CN111049948A - Domain name detection method and device - Google Patents
Domain name detection method and device Download PDFInfo
- Publication number
- CN111049948A CN111049948A CN201911394571.7A CN201911394571A CN111049948A CN 111049948 A CN111049948 A CN 111049948A CN 201911394571 A CN201911394571 A CN 201911394571A CN 111049948 A CN111049948 A CN 111049948A
- Authority
- CN
- China
- Prior art keywords
- dns
- message
- domain name
- dns request
- identifier
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
Abstract
The application provides a domain name detection method and device. The domain name detection method is applied to network equipment and comprises the following steps: setting a first message identifier for uniquely identifying a DNS request message for a message identifier field in the DNS request message to be sent to a DNS server, and sending the DNS request message to the DNS server; receiving a DNS response message sent by the DNS server; and determining that the domain name carried by the DNS request message is available according to the message identifier and the domain name carried by the DNS response message and the identifier and the domain name carried by the previously sent DNS request message.
Description
Technical Field
The present application relates to network communication technologies, and in particular, to a domain name detection method and apparatus.
Background
Currently, a DNS request packet carrying a domain name is sent to a DNS server, and whether a DNS response packet carries a packet identical to the domain name is determined to detect whether the domain name is in an available state.
However, when there are fewer idle ports in the device sending the DNS request but there are more domain names to be detected, the five tuples carried in the DNS request for detecting different domain names are the same. Meanwhile, currently, a packet of DNS response packets and DNS request packets are usually determined by using a packet five-tuple method, which leads to that, under the above circumstances, it is impossible to distinguish which DNS request packet each received DNS response packet specifically responds to, and further leads to failure of domain name detection.
Disclosure of Invention
Methods and apparatus are provided.
The technical scheme provided by the application comprises the following steps:
according to a first aspect of the present application, there is provided a domain name detection method, applied to a network device, including:
setting a first message identifier for uniquely identifying a DNS request message for a message identifier field in the DNS request message to be sent to a DNS server, and sending the DNS request message to the DNS server;
receiving a DNS response message sent by the DNS server;
and determining that the domain name carried by the DNS request message is available according to the message identifier and the domain name carried by the DNS response message and the identifier and the domain name carried by the previously sent DNS request message.
According to a second aspect of the present application, there is provided a domain name detection apparatus, which is applied to a network device, and includes:
a sending unit, configured to set a first message identifier for uniquely identifying a DNS request message for a message identifier field in a DNS request message to be sent to a DNS server, and send the DNS request message to the DNS server;
a receiving unit, configured to receive a DNS reply message sent by the DNS server;
and the determining unit is used for determining that the domain name carried by the DNS request message is available according to the message identifier and the domain name carried by the DNS response message and the identifier and the domain name carried by the previously sent DNS request message.
According to the technical scheme, the DNS request message sent to the DNS server and the DNS response message responding to the DNS request message both carry the same message identifier. On the basis, even when the five tuples carried by each DNS request are consistent due to insufficient idle ports, the DNS request message responded by the DNS response message can be identified through the message identifier carried in the DNS response message, and further the detection of the domain name state is realized.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application.
FIG. 1 is a flow chart of a method provided herein;
FIG. 2 is a flowchart of an implementation of step 103 provided herein;
FIG. 3 is a flow chart of timer timeout determination provided herein;
FIG. 4 is a schematic diagram of the apparatus provided herein;
fig. 5 is a schematic hardware structure diagram of the apparatus shown in fig. 4 provided in the present application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
Currently, a DNS request packet carrying a domain name is sent to a DNS server, and whether a DNS response packet carries a packet identical to the domain name is determined to detect whether the domain name is in an available state. For example, a DNS request message carrying a domain name "xyxy.com" is sent to the DNS server, and if the DNS response message sent by the DNS server also carries the domain name "xyxy.com", it indicates that the domain name "xyxy.com" is in an available state.
In general, when detecting the domain name state, each DNS request packet is sent to the DNS server through different ports, and the packets are further distinguished by the packet five-element group. Under the above circumstances, in the related art, response messages of different DNS request messages are distinguished by using a message quintuple method, so to save device processing resources, a DNS request message is constructed and transmitted by setting a message identifier of the DNS request message to a same value. For example, a DNS request message for detecting the domain name "xyxy. com" may be sent by the port 88, and a DNS request message for detecting the domain name "abab. com" may be sent by the port 66, so that the five-tuple information carried by the two DNS request messages is different, but the message identifiers thereof are the same. When receiving the corresponding DNS response packet, it can be determined which DNS request packet the DNS response packet specifically responds to according to the five-tuple carried in the DNS response packet.
However, when there are few idle ports of the device but there are many domain names to be detected, the five tuples carried in the DNS requests for detecting different domain names are the same, and the identification bits of the DNS request messages are also the same. For example, when the current idle port of the device is only the port 60, both the DNS request message for detecting the domain name "xyxy. Then, when the port 60 receives the DNS response packet, it may be impossible to identify which DNS request packet the DNS response packet specifically responds to, and thus a problem of failure in domain name state detection may occur.
Referring to fig. 1, a flow chart of a method provided by the present application is shown. The process can be applied to network devices, such as a notebook computer, a tablet computer, a server or a mobile phone.
As shown in fig. 1, the following process may be included:
step 101, setting a first message identifier for uniquely identifying a DNS request message for a message identifier field in the DNS request message to be sent to a DNS server, and sending the DNS request message to the DNS server;
as an example, the DNS request message sent in step 101 is not sent when the browser accesses a domain name and obtains an IP address corresponding to the domain name, but is sent when it is required to detect whether a domain name is available.
As an example, a Transaction ID session identification field specified in the DNS protocol may be employed as the message identification field. In the DNS protocol, the session identifier field carried in the DNS request message is the same as the session identifier field carried in the DNS response message in response to the DNS request message, and therefore, it is possible to check whether the domain names are consistent with each other by using the session identifier field in the subsequent step.
As an example, there are various implementation manners to set a message identifier uniquely identifying the DNS request message. One of which is shown in fig. 4 and will be described in detail below, and will not be described again here.
Step 102, receiving a DNS response message sent by the DNS server;
as an example, after sending the DNS request message to the DNS server, a DNS response message sent by the DNS server may be received.
Step 103, determining that the domain name carried by the DNS reply packet is available according to the packet identifier and the domain name carried by the DNS reply packet and the identifier and the domain name carried by the DNS request packet sent before.
As an example, if the packet identifier and the domain name carried in the DNS reply packet are consistent with the identifier and the domain name carried in the DNS request packet sent before, it may be determined that the domain name carried in the DNS reply packet is available. Fig. 2 shows one implementation manner for determining that the domain name carried in the DNS response packet is usable according to the packet identifier and the domain name carried in the DNS response packet and the identifier and the domain name carried in the DNS request packet sent before, which will be described in detail below and will not be described herein again.
Thus, the flow shown in fig. 1 is completed.
According to the technical scheme, in the embodiment of the application, the DNS request message sent to the DNS server and the DNS response message responding to the DNS request message both carry the same message identifier. On the basis, even when the five tuples carried by each DNS request are consistent due to insufficient idle ports, the DNS request message responded by the DNS response message can be identified through the message identifier carried in the DNS response message, and further the detection of the domain name state is realized.
In the embodiment shown in fig. 1, when the DNS request packet is sent to the DNS server, the first port for sending the DNS request packet, the packet identifier carried in the DNS request packet, and the domain name may be recorded in the port-packet identifier-domain name correspondence, so as to be used when subsequently checking whether the domain name carried in the DNS response packet is available. Based on this, in the following, with reference to the embodiment shown in fig. 2, how to determine that the domain name carried in the DNS response packet can be used according to the packet identifier and the domain name carried in the DNS response packet and the identifier and the domain name carried in the DNS request packet sent before in step 103 is described. As shown in fig. 2, this embodiment may include the following flow:
step 1031, when sending the DNS request message to the DNS server, recording the first port sending the DNS request message, the message identifier and the domain name carried by the DNS request message to a port-message identifier-domain name correspondence;
as an example, the port-packet identification-domain name correspondence may be stored in the device in the form of a table. Table 1 exemplarily shows an implementation of a port-packet identifier-domain name correspondence relationship.
TABLE 1
| Port(s) | Message identification | Domain name |
| 60 | 12 | Xbxb.com |
| 64 | 13 | Abab.com |
| 66 | 14 | Ybyb.com |
As shown in table 1, each row in the table is used as a corresponding relationship, and as shown in the second row in table 1, the corresponding relationship includes port 60, packet identifier 12, and domain name xbxb. The other rows in table 1 are similar to the second row and are not described in detail here.
As an example, the second port refers to a port at which the device receives the DNS response message.
Step 1032, checking whether a domain name carried by the DNS reply packet exists in a designated correspondence including a second port; if yes, go to step 1033; if not, go to step 1034;
as an example, taking table 1 as an example, if the device receives the DNS response packet through the port 60, the corresponding relationship including the port 60, that is, the second row of data in table 1, may be found in table 1. And further checking whether the corresponding relation has the domain name carried by the DNS response message.
As an example, since the same port may send a plurality of DNS request messages, when the number of DNS request messages is large, there may be a corresponding relationship that a plurality of ports are the same and domain names are different. Therefore, it is not checked whether all the corresponding relations including the second port have the domain name carried in the DNS reply packet, but only the first corresponding relation including the second port in the port-packet identifier-domain name corresponding relations, that is, whether the domain name carried in the DNS reply packet exists in the above-mentioned specified corresponding relation.
For example, if the table head is checked to the table tail, the corresponding relationship closest to the table head among all the corresponding relationships including the second port is the first corresponding relationship, and if the table tail is checked to the table head, the corresponding relationship closest to the table tail among all the corresponding relationships including the second port is the first corresponding relationship. However, the implementation of the scheme of the application is not affected by any mode of inspection.
And 1033, determining that the domain name carried by the DNS response message is available.
As an example, if the domain name in the designated correspondence is consistent with the domain name carried in the DNS response message, it is not necessary to determine whether the domain name is available through the message identifier, and it may be directly determined that the domain name carried in the DNS response message is available.
Step 1034, using the message identifier carried by the DNS reply message as a keyword to search the corresponding relation containing the keyword in the recorded port-message identifier-domain name corresponding relation;
as an example, if it is checked that the domain name in the designated correspondence is not consistent with the domain name in the DNS response message, it indicates that there is a possibility that the second port sends multiple DNS request messages or the domain name is unavailable. Therefore, the corresponding relationship corresponding to the DNS response packet needs to be determined by the packet identifier carried in the DNS response packet, and then when the domain name in the corresponding relationship is consistent with the domain name carried in the DNS response packet, it is determined that the domain name carried in the DNS response packet is available. Taking table 1 as an example, if the packet identifier carried in the DNS reply packet is 13, the corresponding relationship including the port 64-the packet identifier 13-the domain name abbe.com can be found in table 1 by using 13 as a keyword.
Step 1035, checking whether the domain name in the found corresponding relation is the same as the domain name carried by the DNS response message; if yes, go to step 1036; if not, go to step 1037;
as an example, after finding out the corresponding relationship, it may be checked whether the domain name in the corresponding relationship is the same as the domain name carried in the DNS reply packet;
step 1036, determining that the domain name carried by the DNS reply message is available;
as an example, if the domain name in the found correspondence is the same as the domain name carried in the DNS response packet, it is determined that the domain name carried in the DNS response packet is available.
Step 1037, discard the DNS response message.
As an example, if the DNS response packet carries an unrecorded packet identifier, the DNS response packet may be considered to be sent abnormally by the DNS server, and the DNS response packet is directly discarded without being processed.
This completes the description of the embodiment shown in fig. 2.
The DNS server has normal response time when responding to the DNS request message. Therefore, when the DNS response packet exceeds the response time, the domain name carried by the DNS request packet corresponding to the DNS response packet may be considered to be unavailable. The following is described in detail in connection with the embodiment shown in fig. 3:
step 104, when sending the DNS request message to the DNS server, starting a timer corresponding to a message identifier carried by the DNS request message;
as an example, each time a DNS request message is sent, a timer corresponding to a message identifier carried in the DNS request message is started.
Step 105, checking whether a timer corresponding to the message identifier carried by the DNS response message is overtime; if not, go to step 1032; if yes, go to step 1033;
as an example, after receiving the DNS reply message, the corresponding timer may be determined according to the message identifier carried in the DNS reply message, and whether the timer is overtime is checked.
Step 106, executing an operation of determining that the domain name carried by the DNS response message is available according to the message identifier and the domain name carried by the DNS response message and the identifier and the domain name carried by the DNS request message sent before;
as an example, if the timer does not time out, which indicates that the DNS reply packet is received within the normal response duration, it may further check whether the domain name carried by the DNS reply packet is the domain name carried by the DNS request packet.
And step 107, determining that the domain name carried by the DNS request message is unavailable.
As an example, if the timer has timed out, it indicates that the DNS reply packet is received within the abnormal response duration, and it is no longer determined whether the domain name carried by the DNS reply packet is the domain name carried by the DNS request packet, but it is directly determined that the packet identifier carried by the DNS request packet is unavailable.
The description of the embodiment shown in fig. 3 is thus completed.
In the following, how to set a first packet identifier for uniquely identifying a DNS request packet for a packet identifier field in a DNS request packet to be sent to a DNS server in step 101 in the embodiment shown in fig. 1 is described:
step 1011, when the DNS request message is the first DNS request message, setting a message identification field in the DNS request message as an initial value, and recording the message identification value as the initial value;
as an example, the initial value may be set by a user, or may be randomly generated by the device or generated according to a rule. The application does not limit which value the initial value is, but the value needs to meet the data length requirement of the message identification field. As a simple example, if the DNS request message is the first DNS request message, the message identification field in the DNS request message may be set to 00, and 00 may be recorded as the message identification value.
Step 1012, when the DNS request message is not the first DNS request message, increasing the current recorded message identification value by a set value, and determining the message identification value increased by the set value as the message identification field of the DNS request message.
As an example, when the DNS request message is not the first DNS request message, the currently recorded message identification value needs to be increased by a set value. The setting value here may be 1, 2, or 3, etc., and the user may flexibly set the setting value according to the real-time requirement, and the application does not limit what numerical value the setting value is. As a simple example, if the DNS request message is the first message after the first DNS request message, the message identification value 00 may be increased by the set value 1 to obtain the message identification value 01 increased by the set value, and then the message identification value 01 is used as the message identification field.
As an example, since the packet identifier field has a data length limit, when the packet identifier value increases by a plurality of preset values, if the packet identifier value exceeds the data length limit of the packet identifier field, the packet identifier value may be reset to an initial value, and the embodiment of the present application is continuously executed.
So far, the description of how to set the first message identifier for uniquely identifying the DNS request message for the message identifier field in the DNS request message to be sent to the DNS server in step 101 in the embodiment shown in fig. 1 is completed.
Corresponding to the embodiment of the domain name detection method, the application also provides an embodiment of a domain name detection device.
The embodiment of the domain name detection device can be applied to network equipment. The device embodiments may be implemented by software, or by hardware, or by a combination of hardware and software. The software implementation is taken as an example, and is formed by reading corresponding computer program instructions in the nonvolatile memory into the memory for operation through the processor of the network device where the software implementation is located as a logical means. In terms of hardware, as shown in fig. 5, the present application is a hardware structure diagram of a network device where the domain name detection apparatus is located, except for the processor, the memory, the network interface, and the nonvolatile memory shown in fig. 5, the network device where the apparatus is located in the embodiment may also include other hardware according to the actual function of the network device, which is not described again.
Referring to fig. 4, fig. 4 is a structural diagram of the apparatus provided in the present application. The device is applied to network equipment and comprises:
a sending unit 410, configured to set a first message identifier for uniquely identifying a DNS request message for a message identifier field in a DNS request message to be sent to a DNS server, and send the DNS request message to the DNS server;
a receiving unit 420, configured to receive a DNS reply message sent by the DNS server;
a determining unit 430, configured to determine that the domain name carried in the DNS request packet is available according to the packet identifier and the domain name carried in the DNS response packet and the identifier and the domain name carried in the DNS request packet sent before.
This completes the description of the apparatus shown in fig. 4.
As an example, the apparatus further comprises:
a recording unit (not shown in the figure), configured to record, when the DNS request packet is sent to the DNS server, a first port that sends the DNS request packet, a packet identifier and a domain name carried in the DNS request packet into a port-packet identifier-domain name correspondence relationship;
the determining unit is specifically configured to check whether a domain name carried by the DNS reply packet exists in an assigned correspondence including a second port, and if not, search for a correspondence including the keyword in a recorded port-packet identifier-domain name correspondence with a packet identifier carried by the DNS reply packet as the keyword; if the domain name in the searched corresponding relation is the same as the domain name carried by the DNS response message, determining that the domain name carried by the DNS request message is available; and the second port is a port for receiving the DNS response message.
As an example, the specified correspondence is a correspondence that a first one of the port-packet identifier-domain name correspondences includes the second port.
As an example, the sending unit 410 is specifically configured to, when the DNS request message is the first DNS request message, set a message identification field in the DNS request message to an initial value, and record the message identification value as the initial value; and when the DNS request message is not the first DNS request message, increasing the current recorded message identification value by a set value, and determining the message identification value increased by the set value as the message identification field of the DNS request message.
As an example, the apparatus further comprises:
a starting unit (not shown in the figure), configured to start a timer corresponding to a message identifier carried in the DNS request message when the DNS request message is sent to the DNS server;
a checking unit (not shown in the figure), configured to check whether a timer corresponding to a packet identifier carried in the DNS reply packet is overtime; if not, determining the available operation of the domain name carried by the DNS response message according to the message identifier and the domain name carried by the DNS response message and the identifier and the domain name carried by the previously sent DNS request message; and if so, determining that the domain name carried by the DNS request message is unavailable.
Referring to fig. 5, fig. 5 is a hardware structure diagram of a network device where the domain name detection apparatus of the present application is located, where the hardware structure includes: a processor and a memory.
Wherein the memory is to store machine executable instructions;
the processor is used for reading and executing the machine executable instructions stored in the memory so as to realize the domain name detection method shown in fig. 1.
For one embodiment, the memory may be any electronic, magnetic, optical, or other physical storage device that may contain or store information such as executable instructions, data, and the like. For example, the memory may be: volatile memory, non-volatile memory, or similar storage media. In particular, the Memory may be a RAM (random Access Memory), a flash Memory, a storage drive (e.g., a hard disk drive), a solid state disk, any type of storage disk (e.g., an optical disk, a DVD, etc.), or similar storage medium, or a combination thereof.
So far, the description of the apparatus shown in fig. 5 is completed.
The implementation process of the functions and actions of each unit in the above device is specifically described in the implementation process of the corresponding step in the above method, and is not described herein again.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the application. One of ordinary skill in the art can understand and implement it without inventive effort.
The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the scope of protection of the present application.
Claims (10)
1. A domain name detection method is applied to network equipment and comprises the following steps:
setting a first message identifier for uniquely identifying a DNS request message for a message identifier field in the DNS request message to be sent to a DNS server, and sending the DNS request message to the DNS server;
receiving a DNS response message sent by the DNS server;
and determining that the domain name carried by the DNS request message is available according to the message identifier and the domain name carried by the DNS response message and the identifier and the domain name carried by the previously sent DNS request message.
2. The method according to claim 1, wherein when the DNS request packet is sent to the DNS server, a first port that sends the DNS request packet, a packet identifier and a domain name carried by the DNS request packet are recorded in a port-packet identifier-domain name correspondence;
the determining that the domain name carried by the DNS request message is usable according to the message identifier and the domain name carried by the DNS response message and the identifier and the domain name carried by the DNS request message sent before includes:
checking whether a domain name carried by the DNS response message exists in a designated corresponding relation containing a second port, and if not, searching the corresponding relation containing the keyword in the recorded port-message identifier-domain name corresponding relation by taking the message identifier carried by the DNS response message as the keyword; if the domain name in the searched corresponding relation is the same as the domain name carried by the DNS response message, determining that the domain name carried by the DNS request message is available;
and the second port is a port for receiving the DNS response message.
3. The method according to claim 2, wherein the designated correspondence is a correspondence that includes the second port for a first one of the port-packet identifier-domain name correspondences.
4. The method according to claim 1, wherein the setting a first packet identifier for uniquely identifying the DNS request packet for a packet identifier field in the DNS request packet to be sent to the DNS server comprises:
when the DNS request message is the first DNS request message, setting a message identification field in the DNS request message as an initial value, and recording the message identification value as the initial value;
and when the DNS request message is not the first DNS request message, increasing the current recorded message identification value by a set value, and determining the message identification value increased by the set value as the message identification field of the DNS request message.
5. The method of claim 1, further comprising:
when the DNS request message is sent to the DNS server, a timer corresponding to a message identifier carried by the DNS request message is started;
checking whether a timer corresponding to a message identifier carried by the DNS response message is overtime;
if not, determining the available operation of the domain name carried by the DNS response message according to the message identifier and the domain name carried by the DNS response message and the identifier and the domain name carried by the previously sent DNS request message;
and if so, determining that the domain name carried by the DNS request message is unavailable.
6. A domain name detection device, applied to a network device, includes:
a sending unit, configured to set a first message identifier for uniquely identifying a DNS request message for a message identifier field in a DNS request message to be sent to a DNS server, and send the DNS request message to the DNS server;
a receiving unit, configured to receive a DNS reply message sent by the DNS server;
and the determining unit is used for determining that the domain name carried by the DNS request message is available according to the message identifier and the domain name carried by the DNS response message and the identifier and the domain name carried by the previously sent DNS request message.
7. The apparatus of claim 6, further comprising:
a recording unit, configured to record, when the DNS request packet is sent to the DNS server, a first port that sends the DNS request packet, a packet identifier and a domain name carried in the DNS request packet into a port-packet identifier-domain name correspondence;
the determining unit is specifically configured to check whether a domain name carried by the DNS reply packet exists in an assigned correspondence including a second port, and if not, search for a correspondence including the keyword in a recorded port-packet identifier-domain name correspondence with a packet identifier carried by the DNS reply packet as the keyword; if the domain name in the searched corresponding relation is the same as the domain name carried by the DNS response message, determining that the domain name carried by the DNS request message is available; and the second port is a port for receiving the DNS response message.
8. The apparatus according to claim 7, wherein the designated correspondence is a correspondence that includes the second port for a first one of the port-packet id-domain name correspondences.
9. The apparatus according to claim 6, wherein the sending unit is specifically configured to, when the DNS request packet is a first DNS request packet, set a packet identification field in the DNS request packet to an initial value, and record a packet identification value as the initial value; and when the DNS request message is not the first DNS request message, increasing the current recorded message identification value by a set value, and determining the message identification value increased by the set value as the message identification field of the DNS request message.
10. The apparatus of claim 6, further comprising:
the starting unit is used for starting a timer corresponding to a message identifier carried by the DNS request message when the DNS request message is sent to the DNS server;
a checking unit, configured to check whether a timer corresponding to the message identifier carried in the DNS reply message is overtime; if not, determining the available operation of the domain name carried by the DNS response message according to the message identifier and the domain name carried by the DNS response message and the identifier and the domain name carried by the previously sent DNS request message; and if so, determining that the domain name carried by the DNS request message is unavailable.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911394571.7A CN111049948B (en) | 2019-12-30 | 2019-12-30 | Domain name detection method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911394571.7A CN111049948B (en) | 2019-12-30 | 2019-12-30 | Domain name detection method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111049948A true CN111049948A (en) | 2020-04-21 |
| CN111049948B CN111049948B (en) | 2022-07-29 |
Family
ID=70241724
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911394571.7A Active CN111049948B (en) | 2019-12-30 | 2019-12-30 | Domain name detection method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111049948B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113691630A (en) * | 2021-08-26 | 2021-11-23 | 北京字节跳动网络技术有限公司 | DNS request processing method, device, system, electronic equipment and storage medium |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060101155A1 (en) * | 2004-11-10 | 2006-05-11 | Microsoft Corporation | Message based network configuration of domain name purchase |
| CN102045331A (en) * | 2009-10-22 | 2011-05-04 | 成都市华为赛门铁克科技有限公司 | Method, device and system for processing inquiry request message |
| US20110119306A1 (en) * | 2009-11-19 | 2011-05-19 | International Business Machines Corporation | User-Based DNS Server Access Control |
| CN105337786A (en) * | 2014-07-23 | 2016-02-17 | 华为技术有限公司 | Server performance detection method, apparatus and equipment |
| CN106210173A (en) * | 2016-07-29 | 2016-12-07 | 杭州迪普科技有限公司 | DNS replys retransmission method and the device of message |
| CN106789422A (en) * | 2016-12-16 | 2017-05-31 | 杭州迪普科技股份有限公司 | The monitoring method and device of a kind of dns server |
| CN109981819A (en) * | 2019-03-22 | 2019-07-05 | 新华三技术有限公司合肥分公司 | MDNS message processing method, device and group network system |
| CN110266832A (en) * | 2019-07-08 | 2019-09-20 | 新华三信息安全技术有限公司 | A kind of domain name analytic method and device |
-
2019
- 2019-12-30 CN CN201911394571.7A patent/CN111049948B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060101155A1 (en) * | 2004-11-10 | 2006-05-11 | Microsoft Corporation | Message based network configuration of domain name purchase |
| CN102045331A (en) * | 2009-10-22 | 2011-05-04 | 成都市华为赛门铁克科技有限公司 | Method, device and system for processing inquiry request message |
| US20110119306A1 (en) * | 2009-11-19 | 2011-05-19 | International Business Machines Corporation | User-Based DNS Server Access Control |
| CN105337786A (en) * | 2014-07-23 | 2016-02-17 | 华为技术有限公司 | Server performance detection method, apparatus and equipment |
| CN106210173A (en) * | 2016-07-29 | 2016-12-07 | 杭州迪普科技有限公司 | DNS replys retransmission method and the device of message |
| CN106789422A (en) * | 2016-12-16 | 2017-05-31 | 杭州迪普科技股份有限公司 | The monitoring method and device of a kind of dns server |
| CN109981819A (en) * | 2019-03-22 | 2019-07-05 | 新华三技术有限公司合肥分公司 | MDNS message processing method, device and group network system |
| CN110266832A (en) * | 2019-07-08 | 2019-09-20 | 新华三信息安全技术有限公司 | A kind of domain name analytic method and device |
Non-Patent Citations (2)
| Title |
|---|
| SMILE大豆芽: ""wireshark实战分析之DNS协议分析"", 《博客园HTTPS://WWW.CNBLOGS.COM/WUYUAN2011WOAINI/P/5800062.HTML》 * |
| 蒋立乾: "基于区块链的数据交易体系", 《信息与电脑(理论版)》 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113691630A (en) * | 2021-08-26 | 2021-11-23 | 北京字节跳动网络技术有限公司 | DNS request processing method, device, system, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111049948B (en) | 2022-07-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109302498B (en) | Network resource access method and device | |
| CN107666473B (en) | Attack detection method and controller | |
| WO2017211157A1 (en) | Monitoring method and apparatus for associated accounts | |
| CN112468364B (en) | CIP asset detection method and device, computer equipment and readable storage medium | |
| CN111064804B (en) | Network access method and device | |
| WO2009026849A1 (en) | Duplicate address detection method and network node device for address conflict | |
| CN111130930A (en) | Dual-network card detection method and device | |
| CN113472607A (en) | Application program network environment detection method, device, equipment and storage medium | |
| CN108989101B (en) | Log output system and method and electronic equipment | |
| CN111049948B (en) | Domain name detection method and device | |
| CN101599857A (en) | Detect method, device and the network measuring system that inserts number of host of sharing | |
| CN111478792B (en) | Cutover information processing method, system and device | |
| CN111163245A (en) | Method and device for adding network camera in network hard disk video recorder | |
| CN110912760B (en) | Link state detection method and device | |
| JP2006236040A (en) | Distributed server failure response program, server load distribution device and method | |
| CN106789422A (en) | The monitoring method and device of a kind of dns server | |
| CN109150587B (en) | Maintenance method and device | |
| JP4910542B2 (en) | SIP message delivery program | |
| CN106878247B (en) | Attack identification method and device | |
| CN113905092B (en) | Method, device, terminal and storage medium for determining reusable agent queue | |
| CN110808972B (en) | Data stream identification method and device | |
| CN106899429B (en) | SNMP-based equipment management method and device | |
| CN110611678B (en) | Method for identifying message and access network equipment | |
| CN110795292A (en) | Detection method, device, equipment and storage medium | |
| CN115550319B (en) | Address allocation method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |