CN111107175A - Method and device for constructing DNS response message - Google Patents
Method and device for constructing DNS response message Download PDFInfo
- Publication number
- CN111107175A CN111107175A CN201911228838.5A CN201911228838A CN111107175A CN 111107175 A CN111107175 A CN 111107175A CN 201911228838 A CN201911228838 A CN 201911228838A CN 111107175 A CN111107175 A CN 111107175A
- Authority
- CN
- China
- Prior art keywords
- domain name
- alias
- response message
- module
- records
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method, a device and a medium for constructing a DNS response message, wherein the method for constructing the DNS response message comprises the following steps: acquiring a response message aiming at the domain name resolution request message; analyzing an analysis chain of alias records and/or A records corresponding to the access target domain name from the response message, carrying out ordered data structurization on the analysis chain, selecting target records from the structured ordered data, and repackaging the target records in sequence; and sending the packaged response message to a sender of the domain name resolution request message. The invention can effectively control the length of the response message under the condition of ensuring normal communication, and improve the transmission rate and the safety of the response message.
Description
The application is a divisional application of a Chinese patent application with the name of 201710207628.2, which is filed in 2017, 03 and 31 of month, and is named as a method and a device for reducing the length of a DNS response message.
Technical Field
The present invention relates to the field of internet technologies, and in particular, to a method, an apparatus, and a medium for constructing a DNS reply packet.
Background
When a Local Domain Name Server (Local Domain Name Server, abbreviation: LDNS) receives a Domain Name resolution request sent by a Local client, the LDNS sends the Domain Name resolution request to a Domain Name Server (DNS), the DNS resolves an access target Domain Name in the Domain Name resolution request, and when an IP address list of a network Server corresponding to the access target Domain Name is judged to exist, the corresponding IP address is encapsulated in a response packet and returned to the LDNS. The LDNS sends the response including the content to the client, and the client accesses the network according to the IP address. When the alias (cname) domain name of the access target domain name and the IP address list of the network server corresponding to the last layer alias domain name exist in the DNS, the alias record of the access target domain name and the IP address list of the network server corresponding to the last layer alias domain name are encapsulated in the response packet and returned to the LDNS, or only the IP address list of the network server corresponding to the last layer alias domain name may be encapsulated in the response packet and returned to the LDNS.
A User Datagram Protocol (UDP) is generally used between the LDNS and the DNS for data transmission, and when the length of a message is large, a Transmission Control Protocol (TCP) needs to be established in front of the LDNS and the DNS for data transmission. Under the limitation of the practical application scenario, the DNS in some scenarios does not support the TCP protocol, for example, some LDNS of the operator may close the TCP resolution function to defend against DDOS attack, and some public DNS, mobile terminal, client or player do not support the TCP resolution function because they are mostly developed by customization. Thus, the existing data transmission mode will affect the effectiveness of data transmission.
Disclosure of Invention
In order to solve the above technical problem, the present invention provides a method and an apparatus for reducing the length of a DNS reply packet.
The invention provides a method for reducing the length of a DNS response message, which comprises the following steps:
step 1, constructing a response message aiming at a domain name resolution request message;
step 2, analyzing alias records and A records corresponding to the access target domain name from a response message, and packaging the access target domain name and the A records into a response message; or, selecting a part of alias records from the alias records, and packaging the access target domain name, the A record and the selected alias records into a response message; or, selecting a part of A records from the A records, and packaging the access target domain name, the selected A records and the alias records into a response message; selecting a part of alias records from the alias records, selecting a part of A records from the A records, and packaging the access target domain name, the selected A records and the selected alias records into a response message;
and 3, sending the encapsulated response message to a sender of the domain name resolution request message.
The method for reducing the length of the DNS response message also has the following characteristics:
the step 2 further comprises: when only the alias record corresponding to the access target domain name is analyzed from the response message, the target domain name and the last alias are selected, or the target domain name, the last alias and at least one intermediate alias are selected and packaged into the response message; and when the alias record corresponding to the access target domain name is not analyzed from the response message, repackaging the response message.
The method for reducing the length of the DNS response message also has the following characteristics:
the selecting a portion of the alias records from the alias records comprises:
querying an alias blacklist, and selecting aliases which do not exist in the alias blacklist in the alias records;
or, inquiring an alias white list, and selecting an alias existing in the alias white list in the alias record;
alternatively, an alias blacklist and an alias whitelist are queried, and aliases that do not exist in the alias blacklist and exist in the alias whitelist are selected.
The method for reducing the length of the DNS response message also has the following characteristics:
the method also comprises a step 1' between the step 1 and the step 2: and judging whether the length of the received response message is greater than or equal to a preset length, if so, executing the step 2 to enable the length of the packaged response message to be smaller than the preset length, and if not, sending the received response message to a sender of the domain name resolution request message.
The method for reducing the length of the DNS response message also has the following characteristics:
the method also comprises a step 1' between the step 1 and the step 2: analyzing an access target domain name from the response message, judging whether the access target domain name is positioned in a domain name set, if so, executing the step 2, and if not, sending the received response message to a sender of the domain name analysis request message.
The method for reducing the length of the DNS response message also has the following characteristics:
the method also comprises a method for setting the domain name set, which comprises one of the following modes:
receiving a user-defined domain name input by a user, and adding the received domain name into the domain name set;
and judging whether the sender of the domain name resolution request message is a client which does not support TCP resolution or whether the sender of the domain name resolution request message is a local DNS server, and adding an access target domain name carried in the domain name resolution request message into the domain name set.
The device for reducing the length of the DNS response message provided by the invention comprises the following steps:
the construction module is used for constructing or receiving a response message aiming at the domain name resolution request message;
the analysis module is used for analyzing the alias record and the A record corresponding to the access target domain name from the response message, and packaging the alias record and the A record into the response message to be sent to the repackaging module;
the repackaging module is used for encapsulating the access target domain name and the record A into a response message; or, selecting a part of alias records from the alias records, and packaging the access target domain name, the A record and the selected alias records into a response message; or, selecting a part of A records from the A records, and packaging the access target domain name, the selected A records and the alias records into a response message; selecting a part of alias records from the alias records, selecting a part of A records from the A records, and packaging the access target domain name, the selected A records and the selected alias records into a response message;
and the sending module is used for sending the encapsulated response message to a sender of the domain name resolution request message.
The device for reducing the length of the DNS response message also has the following characteristics:
the analysis module is also used for sending the alias record to the repackaging module when only the alias record corresponding to the access target domain name is analyzed from the response message; the device is used for sending the response message to the repackaging module when the alias record corresponding to the access target domain name is not analyzed from the response message;
the repackaging module is further configured to select a target domain name and a last alias when receiving the alias record from the parsing module, or select the target domain name, the last alias and at least one intermediate alias to be packaged as a response message; and the message processing module is also used for repackaging the response message after receiving the response message from the analysis module.
The device for reducing the length of the DNS response message also has the following characteristics:
the repackaging module is configured to select a part of the alias records from the alias records according to the following manner:
querying an alias blacklist, and selecting aliases which do not exist in the alias blacklist in the alias records;
or, inquiring an alias white list, and selecting an alias existing in the alias white list in the alias record;
alternatively, an alias blacklist and an alias whitelist are queried, and aliases that do not exist in the alias blacklist and exist in the alias whitelist are selected.
The device for reducing the length of the DNS response message also has the following characteristics:
the device also comprises a judging module, a re-packaging module and a re-packaging module, wherein the judging module is used for judging whether the length of the received response message is greater than or equal to a preset length or not, and if so, sending a re-packaging trigger signal and the preset length to the analyzing module and the re-packaging module; if not, forwarding the response message to the sending module;
and the repackaging module is used for controlling the length of the packaged response message to be smaller than the preset length when the response message is held and loaded.
The device for reducing the length of the DNS response message also has the following characteristics:
the domain name server also comprises a judging module which is used for analyzing an access target domain name from the response message and judging whether the access target domain name is positioned in a preset domain name set, if so, sending a repackaging trigger signal to the analyzing module and the repackaging module, and if not, sending the received response message to a sender of the domain name analyzing request message.
The device for reducing the length of the DNS response message also has the following characteristics:
the apparatus also includes a domain name set maintenance module;
the domain name set maintenance module is used for receiving a user-defined domain name input by a user and adding the received domain name into the domain name set; or, the domain name resolution server is used for judging whether the sender of the domain name resolution request message is a client which does not support TCP resolution or whether the sender of the domain name resolution request message is a local DNS server, and adding an access target domain name carried in the domain name resolution request message into the domain name set.
The invention can effectively control the length of the response message under the condition of ensuring normal communication, and improve the transmission rate and the safety of the response message.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate an embodiment of the invention and, together with the description, serve to explain the invention and not to limit the invention. In the drawings:
fig. 1 is a flowchart of a method for reducing the length of a DNS reply message in an embodiment.
Fig. 2 is a block diagram of an apparatus for reducing the length of a DNS reply message in an embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention. It should be noted that the embodiments and features of the embodiments in the present application may be arbitrarily combined with each other without conflict.
Fig. 1 is a method for reducing the length of a DNS reply message in an embodiment, where the method includes:
step 1, a DNS server constructs a response message aiming at a domain name resolution request message;
step 2, analyzing alias records and A records corresponding to the access target domain name from a response message, and packaging the access target domain name and the A records into a response message; or, selecting a part of alias records from the alias records, and packaging the access target domain name, the A record and the selected alias records into a response message; or, selecting a part of A records from the A records, and packaging the access target domain name, the selected A records and the alias records into a response message; selecting a part of alias records from the alias records, selecting a part of A records from the A records, and packaging the access target domain name, the selected A records and the selected alias records into a response message;
and 3, sending the packaged response message to a sender of the domain name resolution request message.
In the method, the sender of the domain name resolution request message can be an LDNS, a client or a detector and the like.
Wherein, step 2 still includes: when only the alias record corresponding to the access target domain name is analyzed from the response message, the target domain name and the last alias are selected, or the target domain name, the last alias and at least one intermediate alias are selected and packaged into the response message; and when the alias record corresponding to the access target domain name is not analyzed from the response message, repackaging the response message.
In step 2, selecting a part of alias records from the alias records comprises:
querying an alias blacklist, and selecting aliases which do not exist in the alias blacklist in the alias records;
or, inquiring the alias white list, and selecting the alias existing in the alias white list in the alias record;
alternatively, the alias blacklist and the alias whitelist are queried, and aliases that do not exist within the alias blacklist and that exist within the alias whitelist are selected.
The black and white list in the method is a manual domain name list maintenance, so that alias records used for determining which domain names can be deleted or reserved when the response message is recombined. The black-and-white list function is realized to meet some special requirements, for example, a default CNAME link in a CNAME chain cannot be eliminated, and generally occurs in a situation where multiple CDN vendors require vendor information to be retained.
For example, the domain name and the accelerated domain name of a certain company, the company confirms whether special processing cannot be performed, the special processing can be performed by default, the special generation is not set in any list if no special generation exists, and the special generation is set in a white list if the special generation needs to be reserved; the special surrogates must be placed on the black list without being able to be retained.
The CNAME record and the A record in the whole analysis process can ensure normal analysis as long as the analysis chain is ensured to be completed.
For example, the CNAME record and A record are as follows:
www.a.com cname test.a.com
test.a.com cname test1.a.com
test1.a.com cname test2.a.com
test2.a.com cname test3.a.com
test3.a.com A 1.1.1.1
in the processing process, the whole analysis process is subjected to ordered data structuring:
www.a.com
test.a.com
test1.a.com
test2.a.com
test3.a.com
1.1.1.1
combining the black list and the white list, selecting a part which can be repackaged from the structured data, and then reconstructing the cName and A records, wherein the structure of the analysis chain is not changed because the data is ordered, and the analysis process is normal. The final analysis result is:
the alias selected by the target domain name cname comprises: www.a.com, test.a.com, test 1.a.com.
Selected a is recorded as 1.1.1.1.
The DNS server in the method can comprise an LDNS server and an authoritative DNS, if the DNS server is the LDNS server, a plurality of response messages aiming at the domain name resolution request message are received from the authoritative DNS, wherein part of the response messages only comprise alias records, and part of the response messages comprise alias records and A records. And if the DNS is the authoritative DNS, directly constructing a response message aiming at the domain name resolution request message. The response message includes alias record and A record.
In the method, a step 1' is also included between the step 1 and the step 2: and judging whether the length of the received response message is greater than or equal to a preset length, if so, executing the step 2 to enable the length of the packaged response message to be less than the preset length. If not, the received response message is sent to the sender of the domain name resolution request message. The preset length may be set to a value between 500 and 512 bytes.
In addition, under an authoritative DNS, the set conditions are that the length of the response message is not more than 500 bytes, the number of the IP of the A record is not more than 8, the length of the packaged response message is not more than 500 bytes after the step 2 is executed, the number of the IP of the A record is not more than 8, and if the number of the IP of the A record in the received response message is more than 8, the IP with the number less than 8 is selected from the A record to be used as the selected A record.
Step 1 "is also included between step 1 and step 2: analyzing an access target domain name from the response message, judging whether the access target domain name is located in a preset domain name set, if so, executing the step 2, and if not, sending the received response message to a sender of the domain name analysis request message.
The method also includes a method for setting domain name set, which includes one of the following modes:
firstly, receiving a user-defined domain name input by a user, and adding the received domain name into a domain name set;
and secondly, judging whether the sender of the domain name resolution request message is a client which does not support TCP resolution or whether the sender of the domain name resolution request message is a local DNS server, and adding an access target domain name carried in the domain name resolution request message into the domain name set.
And thirdly, when the domain name resolution request message is a TCP (transmission control protocol) request sent by a detector and when the target domain name can be resolved from the domain name resolution request message but other contents cannot be resolved, adding the target domain into the domain name set.
Fig. 2 is a device for reducing the length of a DNS reply message in an embodiment, where the device includes:
the construction module is used for constructing a response message aiming at the domain name resolution request message;
the analysis module is used for analyzing the alias record and the A record corresponding to the access target domain name from the response message;
the repackaging module is used for encapsulating the access target domain name and the record A into a response message; or, selecting a part of alias records from the alias records, and packaging the access target domain name, the A record and the selected alias records into a response message; or, selecting a part of A records from the A records, and packaging the access target domain name, the selected A records and the alias records into a response message; selecting a part of alias records from the alias records, selecting a part of A records from the A records, and packaging the access target domain name, the selected A records and the selected alias records into a response message;
and the sending module is used for sending the packaged response message to a sender of the domain name resolution request message.
Wherein the content of the first and second substances,
the analysis module is also used for sending the alias record to the repackaging module when only the alias record corresponding to the access target domain name is analyzed from the response message; and the module is used for sending the response message to the repackaging module when the alias record corresponding to the access target domain name is not analyzed from the response message. The repackaging module is also used for selecting a target domain name and a last alias when the alias record is received from the analyzing module, or selecting the target domain name, the last alias and at least one intermediate alias to be packaged as a response message; and the message processing module is also used for repackaging the response message after receiving the response message from the analysis module.
The repackaging module is specifically configured to select a portion of the alias records from the alias records according to the following:
querying an alias blacklist, and selecting aliases which do not exist in the alias blacklist in the alias records;
or, inquiring the alias white list, and selecting the alias existing in the alias white list in the alias record;
alternatively, the alias blacklist and the alias whitelist are queried, and aliases that do not exist within the alias blacklist and that exist within the alias whitelist are selected.
The device also comprises a judging module, wherein the judging module is used for judging whether the length of the received response message is greater than or equal to a preset length or not, and if so, sending a repackaging trigger signal and the preset length to the parsing module and the repackaging module; if not, the response message is forwarded to the sending module. And the repackaging module is used for controlling the length of the packaged response message to be smaller than the preset length when holding the response message.
Or, the judging module is used for analyzing the access target domain name from the response message, judging whether the access target domain name is located in the preset domain name set, if so, sending a repackaging trigger signal to the analyzing module and the repackaging module, and if not, sending the received response message to a sender of the domain name analysis request message.
The device also comprises a domain name set maintenance module; the domain name set maintenance module is used for receiving a user-defined domain name input by a user and adding the received domain name into the domain name set; or, the domain name resolution server is used for judging whether the sender of the domain name resolution request message is a client which does not support TCP resolution or whether the sender of the domain name resolution request message is a local DNS server, and adding an access target domain name carried in the domain name resolution request message into the domain name set.
The present invention will be described in detail below with reference to specific examples.
DETAILED DESCRIPTION OF EMBODIMENT (S) OF INVENTION
Establishing UDP connection between a DNS server and an LDNS server, receiving a domain name resolution request message from the LDNS server, wherein an access target in the domain name resolution request message is total.abc.com, and the DNS server inquires the alias record and the A record corresponding to the access target as follows:
by using the response method of the response message in the prior art, the DNS server encapsulates the access target, the alias record, and the a record in the response message, and sends the response message to the LDNS server. If the length of the bytes occupied by the name record is large, which causes the length of the response message to be larger than the preset length, for example, to be larger than 512 bytes, the DNS server needs to reestablish the TCP connection with the LDNS server, and the encapsulated response message is sent to the LDNS server through the TCP connection.
By using the response method of the response message, the DNS server selects a part of alias records from the alias records, and encapsulates the access target domain name, the selected alias records and the A record in the response message. When the length of the bytes occupied by the alias records is large, the length of the encapsulated response message is likely to be smaller than the preset length, for example, smaller than 512 bytes, and the DNS server directly uses the established UDP connection to send the encapsulated response message to the LDNS server without switching protocols and establishing a connection again.
The above-described aspects may be implemented individually or in various combinations, and such variations are within the scope of the present invention.
It will be understood by those skilled in the art that all or part of the steps of the above methods may be implemented by instructing the relevant hardware through a program, and the program may be stored in a computer readable storage medium, such as a read-only memory, a magnetic or optical disk, and the like. Alternatively, all or part of the steps of the foregoing embodiments may also be implemented by using one or more integrated circuits, and accordingly, each module/unit in the foregoing embodiments may be implemented in the form of hardware, and may also be implemented in the form of a software functional module. The present invention is not limited to any specific form of combination of hardware and software.
It is to be noted that, in this document, the terms "comprises", "comprising" or any other variation thereof are intended to cover a non-exclusive inclusion, so that an article or apparatus including a series of elements includes not only those elements but also other elements not explicitly listed or inherent to such article or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of additional like elements in the article or device comprising the element.
The above embodiments are merely to illustrate the technical solutions of the present invention and not to limit the present invention, and the present invention has been described in detail with reference to the preferred embodiments. It will be understood by those skilled in the art that various modifications and equivalent arrangements may be made without departing from the spirit and scope of the present invention and it should be understood that the present invention is to be covered by the appended claims.
Claims (15)
1.A method for constructing a DNS response message is characterized by comprising the following steps:
step 1, acquiring a response message aiming at a domain name resolution request message;
step 2, resolving an analysis chain of alias records and/or A records corresponding to the access target domain name from the response message, carrying out ordered data structurization on the analysis chain, selecting target records from the structured ordered data, and repackaging the target records in sequence;
and 3, sending the encapsulated response message to a sender of the domain name resolution request message.
2. The method of constructing a DNS reply message according to claim 1, wherein said selecting a target record from the structured ordered data comprises:
and selecting a part of or all the alias records and/or the A records.
3. The method of constructing a DNS reply message of claim 1,
the step 2 further comprises: when only the alias record corresponding to the access target domain name is analyzed from the response message, selecting the target domain name and the last alias, or selecting the target domain name, the last alias and at least one intermediate alias and packaging the selected target domain name, the last alias and the at least one intermediate alias into the response message; and when the alias record corresponding to the access target domain name is not analyzed from the response message, repackaging the response message.
4. The method of constructing a DNS reply message of claim 2,
the selecting a part of the alias records comprises:
querying an alias blacklist, and selecting aliases which do not exist in the alias blacklist in the alias records;
or, inquiring an alias white list, and selecting an alias existing in the alias white list in the alias record;
alternatively, an alias blacklist and an alias whitelist are queried, and aliases that do not exist in the alias blacklist and exist in the alias whitelist are selected.
5. The method of constructing a DNS reply message of claim 1,
further comprising: and judging whether the length of the received response message is greater than or equal to a preset length, if so, executing the step 2 to enable the length of the packaged response message to be smaller than the preset length, and if not, sending the received response message to a sender of the domain name resolution request message.
6. The method of constructing a DNS reply message of claim 1,
further comprising: analyzing an access target domain name from the response message, judging whether the access target domain name is positioned in a domain name set, if so, executing the step 2, and if not, sending the received response message to a sender of the domain name analysis request message.
7. The method of constructing a DNS reply message of claim 6,
the method also comprises a method for setting the domain name set, which comprises one of the following modes:
receiving a user-defined domain name input by a user, and adding the received domain name into the domain name set;
and judging whether the sender of the domain name resolution request message is a client which does not support TCP resolution or whether the sender of the domain name resolution request message is a local DNS server, and adding an access target domain name carried in the domain name resolution request message into the domain name set.
8. An apparatus for constructing a DNS reply message, comprising:
the construction module is used for acquiring a response message aiming at the domain name resolution request message;
the analysis module is used for analyzing an analysis chain of the alias record and/or the A record corresponding to the access target domain name from the response message and carrying out ordered data structuring on the analysis chain;
the repackaging module is used for selecting the target record from the structured data and repackaging the target record in sequence;
and the sending module is used for sending the encapsulated response message to a sender of the domain name resolution request message.
9. The apparatus for constructing a DNS reply message according to claim 8, wherein the parsing module selecting the target record from the structured ordered data includes:
and selecting a part of or all the alias records and/or the A records.
10. The apparatus for constructing a DNS reply message of claim 8,
the analysis module is also used for sending the alias record to the repackaging module when only the alias record corresponding to the access target domain name is analyzed from the response message; the device is used for sending the response message to the repackaging module when the alias record corresponding to the access target domain name is not analyzed from the response message;
the repackaging module is further configured to select a target domain name and a last alias when receiving the alias record from the parsing module, or select the target domain name, the last alias and at least one intermediate alias to be packaged as a response message; and the message processing module is also used for repackaging the response message after receiving the response message from the analysis module.
11. The apparatus for reducing the length of a DNS reply message of claim 9,
the repackaging module selects a part of the alias records, including:
querying an alias blacklist, and selecting aliases which do not exist in the alias blacklist in the alias records;
or, inquiring an alias white list, and selecting an alias existing in the alias white list in the alias record;
alternatively, an alias blacklist and an alias whitelist are queried, and aliases that do not exist in the alias blacklist and exist in the alias whitelist are selected.
12. The apparatus for reducing the length of a DNS reply message of claim 8,
the device also comprises a judging module, a re-packaging module and a re-packaging module, wherein the judging module is used for judging whether the length of the received response message is greater than or equal to a preset length or not, and if so, sending a re-packaging trigger signal and the preset length to the analyzing module and the re-packaging module; if not, forwarding the response message to the sending module;
and the repackaging module is used for controlling the length of the packaged response message to be smaller than the preset length when the response message is held and loaded.
13. The apparatus for reducing the length of a DNS reply message of claim 8,
the domain name server also comprises a judging module which is used for analyzing an access target domain name from the response message and judging whether the access target domain name is positioned in a preset domain name set, if so, sending a repackaging trigger signal to the analyzing module and the repackaging module, and if not, sending the received response message to a sender of the domain name analyzing request message.
14. The apparatus for reducing the length of a DNS reply message of claim 13,
the apparatus also includes a domain name set maintenance module;
the domain name set maintenance module is used for receiving a user-defined domain name input by a user and adding the received domain name into the domain name set; or, the domain name resolution server is used for judging whether the sender of the domain name resolution request message is a client which does not support TCP resolution or whether the sender of the domain name resolution request message is a local DNS server, and adding an access target domain name carried in the domain name resolution request message into the domain name set.
15. A computer-readable storage medium, on which a computer program is stored, characterized in that the computer program, when executed, implements the steps of the method according to any one of claims 1-7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911228838.5A CN111107175B (en) | 2017-03-31 | 2017-03-31 | Method and device for constructing DNS response message |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911228838.5A CN111107175B (en) | 2017-03-31 | 2017-03-31 | Method and device for constructing DNS response message |
CN201710207628.2A CN108667947B (en) | 2017-03-31 | 2017-03-31 | A kind of method and device for the length reducing DNS response message |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710207628.2A Division CN108667947B (en) | 2017-03-31 | 2017-03-31 | A kind of method and device for the length reducing DNS response message |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111107175A true CN111107175A (en) | 2020-05-05 |
CN111107175B CN111107175B (en) | 2023-08-08 |
Family
ID=63783672
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710207628.2A Active CN108667947B (en) | 2017-03-31 | 2017-03-31 | A kind of method and device for the length reducing DNS response message |
CN201911228838.5A Active CN111107175B (en) | 2017-03-31 | 2017-03-31 | Method and device for constructing DNS response message |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710207628.2A Active CN108667947B (en) | 2017-03-31 | 2017-03-31 | A kind of method and device for the length reducing DNS response message |
Country Status (1)
Country | Link |
---|---|
CN (2) | CN108667947B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113014684A (en) * | 2021-01-18 | 2021-06-22 | 珠海莲鸿科技有限公司 | Communication transfer method and device for saving message verification time of Internet of things equipment |
CN115378884A (en) * | 2022-04-27 | 2022-11-22 | 国家计算机网络与信息安全管理中心 | DNS message processing method, device, processing equipment and storage medium |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109327559B (en) * | 2018-11-08 | 2022-03-25 | 同盾控股有限公司 | Domain name resolution method and device based on hybrid cloud platform |
CN109802883B (en) * | 2018-12-27 | 2021-07-30 | 南京信息职业技术学院 | Mail transmission method and system thereof |
CN111343042B (en) * | 2020-02-05 | 2022-02-22 | 网宿科技股份有限公司 | DNS analysis test method and test system |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102025794A (en) * | 2010-01-22 | 2011-04-20 | 中国移动通信集团北京有限公司 | Domain name resolution method, DNS (Domain Name Server) server and system |
CN102291268A (en) * | 2011-09-23 | 2011-12-21 | 杜跃进 | Safety domain name server and hostile domain name monitoring system and method based on same |
CN103188104A (en) * | 2011-12-31 | 2013-07-03 | 中国移动通信集团浙江有限公司 | Method and device for analyzing user behaviors |
US20130275570A1 (en) * | 2012-04-16 | 2013-10-17 | Opendns, Inc. | Cross-Protocol Communication In Domain Name Systems |
CN103973827A (en) * | 2013-02-05 | 2014-08-06 | 中国移动通信集团公司 | Domain name resolution method and device |
CN104144222A (en) * | 2014-08-20 | 2014-11-12 | 北京阅联信息技术有限公司 | Method and system for load balancing in DNS system based on alias record |
CN104303489A (en) * | 2012-04-30 | 2015-01-21 | Nec欧洲有限公司 | Method for performing dns resolution in a network, content distribution system and client terminal for deployment in a content distribution system |
CN105959433A (en) * | 2016-07-22 | 2016-09-21 | 无锡华云数据技术服务有限公司 | Domain name resolution method and domain name resolution system |
CN105991793A (en) * | 2015-05-27 | 2016-10-05 | 杭州迪普科技有限公司 | Message forwarding method and device |
CN106506726A (en) * | 2016-12-12 | 2017-03-15 | 北京云端智度科技有限公司 | A kind of method of verification DNS real users |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1449062B1 (en) * | 2001-11-01 | 2018-05-16 | Verisign, Inc. | High speed non-concurrency controlled database |
US8645565B2 (en) * | 2008-07-31 | 2014-02-04 | Tekelec, Inc. | Methods, systems, and computer readable media for throttling traffic to an internet protocol (IP) network server using alias hostname identifiers assigned to the IP network server with a domain name system (DNS) |
CN102984286B (en) * | 2012-11-14 | 2015-03-04 | 上海牙木通讯技术有限公司 | Method and device and system of domain name server (DNS) for buffering updating |
CN104427005B (en) * | 2013-08-20 | 2018-01-02 | 阿里巴巴集团控股有限公司 | The method and system that request is accurately dispatched are realized on CDN |
CN103501357A (en) * | 2013-09-18 | 2014-01-08 | 深圳先进技术研究院 | Domain name resolution system and domain name resolution method |
CN104079681A (en) * | 2014-07-07 | 2014-10-01 | 中国人民解放军理工大学 | Alias analysis method |
-
2017
- 2017-03-31 CN CN201710207628.2A patent/CN108667947B/en active Active
- 2017-03-31 CN CN201911228838.5A patent/CN111107175B/en active Active
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102025794A (en) * | 2010-01-22 | 2011-04-20 | 中国移动通信集团北京有限公司 | Domain name resolution method, DNS (Domain Name Server) server and system |
CN102291268A (en) * | 2011-09-23 | 2011-12-21 | 杜跃进 | Safety domain name server and hostile domain name monitoring system and method based on same |
CN103188104A (en) * | 2011-12-31 | 2013-07-03 | 中国移动通信集团浙江有限公司 | Method and device for analyzing user behaviors |
US20130275570A1 (en) * | 2012-04-16 | 2013-10-17 | Opendns, Inc. | Cross-Protocol Communication In Domain Name Systems |
CN104303489A (en) * | 2012-04-30 | 2015-01-21 | Nec欧洲有限公司 | Method for performing dns resolution in a network, content distribution system and client terminal for deployment in a content distribution system |
CN103973827A (en) * | 2013-02-05 | 2014-08-06 | 中国移动通信集团公司 | Domain name resolution method and device |
CN104144222A (en) * | 2014-08-20 | 2014-11-12 | 北京阅联信息技术有限公司 | Method and system for load balancing in DNS system based on alias record |
CN105991793A (en) * | 2015-05-27 | 2016-10-05 | 杭州迪普科技有限公司 | Message forwarding method and device |
CN105959433A (en) * | 2016-07-22 | 2016-09-21 | 无锡华云数据技术服务有限公司 | Domain name resolution method and domain name resolution system |
CN106506726A (en) * | 2016-12-12 | 2017-03-15 | 北京云端智度科技有限公司 | A kind of method of verification DNS real users |
Non-Patent Citations (7)
Title |
---|
张伟明, 罗军勇, 寇晓蕤, 蔡延荣: "网络拓扑发现中的路由器别名识别技术研究与实现", 计算机工程与应用, no. 13 * |
张蹦: "智能DNS技术在金融行业的应用", 《中国金融电脑》 * |
张蹦: "智能DNS技术在金融行业的应用", 《中国金融电脑》, no. 05, 7 May 2014 (2014-05-07) * |
林曼筠: "域名服务器的安全保护", 《网络安全技术与应用》 * |
林曼筠: "域名服务器的安全保护", 《网络安全技术与应用》, no. 01, 15 January 2001 (2001-01-15) * |
陈强等: "IPv6网络域名系统综述", 《电信网技术》 * |
陈强等: "IPv6网络域名系统综述", 《电信网技术》, no. 09, 15 September 2012 (2012-09-15) * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113014684A (en) * | 2021-01-18 | 2021-06-22 | 珠海莲鸿科技有限公司 | Communication transfer method and device for saving message verification time of Internet of things equipment |
CN115378884A (en) * | 2022-04-27 | 2022-11-22 | 国家计算机网络与信息安全管理中心 | DNS message processing method, device, processing equipment and storage medium |
CN115378884B (en) * | 2022-04-27 | 2023-09-15 | 国家计算机网络与信息安全管理中心 | DNS message processing method, device, processing equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN108667947B (en) | 2019-10-25 |
CN108667947A (en) | 2018-10-16 |
CN111107175B (en) | 2023-08-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111107175B (en) | Method and device for constructing DNS response message | |
EP2253124B1 (en) | Method and apparatus for communication of data packets between local networks | |
US8762573B2 (en) | Reverse DNS lookup with modified reverse mappings | |
CN102790807B (en) | Domain name resolution agent method and system, domain name resolution agent server | |
US7933272B2 (en) | Methods and systems for resolving a first node identifier in a first identifier domain space to a second node identifier in a second identifier domain space | |
CN112714194B (en) | Method for accessing intranet equipment by extranet host and network topology structure | |
US20050289244A1 (en) | Method for service chaining in a communication network | |
JP2014501958A (en) | Method and corresponding system for accessing content in a network | |
WO2002098100A1 (en) | Access control systems | |
KR101580185B1 (en) | Method and apparatus for controlling voice over internet protocol spam in home media gateway system | |
CN113452686A (en) | Data processing method, data processing device, proxy server and storage medium | |
CN112272164B (en) | Message processing method and device | |
WO2018214853A1 (en) | Method, apparatus, medium and device for reducing length of dns message | |
US11425086B2 (en) | Using DNS to communicate MC-TCP capability of server devices | |
US9602333B2 (en) | DNS server, gateways and methods for managing an identifier of a port range in the transmission of data | |
CN108667946B (en) | Multi-domain name mutual backup analysis management method, device and system | |
CN101902482A (en) | Method and system for realizing terminal security admission control based on IPv6 (Internet Protocol Version 6) automatic configuration | |
CN108111639A (en) | A kind of method and system for improving domain name system availability | |
Hendriks et al. | On the potential of IPv6 open resolvers for DDoS attacks | |
GB2493130A (en) | SIP server overload control | |
US20070100998A1 (en) | System and method of accessing a resource on a translated network device | |
CN111031148A (en) | Address resolution method and device, electronic equipment and storage medium | |
CN107222588A (en) | A kind of method and system of raising DNS availabilities | |
CN109698869B (en) | Private network crossing method, communication node and storage medium | |
CN110995763A (en) | Data processing method and device, electronic equipment and computer storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |