CN116032883B - Domain name resolution request processing method, device, equipment and storage medium - Google Patents
Domain name resolution request processing method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN116032883B CN116032883B CN202210780548.7A CN202210780548A CN116032883B CN 116032883 B CN116032883 B CN 116032883B CN 202210780548 A CN202210780548 A CN 202210780548A CN 116032883 B CN116032883 B CN 116032883B
- Authority
- CN
- China
- Prior art keywords
- domain name
- router
- name resolution
- resolution request
- request message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000003672 processing method Methods 0.000 title description 13
- 238000000034 method Methods 0.000 claims abstract description 90
- 238000012545 processing Methods 0.000 claims abstract description 52
- 230000004044 response Effects 0.000 claims description 78
- 230000008569 process Effects 0.000 claims description 52
- 238000011144 upstream manufacturing Methods 0.000 claims description 42
- 238000006243 chemical reaction Methods 0.000 claims description 25
- 238000013519 translation Methods 0.000 claims description 23
- 238000004590 computer program Methods 0.000 claims description 5
- 238000012546 transfer Methods 0.000 claims description 5
- 238000007726 management method Methods 0.000 description 138
- 230000006870 function Effects 0.000 description 26
- 238000004891 communication Methods 0.000 description 9
- 238000013507 mapping Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 6
- 101000652292 Homo sapiens Serotonin N-acetyltransferase Proteins 0.000 description 4
- 102100030547 Serotonin N-acetyltransferase Human genes 0.000 description 4
- 230000000694 effects Effects 0.000 description 3
- 238000007689 inspection Methods 0.000 description 3
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application discloses a method, a device, equipment and a storage medium for processing a domain name resolution request, and belongs to the technical field of routing. The method comprises the following steps: under the condition of working in a bridging mode, a router receives a first domain name resolution request message sent by downlink equipment, wherein the first domain name resolution request message carries a target domain name and a first destination address of a request, and the first destination is a network address of the uplink equipment; if the target domain name is detected to be the management domain name of the router, converting the first destination address in the first domain name resolution request message into a second destination address, and obtaining a second domain name resolution request message, wherein the second destination address is the network address of the router; determining an IP address corresponding to the management domain name according to the second domain name resolution request message; and sending the IP address to downstream equipment. Therefore, when the router works in the bridge mode, the downstream equipment can still be ensured to access the management page of the router through the management domain name.
Description
Technical Field
The present application relates to the field of routing technologies, and in particular, to a method, an apparatus, a device, and a storage medium for processing a domain name resolution request.
Background
When a user surfs the internet, the user can access the web page through the domain name of the web page. If the user equipment detects the domain name access operation of the user, a domain name resolution request message can be sent to the router, wherein the domain name resolution request message carries the domain name requested by the user equipment so as to request to acquire an internet protocol (internet protocol, IP) address corresponding to the domain name, and the web page is accessed according to the IP address.
In general, in order to enable a user to more conveniently access a management page of a router, the router is managed or set, and two ways of accessing the management page of the router are provided for the user by the router, one is through an IP address of the management page, and the other is through a management domain of the management page. The router stores the mapping relation between the management domain name and the IP address of the management page of the router. If the user equipment detects that the user accesses the management page through the management domain name, a domain name resolution request message is sent to the router, wherein the domain name resolution request message carries the management domain name of the request. When the router works in the routing mode, the received domain name resolution request message can be processed, namely, an IP address corresponding to the management domain name carried by the domain name resolution request message is determined, and the IP address is sent to the user equipment, so that the user equipment accesses the management page of the router according to the IP address. However, when the router works in the bridge mode, the router is equivalent to a bridge between the downstream device and the upstream device, has only a data forwarding function, has no data processing function, and is used for directly forwarding the data packet from the downstream device to the upstream device and directly forwarding the data packet from the upstream device to the downstream device, so that the router does not process the domain name resolution request message, but forwards the domain name resolution request message to the upstream device of the router. However, only the router can resolve the IP address corresponding to the management domain name, and other devices cannot resolve the IP address, so that after the upstream device of the router receives the domain name resolution request message, the upstream device cannot resolve the IP address corresponding to the management domain name, which results in that the user device cannot obtain the IP address corresponding to the management domain name, and therefore cannot access the management page of the router. Therefore, there is a need for a method that enables a user equipment to access a management page of a router through a management domain name of the router when the router operates in a bridge mode.
Disclosure of Invention
The application provides a processing method, a device, equipment and a storage medium for a domain name resolution request, which can ensure that user equipment can access a management page of a router through management domain names when the router works in a bridging mode. The technical scheme is as follows:
in a first aspect, a method for processing a domain name resolution request is provided, where the method includes:
under the condition of working in a bridging mode, receiving a first domain name resolution request message sent by downlink equipment of the router, wherein the first domain name resolution request message carries a target domain name and a first destination address of a request, and the first destination address is a network address of uplink equipment of the router; if the target domain name is detected to be the management domain name of the router, converting the first destination address in the first domain name resolution request message into a second destination address, wherein the converted first domain name resolution request message is a second domain name resolution request message, and the second destination address is the network address of the router; determining an IP address corresponding to the management domain name according to the second domain name resolution request message; and sending the IP address to the downlink equipment.
That is, when the router works in the bridge mode, it can detect whether the domain name carried by the domain name resolution request message sent by the downstream device is a management domain name of the router, if it is detected that the domain name carried by the domain name resolution request message is a management domain name of the router, the domain name resolution request message can be redirected to the local processing instead of being forwarded to the upstream device by converting the destination address of the domain name resolution request message into the local address of the router, so that the router can process the domain name resolution request message after the destination address conversion, and return the IP address corresponding to the management domain name to the downstream device, so that the downstream device accesses the management page of the router according to the returned IP address. Therefore, when the router works in the bridge mode, the downstream equipment can still be ensured to access the management page of the router through the management domain name.
Optionally, the router is configured with a network address translation NAT table, where the NAT table includes a specified NAT rule, where the specified NAT rule is used to indicate that if a domain name requested in a domain name resolution request packet received by the router is a management domain name of the router, then converting a destination address in the domain name resolution request packet into a network address of the router;
If the target domain name is detected as the management domain name of the router, converting the first destination address in the first domain name resolution request message into a second destination address, including:
and under the condition that the target domain name is the management domain name of the router, performing network address conversion on the first domain name resolution request message according to the appointed NAT rule in the NAT table so as to convert the first destination address in the first domain name resolution request message into the second destination address.
Therefore, the mode of adding the appointed NAT rule in the NAT table configured by the router can be used for realizing that the domain name carried by the received domain name resolution request message is the management domain name of the router, and the destination address of the domain name resolution request message is converted into the local address of the router so as to redirect the domain name resolution request message request to the local processing instead of forwarding to the uplink equipment.
Optionally, the NAT table is a DNAT table configured for a pre-routing chain of the router, where the pre-routing chain is a transit chain through which a data packet sent to the router passes;
if the target domain name is the management domain name of the router, performing network address translation on the first domain name resolution request message according to the specified NAT rule in the NAT table, including:
After the first domain name resolution request message reaches the pre-routing chain, under the condition that the target domain name is the management domain name of the router, performing network address conversion on the first domain name resolution request message on the pre-routing chain of the router according to the appointed NAT rule in the NAT table.
In this way, by adding the specified NAT rule in the DNAT table of the pre-routing chain configured by the router, the domain name carried in the received domain name resolution request packet is a management domain name of the router, and the destination address of the domain name resolution request packet is converted into the local address of the router, so that the domain name resolution request packet is redirected to the local process, instead of being forwarded to the upstream device.
Optionally, before performing network address translation on the first domain name resolution request packet according to the specified NAT rule in the NAT table, the method further includes:
and adding the appointed NAT rule in the initial NAT table when the initial NAT table configured by the router does not comprise the appointed NAT rule, wherein the initial NAT table after adding the appointed NAT rule is the NAT table.
Optionally, the sending the IP address to the downstream device includes:
and sending a domain name resolution response message to the downlink equipment, wherein the domain name resolution response message carries the IP address.
Optionally, before determining the IP address corresponding to the management domain name according to the second domain name resolution request packet, the method further includes:
the second domain name resolution request message is sent to an input chain of the router, and the input chain is used for processing the data packet sent to the router;
the determining the IP address corresponding to the management domain name according to the second domain name resolution request message includes:
if the second domain name resolution request message passes the rule check of the input chain, determining a target IP address corresponding to the management domain name according to the second domain name resolution request message through the local process of the router.
Optionally, after the determining, by the local process of the router, the target IP address corresponding to the management domain name according to the second domain name resolution request packet, the method further includes:
generating a domain name resolution response message through a local process of the router, wherein the domain name resolution response message carries the IP address;
sending the domain name resolution response message to an output chain of the router, wherein the output chain is used for processing a data packet from the router;
the sending the IP address to the downstream device includes:
and if the domain name resolution response message passes the rule check of the output chain, sending the domain name resolution response message to the downlink equipment.
Optionally, if the domain name resolution response message passes the rule check of the output chain, sending the domain name resolution response message to the downstream device, including:
if the domain name resolution response message passes the rule check of the output chain, the domain name resolution response message is sent to a rear routing chain of the router, wherein the rear routing chain is a transfer chain through which a data packet sent from the router passes;
and sending the domain name resolution response message to the downlink equipment through a rear routing chain of the router.
Optionally, after receiving the first domain name resolution request packet sent by the downstream device in the case of being in the bridge mode, the method further includes:
and if the target domain name is detected not to be the management domain name of the router, the first domain name resolution request message is sent to the uplink equipment of the router.
Optionally, the sending the first domain name resolution request packet to the upstream device of the router includes:
the first domain name resolution request message is sent to a forward link of the router, and the forward link is used for processing the data packet passing through the router;
and if the first domain name resolution request message passes the rule check of the forward link, sending the first domain name resolution request to uplink equipment of the router.
In a second aspect, a processing device for a domain name resolution request is provided, where the processing device for a domain name resolution request has a function of implementing the behavior of the processing method for a domain name resolution request in the first aspect. The processing device of the domain name resolution request comprises at least one module, and the at least one module is used for realizing the processing method of the domain name resolution request provided in the first aspect.
In a third aspect, a processing apparatus for a domain name resolution request is provided, where the processing apparatus for a domain name resolution request includes a processor and a memory, and the memory is configured to store a program for supporting the processing apparatus for a domain name resolution request to execute the processing method for a domain name resolution request provided in the first aspect, and store data related to the processing method for implementing the processing method for a domain name resolution request in the first aspect. The processor is configured to execute a program stored in the memory. The processing means of the domain name resolution request may further comprise a communication bus for establishing a connection between the processor and the memory. For example, the processing device of the domain name resolution request is a router.
In a fourth aspect, there is provided a computer readable storage medium having instructions stored therein, which when run on a computer, cause the computer to perform the method for processing a domain name resolution request according to the first aspect.
In a fifth aspect, there is provided a computer program product comprising instructions which, when run on a computer, cause the computer to perform the method of processing a domain name resolution request as described in the first aspect above.
The technical effects obtained by the second, third, fourth and fifth aspects are similar to the technical effects obtained by the corresponding technical means in the first aspect, and are not described in detail herein.
Drawings
Fig. 1 is a schematic flow chart of a related art method for requesting a user device to access a web page through a domain name when a router operates in a bridge mode;
FIG. 2 is a schematic flow chart of a user equipment access router management page provided in the related art;
fig. 3 is a schematic flow chart of a user equipment access router management page according to an embodiment of the present application;
fig. 4 is a logic schematic diagram of a router processing a domain name resolution request packet according to an embodiment of the present application;
FIG. 5 is a flowchart of a method for processing a domain name resolution request according to an embodiment of the present application;
FIG. 6 is a flowchart of another method for processing a domain name resolution request according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of a processing device for domain name resolution request according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of a computer device according to an embodiment of the present application.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the present application more apparent, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
It should be understood that references to "a plurality" in this disclosure refer to two or more. In the description of the present application, "/" means or, unless otherwise indicated, for example, A/B may represent A or B; "and/or" herein is merely an association relationship describing an association object, and means that three relationships may exist, for example, a and/or B may mean: a exists alone, A and B exist together, and B exists alone. In addition, in order to facilitate the clear description of the technical solution of the present application, the words "first", "second", etc. are used to distinguish the same item or similar items having substantially the same function and function. It will be appreciated by those of skill in the art that the words "first," "second," and the like do not limit the amount and order of execution, and that the words "first," "second," and the like do not necessarily differ.
Before explaining the processing method of the domain name resolution request provided by the embodiment of the application in detail, explanation is first made on nouns related to the embodiment of the application.
Routing mode: the router may process received data packets when operating in a routing mode.
Bridge mode: when the router works in the bridge mode, the router is equivalent to a bridge between the downlink equipment and the uplink equipment, has only a data forwarding function and has no data processing function, and is used for directly forwarding a data packet sent to the router by the downlink equipment to the uplink equipment and directly forwarding the data packet sent to the router by the uplink equipment to the downlink equipment. For example, the downstream device of the router is a user equipment, and the upstream device is an upper router. Of course, the downstream device and the upstream device of the router may be other devices, which is not limited in the embodiment of the present application.
Network address translation (network address translation, NAT) table: routers are configured with multiple types of rules (rule) that can be classified and managed in different rule tables. The NAT table is used to manage rules for handling address translation, such as the NAT table including at least one network address translation rule. In addition, NAT tables can be further divided into destination network address translation (destination network address translation, DNAT) tables and source network address translation (source network address translation, SNAT) tables. The DNAT table is used to manage destination address translation rules and the SNAT table is used to manage source address translation rules.
Pre-routing (routing) chain: the routing chain is a transfer chain through which a packet sent to the router passes, that is, a transfer chain through which a packet flowing to the router is processed in advance. The routing chain is typically located before the routing process. The prerouting chain may be configured with several rule tables or functions, such as with DNAT tables. Of course, other rule tables or functions may be configured, such as a native (raw) table, a connection trace (connection tracking) function, a modification (mangle) table, or a filter (filter) table, among others.
connection tracking function: once the function is turned on, each packet (except for the one marked by the rule in the raw table) can be tracked by the function, all connection states are maintained, and then these states can be referenced by the rules in the other tables.
raw table: rules in the raw table are used to label packets to control that the labeled packets are not tracked by connection tracking.
mangle table: the rules in the mangle table are mainly used for modifying the header of the data packet, such as modifying the Time To Live (TTL) value, and also used for adding some marks To the data packet, so as To facilitate the subsequent processing of the data packet by other modules.
filter table: the rules in the filter table are mainly used to filter packets and control which packets are allowed to pass and which data are not allowed to pass.
Routing (routing) table: the routing table stores paths pointing to specific network addresses, and routes data packets according to the paths pointing to the specific network addresses.
Input (input) chain: the input chain is used for processing the data packet sent to the reason. The input chain is typically located before the local process of the router, and the packets located in the input chain are then sent to the local process of the router for processing. The input chain may also be configured with several rule tables or functions, such as a mangle table or a filter table.
Output (output) chain: the output chain is used to process packets originating from the router, i.e. to process packets sent from the router. The output chain is usually located after the local process of the router, and the data packet sent after the local process of the router is processed is usually sent to the output chain first. The output chain may also be configured with several rule tables or functions, such as a filter table, a DNAT table, a mangle table, a connection tracking function, a raw table, or the like.
Post-routing (routing) chain: the polling link is a transfer link through which a packet sent from the router passes, and the packet sent from the router can be sent to an external device through the polling link. The bridging chain may also be configured with several rule tables or functions, such as with a SNAT table or a mangle table.
Forward (forward) chain: the forward chain is used to process packets passing through the router, i.e. to process packets forwarded by the router. The data packet forwarded by the router may be forwarded to the forward link first, and forwarded to the external device by the forward link. The forward chain may also be configured with several rule tables or functions, such as with a mangle table or a filter table.
Next, an application scenario according to an embodiment of the present application will be described.
When a user surfs the internet, the user can access the web page through the domain name of the web page. Referring to fig. 1, fig. 1 is a schematic flow chart of a related art in which a user device requests access to a web page through a domain name when a router operates in a bridge mode. As shown in fig. 1, the process includes the steps of:
1) If the user equipment detects the domain name access operation of the user, the user equipment sends a domain name resolution request message to the router.
The domain name resolution request message carries the requested domain name so as to request to acquire the IP address corresponding to the domain name, and the webpage is accessed according to the IP address.
2) And in the case that the router works in the bridge mode, the router forwards the domain name resolution request message to upstream equipment of the router.
When the router works in the bridge mode, the router is equivalent to a bridge between the downlink equipment and the uplink equipment, has only a data forwarding function and does not have a data processing function, so the router does not process the domain name resolution request message, but forwards the domain name resolution request message to the uplink equipment of the router, and the uplink equipment processes the domain name resolution request message.
3) The router monitors the domain name resolution response message of the uplink equipment.
4) And the uplink equipment sends a domain name resolution response message of the domain name resolution request message to the router.
If the uplink equipment can respond to the domain name resolution request message to obtain a domain name resolution response message of the domain name resolution request message, the obtained domain name resolution response message can be sent to the router.
5) The router forwards the domain name resolution response message to the user device.
In addition, before the user uses the user equipment to surf the internet, the user equipment needs to be connected to the router by means of a dynamic host configuration protocol (dynamic host configuration protocol, DHCP) to acquire an IP address allocated by the DHCP server to the user equipment and a network address of a domain name system (domain name system, DNS) server. When the router operates in the routing mode, the DHCP server is a router, and thus the network address of the DNS server assigned to the user equipment is the network address of the router itself. When the router operates in the bridge mode, the DHCP server is an upstream device of the router, and thus the network address of the DNS server assigned to the user device is the network address of the upstream device of the router.
In general, in order to enable a user to access a management page of a router more conveniently, the router is managed or set, and two ways of accessing the management page of the router are provided for the user by the router, one way is to access the management page through an IP address of the management page, and the other way is to access the management page through a management domain of the management page.
Referring to fig. 2, fig. 2 is a schematic flow chart of a user equipment access router management page provided in the related art. As shown in fig. 2, the downstream device of the router 20 is the user equipment 10, and the upstream device 30 of the router 20 may be an upstream router of the router 20 or the like.
If the ue 10 detects that the user requests access to the management page of the router by managing domain names, a domain name resolution request message is sent to the router 20, where the domain name resolution request message carries the management domain name and the destination address of the request, and the destination address is the network address of the DNS server obtained from the DHCP server. The router 20 stores the correspondence of the management domain name IP address of the management page of the router.
In the case that the router 20 operates in the routing mode, since the network address of the DNS server returned to the user equipment 10 in advance is the network address of the router 20, the destination address carried by the domain name resolution request packet is the network address of the router 20. After the router 20 working in the routing mode receives the domain name resolution request message, it detects that the destination address carried by the domain name resolution request message is a local address, so that the domain name resolution request message can be directly processed, that is, an IP address corresponding to the management domain name requested by the domain name resolution request message is determined, and the IP address is sent to the user equipment 10, so that the user equipment 10 accesses the management page of the router 20 according to the IP address.
However, when the router 20 operates in the bridge mode, since the network address of the DNS server returned to the user equipment 10 in advance is the network address of the upstream device 30 of the router 20, the destination address carried by the domain name resolution request packet is the network address of the upstream device 30 of the router 20. After receiving the domain name resolution request message, the router 20 operating in the bridge mode detects that the destination address carried by the domain name resolution request message is not a local address, but is a network address of the upstream device 30 of the router 20, and therefore sends the domain name resolution request message to the upstream device 30 of the router 20. However, only the router 20 can identify the management domain name, and other DNS servers cannot identify the management domain name, so that the upstream device 30 of the router 20 cannot resolve the IP address corresponding to the management domain name, and therefore the user device 10 cannot obtain the IP address corresponding to the management domain name, and therefore cannot access the management page of the router 20. Therefore, there is a need for a method that enables a user equipment to access a management page of a router by managing domain names when the router is operating in a bridge mode.
In the embodiment of the application, in order to solve the problem that user equipment cannot access the management page of the router through managing domain names when the router works in the bridge mode, the application provides a processing method of domain name resolution requests.
For example, when the router works in the bridge mode, if the domain name requested by the received domain name resolution request message is detected to be the management domain name of the router, the destination address carried by the domain name resolution request message is converted into the local address of the router, so that the router can directly resolve the converted domain name resolution request message to obtain the IP address corresponding to the management domain name and return the IP address to the user equipment when recognizing that the destination address in the converted domain name resolution request message is the local address. Therefore, the user equipment can access the management page of the router according to the IP address returned by the router, so that the router works in a bridging mode, and the user equipment is ensured to be capable of accessing the management page of the router through the management domain name. The local address of the router is a network address of the router, such as an IP address of the router.
Referring to fig. 3, fig. 3 is a schematic flow chart of a user equipment access router management page according to an embodiment of the present application. As shown in fig. 3, the downstream device of the router 20 is the user equipment 10, and the upstream device 30 of the router 20 may be an upstream router of the router 20 or the like. In the case that the router 20 operates in the bridge mode, if the ue 10 detects that the user requests access to the management page of the router 20 by managing the domain name, the domain name resolution request packet 1 is sent to the router 20, where the domain name resolution request packet 1 carries the requested management domain name and the destination address, and the destination address is the network address of the upstream device 30 of the router 20. After receiving the domain name resolution request message 1, the router 20 operating in the bridge mode does not forward the domain name resolution request message 1 to the upstream device 30, but converts the destination address carried by the domain name resolution request message 1 into the local address of the router 20 to obtain the domain name resolution request message 2 if the domain name carried by the domain name resolution request message 1 is detected to be the management domain name. Because the destination address carried by the domain name resolution request packet 2 is the local address of the router 20, the router 20 can directly process the domain name resolution request packet 2, that is, resolve to the IP address corresponding to the management domain name, and then return the IP address to the user equipment 10. Upon receiving the IP address, the user equipment 10 may access the management page of the router 20 according to the IP address.
It should be understood that, in the embodiment of the present application, only the downlink device of the router 20 is taken as an example of the user equipment 10, and the downlink device of the router 20 may also be other devices, which is not limited in the embodiment of the present application. The user equipment 10 may be a computer device such as a terminal or a server, and the terminal may be a mobile phone, a tablet computer or a computer.
As an example, the above-mentioned processing method of the domain name resolution request provided by the embodiment of the present application may be implemented by adding a specified NAT rule in a NAT table configured by the router 20, where the specified NAT rule is used to indicate that if a domain name requested in the domain name resolution request packet received by the router 20 is a management domain name of the router 20, a destination address in the domain name resolution request packet is converted into a local address of the router 20.
Referring to fig. 4, fig. 4 is a logic schematic diagram of a router processing a domain name resolution request message according to an embodiment of the present application. As shown in fig. 4, the above-mentioned specified NAT rule may be added to the DNAT table of the pre-routing chain 21 of the router 20, and if the domain name resolution request packet 1 sent by the user equipment 10 arrives at the pre-routing chain 21 of the router 20 in the case where the above-mentioned specified NAT rule is added to the DNAT table of the pre-routing chain 21 of the router 20, the router 20 may perform network address translation on the domain name resolution request packet 1 in the pre-routing chain 21 according to the specified NAT rule in the DNAT table of the pre-routing chain 21, so as to translate the destination address in the domain name resolution request packet 1 into the local address of the router 20, thereby obtaining the domain name resolution request packet 2.
The domain name resolution request message 2 is then sent to the routing table 22. The routing table 22 may determine whether the routing table 22 is a local address of the router 20, if so, send the domain name resolution request message 2 to the input chain 24, and if not, send the domain name resolution request message 2 to the forward chain 23. Since the destination address of the domain name resolution request message 2 is the local address of the router 20, the routing table 22 sends the domain name resolution request message 2 to the input chain 24. After the domain name resolution request message 2 reaches the input chain 24, if the rule inspection of the input chain 24 is passed, the domain name resolution request message 2 is sent to a local process (local process) 25 of the router 20. The local process 25 of the router 20 parses the domain name resolution request message 2 to obtain an IP address corresponding to the management domain name requested by the domain name resolution request message 1, and generates a domain name resolution response message according to the IP address, where the domain name resolution response message carries the IP address and a destination address, and the destination address is a network address of the user equipment 10. Then, the local process 25 of the router 20 sends the domain name resolution response message to the output chain 26, if the domain name resolution response message passes the rule check of the output chain 26, the domain name resolution response message continues to be sent to the routing table 27, the routing table 27 sends the domain name resolution response message to the mapping chain 28, and the mapping chain 28 sends the domain name resolution response message to the user equipment 10 according to the destination address of the domain name resolution response message.
The routing table 22 and the routing table 27 may be the same routing table or different routing tables, which is not limited in the embodiment of the present application.
In addition, if the domain name carried in the domain name resolution request packet 1 is not the management domain name of the router 20, after the domain name resolution request packet 1 arrives at the routing chain 21, the DNAT table of the routing chain 21 does not perform network address conversion on the domain name resolution request packet 1, but sends the domain name resolution request packet 1 to the routing table 22, and the destination address of the domain name resolution request packet 1 is still the network address of the upstream device 30. As indicated by the direction of the dashed arrow in fig. 4, the routing table 22 detects that the destination address in the domain name resolution request message 1 is not a local address, and sends the domain name resolution request message 1 to the forward chain 23. If the domain name resolution request message 1 passes the rule check of the forward chain 23, the domain name resolution request message 1 is sent to the polling chain 28, and the polling chain 28 sends the domain name resolution request message 1 to the upstream device 30 according to the destination address of the domain name resolution request message 1.
That is, when the router 20 operates in the bridge mode, if the domain name carried by the received domain name resolution request packet is the management domain name of the router 20, the processing may be performed according to the flow indicated by the implementation arrow direction shown in fig. 4, so as to return the IP address corresponding to the management domain name to the downstream device. If the domain name carried by the received domain name resolution request packet is not the management domain name of the router 20, the domain name resolution request packet may be processed according to the flow direction indicated by the dashed arrow direction shown in fig. 4, so as to forward the domain name resolution request packet to the upstream device 30.
In addition, the router 20 may be further configured with a quality of service entry (quality of service ingress, QOS ingress) in the routing table 22, so as to perform flow control or the like on a packet addressed to the router 20 through the QOS ingress. In addition, router 20 may configure a quality of service egress (QOS gress) after the policing chain 28 to provide flow control over packets sent from router 20 through QOS gress.
It should be noted that, in fig. 4, only the pre-routing chain 21 is configured with a raw table, a connection tracking function, a mangle table, a filter and a DNAT table, the input chain 24 is configured with a mangle table and a filter table, the output chain 26 is configured with a filter table, a DNAT table, a mangle table, a connection tracking function and a raw table, the mapping chain 28 is configured with a SNAT table and a mangle table, the forward chain 23 is configured with a mangle table and a filter table, and it should be understood that other rule tables or functions may be configured for each of the above chains.
Next, a method for processing a domain name resolution request provided by the embodiment of the present application will be described in detail.
Referring to fig. 5, fig. 5 is a flowchart of a method for processing a domain name resolution request according to an embodiment of the present application, where the method is applied to a router, as shown in fig. 5, and includes the following steps:
Step 501: under the condition of working in the bridge mode, the router receives a first domain name resolution request message sent by downlink equipment of the router, wherein the first domain name resolution request message carries a target domain name and a first destination address of a request, and the first destination address is a network address of uplink equipment of the router.
The downlink device of the router may be user equipment, or may be other network devices such as a lower-level router, which is not limited in the embodiment of the present application. The upstream device of the router may be an upstream router of the router or may be other network devices, which is not limited in the embodiment of the present application. The network address of the upstream device may include an IP address of the upstream device, and may also include a port number, which is not limited in the embodiment of the present application.
The target domain name is the domain name which the downstream equipment requests to access. The downstream device may send a first domain name resolution request to the router when detecting a domain name access operation of the user. The domain name access operation refers to an operation of accessing a corresponding web page through a target domain name. For example, the domain name access operation may be an operation of triggering a confirmation access instruction after inputting a target domain name in the web page access interface, and it should be understood that the domain name access operation may also be other operations, which are not limited in the embodiment of the present application.
Step 502: if the router detects that the target domain name is the management domain name of the router, converting a first destination address in the first domain name resolution request message into a second destination address, wherein the converted first domain name resolution request message is a second domain name resolution request message, and the second destination address is the network address of the router.
The first domain name resolution request message after the destination address conversion is a second domain name resolution request message, and the second domain name resolution request carries a target domain name and a second destination address.
The management domain name of the router refers to the domain name of the management page of the router. The router stores the correspondence between the management domain name of the management page and the IP address, and can correspond the management domain name to the IP address, where the IP address is used to access the management page of the router. Other DNS servers do not store the correspondence between the management domain name and the IP address, and therefore cannot correspond the management domain name to the IP address, i.e., cannot identify the management domain name.
Thus, the management domain name of the router is private and not public, in other words, only the router can identify the domain name, and resolve the IP address corresponding to the domain name, and other DNS servers cannot correspond the domain name to the IP address.
In addition, in the bridge mode, the first destination address of the first domain name resolution request message received by the router is a network address of an upstream device of the router, and is not a local address of the router. The local address of the router refers to a network address of the router, and the network address of the router may include an IP address of the router, a port number, and the like, which is not limited in the embodiment of the present application.
In the embodiment of the application, after receiving the first domain name resolution request message, the router can detect whether the target domain name carried by the first domain name resolution request message is the management domain name of the router. If yes, step 502 is executed to convert the first destination address in the first domain name resolution request message into the second destination address, that is, convert the destination address in the first domain name resolution request message into the local address of the router, so as to obtain the second domain name resolution request message. If not, the process goes to step 505 to forward the first domain name resolution request message to the upstream device.
As an example, a specified NAT rule may be added in advance in a NAT table configured by the router, to implement the translation of the first target address in the first domain name resolution request packet. The specified NAT rule is used to indicate that if the domain name requested in the domain name resolution request packet received by the router is the management domain name of the router, the destination address in the domain name resolution request packet is converted into the network address of the router. In this way, when the target domain name is the management domain name of the router, the network address conversion can be performed on the first domain name resolution request message according to the designated NAT rule in the NAT table, so as to convert the first destination address in the first domain name resolution request message into the second destination address, thereby obtaining the second domain name resolution request message.
For example, if the initial NAT table configured by the router does not include the specified NAT rule, the specified NAT rule may be added to the initial NAT table, so that the added initial NAT table includes the specified NAT rule.
For example, the specified NAT rule may be added to the NAT table through the netfilter framework, and of course, the specified NAT rule may also be added to the NAT table through other manners, which is not limited by the embodiment of the present application.
As an example, the NAT table may be a DNAT table configured by a pre-routing chain of the router, and the above specified NAT rule may be added to the DNAT table configured by the pre-routing chain of the router, so as to implement the conversion of the first target address in the first domain name resolution request packet. When the DNAT table configured by the routing chain includes a specified NAT rule, after the first domain name resolution request packet arrives at the routing chain, if the target domain name is a management domain name of the router, on the routing chain of the router, according to the specified NAT rule in the DNAT table, the network address translation is performed on the first domain name resolution request packet, so as to translate the first destination address in the first domain name resolution request packet into a second destination address, thereby obtaining the second domain name resolution request packet.
It should be understood that the specified NAT rule may also be added to DNATs of other chains to implement the translation of the first target address in the first domain name resolution request packet, which is not limited by the embodiment of the present application.
Step 503: and the router determines the IP address corresponding to the management domain name according to the second domain name resolution request message.
Because the second destination address in the second domain name resolution request message is the local address of the router, the router itself can process the second domain name resolution request message without forwarding the second domain name resolution request message to the upstream device.
The router stores the management domain name and the corresponding IP address, so that the router can determine the IP address corresponding to the management domain name according to the management domain name carried in the second domain name resolution request message.
For example, the management domain name may be router.
As an example, the router may determine, by the local process, an IP address corresponding to the management domain name according to the second domain name resolution request message.
For example, in the case that the DNAT table configured by the routing chain includes a specified NAT rule, after the first domain name resolution request packet arrives at the routing chain, the routing chain of the router performs network address translation on the first domain name resolution request packet according to the specified NAT rule in the DNAT table, so as to obtain a second domain name resolution request packet, and then the routing chain may further send the second domain name resolution request packet to the input chain of the router. The input chain is configured with a corresponding rule table, and if the second domain name resolution request message passes the rule check of the input chain, the target IP address corresponding to the management domain name can be determined according to the second domain name resolution request message through the local process of the router.
For example, if the second domain name resolution request message passes the rule check of the input chain, the input chain may send the second domain name resolution request to the local process of the router, and the local process of the router processes the second domain name resolution request.
Step 504: the router sends the IP address to the downstream device.
After the router determines the IP address corresponding to the management domain name, the IP address may be sent to the downstream device, so that the downstream device accesses the management page of the router according to the IP address.
For example, after determining the IP address corresponding to the management domain name, the router may generate a domain name resolution response packet according to the IP address corresponding to the management domain name, where the domain name resolution response packet carries the IP address. In addition, the domain name resolution response message may further carry a third destination address, where the third destination address is a network address of the downstream device, so that the router sends the domain name resolution response message to the downstream device.
As an example, the router may generate a domain name resolution response message according to the IP address corresponding to the management domain name through a local process of the router. And sending the domain name resolution response message to the downlink equipment through an output chain and a polling chain.
For example, after the second domain name resolution request message arrives at the local process, the local process may determine an IP address corresponding to the management domain name, generate a domain name resolution response message according to the IP address corresponding to the management domain name, send the domain name resolution response message to the output chain, if the domain name resolution response message passes the rule inspection of the output chain, continue to be sent to the mapping chain, and send the domain name resolution response message to the user equipment by the mapping chain according to the destination address of the domain name resolution response message.
Step 505: and if the router detects that the target domain name is not the management domain name of the router, the router sends a first domain name resolution request message to the uplink equipment.
That is, if the target domain name requested in the first domain name resolution request message is not the management domain name, the router does not translate the destination address of the first domain name resolution request message, but directly forwards the first domain name resolution request message to the upstream device.
As an example, if the target domain name requested in the first domain name resolution request packet is not the management domain name, the first domain name resolution request packet may be sent to a bridging link of the router, and the first domain name resolution request may be sent to an upstream device of the router through the bridging link of the router. For example, the first domain name resolution request message may be sent to a forward link of the router, and if the first domain name resolution request message passes the rule check of the forward link, the first domain name resolution request message is sent to a polling link.
It should be understood that if the router also has other private domain names, the other private domain names may also be processed according to the processing manner of the target domain name. For example, if it is detected that the target domain name carried by the first domain name resolution request packet sent by the downlink device is the designated domain name of the router, the first destination address in the first domain name resolution request packet is converted into the second destination address, so as to return the IP address corresponding to the designated domain name to the downlink device. The designated domain name is a private domain name of the router, that is, only the router stores the correspondence between the designated domain name and its corresponding IP address, but no other DNS server stores the correspondence.
In the embodiment of the application, when the router works in the bridge mode, whether the domain name carried by the domain name resolution request message sent by the downlink equipment is the management domain name of the router can be detected, if the domain name carried by the domain name resolution request message is detected to be the management domain name of the router, the domain name resolution request message can be redirected to the local processing instead of being forwarded to the uplink equipment by converting the destination address of the domain name resolution request message into the local address of the router, so that the router can process the domain name resolution request message after the destination address conversion and return the IP address corresponding to the management domain name to the downlink equipment, and the downlink equipment can access the management page of the router according to the returned IP address. Therefore, when the router works in the bridge mode, the downstream equipment can still be ensured to access the management page of the router through the management domain name.
In addition, in the embodiment of the application, when detecting whether the domain name carried by the domain name resolution request message is the management domain name of the router, the destination address conversion is performed on the domain name resolution request message, but not all the domain name resolution request messages received by the router are subjected to the destination address conversion. Therefore, the data flow of the downstream equipment of the router can be prevented from being marked in advance, so that the data flow marked in advance cannot be filtered out by rules of the upstream equipment, and the functions of surfing the Internet by children and the like are avoided.
Next, in conjunction with the above-mentioned fig. 4, taking the downlink device of the router 20 as the user equipment 10, the DNAT table of the pre-routing chain of the router 20 is added with the above-mentioned specified NAT rule, and the router 20 works in the bridge mode, to illustrate the method for processing the domain name resolution request provided in the embodiment of the present application.
Referring to fig. 6, fig. 6 is a flowchart of another domain name resolution request processing method provided in the embodiment of the present application, where the method is applied to an interaction scenario between a user equipment 10 and a router 20, the router 20 is configured with a pre-routing chain, a routing table, an input chain, an output chain, a forwarding chain and a forwarding chain, the pre-routing chain is configured with a DNAT table, and a specified NAT rule is added in the DNAT table, and the router 20 operates in a bridge mode. As shown in fig. 6, the method includes the steps of:
Step 601: if the user equipment 10 detects a domain name access operation of the user, the user equipment 20 sends a domain name resolution request message 3 to the router 20, wherein the domain name resolution request message 3 carries the requested domain name 1 and destination address 1.
When the router 20 operates in the bridge mode, the destination address 1 carried by the domain name resolution request packet 3 is a network address of the upstream device 30 of the router 20.
Step 602: after the domain name resolution request message 3 arrives at the pre-routing chain of the router 20, if the domain name 1 is a management domain name of the router 20, the pre-routing chain performs network address conversion on the domain name resolution request message 3 according to the specified NAT rule in the DNAT table, so as to convert the destination 1 in the domain name resolution request message 3 into the destination address 2, and obtain the domain name resolution request message 4.
Where destination address 2 is the local address of router 20. The local address of the router 20 refers to a network address of the router 20, such as an IP address including the router 20, and may also include a port number of the router 20, etc. The domain name resolution request message 4 carries a domain name 1 and a destination address 2.
Step 603: the pre-routing chain sends a domain name resolution request message 4 to the routing table.
The routing table may determine whether the destination address 2 in the domain name resolution request packet 4 is a local address, if yes, step 604 is executed, and if not, the domain name resolution request packet 4 is sent to the forward chain.
Step 604: if the routing table detects that the destination address 2 in the domain name resolution request message 4 is the local address of the router 20, the domain name resolution request message 4 is sent to an input chain of the router 20.
Step 605: if the input chain detects that the domain name resolution request message 4 passes the rule check of the input chain, the input chain sends the domain name resolution request message 4 to the local process of the router 20.
After the domain name resolution request message 4 reaches the input chain, the input chain can process the domain name resolution request message 4 according to the rule configured by itself. If the domain name resolution request message 4 passes the rule check of the input chain, the domain name resolution request message 4 is sent to the local process of the router 20.
Step 606: the local process of the router 20 analyzes the domain name resolution request message 4 to obtain an IP address corresponding to the management domain name, generates a domain name resolution response message according to the IP address, where the domain name resolution response message carries the IP address and a destination address 3, and the destination address 3 is a network address of the user equipment 10.
Step 607: the local process of router 20 sends a domain name resolution response message to the output chain of router 20.
Step 608: if the output chain detects that the domain name resolution response message passes the rule check of the output chain, the output chain sends the domain name resolution response message to the bridging chain of the router 20.
After the domain name resolution response message reaches the output chain, the output chain can process the domain name resolution response message according to the rule configured by the output chain. If the domain name resolution response message passes the rule check of the output chain, the domain name resolution response message is sent to the polling chain.
For example, if the output chain detects that the domain name resolution response message passes the rule check of the output chain, the output chain may send the domain name resolution response message to the routing table of the router 20, and then the routing table sends the domain name resolution response message to the routing chain of the router 20. The routing table may route the domain name resolution response packet, for example, determine the path of the destination address 3.
Step 609: the polling chain transmits a domain name resolution response message to the user equipment 10.
For example, the mapping chain may send the resolution response message to the ue 10 according to the destination address 3 in the domain name resolution response message.
After the domain name resolution response message reaches the polling chain, the polling chain can process the domain name resolution response message according to the rule configured by itself. If the domain name resolution response message passes the rule check of the polling chain, the domain name resolution response message is sent to the user equipment 10.
In addition, after the domain name resolution request message 3 arrives at the pre-routing chain of the router 20, if the domain name 1 is not the management domain name of the router 20, the pre-routing chain does not perform destination address conversion on the domain name resolution request message 3, but sends the domain name resolution request message 3 to the forward chain. If the domain name resolution request message 3 passes the rule check of the forward link, the forward link sends the domain name resolution request message 3 to the polling link, and the polling link sends the domain name resolution request message 3 to the upstream device 30.
In the embodiment of the application, the mode of adding the appointed NAT rule in the DNAT table of the pre-routing chain of the router can be used for realizing that the domain name carried by the received domain name resolution request message is the management domain name of the router, converting the destination address of the domain name resolution request message into the local address of the router so as to redirect the domain name resolution request message request to the local processing instead of forwarding the domain name resolution request message to the upstream equipment, so that the router can process the domain name resolution request message after the destination address conversion, and return the IP address corresponding to the management domain name to the downstream equipment, thereby facilitating the downstream equipment to access the management page of the router according to the returned IP address. Therefore, when the router works in the bridge mode, the downstream equipment can still be ensured to access the management page of the router through the management domain name.
Fig. 7 is a schematic structural diagram of a processing apparatus for domain name resolution request according to an embodiment of the present application, where the apparatus may be implemented as part or all of an electronic device, which may be a network device such as a router according to the foregoing embodiment, by software, hardware, or a combination of both. Referring to fig. 7, the apparatus includes:
a receiving module 701, configured to perform step 501 in the embodiment of fig. 5;
a conversion module 702, configured to perform step 502 in the embodiment of fig. 5;
a determining module 703, configured to perform step 503 in the embodiment of fig. 5;
a first sending module 704, configured to perform step 504 in the embodiment of fig. 5.
Optionally, the router is configured with a network address translation NAT table, where the NAT table includes a specified NAT rule, where the specified NAT rule is used to indicate that if a domain name requested in a domain name resolution request packet received by the router is a management domain name of the router, then converting a destination address in the domain name resolution request packet into a network address of the router;
the conversion module 702 is configured to:
and under the condition that the target domain name is the management domain name of the router, performing network address conversion on the first domain name resolution request message according to the appointed NAT rule in the NAT table so as to convert the first destination address in the first domain name resolution request message into the second destination address.
Optionally, the NAT table is a destination network address DNAT table configured for a pre-routing chain of the router, where the pre-routing chain is a transit chain through which a data packet sent to the router passes;
the conversion module 702 is configured to:
after the first domain name resolution request message reaches the pre-routing chain, under the condition that the target domain name is the management domain name of the router, performing network address conversion on the first domain name resolution request message on the pre-routing chain of the router according to the appointed NAT rule in the NAT table.
The apparatus further comprises:
and the adding module is used for adding the appointed NAT rule in the initial NAT table when the initial NAT table configured by the router does not comprise the appointed NAT rule, and the initial NAT table after adding the appointed NAT rule is the NAT table.
Optionally, the first sending module 704 is configured to send a domain name resolution response packet to the downstream device, where the domain name resolution response packet carries the IP address.
Optionally, the apparatus further comprises:
the second sending module is used for sending the second domain name resolution request message to an input chain of the router, and the input chain is used for processing the data packet sent to the router;
a determining module 703, configured to determine, by using a local process of the router, a target IP address corresponding to the management domain name according to the second domain name resolution request packet if the second domain name resolution request packet passes the rule check of the input chain.
Optionally, the apparatus further comprises:
the generation module is used for generating a domain name resolution response message through the local process of the router, wherein the domain name resolution response message carries the IP address;
a third sending module, configured to send the domain name resolution response packet to an output chain of the router, where the output chain is used to process a data packet originated from the router;
a first sending module 704, configured to send the domain name resolution response message to the downstream device if the domain name resolution response message passes the rule check of the output chain.
Optionally, the apparatus further comprises:
a fourth sending module, configured to send the domain name resolution response packet to a rear routing chain of the router if the domain name resolution response packet passes through rule inspection of the output chain, where the rear routing chain is a transit chain through which a data packet sent from the router passes;
and the fifth sending module is used for sending the domain name resolution response message to the downlink equipment through a rear routing chain of the router.
Optionally, the apparatus further comprises:
and the sixth sending module is used for sending the first domain name resolution request message to the uplink equipment of the router if the target domain name is detected not to be the management domain name of the router.
Optionally, the sixth sending module is configured to:
the first domain name resolution request message is sent to a forward link of the router, and the forward link is used for processing the data packet passing through the router;
and if the first domain name resolution request message passes the rule check of the forward link, sending the first domain name resolution request to uplink equipment of the router.
In the embodiment of the application, when the router works in the bridge mode, whether the domain name carried by the domain name resolution request message sent by the downlink equipment is the management domain name of the router can be detected, if the domain name carried by the domain name resolution request message is detected to be the management domain name of the router, the domain name resolution request message can be redirected to the local processing instead of being forwarded to the uplink equipment by converting the destination address of the domain name resolution request message into the local address of the router, so that the router can process the domain name resolution request message after the destination address conversion and return the IP address corresponding to the management domain name to the downlink equipment, and the downlink equipment can access the management page of the router according to the returned IP address. Therefore, when the router works in the bridge mode, the downstream equipment can still be ensured to access the management page of the router through the management domain name.
It should be noted that: in the processing device for domain name resolution request provided in the above embodiment, only the division of the above functional modules is used for illustration when processing the domain name resolution request, in practical application, the above functional allocation may be performed by different functional modules according to needs, that is, the internal structure of the device is divided into different functional modules, so as to complete all or part of the functions described above.
The functional units and modules in the above embodiments may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit, where the integrated units may be implemented in a form of hardware or a form of a software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the embodiments of the present application.
The processing device for domain name resolution request provided in the above embodiment and the processing method embodiment for domain name resolution request belong to the same concept, and specific working processes and technical effects brought by units and modules in the above embodiment can be referred to in the method embodiment section, and are not repeated here.
Fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present application, which may be the router 20 shown in fig. 3 or fig. 4. Referring to fig. 8, the electronic device comprises at least one processor 201, a communication bus 202, a memory 203, and at least one communication interface 204.
The processor 201 may be a microprocessor (including a central processing unit (central processing unit, CPU), etc.), an application-specific integrated circuit (ASIC), or may be one or more integrated circuits for controlling the execution of programs in accordance with aspects of the present application.
Communication bus 202 may include a path for transferring information between the above components.
The memory 203 may be, but is not limited to, a read-Only memory (ROM), a random-access memory (random access memory, RAM), an electrically erasable programmable read-Only memory (EEPROM), an optical disk (including a compact disk (compact disc read-Only memory, CD-ROM), a compact disk, a laser disk, a digital versatile disk, a blu-ray disk, etc.), a magnetic disk storage medium, or other magnetic storage device, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. The memory 203 may be stand alone and be coupled to the processor 201 via the communication bus 202. Memory 203 may also be integrated with processor 201.
The communication interface 204 uses any transceiver-like device for communicating with other devices or communication networks, such as ethernet, radio access network (radio access network, RAN), wireless local area network (wireless local area network, WLAN), etc.
In a particular implementation, as one embodiment, processor 201 may include one or more CPUs, such as CPU0 and CPU1 shown in FIG. 8.
In a particular implementation, as one embodiment, an electronic device may include multiple processors, such as processor 201 and processor 205 shown in FIG. 8. Each of these processors may be a single-core processor or a multi-core processor. A processor herein may refer to one or more devices, circuits, and/or processing cores for processing data (e.g., computer program instructions).
In a specific implementation, the electronic device may also include an output device 206 and an input device 207, as one embodiment. The output device 206 communicates with the processor 201 and may display information in a variety of ways. For example, the output device 206 may be a liquid crystal display (liquid crystal display, LCD), a light emitting diode (light emitting diode, LED) display device, a Cathode Ray Tube (CRT) display device, or a projector (projector), or the like. The input device 207 is in communication with the processor 201 and may receive user input in a variety of ways. For example, the input device 207 may be a mouse, a keyboard, a touch screen device, a sensing device, or the like.
The electronic device may be a general-purpose electronic device or a special-purpose electronic device. In a specific implementation, the electronic device may be a desktop, a portable computer, a network server, a palm computer, a mobile phone, a tablet computer, a wireless terminal device, a communication device, or an embedded device, and the embodiment of the application is not limited to the type of the electronic device.
Wherein the memory 203 is for storing program code 210 for executing the inventive arrangements, and the processor 201 is for executing the program code 210 stored in the memory 203. The electronic device may implement the method of processing a domain name resolution request provided by the embodiment of fig. 5 or fig. 6 below by means of the processor 201 and the program code 210 in the memory 203.
In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When the computer instructions are loaded and executed on a computer, the processes or functions described in accordance with embodiments of the present application are produced in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by a wired (e.g., coaxial cable, fiber optic, data subscriber line (Digital Subscriber Line, DSL)) or wireless (e.g., infrared, wireless, microwave, etc.) means. The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium such as a floppy Disk, a hard Disk, a magnetic tape, an optical medium such as a digital versatile Disk (Digital Versatile Disc, DVD), or a semiconductor medium such as a Solid State Disk (SSD), etc.
The above embodiments are not intended to limit the present application, and any modifications, equivalent substitutions, improvements, etc. within the technical scope of the present application should be included in the scope of the present application.
Claims (12)
1. The method is characterized in that the method is applied to a router, the router is configured with a network address translation NAT table, the NAT table comprises a designated NAT rule, the designated NAT rule is used for indicating that if a domain name requested in a domain name resolution request message received by the router is a management domain name of the router, a destination address in the domain name resolution request message is converted into a network address of the router; the method comprises the following steps:
under the condition of working in a bridge mode, receiving a first domain name resolution request message sent by downlink equipment of the router, wherein the first domain name resolution request message carries a target domain name and a first destination address of a request, and the first destination address is a network address of uplink equipment of the router;
if the target domain name is detected to be the management domain name of the router, performing network address conversion on the first domain name resolution request message according to the appointed NAT rule in the NAT table so as to convert the first destination address in the first domain name resolution request message into a second destination address, wherein the first domain name resolution request message after the destination address conversion is the second domain name resolution request message, and the second destination address is the network address of the router;
Determining an IP address corresponding to the management domain name according to the second domain name resolution request message;
and sending the IP address to the downlink equipment.
2. The method of claim 1, wherein the NAT table is a destination network address DNAT table configured for a pre-routing chain of the router, the pre-routing chain being a transit chain through which packets destined for the router pass;
if the target domain name is detected to be the management domain name of the router, performing network address translation on the first domain name resolution request message according to the specified NAT rule in the NAT table, including:
and after the first domain name resolution request message reaches the pre-routing chain, performing network address conversion on the first domain name resolution request message on the pre-routing chain of the router according to the appointed NAT rule in the NAT table under the condition that the target domain name is the management domain name of the router.
3. The method according to claim 1 or 2, wherein before performing network address translation on the first domain name resolution request message according to the specified NAT rule in the NAT table, further comprising:
And adding the appointed NAT rule in the initial NAT table under the condition that the initial NAT table configured by the router does not comprise the appointed NAT rule, wherein the initial NAT table after adding the appointed NAT rule is the NAT table.
4. A method according to any one of claims 1-3, wherein said sending the IP address to the downstream device comprises:
and sending a domain name resolution response message to the downlink equipment, wherein the domain name resolution response message carries the IP address.
5. The method of claim 1, wherein before determining the IP address corresponding to the administrative domain name according to the second domain name resolution request message, further comprises:
the second domain name resolution request message is sent to an input chain of the router, and the input chain is used for processing a data packet sent to the router;
the determining, according to the second domain name resolution request packet, the IP address corresponding to the management domain name includes:
and if the second domain name resolution request message passes the rule check of the input chain, determining a target IP address corresponding to the management domain name according to the second domain name resolution request message by a local process of the router.
6. The method of claim 5, wherein after the determining, by the local process of the router, the target IP address corresponding to the management domain name according to the second domain name resolution request message, further comprises:
generating a domain name resolution response message through a local process of the router, wherein the domain name resolution response message carries the IP address;
the domain name resolution response message is sent to an output chain of the router, and the output chain is used for processing a data packet from the router;
the sending the IP address to the downstream device includes:
and if the domain name resolution response message passes the rule check of the output chain, sending the domain name resolution response message to the downlink equipment.
7. The method of claim 6, wherein sending the domain name resolution response message to the downstream device if the domain name resolution response message passes the rule check of the output chain comprises:
if the domain name resolution response message passes the rule check of the output chain, the domain name resolution response message is sent to a rear routing chain of the router, wherein the rear routing chain is a transfer chain through which a data packet sent from the router passes;
And sending the domain name resolution response message to the downlink equipment through a rear routing chain of the router.
8. The method as claimed in any one of claims 1 to 7, wherein, after receiving the first domain name resolution request packet sent by the downstream device of the router in the case of operating in the bridge mode, the method further comprises:
and if the target domain name is detected not to be the management domain name of the router, the first domain name resolution request message is sent to the uplink equipment of the router.
9. The method of claim 8, wherein the sending the first domain name resolution request message to the upstream device of the router comprises:
the first domain name resolution request message is sent to a forward link of the router, and the forward link is used for processing a data packet passing through the router;
and if the first domain name resolution request message passes the rule check of the forward link, sending the first domain name resolution request to uplink equipment of the router.
10. The device is integrated in a router, the router is configured with a network address translation NAT table, the NAT table comprises a designated NAT rule, the designated NAT rule is used for indicating that if a domain name requested in a domain name resolution request message received by the router is a management domain name of the router, a destination address in the domain name resolution request message is translated into a network address of the router; the device comprises:
The receiving module is used for receiving a first domain name resolution request message sent by downlink equipment of the router under the condition of working in a bridging mode, wherein the first domain name resolution request message carries a target domain name and a first destination address of a request, and the first destination address is a network address of uplink equipment of the router;
the conversion module is configured to, if the target domain name is detected to be the management domain name of the router, perform network address conversion on the first domain name resolution request packet according to the specified NAT rule in the NAT table, so as to convert the first destination address in the first domain name resolution request packet into a second destination address, where the first domain name resolution request packet after destination address conversion is the second domain name resolution request packet, and the second destination address is the network address of the router;
the determining module is used for determining the IP address corresponding to the management domain name according to the second domain name resolution request message;
and the first sending module is used for sending the IP address to the downlink equipment.
11. An electronic device comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, which when executed by the processor, implements the method of any one of claims 1 to 9.
12. A computer readable storage medium having instructions stored therein which, when run on a computer, cause the computer to perform the method of any of claims 1-9.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210780548.7A CN116032883B (en) | 2022-07-04 | 2022-07-04 | Domain name resolution request processing method, device, equipment and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210780548.7A CN116032883B (en) | 2022-07-04 | 2022-07-04 | Domain name resolution request processing method, device, equipment and storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN116032883A CN116032883A (en) | 2023-04-28 |
CN116032883B true CN116032883B (en) | 2023-10-27 |
Family
ID=86074923
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210780548.7A Active CN116032883B (en) | 2022-07-04 | 2022-07-04 | Domain name resolution request processing method, device, equipment and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116032883B (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1547354A (en) * | 2003-12-17 | 2004-11-17 | 港湾网络有限公司 | Optimization method for network address translation rule configuration |
CN104509066A (en) * | 2014-06-05 | 2015-04-08 | 胡汉强 | Network access method, network access device and management server |
CN107483652A (en) * | 2017-08-18 | 2017-12-15 | 惠州高盛达科技有限公司 | The method of router its homepage of domain name access under wireless bridging pattern |
CN113472873A (en) * | 2021-06-25 | 2021-10-01 | 惠州高盛达科技有限公司 | Method for accessing router homepage by fixed pseudo IP address |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TWI263425B (en) * | 2003-01-14 | 2006-10-01 | Admtek Inc | Router and packet transmission method |
-
2022
- 2022-07-04 CN CN202210780548.7A patent/CN116032883B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1547354A (en) * | 2003-12-17 | 2004-11-17 | 港湾网络有限公司 | Optimization method for network address translation rule configuration |
CN104509066A (en) * | 2014-06-05 | 2015-04-08 | 胡汉强 | Network access method, network access device and management server |
CN107483652A (en) * | 2017-08-18 | 2017-12-15 | 惠州高盛达科技有限公司 | The method of router its homepage of domain name access under wireless bridging pattern |
CN113472873A (en) * | 2021-06-25 | 2021-10-01 | 惠州高盛达科技有限公司 | Method for accessing router homepage by fixed pseudo IP address |
Also Published As
Publication number | Publication date |
---|---|
CN116032883A (en) | 2023-04-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11792100B2 (en) | Network performance parameter sending method, network performance calculation method, and network node | |
CN108449282B (en) | Load balancing method and device | |
CN111865621B (en) | Method and device for accessing gateway | |
US20160036848A1 (en) | Intercloud security as a service | |
JP2004179812A (en) | Address translation apparatus and address translation rule management system | |
CN110012118B (en) | Method and controller for providing Network Address Translation (NAT) service | |
CN104243320A (en) | Method and device for optimizing network access paths | |
US9866525B2 (en) | Source-destination network address translation (SDNAT) proxy and method thereof | |
CN107809386B (en) | IP address translation method, routing device and communication system | |
CN109495369B (en) | Message forwarding method and device | |
CN114629816B (en) | Public network IP network state detection method and system | |
WO2023050933A1 (en) | Method and apparatus for determining lost host | |
CN114363288A (en) | Message processing method and device, link load balancing equipment and storage medium | |
CN105634776B (en) | method and device for determining message forwarding interface | |
CN116032883B (en) | Domain name resolution request processing method, device, equipment and storage medium | |
CN109617817B (en) | Method and device for generating forwarding table entry of MLAG networking | |
US10666604B2 (en) | Application access method and application access system via a split domain name system | |
CN114338809B (en) | Access control method, device, electronic equipment and storage medium | |
US20100238930A1 (en) | Router and method of forwarding ipv6 packets | |
CN113676409B (en) | Message forwarding method and device, electronic equipment and storage medium | |
CN112367261B (en) | Message forwarding method and device and distributed equipment | |
CN112235432B (en) | Method and device for supporting different networks to access label address | |
CN110650222B (en) | Network access method and device | |
CN109714262B (en) | Data transmission method and related equipment | |
CN113472907A (en) | Network access method, router, electronic device and computer readable medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |