CN114666302A - Domain name resolution method, system, electronic device and storage medium - Google Patents
Domain name resolution method, system, electronic device and storage medium Download PDFInfo
- Publication number
- CN114666302A CN114666302A CN202210179854.5A CN202210179854A CN114666302A CN 114666302 A CN114666302 A CN 114666302A CN 202210179854 A CN202210179854 A CN 202210179854A CN 114666302 A CN114666302 A CN 114666302A
- Authority
- CN
- China
- Prior art keywords
- domain name
- dns server
- name resolution
- main
- backup
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 48
- 230000004044 response Effects 0.000 claims abstract description 91
- 230000002159 abnormal effect Effects 0.000 claims abstract description 29
- 238000001514 detection method Methods 0.000 claims abstract description 10
- 230000005856 abnormality Effects 0.000 claims description 24
- 238000012217 deletion Methods 0.000 claims description 10
- 230000037430 deletion Effects 0.000 claims description 10
- 238000004590 computer program Methods 0.000 claims description 7
- 230000004083 survival effect Effects 0.000 claims description 7
- 230000000977 initiatory effect Effects 0.000 claims description 4
- 239000000126 substance Substances 0.000 claims 1
- 238000004891 communication Methods 0.000 abstract description 4
- 230000011664 signaling Effects 0.000 abstract description 4
- 238000007619 statistical method Methods 0.000 abstract description 3
- 238000006467 substitution reaction Methods 0.000 abstract description 2
- 230000006870 function Effects 0.000 description 5
- 238000012544 monitoring process Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 238000006243 chemical reaction Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 238000013475 authorization Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000035772 mutation Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0654—Management of faults, events, alarms or notifications using network fault recovery
- H04L41/0663—Performing the actions predefined by failover planning, e.g. switching to standby network elements
Abstract
The application relates to the technical field of internet communication, and discloses a domain name resolution method, a domain name resolution system, electronic equipment and a storage medium, wherein the method comprises the following steps: detecting the resolving capability of a main DNS according to a domain name resolving request received by the main DNS within a first preset time; under the condition that the resolution capability of the main DNS server is abnormal, the received domain name resolution request is redirected to a backup DNS server, and the backup DNS server obtains and returns a response of the domain name resolution request according to pre-stored configuration data; the pre-stored configuration data is backup data of domain name configuration data in the main DNS. The domain name resolution capability of the main DNS server is accurately acquired through the statistical analysis of the domain name resolution request within the preset time length, and the detection efficiency of the abnormal resolution capability is improved; the response of the domain name resolution request is completed by using a signaling and function substitution mode and a backup DNS server, so that the DNS server is not required to be modified, and the response efficiency and the user experience are greatly improved.
Description
Technical Field
The embodiment of the application relates to the technical field of internet communication, in particular to a domain name resolution method, a domain name resolution system, electronic equipment and a storage medium.
Background
With the continuous progress of communication technology, the scenes of network access and service transaction of users through terminal equipment are increasing day by day, and the users rely on a Domain Name System (DNS) to resolve corresponding IP addresses when accessing the network. The DNS is a domain name resolution system, and provides a method for domain name IP conversion, and generally, a terminal device (e.g., a computer, a mobile phone, etc.) used by a user performs domain name resolution through the DNS when surfing the internet, and then performs network access such as service handling or data query according to a specified IP returned by the DNS.
Since the resolution result of the domain name resolution request depends on the domain name resolution result configured on the authoritative DNS server responsible for domain name resolution and the availability of the authoritative DNS server, the domain name resolution request of the user equipment may not be resolved and responded normally under the condition that the authoritative DNS server is unavailable or the resolution capability is abnormal, thereby affecting the network access of the user. In order to solve the problem, a common method is to modify the configuration of the authoritative DNS server after the authoritative DNS server fails to respond to the domain name resolution request, authorize the IP address range of the domain name resolution to the modified authoritative DNS server, and initiate the domain name resolution request to the modified authoritative DNS server again. However, the configuration operation of the authoritative DNS server is complex and poor in timeliness.
Disclosure of Invention
The embodiment of the application mainly aims to provide a domain name resolution method, a domain name resolution system, electronic equipment and a storage medium, and aims to timely and accurately complete response to a domain name resolution request of a domain name server, reduce the influence of abnormal state of the domain name server on the response speed of the domain name resolution request as much as possible, and improve user experience.
In order to achieve the above object, an embodiment of the present application provides a domain name resolution method, including: detecting the resolving capability of a main DNS according to a domain name resolving request received by the main DNS within a first preset time; under the condition that the resolution capability of the main DNS server is abnormal, the received domain name resolution request is redirected to a backup DNS server, so that the backup DNS server obtains and returns a response of the domain name resolution request according to prestored configuration data; and the pre-stored configuration data is backup data of domain name configuration data in the main DNS.
In order to achieve the above object, an embodiment of the present application further provides a domain name resolution system, including: the detection module is used for detecting the resolution capability of the main DNS according to a domain name resolution request received by the main DNS within a first preset time length; the response module is used for redirecting the received domain name resolution request to a backup DNS server under the condition that the resolution capability of the main DNS server is abnormal, so that the backup DNS server can obtain and return the response of the domain name resolution request according to pre-stored configuration data; and the pre-stored configuration data is backup data of domain name configuration data in the main DNS.
In order to achieve the above object, an embodiment of the present application further provides an electronic device, where the electronic device includes: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the domain name resolution method as described above.
To achieve the above object, an embodiment of the present application further provides a computer-readable storage medium, which stores a computer program, and when the computer program is executed by a processor, the computer program implements the domain name resolution method as described above.
According to the domain name resolution method provided by the embodiment of the application, the domain name resolution request received by the main DNS server within the first preset time is subjected to statistical analysis, the resolution capability of the main DNS server is detected and judged, the received domain name resolution request is redirected to the backup DNS server under the condition that the main DNS server is detected to have abnormal resolution capability, and the backup DNS server is used for resolving and responding the domain name resolution request according to the backup data of the domain name configuration data of the main DNS server which is stored in advance. The domain name resolution capability of the main DNS server is accurately detected through the statistical analysis according to the domain name resolution request of the main DNS server within the first preset time, the problem that the resolution capability of the main DNS server is abnormal after the response of the domain name resolution request fails is avoided, and the detection efficiency of the abnormal resolution capability is improved; the domain name resolution request is redirected to a backup DNS server, the backup DNS server replaces the main DNS server to finish the steps of resolution and response of the domain name resolution request according to domain name configuration data of the pre-backup main DNS server, the response of the domain name resolution request is finished by the backup DNS server directly in a signaling and function substitution mode, the DNS server does not need to be modified, and the response efficiency and the user experience are greatly improved.
Drawings
One or more embodiments are illustrated by the corresponding figures in the drawings, which are not meant to be limiting.
Fig. 1 is a flowchart of a domain name resolution method in an embodiment of the present application;
fig. 2 is a schematic diagram of a domain name resolution process in an embodiment of the present application;
fig. 3 is a schematic structural diagram of a domain name resolution system in another embodiment of the present application;
fig. 4 is a schematic structural diagram of an electronic device in another embodiment of the present application.
Detailed Description
As known from the background art, in order to ensure normal resolution and response of a domain name resolution request, a common method is to modify a DNS server after a corresponding failure of the DNS server, which results in extremely low response efficiency of the domain name resolution request. Therefore, how to timely and accurately complete the response to the DNS domain name resolution request and improve the user experience is a technical problem that needs to be solved urgently.
In order to solve the foregoing problems, some embodiments of the present application provide a domain name resolution method, including: detecting the resolving capability of a main DNS according to a domain name resolving request received by the main DNS within a first preset time; under the condition that the resolution capability of the main DNS server is abnormal, the received domain name resolution request is redirected to a backup DNS server, and the backup DNS server acquires and returns a response of the domain name resolution request according to pre-stored configuration data; the pre-stored configuration data is backup data of domain name configuration data in the main DNS.
To make the objects, technical solutions and advantages of the embodiments of the present application clearer, the embodiments of the present application will be described in detail below with reference to the accompanying drawings. However, it will be appreciated by those of ordinary skill in the art that in the examples of the present application, numerous technical details are set forth in order to provide a better understanding of the present application. However, the technical solution claimed in the present application can be implemented without these technical details and various changes and modifications based on the following embodiments. The following embodiments are divided for convenience of description, and should not constitute any limitation to the specific implementation manner of the present application, and the embodiments may be mutually incorporated and referred to without contradiction.
The following description will specifically describe implementation details of the domain name resolution method described in the present application with reference to specific embodiments, and the following description is only provided for facilitating understanding of the implementation details and is not necessary for implementing the present solution.
A first aspect of an embodiment of the present application provides a domain name resolution method, where a flow of the domain name resolution method refers to fig. 1, and in some embodiments, the domain name resolution method is applied to a domain name resolution system or a control terminal capable of being in communication connection with the domain name resolution system, such as an electronic device like a computer, and this embodiment is described by taking the application to the domain name resolution system as an example, and the domain name resolution method includes the following steps:
Specifically, after the domain name resolution system is deployed, the domain name resolution capability of each online main DNS server is monitored, and for each main DNS server, the resolution capability of the main DNS server is analyzed and detected according to a domain name resolution request received by the main DNS server within a first preset time period, so as to determine whether the resolution capability of the main DNS server is abnormal.
It should be noted that the specific selection of the first preset duration may be set according to a working parameter of the domain name resolution system or an actual need, and the specific value of the first preset duration is not limited in this embodiment.
In one example, the resolution capability anomaly of the primary DNS server includes one or any combination of the following: abnormal analysis service, lost domain name configuration data and the server in an attacked state. Specifically, the domain name resolution capability of the main DNS server may be abnormal due to various reasons, for example, a response to a domain name resolution request cannot be performed due to a Distributed denial of service attack (DDOS), a response failure due to a domain name resolution failure which cannot be performed normally due to a loss of domain name configuration data, an analysis service abnormality of the main DNS server itself, and the like, so that the domain name resolution system needs to comprehensively monitor common centralized analysis capability abnormality of the main DNS server, and accurately determine the analysis capability of the main DNS server through detection from multiple angles.
In another example, when the analysis capability abnormality includes an analysis service abnormality, the detecting, by the domain name resolution system, the analysis capability of the master DNS server according to the domain name resolution request received by the master DNS server within the first preset time includes: acquiring a first quantity of domain name resolution requests received by a main DNS server within a first preset time length and a second quantity of domain name resolution requests responded by the main DNS server within the first preset time length; acquiring a response ratio of the main DNS according to the second quantity and the first quantity; and under the condition that the response ratio is smaller than a first preset threshold value, judging that the main DNS server has analysis service abnormity.
Specifically, the domain name resolution system may include a monitoring system, and the monitoring system may be directly installed on the master DNS server to monitor the domain name resolution capability of the master DNS server. When the monitored analysis capability abnormality includes analysis service abnormality, acquiring a first number of domain name analysis requests received by the main DNS server within a first preset time period and a second number of domain name analysis requests successfully responded by the main DNS server within the first preset time period, for example, acquiring a number of domain name analysis requests (query rate per second request) received by the main DNS server and a number of domain name analysis requests successfully responded by the main DNS server (query rate per second response per second request) within a previous second at the current time. And then acquiring the response ratio of the main DNS server at the current moment in a first preset time according to the ratio of the response query rate per second to the request query rate per second, and detecting the size relation between the response ratio of the main DNS server and a first preset threshold value. And under the condition that the response ratio is not less than a first preset threshold value, judging that the main DNS server has normal analysis service, and under the condition that the response ratio is less than the first preset threshold value, judging that the main DNS server has abnormal analysis service. Whether the main DNS server has analysis service abnormity is accurately judged according to the response ratio of the main DNS server to the received domain name analysis request within the first preset time, and the accuracy of analysis capability abnormity detection is improved.
It should be noted that the first preset time period for obtaining the response ratio may be 1 second, or may be other time periods set according to actual needs or detection severity, which is not limited in this embodiment.
In another example, when the analysis capability abnormality includes an analysis service abnormality, the detecting, by the domain name resolution system, the analysis capability of the master DNS server according to the domain name resolution request received by the master DNS server within the first preset time includes: acquiring a first response ratio of the main DNS server within a second preset time according to a third quantity of domain name resolution requests received by the main DNS server within the second preset time and a fourth quantity of domain name resolution requests responded by the main DNS server within the second preset time; acquiring a second response ratio of the main DNS server within a third preset time according to a fifth quantity of domain name resolution requests received by the main DNS server within the third preset time and a sixth quantity of domain name resolution requests responded by the main DNS server within the third preset time; the third preset time length is equal to the second preset time length, and the sum of the third preset time length and the second preset time length is less than or equal to the first preset time length; and when the difference between the second response ratio and the first response ratio is larger than the sudden drop threshold value, judging that the main DNS server has the analysis service abnormity.
Specifically, after acquiring a domain name resolution request received by a master DNS server within a first preset time period, a domain name resolution system performs sectional statistics on the domain name resolution request received within the first preset time period and a domain name resolution request responded to, divides the first preset time period into a plurality of sections with equal time periods, and takes two of the sections as a second preset time period and a third preset time period, for example, performs sectional statistics on the domain name resolution request received by the master DNS server within 3 minutes and the domain name resolution request responded to, takes data within the second minute as data corresponding to the second preset time period, and takes data within the third minute as data corresponding to the third preset time period. Then, according to a third quantity of domain name resolution requests received by the main DNS server within a second preset time length and a fourth quantity of domain name resolution requests responded, taking the ratio of the fourth quantity to the third quantity as a first response ratio of the main DNS server within the second preset time length; and then, in a similar manner, according to the fifth quantity of the domain name resolution requests received by the main DNS server within the third preset time length and the sixth quantity of the domain name resolution requests responded, taking the ratio of the sixth quantity to the fifth quantity as a second response ratio of the main DNS server within the third preset time length. Then, a response ratio deviation between the second response ratio and the first response ratio is obtained, for example, by subtracting the second response ratio from the first response ratio. Comparing the relation between the obtained deviation of the response ratio and a preset sudden drop threshold value, and judging that the analysis service of the main DNS server is normal under the condition that the deviation of the response ratio is not greater than the sudden drop threshold value; and when the deviation of the response ratio is larger than the sudden drop threshold value, judging that the main DNS server has analysis service abnormity. Whether the main DNS server has analysis service abnormity is judged according to the response ratio deviation of the main DNS server within a certain time, and analysis capability detection is carried out from the point of performance mutation, so that the detection accuracy is ensured.
In another example, when the analysis capability abnormality includes that the server is in an attacked state, the domain name resolution system detects the analysis capability of the main DNS server according to the domain name resolution request received by the main DNS server within the first preset time period, including: acquiring a first number of domain name resolution requests received by a main DNS within a first preset time length; in the event that the first number is greater than the attack threshold, determining that the primary DNS server is in an attacked state.
Specifically, when monitoring whether a main DNS server is attacked by DDOS, a domain name resolution system directly counts a first number of domain name resolution requests received by the main DNS server within a first preset time length, compares the counted first number with a preset attack threshold value, and judges that the main DNS server is not attacked by DDOS when the first number is not greater than the attack threshold value; in the event that the first number is greater than the attack threshold, determining that the primary DNS server is in an attacked state. By counting the number of domain name resolution requests received by the main DNS server within a certain time and comparing the number with an attack threshold, whether the main DNS server is attacked by DDOS or not is visually and accurately detected, and the detection efficiency of the abnormal resolution capability is improved. It should be noted that both the attack threshold and the preset duration may be set according to the processing capability and the application scenario of the domain name resolution system, and the specific setting of the attack threshold and the preset duration is not limited in this embodiment.
In another example, when the analysis capability is abnormal and includes that the configuration data is lost, the domain name analysis system detects the analysis capability of the main DNS server according to the domain name analysis request received by the main DNS server within a first preset time period, including: acquiring a seventh quantity of domain name resolution requests aiming at the deleted domain name within a first preset time length; and under the condition that the seventh quantity is larger than a second preset threshold value, judging that the domain name configuration data loss exists in the main DNS server. Specifically, the domain name resolution system performs preliminary resolution on the domain name resolution requests received by the master DNS server, and counts a seventh number of domain name resolution requests for deleted domain names received by the master DNS server. Then comparing the magnitude relation between the seventh quantity and a second preset threshold value, and judging that the configuration data of the main DNS server is abnormal under the condition that the seventh quantity is not greater than the second preset threshold value; and under the condition that the seventh quantity is larger than a second preset threshold value, judging that the domain name configuration data of the deleted domain name is lost, and judging that the domain name configuration data of the main DNS server is lost. The domain name configuration data loss problem of the main DNS server is accurately identified by counting the number of domain name resolution requests for deleted domain names received by the main DNS server within a certain time length and judging whether the domain name configuration data are lost or not in the main DNS server by combining a second preset threshold. It should be noted that the second preset threshold may be set according to parameters such as a working scenario and processing performance of the domain name resolution system, and the specific setting of the second preset threshold is not limited in this embodiment.
And 102, redirecting the received domain name resolution request to a backup DNS server under the condition that the resolution capability of the main DNS server is abnormal, so that the backup DNS server obtains and returns a response of the domain name resolution request according to pre-stored configuration data.
Specifically, the domain name resolution system carries out signaling coding on a received domain name resolution request under the condition that the main DNS server is detected to have abnormal resolution capability, redirects the domain name resolution request to a backup DNS server, so that the backup DNS server can carry out resolution on the domain name resolution request according to pre-stored configuration data, and obtains and returns a response of the domain name resolution request, wherein the pre-stored configuration data are backup data of the domain name configuration data in the main DNS server.
In one example, a domain name resolution system redirects a received domain name resolution request to a backup DNS server, comprising: generating a domain name resolution response according to a domain name suffix of a pre-configured backup DNS server; and sending the domain name resolution response to a proxy server initiating the domain name resolution request, so that the proxy server can reinitiate the domain name resolution request to the backup DNS server according to the domain name resolution response.
Specifically, each service processed by the main DNS server in the domain name resolution system contains a specified suffix, and after being put into use, a backup suffix is requested in the domain name resolution system to be authorized to the backup DNS server, and the suffix configuration is completed on the backup DNS server, for example, the suffix of the main DNS server is a.com, and the requested backup suffix can be abk.com. Com and includes a complex series of scheduling actions, the configuration content of which is as follows: t1.a. com IN A2.2.2.2; t1.a. com IN a 2.2.2.3. In addition, the t1.a.com server has a function of configuring a preferred response to an IP, when the proxy server requests the t1.a.com, the domain name resolution system can recursively request the main DNS server, and the main DNS server selects an optimal IP as a response to the domain name resolution request according to the proxy server or the client IP carried by the request packet.
When detecting that the main DNS server has abnormal resolving capability, a monitoring system in the domain name resolving system receives resolving authority of the main DNS server and obtains a domain name suffix abk.com of a backup DNS server service corresponding to the main DNS server according to the domain name suffix a.com of the main DNS server service. Then, according to the obtained domain name suffix and domain name resolution request of the backup DNS server, generating a general domain name resolution response with the suffix of abk.com, and sending the generated general domain name resolution response to the proxy server initiating the domain name resolution request, so that the proxy server re-initiates the domain name resolution request to the backup DNS server according to the general domain name resolution response, thereby redirecting the domain name resolution request aiming at the main DNS server to the backup DNS server, after receiving the domain name resolution request of the domain name t1.a.com.abk.com, the backup DNS server strips the domain name suffix abk.com, and then inquires and feeds back the configuration content of t1.a.com according to the domain name configuration data of the pre-backup main DNS server. The domain name resolution response of the domain name resolution request is generated according to the domain name suffix of the backup DNS server, so that the proxy server can reinitiate the domain name resolution request to the backup DNS server according to the domain name resolution response, the backup DNS server is accurately utilized to replace the domain name resolution function of the main DNS server, the domain name resolution request response is completed in time only in a signaling mode under the condition that the resolution capability of the main DNS server is abnormal, the need of resetting a new main DNS server is avoided, and the response speed of the domain name resolution request is greatly improved.
Therefore, the whole flow diagram of domain name resolution is shown in fig. 2, where the user terminal initiates a domain name resolution request to the proxy server, and then the proxy server obtains the address of the master authoritative DNS server with corresponding domain name resolution authorization from the server, and sends the resolution request to the master authoritative DNS server. Under normal conditions, the DNS server directly completes the response of the domain name resolution request, and under the condition that the resolution capability of the DNS server is abnormal, the monitoring system deployed on the DNS server returns a general domain name resolution response with set survival time to the proxy server. And the proxy server initiates a domain name resolution request to the backup authoritative DNS again based on the received general domain name resolution response, then receives a response returned by the backup authoritative DNS, and transmits a domain name resolution result in the response to the user equipment to complete domain name resolution.
Further, after the domain name resolution system generates a domain name resolution response according to the domain name suffix of the preconfigured backup DNS server, the method further includes: acquiring the analysis capability abnormal type of a main DNS server; setting the survival time of the domain name resolution response as a first duration under the condition that the resolution capability abnormality type of the main DNS server is attacked abnormality; setting the survival time of the domain name resolution response as a second duration under the condition that the resolution capability abnormality type of the main DNS server is non-attacked abnormality; wherein the first duration is greater than the second duration.
Specifically, after the domain name resolution system generates the domain name resolution response, the lifetime of the domain name resolution response needs to be set, and through the effective domain name resolution response, the proxy server can recognize that the primary DNS server cannot perform normal resolution and response on the domain name resolution request corresponding to the current domain name, and further directly initiate the domain name resolution request of the current domain name to the backup DNS server. Therefore, after generating the domain name resolution response, the domain name resolution system detects the resolution capability exception type of the main DNS server, and obtains the resolution capability exception type of the main DNS server. When the analysis capability abnormity type is divided, the analysis capability abnormity caused by external attack can be used as an attacked abnormity; the analysis capability abnormality not caused by the external attack is regarded as a non-attacked abnormality. When detecting that the analysis capability abnormality type of the main DNS server is an attacked abnormality, the domain name analysis system sets the lifetime of the domain name analysis response to a first time length, for example, sets an effective time ttl to 86400, and the proxy server does not send a domain name analysis request for the current domain name to the main DNS server within 86400 s; and under the condition that the analysis capability abnormality type of the main DNS server is detected to be a non-attacked abnormality, setting the survival time of the general domain name analysis response to be a second time length shorter than the first time length, for example, setting the validation time ttl to 120, and the proxy server does not initiate a domain name analysis request for the current domain name to the main DNS server within 120 s. The domain name resolution process is accurately controlled by setting the survival time of the domain name resolution response according to the resolution capability abnormity type of the main DNS server, so that a proxy server is prevented from initiating a meaningless domain name resolution request to the main DNS server, and the processing speed of domain name resolution is increased. It should be noted that the specific durations of the first duration and the second duration may be set according to actual needs or performance of the domain name resolution system, and the specific settings of the first duration and the second duration are not limited in this embodiment.
In another example, when the domain name resolution system performs domain name configuration data backup of the main DNS server in the backup DNS server, the newly added or modified domain name configuration data is backed up to the backup DNS server when the domain name configuration data of the main DNS server is newly added or modified; and deleting the domain name configuration data meeting the backup deletion condition in the backup DNS server under the condition that the domain name configuration data of the main DNS server is deleted.
Specifically, the original domain name configuration data on the master DNS server: t1.a. com IN A2.2.2.2; com IN a 2.2.2.3, the domain name resolution system performs backup storage on the domain name configuration data on the backup DNS server, and the backup DNS server includes the domain name configuration data: t1.a.com IN A2.2.2.2; t1.a. com IN a 2.2.2.3. Upon detecting a change in domain name configuration data for the primary DNS server: t1.a.com IN A2.2.2.2; t1.a. com IN a 2.2.2.3; after t2.a.com IN a 3.3.3.3, the domain name resolution system updates the domain name configuration data stored on the backup DNS server to: t1.a. com IN A2.2.2.2; t1.a. com IN a 2.2.2.3; t2.a. com IN a 3.3.3.3. Then, it is detected that the domain name configuration data on the primary DNS server is changed again to: t1.a.com IN A2.2.2.2; after t1.a.com IN a 2.2.2.3, the domain name resolution system detects whether t2.a.com IN a 3.3.3.3 satisfies the backup deletion condition, and changes the domain name configuration data stored on the backup DNS server to: t1.a. com IN A2.2.2.2; t1.a. com IN a 2.2.2.3.
In addition, when the domain name configuration data on the primary DNS server is modified, the domain name resolution system may update the domain name configuration data stored on the backup DNS server in time. The consistency of the domain name configuration data in the backup DNS server and the domain name configuration data in the main DNS server is ensured by synchronizing the addition and the modification of the domain name configuration data in time; after the domain name configuration data deleted by the main DNS server meets the backup deletion condition, the domain name configuration data in the backup DNS server is correspondingly deleted, so that the mistaken deletion caused by data loss of the main DNS server is avoided.
It is worth mentioning that when the domain name resolution system performs domain name configuration data backup of the main DNS server on the backup DNS server, the domain name resolution system not only can directly perform domain name configuration data backup of the main DNS server, but also can perform certain domain name conversion on the domain name configuration data of the main DNS server according to a suffix of a domain name resolution request which may be received by the backup DNS server. For example, the domain name suffix of the primary DNS server is a.com, the domain name suffix of the backup DNS server is abk.com, and the domain name configuration data IN the primary DNS server is t1.a.com IN a 2.2.2.2; t1.a. com IN a 2.2.2.3. The backup DNS server may receive a domain name resolution request that is initiated according to the generic domain name resolution, and therefore, the structure of the domain name resolution request may be t1.a.com.abk.com or t1.abk.com, and the domain name resolution system directly stores domain name configuration data as t1.a.com.abk.com IN a 2.2.2.2 IN the backup DNS server; t1.a.com.abk.com IN a 2.2.2.3; or t1.abk.com IN a 2.2.2.2; t1.abk. com IN a 2.2.2.3. Further, the backup DNS server is prevented from needing domain name suffix stripping, and the response speed of the domain name resolution request is further improved.
Further, deleting the domain name configuration information satisfying the backup deletion condition in the backup DNS server, including: acquiring a domain name resolution request record within a fourth preset time length, and detecting whether a domain name resolution request aiming at a target domain name exists or not; the target domain name is a domain name corresponding to the deleted domain name configuration information; and deleting the domain name configuration information corresponding to the target domain name stored in the backup DNS server under the condition that the domain name resolution request aiming at the target domain name does not exist.
Specifically, when detecting whether the deleted domain name configuration data meets the backup deletion condition, the domain name resolution system acquires a domain name resolution request record received by the main DNS server within a fourth preset time period, analyzes the acquired domain name resolution request record, detects whether a domain name resolution request for a target domain name corresponding to the deleted domain name configuration data exists, determines that the deleted domain name configuration data is possibly deleted by mistake when detecting that the domain name resolution request for the target domain name exists, does not meet the backup deletion condition, and retains the backup of the deleted domain name configuration data on the backup DNS server; and under the condition that the domain name resolution request aiming at the target domain name does not exist, judging that the deleted domain name configuration data is normally deleted, and deleting the backup data in the backup DNS server. By correspondingly deleting the domain name configuration data deleted by the main DNS after detecting that no domain name resolution request aiming at the domain name corresponding to the deleted domain name configuration data exists, the mistaken deletion of the backup data caused by the data loss of the main DNS is avoided as much as possible.
In addition, it should be understood that the above steps of the various methods are divided for clarity, and the implementation may be combined into one step or split into some steps, and the steps are divided into multiple steps, so long as the same logical relationship is included in the protection scope of the present patent; it is within the scope of the patent to add insignificant modifications to the algorithms or processes or to introduce insignificant design changes to the core design without changing the algorithms or processes.
Another aspect of the embodiments of the present application relates to a domain name resolution system, referring to fig. 3, including:
the detecting module 301 is configured to detect the resolving capability of the main DNS server according to a domain name resolution request received by the main DNS server within a first preset time.
A response module 302, configured to redirect the received domain name resolution request to a backup DNS server when the resolution capability of the primary DNS server is abnormal, so that the backup DNS server obtains and returns a response to the domain name resolution request according to pre-stored configuration data; the pre-stored configuration data is backup data of domain name configuration data in the main DNS.
It should be understood that the present embodiment is an apparatus embodiment corresponding to the method embodiment, and the present embodiment can be implemented in cooperation with the method embodiment. The related technical details mentioned in the method embodiment are still valid in this embodiment, and are not described herein again in order to reduce repetition. Accordingly, the related art details mentioned in the present embodiment can also be applied in the method embodiment.
It should be noted that, all the modules involved in this embodiment are logic modules, and in practical application, one logic unit may be one physical unit, may also be a part of one physical unit, and may also be implemented by a combination of multiple physical units. In addition, in order to highlight the innovative part of the present invention, a unit which is not so closely related to solve the technical problem proposed by the present invention is not introduced in the present embodiment, but this does not indicate that there is no other unit in the present embodiment.
An embodiment of the present application further provides an electronic device, with reference to fig. 4, including: comprises at least one processor 401; and a memory 402 communicatively coupled to the at least one processor 401; the memory 402 stores instructions executable by the at least one processor 401, and the instructions are executed by the at least one processor 401, so that the at least one processor 401 can execute the domain name resolution method described in any of the above method embodiments.
Where the memory 402 and the processor 401 are coupled by a bus, the bus may comprise any number of interconnected buses and bridges that couple one or more of the various circuits of the processor 401 and the memory 402 together. The bus may also connect various other circuits such as peripherals, voltage regulators, power management circuits, and the like, which are well known in the art, and therefore, will not be described any further herein. A bus interface provides an interface between the bus and the transceiver. The transceiver may be one element or a plurality of elements, such as a plurality of receivers and transmitters, providing a means for communicating with various other apparatus over a transmission medium. Data processed by the processor 401 may be transmitted over a wireless medium through an antenna, which may receive the data and transmit the data to the processor 401.
The processor 401 is responsible for managing the bus and general processing and may provide various functions including timing, peripheral interfaces, voltage regulation, power management, and other control functions. And memory 402 may be used to store data used by processor 401 in performing operations.
Another aspect of the embodiments of the present application also provides a computer-readable storage medium storing a computer program. The computer program realizes the above-described method embodiments when executed by a processor.
That is, as can be understood by those skilled in the art, all or part of the steps in the method for implementing the embodiments described above may be implemented by a program instructing related hardware, where the program is stored in a storage medium and includes several instructions to enable a device (which may be a single chip, a chip, or the like) or a processor (processor) to execute all or part of the steps of the method described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
It will be understood by those of ordinary skill in the art that the foregoing embodiments are specific examples of implementations of the present application and that various changes in form and details may be made therein without departing from the spirit and scope of the present application.
Claims (13)
1.A domain name resolution method is characterized by comprising the following steps:
detecting the resolving capability of a main DNS according to a domain name resolving request received by the main DNS within a first preset time;
under the condition that the resolution capability of the main DNS server is abnormal, the received domain name resolution request is redirected to a backup DNS server, so that the backup DNS server obtains and returns a response of the domain name resolution request according to prestored configuration data;
and the pre-stored configuration data is backup data of domain name configuration data in the main DNS.
2. The domain name resolution method according to claim 1, wherein the resolution capability anomaly comprises one or any combination of the following:
abnormal analysis service, lost domain name configuration data and the server in an attacked state.
3. The domain name resolution method according to claim 2, wherein, when the resolution capability abnormality includes the resolution service abnormality, the detecting the resolution capability of the master DNS server according to the domain name resolution request received by the master DNS server within the first preset time period includes:
acquiring a first number of the domain name resolution requests received by the main DNS within the first preset time length and a second number of the domain name resolution requests responded by the main DNS within the first preset time length;
acquiring a response ratio of the main DNS according to the second quantity and the first quantity;
and under the condition that the response ratio is smaller than a first preset threshold value, judging that the main DNS server has analysis service abnormity.
4. The domain name resolution method according to claim 2, wherein, when the analysis capability abnormality includes the analysis service abnormality, the detecting the analysis capability of the master DNS server according to the domain name resolution request received by the master DNS server within a first preset duration includes:
acquiring a first response ratio of the main DNS server within a second preset time according to a third quantity of the domain name resolution requests received by the main DNS server within the second preset time and a fourth quantity of the domain name resolution requests responded by the main DNS server within the second preset time;
acquiring a second response ratio of the main DNS server within a third preset time according to a fifth quantity of the domain name resolution requests received by the main DNS server within the third preset time and a sixth quantity of the domain name resolution requests responded by the main DNS server within the third preset time; the third preset time length is equal to the second preset time length, and the sum of the third preset time length and the second preset time length is less than or equal to the first preset time length;
and when the difference between the second response ratio and the first response ratio is larger than a sudden drop threshold value, judging that the main DNS server has an abnormal resolution service.
5. The domain name resolution method according to claim 2, wherein, when the analysis capability abnormality includes that the server is in an attacked state, the detecting the analysis capability of the master DNS server according to the domain name resolution request received by the master DNS server within the first preset duration includes:
acquiring a first number of the domain name resolution requests received by the main DNS within the first preset time length;
determining that the primary DNS server is in an attacked state if the first number is greater than an attack threshold.
6. The domain name resolution method according to claim 2, wherein, when the analysis capability is abnormal and includes that the configuration data is lost, the detecting the analysis capability of the main DNS server according to the domain name resolution request received by the main DNS server within a first preset time includes:
acquiring a seventh quantity of the domain name resolution requests aiming at the deleted domain name within the first preset time length;
and under the condition that the seventh quantity is larger than a second preset threshold value, judging that the domain name configuration data loss exists in the main DNS server.
7. The domain name resolution method according to claim 1, wherein the redirecting the received domain name resolution request to a backup DNS server comprises:
generating a domain name resolution response according to a preconfigured domain name suffix of the backup DNS server;
and sending the extensive domain name resolution response to a proxy server initiating the domain name resolution request, so that the proxy server can reinitiate the domain name resolution request to the backup DNS server according to the extensive domain name resolution response.
8. The domain name resolution method according to claim 7, wherein after generating a generic domain name resolution response according to the preconfigured domain name suffix of the backup DNS server, the method further comprises:
acquiring the analysis capability exception type of the main DNS server;
setting the survival time of the domain name resolution response to be a first duration under the condition that the resolution capability abnormity type of the main DNS server is attacked abnormity;
setting the survival time of the domain name resolution response to be a second duration under the condition that the resolution capability exception type of the main DNS server is non-attacked exception;
wherein the first duration is greater than the second duration.
9. The domain name resolution method according to any one of claims 1 to 8, further comprising:
under the condition that the domain name configuration data of the main DNS server is newly added or modified, the newly added or modified domain name configuration data is backed up to the backup DNS server;
and deleting the domain name configuration data meeting the backup deletion condition in the backup DNS under the condition that the domain name configuration data of the main DNS is deleted.
10. The domain name resolution method according to claim 9, wherein the deleting the domain name configuration data satisfying a backup deletion condition in the backup DNS server comprises:
acquiring a domain name resolution request record within a fourth preset time length, and detecting whether the domain name resolution request aiming at the target domain name exists or not; the target domain name is a domain name corresponding to the deleted domain name configuration information;
and deleting the domain name configuration information corresponding to the target domain name stored in the backup DNS server under the condition that a domain name resolution request aiming at the target domain name does not exist.
11. A domain name resolution system, comprising:
the detection module is used for detecting the resolution capability of the main DNS according to a domain name resolution request received by the main DNS within a first preset time;
the response module is used for redirecting the received domain name resolution request to a backup DNS server under the condition that the resolution capability of the main DNS server is abnormal, so that the backup DNS server can obtain and return the response of the domain name resolution request according to pre-stored configuration data;
and the pre-stored configuration data is backup data of domain name configuration data in the main DNS.
12. An electronic device, comprising:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform a domain name resolution method according to any one of claims 1 to 10.
13. A computer-readable storage medium storing a computer program, wherein the computer program, when executed by a processor, implements the domain name resolution method according to any one of claims 1 to 10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210179854.5A CN114666302A (en) | 2022-02-25 | 2022-02-25 | Domain name resolution method, system, electronic device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210179854.5A CN114666302A (en) | 2022-02-25 | 2022-02-25 | Domain name resolution method, system, electronic device and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114666302A true CN114666302A (en) | 2022-06-24 |
Family
ID=82027298
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210179854.5A Pending CN114666302A (en) | 2022-02-25 | 2022-02-25 | Domain name resolution method, system, electronic device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114666302A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110090900A1 (en) * | 2009-10-20 | 2011-04-21 | Jackson James E | Controlling registration floods in VoIP networks via DNS |
| CN103248725A (en) * | 2013-05-23 | 2013-08-14 | 中国科学院计算机网络信息中心 | Safe and reliable domain name resolution repairing method and system |
| CN106790746A (en) * | 2016-12-09 | 2017-05-31 | 互联网域名系统北京市工程研究中心有限公司 | A kind of distributed domain name storage and parsing method and system |
| WO2021120355A1 (en) * | 2019-12-18 | 2021-06-24 | 网宿科技股份有限公司 | Domain name parsing method, authoritative domain name server and local domain name server |
-
2022
- 2022-02-25 CN CN202210179854.5A patent/CN114666302A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110090900A1 (en) * | 2009-10-20 | 2011-04-21 | Jackson James E | Controlling registration floods in VoIP networks via DNS |
| CN103248725A (en) * | 2013-05-23 | 2013-08-14 | 中国科学院计算机网络信息中心 | Safe and reliable domain name resolution repairing method and system |
| CN106790746A (en) * | 2016-12-09 | 2017-05-31 | 互联网域名系统北京市工程研究中心有限公司 | A kind of distributed domain name storage and parsing method and system |
| WO2021120355A1 (en) * | 2019-12-18 | 2021-06-24 | 网宿科技股份有限公司 | Domain name parsing method, authoritative domain name server and local domain name server |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106302434B (en) | Server adaptation method, device and system | |
| US10911430B2 (en) | Account login connection method and apparatus, and storage medium | |
| US20080275962A1 (en) | Remote access providing computer system and method for managing same | |
| CN108471369B (en) | Network dialing method, device and storage medium | |
| CN112261172B (en) | Service addressing access method, device, system, equipment and medium | |
| US6763372B1 (en) | Load balancing of chat servers based on gradients | |
| CN111400777B (en) | Network storage system, user authentication method, device and equipment | |
| CN113141412B (en) | Domain name switching method, system, device, equipment and storage medium | |
| CN111126940B (en) | Service application processing method, device, equipment and computer readable storage medium | |
| CN110674096B (en) | Node troubleshooting method, device and equipment and computer readable storage medium | |
| CN111147468A (en) | User access method, device, electronic equipment and storage medium | |
| CN113489689B (en) | Authentication method and device for access request, storage medium and electronic equipment | |
| KR101632835B1 (en) | Method of auto setting protoco in programmable logic controller system | |
| CN110380981B (en) | Flow distribution method and equipment | |
| WO2024021703A1 (en) | Server control method, server, and storage medium | |
| CN114666302A (en) | Domain name resolution method, system, electronic device and storage medium | |
| CN114745413B (en) | Access control method and device for server, computer equipment and storage medium | |
| CN114389890B (en) | User request proxy method, server and storage medium | |
| CN115242494A (en) | Method, system, device and medium for controlling equipment access | |
| CN111131397B (en) | Application management method and system, gateway platform, server and storage medium | |
| CN110995738B (en) | Violent cracking behavior identification method and device, electronic equipment and readable storage medium | |
| CN110636090B (en) | Data synchronization method and device under narrow bandwidth condition | |
| CN113364725A (en) | Illegal detection event detection method, device, equipment and readable storage medium | |
| CN111901243A (en) | Service request routing method, scheduler and service platform | |
| US9830207B2 (en) | Message communication system and operation method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |