WO2018214853A1 - Method, apparatus, medium and device for reducing length of dns message - Google Patents

Method, apparatus, medium and device for reducing length of dns message Download PDF

Info

Publication number
WO2018214853A1
WO2018214853A1 PCT/CN2018/087744 CN2018087744W WO2018214853A1 WO 2018214853 A1 WO2018214853 A1 WO 2018214853A1 CN 2018087744 W CN2018087744 W CN 2018087744W WO 2018214853 A1 WO2018214853 A1 WO 2018214853A1
Authority
WO
WIPO (PCT)
Prior art keywords
dns response
domain name
length
response message
dns
Prior art date
Application number
PCT/CN2018/087744
Other languages
French (fr)
Chinese (zh)
Inventor
符立佳
魏静明
苗辉
Original Assignee
贵州白山云科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to CN201710364884.2A priority Critical patent/CN107707683B/en
Priority to CN201710364884.2 priority
Application filed by 贵州白山云科技有限公司 filed Critical 贵州白山云科技有限公司
Publication of WO2018214853A1 publication Critical patent/WO2018214853A1/en

Links

Images

Classifications

    • H04L61/4511

Abstract

Disclosed are a method and apparatus for reducing the length of a DNS message. The method comprises: after receiving an access request, an authoritative DNS server constructing a DNS reply message; determining a source network area of the access request, and acquiring an information capacity of parsing information about a local DNS from a domain name in the access request to a domain name in the DNS reply message during a domain name parsing process of the source network area; and when it is determined that the length of the DNS reply message is greater than a difference value between the length of a transport protocol data packet and the information capacity of the parsing information, reducing the content of an authoritative field in the DNS reply message and correspondingly amending the content of an additional field, and sending the updated DNS rely message to a sender of the access request. Herein, by means of reducing an authoritative field and amending an additional field, the purpose of reducing the length of a DNS message is achieved, and the disadvantages caused by other methods for reducing the length of a DNS reply message in the prior art are not caused.

Description

一种减小DNS报文长度的方法、装置、介质及设备Method, device, medium and device for reducing length of DNS message
本申请要求在2017年5月22日提交中国专利局、申请号为201710364884.2发明名称为“一种减小DNS报文长度的方法和装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese Patent Application entitled "A Method and Apparatus for Reducing the Length of DNS Messages" by the Chinese Patent Office, filed on May 22, 2017, the number of which is hereby incorporated by reference. In this application.
技术领域Technical field
本文涉及但不限于涉及互联网通信技术领域,尤其涉及一种减小DNS报文长度的方法、装置、介质及设备。This document relates to, but is not limited to, the field of Internet communication technologies, and in particular, to a method, device, medium and device for reducing the length of a DNS message.
背景技术Background technique
域名服务器(Domain Name Server,缩写:DNS)是网络访问过程中重要的设备,当本地域名服务器(Local Domain Name Server,简称:LDNS)接收到本地的一个客户端发送的域名解析请求时,LDNS向DNS发送该域名解析请求。DNS解析出域名解析请求中的访问目标域名,判断存在此访问目标域名对应的网络服务器的IP地址列表时,将相应的IP地址封装于应答包返回至LDNS。LDNS将此应答包的内容发送至客户端,客户端根据IP地址进行网络访问。The Domain Name Server (DNS) is an important device in the network access process. When the local domain name server (LDNS) receives a domain name resolution request from a local client, LDNS The DNS sends the domain name resolution request. When the DNS resolves the access target domain name in the domain name resolution request and determines that there is a list of IP addresses of the network server corresponding to the access target domain name, the corresponding IP address is encapsulated in the response packet and returned to the LDNS. The LDNS sends the contents of this response packet to the client, and the client performs network access based on the IP address.
客户端到LDNS、LDNS到权威DNS一般通过用户数据报协议(User Datagram Protocol,简称UDP)协议进行传输,但是当数据包大于512字节时,就会触发通过传输控制协议(Transmission Control Protocol,简称TCP)传输或者截断DNS应答报文中的权威字段(auth)和附加字段(add),达到正常交互的目的。The client-to-LDNS, LDNS, and authoritative DNS are generally transmitted through the User Datagram Protocol (UDP) protocol. However, when the data packet is larger than 512 bytes, the Transmission Control Protocol (Transmission Control Protocol) is triggered. TCP) transmits or truncates the authoritative field (auth) and the additional field (add) in the DNS response message for the purpose of normal interaction.
现有技术中的方法及缺点包括:The methods and disadvantages of the prior art include:
截断DNS报文中的auth字段和add字段会出现校验错误。A checksum error occurs when the auth and add fields in the DNS packet are truncated.
部分不支持TCP协议的客户端执行解析服务时会导致解析失败。Some clients that do not support the TCP protocol will cause parsing failure when executing the parsing service.
通过减少解析结果中IP个数的方法来控制DNS应答报文长度的方法,会导致在多台设备服务时负载不均衡。The method of controlling the length of the DNS response packet by reducing the number of IPs in the analysis result may result in an unbalanced load when serving multiple devices.
通过减少CNAME的方式减少DNS应答报文长度的方法在现在部分融合CDN的业务模式下被禁止。The method of reducing the length of the DNS response message by reducing the CNAME is prohibited in the current partial fusion CDN business mode.
通过全局删除auth和add字段的方式控制DNS报文长度会导致无法从权威服务器本身获取NS记录和NS记录的A记录,LDNS的NS记录和NS记录的A记录完全信任上一级权威服务器的结果,此方式会影响系统的健壮性且会给问题查询带来麻烦。Controlling the length of the DNS packet by deleting the auth and add fields globally will result in the failure to obtain the A record of the NS record and the NS record from the authoritative server itself. The LDNS NS record and the NS record A record completely trust the result of the upper-level authoritative server. This method will affect the robustness of the system and will cause trouble for problem queries.
通过引入lvs减少IP个数的方法会提高系统复杂度,并且lvs本身会带来其他问题。The method of reducing the number of IPs by introducing lvs will increase the system complexity, and lvs itself will bring other problems.
现有技术中的控制应答包报文长度的方法中,无法知晓解析链其他部分占用的字节数,站在整个解析链的角度解决问题,会导致虽然权威服务器发出的应答包不超过512字节,但是LDNS解析时加上解析链其他环节的应答结果,应答包超过了512字节,如何合理控制DNS应答报文长度成为要解决的技术问题。In the prior art method for controlling the length of a response packet, the number of bytes occupied by other parts of the parsing chain cannot be known, and solving the problem from the perspective of the entire parsing chain may result in the response packet sent by the authoritative server not exceeding 512 words. Section, but the LDNS resolution plus the response result of other links in the parsing chain, the response packet exceeds 512 bytes, how to properly control the length of the DNS response message becomes a technical problem to be solved.
发明内容Summary of the invention
以下是对本文详细描述的主题的概述。本概述并非是为了限制权利要求的保护范围。The following is an overview of the topics detailed in this document. This Summary is not intended to limit the scope of the claims.
为了解决上述技术问题,本发明实施例提供了一种减小DNS报文长度的方法、装置、介质及设备。In order to solve the above technical problem, the embodiment of the present invention provides a method, an apparatus, a medium, and a device for reducing the length of a DNS message.
本发明实施例提供的减少DNS应答报文长度的方法,包括:The method for reducing the length of a DNS response packet provided by the embodiment of the present invention includes:
步骤1,权威DNS服务器接收访问请求后,构建DNS应答报文;Step 1: After receiving the access request, the authoritative DNS server constructs a DNS response message.
步骤2,确定所述访问请求的来源网络区域,获取本地DNS在所述来源网络区域的解析域名过程中从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量;Step 2: Determine a source network area of the access request, and obtain information about a domain name from the domain name in the access request to the domain name in the DNS response domain in the process of resolving the domain name of the source network area. capacity;
步骤3,判断所述DNS应答报文的长度大于传输协议数据包限定长度与所述解析信息的信息容量的差值时,减少DNS应答报文中权威字段的内容并相应修改附加字段的内容,将更新后的DNS应答报文发送至所述访问请求的发送方。Step 3: When the length of the DNS response packet is greater than the difference between the length of the transport protocol packet and the information capacity of the parsed information, reduce the content of the authoritative field in the DNS response packet and modify the content of the additional field accordingly. Sending the updated DNS response message to the sender of the access request.
上述减少DNS应答报文长度的方法还具有以下特点:The above method for reducing the length of the DNS response message has the following features:
所述步骤1和步骤2之间还包括步骤1’,Step 1 and step 2 are further included between the steps 1 and 2,
步骤1’包括:获取本地DNS在各网络区域的解析域名过程中从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量,确定最大的信息容量,判断所述DNS应答报文的长度大于传输协议数据包限定长度与所述 最大的信息容量的差值时,执行步骤2。Step 1 ′: obtaining the information capacity of the local DNS from the domain name in the access request to the domain information in the DNS response message in the process of resolving the domain name of the local network, determining the maximum information capacity, and determining the location Step 2 is performed when the length of the DNS response message is greater than the difference between the length of the transport protocol packet and the maximum information capacity.
上述减少DNS应答报文长度的方法还具有以下特点:The above method for reducing the length of the DNS response message has the following features:
所述减少DNS应答报文中权威字段的内容并相应修改附加字段的内容包括:删除所述DNS应答报文中权威字段的部分NS记录,保留至少一条NS记录,将所述附加字段的A记录修改为与所保留的NS记录相对应的A记录。The reducing the content of the authoritative field in the DNS response message and modifying the content of the additional field includes: deleting part of the NS record of the authoritative field in the DNS response message, retaining at least one NS record, and recording the A record of the additional field Modified to the A record corresponding to the retained NS record.
上述减少DNS应答报文长度的方法还具有以下特点:The above method for reducing the length of the DNS response message has the following features:
步骤1’还包括:判断所述DNS应答报文的长度不大于传输协议数据包限定长度与所述最大的信息容量的差值时,将所述DNS应答报文发送至所述访问请求的发送方;The step 1 s further includes: when determining that the length of the DNS response message is not greater than a difference between a length of the transport protocol data packet and the maximum information capacity, sending the DNS response message to the sending of the access request square;
所述步骤3还包括:判断所述DNS应答报文的长度不大于传输协议数据包限定长度与所述解析信息的信息容量的差值时,将所述DNS应答报文发送至所述访问请求的发送方。The step 3 further includes: when determining that the length of the DNS response packet is not greater than a difference between a length of the transport protocol data packet and a data capacity of the parsing information, sending the DNS response packet to the access request The sender.
上述减少DNS应答报文长度的方法还具有以下特点:The above method for reducing the length of the DNS response message has the following features:
所述获取本地DNS在所述来源网络区域的解析域名过程中从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量包括:维护域名关联列表,此域名关联列表包括本域名和对应的解析链入口域名;根据此域名关联列表获取相应的解析链信息容量列表,此解析链信息容量列表包括域名、网络区域、解析链信息容量,将从此解析链信息容量列表中获知的解析链信息容量作为从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量。The information capacity of the domain name in the process of resolving the domain name of the source network to the domain name in the DNS request message includes: maintaining a domain name association list, and the domain name association The list includes the domain name and the corresponding analytic chain entry domain name; and the corresponding analytics chain information capacity list is obtained according to the domain name association list, and the analytics chain information capacity list includes the domain name, the network area, and the analytic chain information capacity, and the chain information capacity list is resolved from this list. The known analysis chain information capacity is used as the information capacity from the domain name in the access request to the parsing information of the domain name in the DNS response message.
本发明实施例提供的减少DNS应答报文长度的装置,应用于权威DNS服务器,包括:The apparatus for reducing the length of a DNS response message provided by the embodiment of the present invention is applied to an authoritative DNS server, including:
构建模块,设置为在接收访问请求后构建DNS应答报文;Building a module, configured to construct a DNS response message after receiving the access request;
来源网络区域信息容量获取模块,设置为确定所述访问请求的来源网络区域,获取本地DNS在所述来源网络区域的解析域名过程中从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量;a source network area information capacity obtaining module, configured to determine a source network area of the access request, and obtain a local DNS from a domain name in the access request to the DNS response message in a process of resolving a domain name of the source network area The information capacity of the domain name resolution information;
第一判断模块,设置为判断所述DNS应答报文的长度是否大于传输协议数据包限定长度与所述解析信息的信息容量的差值;The first determining module is configured to determine whether the length of the DNS response packet is greater than a difference between a length of the transport protocol data packet and a data capacity of the parsed information;
报文重装模块,设置为在所述判断模块判断所述DNS应答报文的长度大于传输协议数据包限定长度与所述解析信息的信息容量的差值时,减少DNS应答 报文中权威字段的内容并相应修改附加字段的内容,将更新后的DNS应答报文传输至发送模块;And the message reloading module is configured to reduce the authoritative field in the DNS response message when the determining module determines that the length of the DNS response message is greater than a difference between the length of the transport protocol data packet and the information capacity of the parsing information. And modify the content of the additional field accordingly, and transmit the updated DNS response message to the sending module;
发送模块,设置为将收到的更新后的DNS应答报文发送至所述访问请求的发送方。The sending module is configured to send the received updated DNS response message to the sender of the access request.
上述减少DNS应答报文长度的装置还具有以下特点:The above device for reducing the length of the DNS response message has the following features:
所述装置还包括:The device also includes:
多网络区域信息容量获取模块,设置为获取本地DNS在各网络区域的解析域名过程中从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量,确定最大的信息容量;The multi-network area information capacity obtaining module is configured to obtain the information capacity of the domain name from the domain name in the access request to the domain name in the DNS response message in the process of resolving the domain name of each local area, and determine the maximum information. Information capacity
第二判断模块,设置为判断所述DNS应答报文的长度是否大于传输协议数据包限定长度与所述最大的信息容量的差值,如果是,触发所述第一判断模块执行判断。The second determining module is configured to determine whether the length of the DNS response packet is greater than a difference between a length of the transport protocol packet and a maximum information capacity, and if yes, triggering the first determining module to perform the determining.
上述减少DNS应答报文长度的装置还具有以下特点:The above device for reducing the length of the DNS response message has the following features:
所述报文重装模块还设置为使用以下方法减少DNS应答报文中权威字段的内容并相应修改附加字段的内容:删除所述DNS应答报文中权威字段的部分NS记录,保留至少一条NS记录,将所述附加字段的A记录修改为与所保留的NS记录相对应的A记录。The message reloading module is further configured to reduce the content of the authoritative field in the DNS response message by using the following method: and modify the content of the additional field correspondingly: deleting part of the NS record of the authoritative field in the DNS response message, and retaining at least one NS Recording, modifying the A record of the additional field to the A record corresponding to the retained NS record.
上述减少DNS应答报文长度的装置还具有以下特点:The above device for reducing the length of the DNS response message has the following features:
所述第一判断模块还设置为判断所述DNS应答报文的长度不大于传输协议数据包限定长度与所述最大的信息容量的差值时,触发所述发送模块发送所述构建模块生成的DNS应答报文;The first determining module is further configured to: when the length of the DNS response packet is not greater than a difference between a length of the transport protocol data packet and the maximum information capacity, triggering, by the sending module, the sending, by the sending module, DNS response message;
所述第二判断模块还设置为判断所述DNS应答报文的长度不大于传输协议数据包限定长度与所述最大的信息容量的差值时,触发所述发送模块发送所述构建模块生成的DNS应答报文;The second determining module is further configured to: when determining that the length of the DNS response packet is not greater than a difference between a length of the transport protocol data packet and the maximum information capacity, triggering, by the sending module, the sending, by the sending module, DNS response message;
上述减少DNS应答报文长度的装置还具有以下特点:The above device for reducing the length of the DNS response message has the following features:
所述装置还包括信息容量获取模块,设置为维护域名关联列表,此域名关联列表包括本域名和对应的解析链入口域名;根据此域名关联列表获取相应的解析链信息容量列表,此解析链信息容量列表包括域名、网络区域、解析链信息容量,将从此解析链信息容量列表中获知的解析链信息容量作为从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量。The device further includes an information capacity obtaining module, configured to maintain a domain name association list, where the domain name association list includes the domain name and a corresponding analytic chain entry domain name; and the corresponding analytics chain information capacity list is obtained according to the domain name association list, and the analytics chain information The capacity list includes a domain name, a network area, and a parsing chain information capacity, and the parsing chain information capacity learned from the parsing chain information capacity list is used as the parsing information from the domain name in the access request to the domain name in the DNS response message. Information capacity.
本发明实施例提供的计算机可读存储介质上存储有计算机程序,所述程序被处理器执行时实现上述方法的步骤。The computer readable storage medium provided by the embodiment of the present invention stores a computer program, and when the program is executed by the processor, the steps of the foregoing method are implemented.
本发明实施例提供的计算机设备,包括存储器、处理器及存储在所述存储器上并可在所述处理器上运行的计算机程序,所述处理器执行所述程序时实现上述方法的步骤。A computer device provided by an embodiment of the present invention includes a memory, a processor, and a computer program stored on the memory and operable on the processor, and the processor implements the steps of the foregoing method when the program is executed.
本文主动探测本域解析域名的解析链其他部分数据长度,在控制应答报文长度时,考虑解析链其他部分数据长度,使LDNS处构建DNS应答报文时不超出通信协议所需的报文长度;本文还通过减少权威字段和修改附加字段方式,达到减少DNS报文长度的目的,而且不会引起现有技术中其它减少DNS应答报文长度方法导致的缺点。This document actively detects the length of the data in other parts of the analytic chain of the domain name. When controlling the length of the response packet, consider the length of the data in other parts of the chain, so that the DNS reply message is not exceeded when the DNS response message is constructed. This paper also reduces the length of the DNS packet by reducing the authoritative field and modifying the additional field mode, and does not cause the disadvantages caused by other methods for reducing the length of the DNS response message in the prior art.
附图说明DRAWINGS
此处所说明的附图用来提供对本发明实施例的进一步理解,构成本申请的一部分,本发明实施例的示意性实施例及其说明用于解释本发明实施例,并不构成对本发明实施例的不当限定。在附图中:The accompanying drawings are intended to provide a further understanding of the embodiments of the embodiments of the invention Improper limitations. In the drawing:
图1是实施例一中减少DNS应答报文的方法的流程图;1 is a flowchart of a method for reducing a DNS response message in Embodiment 1;
图2是实施例二中减少DNS应答报文的方法的流程图;2 is a flowchart of a method for reducing a DNS response message in Embodiment 2;
图3是实施例三中减少DNS应答报文的装置的结构图;3 is a structural diagram of an apparatus for reducing a DNS response message in Embodiment 3;
图4是实施例四中减少DNS应答报文的装置的结构图。4 is a structural diagram of an apparatus for reducing a DNS response message in Embodiment 4.
具体实施方式detailed description
现结合附图和具体实施方式对本发明实施例进一步说明。The embodiments of the present invention will be further described with reference to the drawings and specific embodiments.
实施例一Embodiment 1
图1是实施例一中减少DNS应答报文的方法的流程图,此减少DNS应答报文长度的方法包括:1 is a flowchart of a method for reducing a DNS response message in Embodiment 1, and the method for reducing the length of a DNS response message includes:
步骤101,权威DNS服务器接收访问请求后,构建DNS应答报文;Step 101: After receiving the access request, the authoritative DNS server constructs a DNS response message.
步骤102,确定访问请求的来源网络区域,获取本地DNS在来源网络区域的解析域名过程中从所述访问请求中的域名至所述DNS应答报文中的域名的解析 信息的信息容量;Step 102: Determine a source network area of the access request, and obtain an information capacity of the domain name from the access request in the process of resolving the domain name in the source network area to the domain name in the DNS response message;
步骤103,判断所述DNS应答报文的长度大于传输协议数据包限定长度与所述解析信息的信息容量的差值时,减少DNS应答报文中权威字段的内容并相应修改附加字段的内容;Step 103: When it is determined that the length of the DNS response packet is greater than a difference between the length of the transport protocol packet and the information capacity of the parsed information, reduce the content of the authoritative field in the DNS response packet and modify the content of the additional field accordingly;
步骤104,将更新后的DNS应答报文发送至所述访问请求的发送方。Step 104: Send the updated DNS response message to the sender of the access request.
其中,among them,
本方法包括但不限于LDNS与客户端、LDNS与权威DNS采用UDP协议的情况,也可以使用其它类型的协议。LDNS与客户端、LDNS与权威DNS采用UDP协议时传输协议数据包限定长度为512字节。The method includes but is not limited to the case where the LDNS and the client, the LDNS and the authoritative DNS adopt the UDP protocol, and other types of protocols may also be used. When the LDNS and the client, the LDNS, and the authoritative DNS adopt the UDP protocol, the transport protocol packet is limited to 512 bytes.
步骤102中确定访问请求的来源网络区域的方式为:解析步骤101中的DNS应答报文,从中解析出请求来源IP,确定此请求来源IP所属的网络区域,将此网络区域作为来源网络区域。The method for determining the source network area of the access request is as follows: parsing the DNS response message in step 101, parsing the request source IP from the source IP address, determining the network area to which the request source IP belongs, and using the network area as the source network area.
步骤103中减少DNS应答报文中权威字段的内容并相应修改附加字段的内容包括:删除DNS应答报文中权威字段的部分NS记录,保留至少一条NS记录,将附加字段的A记录修改为与所保留的NS记录相对应的A记录。The content of the authority field in the DNS response packet is reduced in step 103, and the content of the additional field is modified correspondingly: deleting part of the NS record of the authority field in the DNS response message, retaining at least one NS record, and modifying the A record of the additional field to The A record corresponding to the retained NS record.
例如:E.g:
原权威字段为:The original authoritative field is:
Figure PCTCN2018087744-appb-000001
Figure PCTCN2018087744-appb-000001
原附加字段为:The original additional fields are:
Figure PCTCN2018087744-appb-000002
Figure PCTCN2018087744-appb-000002
更新后的权威字段为:The updated authoritative fields are:
a.com NS ns1.a.comA.com NS ns1.a.com
更新后的附加字段:Updated additional fields:
Figure PCTCN2018087744-appb-000003
Figure PCTCN2018087744-appb-000003
步骤103还包括:判断DNS应答报文的长度不大于传输协议数据包限定长度与解析信息的信息容量的差值时,将DNS应答报文发送至访问请求的发送方。Step 103 further includes: when determining that the length of the DNS response message is not greater than a difference between the length of the transport protocol packet and the information capacity of the parsed information, sending the DNS response message to the sender of the access request.
本方法还包括步骤103还包括判断更新后的DNS应答报文的长度大于传输协议数据包限定长度与所述解析信息的信息容量的差值时,发送告警信息。The method further includes the step of transmitting the alarm information when the length of the updated DNS response message is greater than the difference between the length of the transport protocol packet and the information capacity of the parsed information.
实施例二Embodiment 2
图2是实施例二中减少DNS应答报文的方法的流程图,此减少DNS应答报文长度的方法包括:2 is a flowchart of a method for reducing a DNS response message in Embodiment 2. The method for reducing the length of a DNS response message includes:
步骤201,权威DNS服务器接收访问请求后,构建DNS应答报文;Step 201: After receiving the access request, the authoritative DNS server constructs a DNS response message.
步骤201’,获取本地DNS在各网络区域的解析域名过程中从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量,确定最大的信息容量,判断所述DNS应答报文的长度大于传输协议数据包限定长度与所述最大的信息容量的差值时,执行步骤202。Step 201 ′, obtaining the information capacity of the local DNS from the domain name in the access request to the parsing information of the domain name in the DNS response message in the process of resolving the domain name of each network area, determining the maximum information capacity, and determining the When the length of the DNS response packet is greater than the difference between the length of the transport protocol packet and the maximum information capacity, step 202 is performed.
步骤202,确定所述访问请求的来源网络区域,获取本地DNS在来源网络区域的解析域名过程中从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量;Step 202: Determine a source network area of the access request, and obtain an information capacity of a domain name from the access request to a domain name in the DNS response message in the process of resolving the domain name of the source network area;
步骤203,判断所述DNS应答报文的长度大于传输协议数据包限定长度与所述解析信息的信息容量的差值时,减少DNS应答报文中权威字段的内容并相应修改附加字段的内容,将更新后的DNS应答报文发送至所述访问请求的发送方。Step 203: Determine that the length of the DNS response packet is greater than a difference between the length of the transport protocol packet and the information capacity of the parsed information, reduce the content of the authoritative field in the DNS response packet, and modify the content of the additional field accordingly. Sending the updated DNS response message to the sender of the access request.
其中,among them,
步骤201’中还包括:判断所述DNS应答报文的长度不大于传输协议数据包限定长度与所述最大的信息容量的差值时,将所述DNS应答报文发送至所述访问请求的发送方。The step 201 ′ further includes: when determining that the length of the DNS response message is not greater than a difference between a length of the transport protocol data packet and the maximum information capacity, sending the DNS response packet to the access request sender.
本方法中权威DNS服务器维护域名关联列表,此域名关联列表包括本域名和对应的解析链入口域名,还维护解析链信息容量列表,此列表包括域名、网 络区域、解析链信息容量。权威DNS服务器从LDNS服务器获取LDNS在各网络区域的解析域名过程中从访问请求中的域名至DNS应答报文中的域名的解析信息的信息容量。步骤102中,权威DNS服务器根据域名关联列表获取相应的解析链信息容量列表,将从此解析链信息容量列表中获知的解析链信息容量作为从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量。In this method, the authoritative DNS server maintains a domain name association list. The domain name association list includes the domain name and the corresponding resolution chain entry domain name, and also maintains a resolution chain information capacity list. The list includes a domain name, a network area, and a parsing chain information capacity. The authoritative DNS server obtains, from the LDNS server, the information capacity of the LDNS from the domain name in the access request to the domain name resolution information in the DNS response message in the process of resolving the domain name in each network area. In step 102, the authoritative DNS server obtains a corresponding parsing chain information capacity list according to the domain name association list, and uses the parsing chain information capacity learned from the parsing chain information capacity list as the domain name from the access request to the DNS response message. The information capacity of the parsing information in the domain name.
实施例三Embodiment 3
图3是实施例三中减少DNS应答报文长度的装置的结构图,应用于权威DNS服务器,包括:FIG. 3 is a structural diagram of an apparatus for reducing the length of a DNS response message in Embodiment 3, which is applied to an authoritative DNS server, including:
构建模块,设置为在接收访问请求后构建DNS应答报文;Building a module, configured to construct a DNS response message after receiving the access request;
来源网络区域信息容量获取模块,设置为确定所述访问请求的来源网络区域,获取本地DNS在所述来源网络区域的解析域名过程中从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量;a source network area information capacity obtaining module, configured to determine a source network area of the access request, and obtain a local DNS from a domain name in the access request to the DNS response message in a process of resolving a domain name of the source network area The information capacity of the domain name resolution information;
第一判断模块,设置为判断所述DNS应答报文的长度是否大于传输协议数据包限定长度与所述解析信息的信息容量的差值;The first determining module is configured to determine whether the length of the DNS response packet is greater than a difference between a length of the transport protocol data packet and a data capacity of the parsed information;
报文重装模块,设置为在所述判断模块判断所述DNS应答报文的长度大于传输协议数据包限定长度与所述解析信息的信息容量的差值时,减少DNS应答报文中权威字段的内容并相应修改附加字段的内容,将更新后的DNS应答报文传输至发送模块;And the message reloading module is configured to reduce the authoritative field in the DNS response message when the determining module determines that the length of the DNS response message is greater than a difference between the length of the transport protocol data packet and the information capacity of the parsing information. And modify the content of the additional field accordingly, and transmit the updated DNS response message to the sending module;
发送模块,设置为将收到的更新后的DNS应答报文发送至所述访问请求的发送方。The sending module is configured to send the received updated DNS response message to the sender of the access request.
其中,报文重装模块还设置为使用以下方法减少DNS应答报文中权威字段的内容并相应修改附加字段的内容:删除所述DNS应答报文中权威字段的部分NS记录,保留至少一条NS记录,将所述附加字段的A记录修改为与所保留的NS记录相对应的A记录。The message reloading module is further configured to reduce the content of the authoritative field in the DNS response message by using the following method: and modify the content of the additional field correspondingly: deleting part of the NS record of the authoritative field in the DNS response message, and retaining at least one NS Recording, modifying the A record of the additional field to the A record corresponding to the retained NS record.
此装置还包括信息容量获取模块,设置为维护域名关联列表,此域名关联列表包括本域名和对应的解析链入口域名;根据此域名关联列表获取相应的解析链信息容量列表,此解析链信息容量列表包括域名、网络区域、解析链信息容量,将从此解析链信息容量列表中获知的解析链信息容量作为从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量。The device further includes an information capacity obtaining module, configured to maintain a domain name association list, where the domain name association list includes the domain name and a corresponding analytics chain entry domain name; and the corresponding analytics chain information capacity list is obtained according to the domain name association list, and the analytics chain information capacity The list includes a domain name, a network area, and a parsing chain information capacity, and the parsing chain information capacity learned from the parsing chain information capacity list is used as information from the domain name in the access request to the parsing information of the domain name in the DNS response message. capacity.
实施例四Embodiment 4
图4是实施例四中减少DNS应答报文长度的装置的结构图,实施四相比实施例三,减少DNS应答报文长度的装置中还包括:4 is a structural diagram of an apparatus for reducing the length of a DNS response message in the fourth embodiment, and the apparatus for reducing the length of the DNS response message in the fourth embodiment is further included:
多网络区域信息容量获取模块,设置为获取本地DNS在各网络区域的解析域名过程中从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量,确定最大的信息容量;The multi-network area information capacity obtaining module is configured to obtain the information capacity of the domain name from the domain name in the access request to the domain name in the DNS response message in the process of resolving the domain name of each local area, and determine the maximum information. Information capacity
第二判断模块,设置为判断所述DNS应答报文的长度是否大于传输协议数据包限定长度与所述最大的信息容量的差值,如果是,触发所述第一判断模块执行判断。The second determining module is configured to determine whether the length of the DNS response packet is greater than a difference between a length of the transport protocol packet and a maximum information capacity, and if yes, triggering the first determining module to perform the determining.
其中,among them,
第一判断模块还设置为判断所述DNS应答报文的长度不大于传输协议数据包限定长度与所述最大的信息容量的差值时,触发所述发送模块发送所述构建模块生成的DNS应答报文;The first determining module is further configured to: when the length of the DNS response packet is not greater than a difference between the length of the transport protocol packet and the maximum information capacity, triggering, by the sending module, the DNS response generated by the building module Message
第二判断模块还设置为判断所述DNS应答报文的长度不大于传输协议数据包限定长度与所述最大的信息容量的差值时,触发所述发送模块发送所述构建模块生成的DNS应答报文。The second determining module is further configured to: when the length of the DNS response packet is not greater than a difference between a length of the transport protocol data packet and the maximum information capacity, triggering, by the sending module, to send the DNS response generated by the building module Message.
下面通过具体实施例说明本发明实施例。The embodiments of the present invention are described below by way of specific embodiments.
具体实施例Specific embodiment
权威服务器解析的域为c.com,此权威服务器称为c.com的权威DNS服务器,此权威服务器可构建www.c.com请求的应答报文。域名关系列表中维护www.a.com和www.c.com的关系,www.a.com为www.c.com的解析入口域名。解析过程如下:客户端发送访问请求,要求访问的域名为www.a.com。LDNS接收到此访问请求后,在不同的网络区域进行递归解析。网络区域一般地理区域(例如北京、上海等)和运营商(联通、电信等)的组合,例如北京联通、上海电信。The domain resolved by the authoritative server is c.com. This authoritative server is called the authoritative DNS server of c.com. This authoritative server can construct the response message requested by www.c.com. The relationship between www.a.com and www.c.com is maintained in the domain name relationship list, and www.a.com is the resolution entry domain name of www.c.com. The parsing process is as follows: The client sends an access request and the domain name requested to be accessed is www.a.com. After receiving this access request, LDNS performs recursive parsing in different network areas. A combination of general geographical areas (such as Beijing, Shanghai, etc.) and operators (China Unicom, Telecom, etc.) in the network area, such as Beijing Unicom and Shanghai Telecom.
一:在北京联通进行以下递归解析:One: The following recursive analysis in Beijing Unicom:
解析链为:The parsing chain is:
Figure PCTCN2018087744-appb-000004
Figure PCTCN2018087744-appb-000004
根据CNAME记录确定此权威服务器为IP地址为 1.1.1.1的c.com的权威DNS服务器。此权威DNS服务器的应答报文包括: According to the CNAME record, this authoritative server is determined to be the authoritative DNS server of c.com with the IP address 1.1.1.1 . The response message of this authoritative DNS server includes:
www.c.com A  1.1.1.1 Www.c.com A 1.1.1.1
此时 www.a.comwww.b.com为CDN的非本域域名。所以LDNS在解析链中解析链信息容量为以下CNAME的容量。 At this time www.a.com, www.b.com present as a non-CDN domain domain name. Therefore, LDNS resolves the chain information capacity in the parsing chain to the capacity of the following CNAME.
www.a.com  cname   www.b.com www.a.com cname www.b.com
www.b.com  cname   www.c.com Www.b.com cname www.c.com
此容量为62字节,则在解析链信息容量列表中记录的针对北京联通此网络区域的信息为:The capacity is 62 bytes, and the information recorded in the analysis chain information capacity list for this network area of Beijing Unicom is:
www.c.com 北京联通 62 Www.c.com Beijing Unicom 62
二:在上海电信进行以下递归解析:Second: Perform the following recursive analysis in Shanghai Telecom:
解析链为:The parsing chain is:
www.a.com  cname   www.c.com www.a.com cname www.c.com
www.c.com  A   2.2.2.2 Www.c.com A 2.2.2.2
根据CNAME记录确定权威服务器为IP地址为 2.2.2.2的c.com的权威DNS服务器。此权威DNS服务器的应答报文包括: According to the CNAME record, the authoritative server is determined to be the authoritative DNS server of c.com with the IP address 2.2.2.2 . The response message of this authoritative DNS server includes:
www.c.com A  2.2.2.2 Www.c.com A 2.2.2.2
此时 www.a.com为CDN的非本域域名。LDNS在解析链中解析链信息容量为以下CNAME的容量。 At this time, www.a.com is the non-domain domain name of the CDN. LDNS resolves the chain information capacity in the parsing chain to the capacity of the following CNAME.
www.a.com cname  www.c.com www.a.com cname www.c.com
此容量为30字节,则在解析链信息容量列表中记录的针对上海电信此网络区域的信息为:The capacity is 30 bytes, and the information recorded in the analysis chain information capacity list for this network area of Shanghai Telecom is:
www.c.com 上海电信 30字节 Www.c.com Shanghai Telecom 30 bytes
至此:权威服务器维护解析链信息容量列表包括:At this point: the list of authoritative server maintenance parsing chain information capacity includes:
域名domain name 网络区域Network area 解析链信息容量Analyze chain information capacity
www.c.comWww.c.com 北京联通Beijing Unicom 62字节62 bytes
www.c.comWww.c.com 上海电信Shanghai Telecom 32字节32 bytes
权威服务器接收到收访问请求后,构建DNS应答报文,此DNS应答报文的长度为500字节,根据解析链信息容量列表,确定解析链信息容量中最大的信息容量为62字节,512字节与此最大的信息容量的差值为450字节,判断此DNS应答报文的长度大于此450字节,进行第二次判断。确定访问请求的来源网络区域为上海电信,根据解析链信息容量列表确定此网络区域对应的信息容量为30字节,512字节与此信息容量的差值为480字节,判断此DNS应答报文的长度大于此480字节,则减少DNS应答报文中权威字段的内容并相应修改附加字段的内容,将更新后的DNS应答报文发送至所述访问请求的发送方。After receiving the access request, the authoritative server constructs a DNS response message. The length of the DNS response message is 500 bytes. According to the analysis chain information capacity list, the maximum information capacity of the analysis chain information capacity is 62 bytes, 512. The difference between the byte and the maximum information capacity is 450 bytes. It is determined that the length of the DNS response message is greater than the 450 bytes, and the second judgment is made. The source network area for determining the access request is Shanghai Telecom. According to the analysis chain information capacity list, the information capacity corresponding to the network area is determined to be 30 bytes, and the difference between the 512 bytes and the information capacity is 480 bytes, and the DNS response is determined. If the length of the text is greater than the 480 bytes, the content of the authoritative field in the DNS response message is reduced, and the content of the additional field is modified accordingly, and the updated DNS response message is sent to the sender of the access request.
使用本文的方案后,在CDN特定解析环境下,根据抽样测试结果获知使用本文方案相比现有技术的方案可以减少44.1%的DNS报文字节数。例如,在一个典型的抽样测试中,使用现有技术的方案DNS应答报文中权威字段和附加字段的总长度为229字节,使用本文的方案后,DNS应答报文中权威字段和附加字段的总长度为112字节。根据上文中描述的本文的方案可知,附加字段的长度并未改变,因为减少了权威字段的内容达到了减少DNS应答报文长度的效果。After using the scheme in this paper, in the specific analysis environment of CDN, according to the sampling test results, it is known that the scheme of this paper can reduce the number of bytes of DNS packets by 44.1% compared with the scheme of the prior art. For example, in a typical sampling test, the total length of the authoritative field and the additional field in the DNS response message using the prior art scheme is 229 bytes. After using the scheme of this document, the authoritative field and the additional field in the DNS response message. The total length is 112 bytes. According to the scheme described herein above, the length of the additional field does not change because the content of the authoritative field is reduced to achieve the effect of reducing the length of the DNS response message.
本发明实施例的有益效果包括:Advantageous effects of embodiments of the present invention include:
(1)本发明实施例考虑到了LDNS处需要在权威DNS服务器返回的DNS应答报文需要增加解析链其它部分的数据,在进行DNS应答报文长度判定时引入了对解析链应答包长度的判定,使报文长度的控制更准确更合理。(1) The embodiment of the present invention considers that the DNS response message returned by the authoritative DNS server at the LDNS needs to increase the data of other parts of the parsing chain, and introduces the judgment of the length of the response chain response packet when determining the length of the DNS response message. To make the control of message length more accurate and reasonable.
(2)通过合并减少权威字段和修改附加字段方式减少DNS报文长度,不会修改原有A记录和cname记录等核心应答信息,不影响业务的负载均衡和cname特性。(2) Reduce the length of the DNS packet by combining the reduced authority field and modifying the additional field. The core response information such as the original A record and the cname record is not modified, and the load balancing and cname characteristics of the service are not affected.
(3)通过合并减少权威字段和修改附加字段方式减少DNS报文长度,使NS记录对应的DNS服务器IP并没有变化,只是修改了NS记录的hostname字段,与原有配置标书的DNS系统架构完全一致。保留了NS记录特征,方便问题查询和增强系统健壮性。(3) Reduce the length of the DNS packet by combining the reduced authority field and modifying the additional field, so that the IP address of the DNS server corresponding to the NS record does not change, but the hostname field of the NS record is modified, and the DNS system architecture of the original configuration bid is completely complete. Consistent. The NS record feature is preserved to facilitate problem query and enhance system robustness.
上面描述的内容可以单独地或者以各种方式组合起来实施,而这些变型方式都在本发明实施例的保护范围之内。The above description may be implemented individually or in combination in various ways, and these modifications are within the scope of the embodiments of the present invention.
本领域的普通技术人员应当理解,可以对本发明实施例的技术方案进行修改或者等同替换,而不脱离本发明技术方案的精神和范围,均应涵盖在权利要求范围当中。A person skilled in the art should understand that the technical solutions of the embodiments of the present invention may be modified or equivalent, without departing from the spirit and scope of the present invention, and should be included in the scope of the claims.
本领域普通技术人员可以理解,上文中所公开方法中的全部或某些步骤、系统、装置中的功能模块/单元可以被实施为软件、固件、硬件及其适当的组合。在硬件实施方式中,在以上描述中提及的功能模块/单元之间的划分不一定对应于物理组件的划分;例如,一个物理组件可以具有多个功能,或者一个功能或步骤可以由若干物理组件合作执行。某些组件或所有组件可以被实施为由处理器,如数字信号处理器或微处理器执行的软件,或者被实施为硬件,或者被实施为集成电路,如专用集成电路。这样的软件可以分布在计算机可读介质上,计算机可读介质可以包括计算机存储介质(或非暂时性介质)和通信介质(或暂时性介质)。如本领域普通技术人员公知的,术语计算机存储介质包括在用于存储信息(诸如计算机可读指令、数据结构、程序模块或其他数据)的任何方法或技术中实施的易失性和非易失性、可移除和不可移除介质。计算机存储介质包括但不限于RAM、ROM、EEPROM、闪存或其他存储器技术、CD-ROM、数字多功能盘(DVD)或其他光盘存储、磁盒、磁带、磁盘存储或其他磁存储装置、或者可以用于存储期望的信息并且可以被计算机访问的任何其他的介质。此外,本领域普通技术人员公知的是,通信介质通常包含计算机可读指令、数据结构、程序模块或者诸如载波或其他传输机制之类的调制数据信号中的其他数据,并且可包括任何信息递送介质。Those of ordinary skill in the art will appreciate that all or some of the steps, systems, and functional blocks/units of the methods disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof. In a hardware implementation, the division between functional modules/units mentioned in the above description does not necessarily correspond to the division of physical components; for example, one physical component may have multiple functions, or one function or step may be composed of several physical The components work together. Some or all of the components may be implemented as software executed by a processor, such as a digital signal processor or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on a computer readable medium, which may include computer storage media (or non-transitory media) and communication media (or transitory media). As is well known to those of ordinary skill in the art, the term computer storage medium includes volatile and nonvolatile, implemented in any method or technology for storing information, such as computer readable instructions, data structures, program modules or other data. Sex, removable and non-removable media. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical disc storage, magnetic cartridge, magnetic tape, magnetic disk storage or other magnetic storage device, or may Any other medium used to store the desired information and that can be accessed by the computer. Moreover, it is well known to those skilled in the art that communication media typically includes computer readable instructions, data structures, program modules, or other data in a modulated data signal, such as a carrier wave or other transport mechanism, and can include any information delivery media. .
工业实用性Industrial applicability
本文通过减少权威字段和修改附加字段方式,达到减少DNS报文长度的目的,而且不会引起现有技术中其它减少DNS应答报文长度方法导致的缺点。In this paper, by reducing the authoritative field and modifying the additional field mode, the purpose of reducing the length of the DNS packet is achieved, and the disadvantages caused by other methods for reducing the length of the DNS response message in the prior art are not caused.

Claims (12)

  1. 一种减少DNS应答报文长度的方法,其中,包括:A method for reducing the length of a DNS response message, which includes:
    步骤1,权威DNS服务器接收访问请求后,构建DNS应答报文;Step 1: After receiving the access request, the authoritative DNS server constructs a DNS response message.
    步骤2,确定所述访问请求的来源网络区域,获取本地DNS在所述来源网络区域的解析域名过程中从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量;Step 2: Determine a source network area of the access request, and obtain information about a domain name from the domain name in the access request to the domain name in the DNS response domain in the process of resolving the domain name of the source network area. capacity;
    步骤3,判断所述DNS应答报文的长度大于传输协议数据包限定长度与所述解析信息的信息容量的差值时,减少DNS应答报文中权威字段的内容并相应修改附加字段的内容,将更新后的DNS应答报文发送至所述访问请求的发送方。Step 3: When the length of the DNS response packet is greater than the difference between the length of the transport protocol packet and the information capacity of the parsed information, reduce the content of the authoritative field in the DNS response packet and modify the content of the additional field accordingly. Sending the updated DNS response message to the sender of the access request.
  2. 如权利要求1所述的减少DNS应答报文长度的方法,其中,The method for reducing the length of a DNS response message according to claim 1, wherein
    所述步骤1和步骤2之间还包括步骤1’,Step 1 and step 2 are further included between the steps 1 and 2,
    步骤1’包括:获取本地DNS在各网络区域的解析域名过程中从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量,确定最大的信息容量,判断所述DNS应答报文的长度大于传输协议数据包限定长度与所述最大的信息容量的差值时,执行步骤2。Step 1 ′: obtaining the information capacity of the local DNS from the domain name in the access request to the domain information in the DNS response message in the process of resolving the domain name of the local network, determining the maximum information capacity, and determining the location Step 2 is performed when the length of the DNS response message is greater than the difference between the length of the transport protocol packet and the maximum information capacity.
  3. 如权利要求1所述的减少DNS应答报文长度的方法,其中,The method for reducing the length of a DNS response message according to claim 1, wherein
    所述减少DNS应答报文中权威字段的内容并相应修改附加字段的内容包括:删除所述DNS应答报文中权威字段的部分NS记录,保留至少一条NS记录,将所述附加字段的A记录修改为与所保留的NS记录相对应的A记录。The reducing the content of the authoritative field in the DNS response message and modifying the content of the additional field includes: deleting part of the NS record of the authoritative field in the DNS response message, retaining at least one NS record, and recording the A record of the additional field Modified to the A record corresponding to the retained NS record.
  4. 如权利要求2所述的减少DNS应答报文长度的方法,其中,The method for reducing the length of a DNS response message according to claim 2, wherein
    步骤1’还包括:判断所述DNS应答报文的长度不大于传输协议数据包限定长度与所述最大的信息容量的差值时,将所述DNS应答报文发送至所述访问请求的发送方;The step 1 s further includes: when determining that the length of the DNS response message is not greater than a difference between a length of the transport protocol data packet and the maximum information capacity, sending the DNS response message to the sending of the access request square;
    所述步骤3还包括:判断所述DNS应答报文的长度不大于传输协议数据包限定长度与所述解析信息的信息容量的差值时,将所述DNS应答报文发送至所述访问请求的发送方。The step 3 further includes: when determining that the length of the DNS response packet is not greater than a difference between a length of the transport protocol data packet and a data capacity of the parsing information, sending the DNS response packet to the access request The sender.
  5. 如权利要求1所述的减少DNS应答报文长度的方法,其中,The method for reducing the length of a DNS response message according to claim 1, wherein
    所述获取本地DNS在所述来源网络区域的解析域名过程中从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量包括:维护域名 关联列表,此域名关联列表包括本域名和对应的解析链入口域名;根据此域名关联列表获取相应的解析链信息容量列表,此解析链信息容量列表包括域名、网络区域、解析链信息容量,将从此解析链信息容量列表中获知的解析链信息容量作为从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量。The information capacity of the domain name in the process of resolving the domain name of the source network to the domain name in the DNS request message includes: maintaining a domain name association list, and the domain name association The list includes the domain name and the corresponding analytic chain entry domain name; and the corresponding analytics chain information capacity list is obtained according to the domain name association list, and the analytics chain information capacity list includes the domain name, the network area, and the analytic chain information capacity, and the chain information capacity list is resolved from this list. The known analysis chain information capacity is used as the information capacity from the domain name in the access request to the parsing information of the domain name in the DNS response message.
  6. 一种减少DNS应答报文长度的装置,其中,应用于权威DNS服务器,包括:A device for reducing the length of a DNS response message, wherein the application to an authoritative DNS server includes:
    构建模块,设置为在接收访问请求后构建DNS应答报文;Building a module, configured to construct a DNS response message after receiving the access request;
    来源网络区域信息容量获取模块,设置为确定所述访问请求的来源网络区域,获取本地DNS在所述来源网络区域的解析域名过程中从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量;a source network area information capacity obtaining module, configured to determine a source network area of the access request, and obtain a local DNS from a domain name in the access request to the DNS response message in a process of resolving a domain name of the source network area The information capacity of the domain name resolution information;
    第一判断模块,设置为判断所述DNS应答报文的长度是否大于传输协议数据包限定长度与所述解析信息的信息容量的差值;The first determining module is configured to determine whether the length of the DNS response packet is greater than a difference between a length of the transport protocol data packet and a data capacity of the parsed information;
    报文重装模块,设置为在所述判断模块判断所述DNS应答报文的长度大于传输协议数据包限定长度与所述解析信息的信息容量的差值时,减少DNS应答报文中权威字段的内容并相应修改附加字段的内容,将更新后的DNS应答报文传输至发送模块;And the message reloading module is configured to reduce the authoritative field in the DNS response message when the determining module determines that the length of the DNS response message is greater than a difference between the length of the transport protocol data packet and the information capacity of the parsing information. And modify the content of the additional field accordingly, and transmit the updated DNS response message to the sending module;
    发送模块,设置为将收到的更新后的DNS应答报文发送至所述访问请求的发送方。The sending module is configured to send the received updated DNS response message to the sender of the access request.
  7. 如权利要求6所述的减少DNS应答报文长度的装置,其中,The apparatus for reducing the length of a DNS response message according to claim 6, wherein
    所述装置还包括:The device also includes:
    多网络区域信息容量获取模块,设置为获取本地DNS在各网络区域的解析域名过程中从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量,确定最大的信息容量;The multi-network area information capacity obtaining module is configured to obtain the information capacity of the domain name from the domain name in the access request to the domain name in the DNS response message in the process of resolving the domain name of each local area, and determine the maximum information. Information capacity
    第二判断模块,设置为判断所述DNS应答报文的长度是否大于传输协议数据包限定长度与所述最大的信息容量的差值,如果是,触发所述第一判断模块执行判断。The second determining module is configured to determine whether the length of the DNS response packet is greater than a difference between a length of the transport protocol packet and a maximum information capacity, and if yes, triggering the first determining module to perform the determining.
  8. 如权利要求6所述的减少DNS应答报文长度的装置,其中,The apparatus for reducing the length of a DNS response message according to claim 6, wherein
    所述报文重装模块还设置为使用以下方法减少DNS应答报文中权威字段的内容并相应修改附加字段的内容:删除所述DNS应答报文中权威字段的部分NS记录,保留至少一条NS记录,将所述附加字段的A记录修改为与所保留的NS 记录相对应的A记录。The message reloading module is further configured to reduce the content of the authoritative field in the DNS response message by using the following method: and modify the content of the additional field correspondingly: deleting part of the NS record of the authoritative field in the DNS response message, and retaining at least one NS Recording, modifying the A record of the additional field to the A record corresponding to the retained NS record.
  9. 如权利要求7所述的减少DNS应答报文长度的装置,其中,The apparatus for reducing the length of a DNS response message according to claim 7, wherein
    所述第一判断模块还设置为判断所述DNS应答报文的长度不大于传输协议数据包限定长度与所述最大的信息容量的差值时,触发所述发送模块发送所述构建模块生成的DNS应答报文;The first determining module is further configured to: when the length of the DNS response packet is not greater than a difference between a length of the transport protocol data packet and the maximum information capacity, triggering, by the sending module, the sending, by the sending module, DNS response message;
    所述第二判断模块还设置为判断所述DNS应答报文的长度不大于传输协议数据包限定长度与所述最大的信息容量的差值时,触发所述发送模块发送所述构建模块生成的DNS应答报文;The second determining module is further configured to: when determining that the length of the DNS response packet is not greater than a difference between a length of the transport protocol data packet and the maximum information capacity, triggering, by the sending module, the sending, by the sending module, DNS response message;
  10. 如权利要求6所述的减少DNS应答报文长度的装置,其中,The apparatus for reducing the length of a DNS response message according to claim 6, wherein
    所述装置还包括信息容量获取模块,设置为维护域名关联列表,此域名关联列表包括本域名和对应的解析链入口域名;根据此域名关联列表获取相应的解析链信息容量列表,此解析链信息容量列表包括域名、网络区域、解析链信息容量,将从此解析链信息容量列表中获知的解析链信息容量作为从所述访问请求中的域名至所述DNS应答报文中的域名的解析信息的信息容量。The device further includes an information capacity obtaining module, configured to maintain a domain name association list, where the domain name association list includes the domain name and a corresponding analytic chain entry domain name; and the corresponding analytics chain information capacity list is obtained according to the domain name association list, and the analytics chain information The capacity list includes a domain name, a network area, and a parsing chain information capacity, and the parsing chain information capacity learned from the parsing chain information capacity list is used as the parsing information from the domain name in the access request to the domain name in the DNS response message. Information capacity.
  11. 一种计算机可读存储介质,所述存储介质上存储有计算机程序,所述程序被处理器执行时实现权利要求1至5中任意一项所述方法的步骤。A computer readable storage medium having stored thereon a computer program, the program being executed by a processor to perform the steps of the method of any one of claims 1 to 5.
  12. 一种计算机设备,包括存储器、处理器及存储在所述存储器上并可在所述处理器上运行的计算机程序,所述处理器执行所述程序时实现权利要求1至5中任意一项所述方法的步骤。A computer device comprising a memory, a processor, and a computer program stored on the memory and operable on the processor, the processor executing the program to implement any one of claims 1 to 5 The steps of the method.
PCT/CN2018/087744 2017-05-22 2018-05-22 Method, apparatus, medium and device for reducing length of dns message WO2018214853A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201710364884.2A CN107707683B (en) 2017-05-22 2017-05-22 A kind of method and apparatus for reducing DNS message lengths
CN201710364884.2 2017-05-22

Publications (1)

Publication Number Publication Date
WO2018214853A1 true WO2018214853A1 (en) 2018-11-29

Family

ID=61169522

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/087744 WO2018214853A1 (en) 2017-05-22 2018-05-22 Method, apparatus, medium and device for reducing length of dns message

Country Status (2)

Country Link
CN (1) CN107707683B (en)
WO (1) WO2018214853A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107707683B (en) * 2017-05-22 2018-06-08 贵州白山云科技有限公司 A kind of method and apparatus for reducing DNS message lengths
CN108833424B (en) * 2018-06-25 2020-11-03 哈尔滨工业大学 System for acquiring all resource records of domain name

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102025794A (en) * 2010-01-22 2011-04-20 中国移动通信集团北京有限公司 Domain name resolution method, DNS (Domain Name Server) server and system
US7970878B1 (en) * 2005-11-16 2011-06-28 Cisco Technology, Inc. Method and apparatus for limiting domain name server transaction bandwidth
CN106470252A (en) * 2016-09-29 2017-03-01 广东欧珀移动通信有限公司 Application program inquires about method and the communication terminal of IP address
CN106657432A (en) * 2016-11-17 2017-05-10 中国移动通信集团江苏有限公司 Domain name resolution method and device
CN107707683A (en) * 2017-05-22 2018-02-16 贵州白山云科技有限公司 A kind of method and apparatus of reduction DNS message lengths

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1949783B (en) * 2005-10-14 2011-03-16 华为技术有限公司 Address mapping method for message network address converting of realm name analytic server
CN101969478B (en) * 2010-10-15 2013-03-20 杭州迪普科技有限公司 Intelligent DNS message processing method and processing device
CN103812770B (en) * 2012-11-12 2017-04-12 华为技术有限公司 Cloud service message redirecting method and system and cloud gateway
CN104754066B (en) * 2013-12-26 2018-10-09 华为技术有限公司 A kind of message processing method and message processor
CN106550056B (en) * 2015-09-18 2019-09-10 中国移动通信集团江苏有限公司 A kind of domain name analytic method and device
CN105721624B (en) * 2016-01-22 2019-06-21 中国互联网络信息中心 A kind of novel authoritative domain name resolution service method and apparatus
CN111245972A (en) * 2016-08-31 2020-06-05 贵州白山云科技股份有限公司 Domain name resolution method, device, medium and equipment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7970878B1 (en) * 2005-11-16 2011-06-28 Cisco Technology, Inc. Method and apparatus for limiting domain name server transaction bandwidth
CN102025794A (en) * 2010-01-22 2011-04-20 中国移动通信集团北京有限公司 Domain name resolution method, DNS (Domain Name Server) server and system
CN106470252A (en) * 2016-09-29 2017-03-01 广东欧珀移动通信有限公司 Application program inquires about method and the communication terminal of IP address
CN106657432A (en) * 2016-11-17 2017-05-10 中国移动通信集团江苏有限公司 Domain name resolution method and device
CN107707683A (en) * 2017-05-22 2018-02-16 贵州白山云科技有限公司 A kind of method and apparatus of reduction DNS message lengths

Also Published As

Publication number Publication date
CN107707683A (en) 2018-02-16
CN107707683B (en) 2018-06-08

Similar Documents

Publication Publication Date Title
US9794216B2 (en) Request routing in a networked environment
US9319315B2 (en) Distributing transmission of requests across multiple IP addresses of a proxy server in a cloud-based proxy service
EP2266064B1 (en) Request routing
US7933272B2 (en) Methods and systems for resolving a first node identifier in a first identifier domain space to a second node identifier in a second identifier domain space
US9648033B2 (en) System for detecting the presence of rogue domain name service providers through passive monitoring
US10469532B2 (en) Preventing DNS cache poisoning
US20120084382A1 (en) On-the-fly reverse mapping
US20180041466A9 (en) Surrogate name delivery network
US20160036848A1 (en) Intercloud security as a service
US10230760B2 (en) Real-time cloud-based detection and mitigation of DNS data exfiltration and DNS tunneling
US10560422B2 (en) Enhanced inter-network monitoring and adaptive management of DNS traffic
US8886750B1 (en) Alias resource record sets
US10735461B2 (en) Method for minimizing the risk and exposure duration of improper or hijacked DNS records
US10484271B2 (en) Data universal forwarding plane for information exchange
WO2018214853A1 (en) Method, apparatus, medium and device for reducing length of dns message
US10021176B2 (en) Method and server for managing traffic-overload on a server
CN103581361A (en) Domain name resolution proxy method, device and system
WO2017000144A1 (en) Dns server, client and data synchronization method
WO2017161965A1 (en) Method, device, and system for dynamic domain name system (dns) redirection
US10225105B2 (en) Network address translation
US10009258B2 (en) Methods, systems, and computer readable media for routing a redirected request message
US10742751B2 (en) User based mDNS service discovery
US11095605B1 (en) Request routing utilizing encoded DNS-based messaging parameters
KR20150089894A (en) Network Address Translation apparatus with cookie proxy function and method for NAT supporting cookie proxy function
KR101645222B1 (en) Advanced domain name system and management method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18805285

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18805285

Country of ref document: EP

Kind code of ref document: A1