward efficiency.In actually used process
In, should be according to resource quantity N and rotational cycle T of real network situation and application scenarios reasonable set socket resource group.Should
So that:
Socket resource quantity summation<The process file descriptor upper limit-process is using descriptor quantity
Meanwhile, make as far as possible all inquiries of socket resource group RTT (Round-Trip Time, inquire about two-way time) it
Be less than rotational cycle T, so as to after rotation, may in idle socket resource newly-built socket descriptor, using new with
Generator terminal mouth is forwarded, it is ensured that DNS security.
The above, the only present invention preferably specific embodiment, but protection scope of the present invention is not limited thereto,
Any those familiar with the art the invention discloses technical scope in, the change or replacement that can readily occur in,
Should all be included within the scope of the present invention.Therefore, protection scope of the present invention should be described with the protection model of claim
Enclose and be defined.
Claims (9)
1. a kind of DNS forwarding inquiries method, which comprises the following steps:
Step 101, system initialization;
Step 103, n socket resource group is set up, with N number of socket resource in each group;
Step 105, the n resource group carry out DNS forwarding inquiries with cycle T rotation.
2. DNS forwarding inquiries method as claimed in claim 1, wherein every group socket resource group have reference count X, wherein X
It is 0 more than or equal to 0, X initial value, as X=0, indicates nothing inquiry and take socket resource.
3. DNS forwarding inquiries method as claimed in claim 1, wherein step 103 include:
Step 1031, use first socket resource group;
Step 1033, when there is the 1st DNS query, start timing, an and newly-built socket descriptor, reference count add
One, first socket resource of the resource group is taken, is forwarded using random port;
Step 1035, often there is a DNS query afterwards, then a newly-built socket descriptor, reference count sequentially add one, and
Sequentially socket resource is taken, forwarded using new random port.
4. DNS forwarding inquiries method as claimed in claim 3, wherein step 1035 also include:When there is the N+1 time inquiry,
The inquiry will be multiplexed first socket resource group, and reference count is added one, and the inquiry for occurring afterwards is sequentially multiplexed below
Sokcet resource.
5. DNS forwarding inquiries method as claimed in claim 1, wherein under each socket resource, safeguards that a hash divides table,
When new inquiry is produced, the inquiry is inserted in this hash table, when responding bag for being successfully received downstream recursion server, quickly
Corresponding query entity is found, and is deleted from hash table after poll-final.
6. DNS forwarding inquiries method as claimed in claim 1, wherein after one query terminates, the socket resource which uses
Reference count subtracts one.
7. DNS forwarding inquiries method as claimed in claim 1, wherein step 105 also include:When timing reaches rotational cycle T,
If first resource group has occurred and that multiplexing, currently used resource group is adjusted to second resource group, is otherwise remained
With first resource group, by that analogy to n-th resource group.
8. DNS forwarding inquiries method as claimed in claim 7, wherein step 105 also include:If timing reaches rotation week again
During phase T, if n-th resource group has occurred and that multiplexing, currently used resource group is adjusted to first resource group, otherwise still
Using n-th resource group.
9. DNS forwarding inquiries method as claimed in claim 7, wherein step 105 also include:If timing reaches rotation week again
During phase T, if be adjusted to using first resource group, now need to judge whether reference count is 0, if 0, then newly
Socket descriptor being built, while being forwarded using new random port, being otherwise multiplexed current descriptor.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610814683.3A CN106487945B (en) | 2016-09-09 | 2016-09-09 | A kind of DNS forwarding inquiries method |
PCT/CN2017/074402 WO2018045724A1 (en) | 2016-09-09 | 2017-02-22 | Dns query forwarding method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610814683.3A CN106487945B (en) | 2016-09-09 | 2016-09-09 | A kind of DNS forwarding inquiries method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106487945A true CN106487945A (en) | 2017-03-08 |
CN106487945B CN106487945B (en) | 2019-05-17 |
Family
ID=58273546
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610814683.3A Active CN106487945B (en) | 2016-09-09 | 2016-09-09 | A kind of DNS forwarding inquiries method |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN106487945B (en) |
WO (1) | WO2018045724A1 (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101068229A (en) * | 2007-06-08 | 2007-11-07 | 北京工业大学 | Content filtering gateway realizing method based on network filter |
CN101383690A (en) * | 2008-10-27 | 2009-03-11 | 西安交通大学 | Grid synchronization method for fault tolerant computer system based on socket |
CN101867609A (en) * | 2010-06-03 | 2010-10-20 | 中兴通讯股份有限公司 | Method for media gateway agent and device thereof |
CN102045654A (en) * | 2009-10-10 | 2011-05-04 | 上海中兴通讯技术有限责任公司 | Asynchronous socket communication method and mobile phone positioning system using same |
CN102263837A (en) * | 2011-08-10 | 2011-11-30 | 北京天融信科技有限公司 | Domain name system (DNS) analysis method and device |
CN104123385A (en) * | 2014-08-07 | 2014-10-29 | 肖龙旭 | File storage and management method |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103166994A (en) * | 2011-12-14 | 2013-06-19 | 腾讯科技(深圳)有限公司 | Method and device of obtaining network data |
KR20130086408A (en) * | 2012-01-25 | 2013-08-02 | 삼성전자주식회사 | Method and apparatus for managing a http persistence socket pool of client |
CN103095608B (en) * | 2013-01-07 | 2016-06-29 | 深圳市共进电子股份有限公司 | A kind of agency retransmission method of DNS data bag |
-
2016
- 2016-09-09 CN CN201610814683.3A patent/CN106487945B/en active Active
-
2017
- 2017-02-22 WO PCT/CN2017/074402 patent/WO2018045724A1/en active Application Filing
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101068229A (en) * | 2007-06-08 | 2007-11-07 | 北京工业大学 | Content filtering gateway realizing method based on network filter |
CN101383690A (en) * | 2008-10-27 | 2009-03-11 | 西安交通大学 | Grid synchronization method for fault tolerant computer system based on socket |
CN102045654A (en) * | 2009-10-10 | 2011-05-04 | 上海中兴通讯技术有限责任公司 | Asynchronous socket communication method and mobile phone positioning system using same |
CN101867609A (en) * | 2010-06-03 | 2010-10-20 | 中兴通讯股份有限公司 | Method for media gateway agent and device thereof |
CN102263837A (en) * | 2011-08-10 | 2011-11-30 | 北京天融信科技有限公司 | Domain name system (DNS) analysis method and device |
CN104123385A (en) * | 2014-08-07 | 2014-10-29 | 肖龙旭 | File storage and management method |
Non-Patent Citations (1)
Title |
---|
周少涛: "《基于HAProxy的TCP长连接复用的研究与实现》", 《中国优秀硕士学位论文全文数据库》 * |
Also Published As
Publication number | Publication date |
---|---|
CN106487945B (en) | 2019-05-17 |
WO2018045724A1 (en) | 2018-03-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105959433B (en) | A kind of domain name analytic method and its domain name analysis system | |
US10218618B2 (en) | Method and apparatus for processing operation request in storage system | |
US11102125B2 (en) | Securing communications between services in a cluster using load balancing systems and methods | |
CN100477671C (en) | Network address converting method for supporting multi-dialogue application-layer protocol under PAT mode | |
Edmonds | ISC passive DNS architecture | |
US20110125749A1 (en) | Method and Apparatus for Storing and Indexing High-Speed Network Traffic Data | |
CN107079060A (en) | The system and method optimized for carrier-class NAT | |
CN1711743A (en) | Method and apparatus allowing remote access in data networks | |
WO2012120473A1 (en) | Load balancing sctp associations using vtag mediation | |
CN103856580B (en) | A kind of method that IPv6 client computer accesses IPv4 servers | |
CN102594942B (en) | Method and system for achieving network address translation | |
CN110235098A (en) | Storage system access method and device | |
CN102868550B (en) | Total network flow scheduler and method for querying domain name resolution record by using total network flow scheduler | |
WO2017219873A1 (en) | Method and apparatus for locating domain names attacked by syn | |
CN104917680B (en) | For executing the computer system of the parallel hash of stream of packets | |
CN108769102A (en) | A method of improving QUIC agreement request dispatching efficiencies | |
CN101175029A (en) | Device for implementing proxy to multiple isomorphic subnets | |
WO2019047939A1 (en) | Load balancing method and apparatus and service orchestrator | |
CN104506460B (en) | A kind of method for realizing the distribution of NAPT port resources | |
CN106850547A (en) | A kind of data restoration method and system based on http protocol | |
CN108460030A (en) | A kind of set element judgment method based on improved Bloom filter | |
CN105279217B (en) | Reconfigurable content objects | |
CN109413224A (en) | Message forwarding method and device | |
CN103281317A (en) | Attack testing method for SDN (software defined network) | |
CN109120556A (en) | A kind of method and system of cloud host access object storage server |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |