一、为什么需要DNS(Domain Name System)

计算机通过IP地址互相通信,而人容易记忆的是字符串。

比如我想要访问腾讯,只需要记住qq.com就行,无论腾讯怎么更换服务器地址,我都不需要记住IP。如果没有DNS,那么每一次腾讯更新服务器IP,我都需要记住新的IP。

而且全球IP地址太多,一台服务器是无法存储所有的IP的,所以查询过程是通过多台服务器实现的。

二、DNS查询方式

计算机访问 yahoo.com查询DNS的过程:

1、查看本地host有没有yahoo.com的IP

2、本地host没有yahoo.com的IP地址,就去Resolver查询

3、Resolver查不到yahoo.com的IP地址,就去查询Root Server

Root Server/ Top Server 全球有13套,每一套都有自己单独的ip地址。

4、Root Server没有yahoo.com的IP,让 Resover 去TLD server查

TLD:top level domain server

比如:.com .net .org

5、TLD 让 Resolver 去 Authoritative Name Server查询IP地址

6、 Authoritative Name Server知道yahoo.com的ip地址,resolver缓存ip后,告诉你的计算机yahoo.com的具体IP

三、linux下利用dig命令查看DNS解析过程

dig @isp yahoo.com +trace
dig @202.106.46.151 yahoo.com +trace       
; <<>> DiG 9.9.5-3ubuntu0.19-Ubuntu <<>> @202.106.46.151 yahoo.com +trace
; (1 server found)
;; global options: +cmd
.                       265704  IN      NS      k.root-servers.net.
.                       265704  IN      NS      b.root-servers.net.
.                       265704  IN      NS      i.root-servers.net.
.                       265704  IN      NS      d.root-servers.net.
.                       265704  IN      NS      j.root-servers.net.
.                       265704  IN      NS      g.root-servers.net.
.                       265704  IN      NS      m.root-servers.net.
.                       265704  IN      NS      f.root-servers.net.
.                       265704  IN      NS      a.root-servers.net.
.                       265704  IN      NS      l.root-servers.net.
.                       265704  IN      NS      c.root-servers.net.
.                       265704  IN      NS      e.root-servers.net.
.                       265704  IN      NS      h.root-servers.net.
;; Received 228 bytes from 202.106.46.151#53(202.106.46.151) in 53 ms
com.                    172800  IN      NS      e.gtld-servers.net.
com.                    172800  IN      NS      m.gtld-servers.net.
com.                    172800  IN      NS      j.gtld-servers.net.
com.                    172800  IN      NS      h.gtld-servers.net.
com.                    172800  IN      NS      a.gtld-servers.net.
com.                    172800  IN      NS      b.gtld-servers.net.
com.                    172800  IN      NS      f.gtld-servers.net.
com.                    172800  IN      NS      k.gtld-servers.net.
com.                    172800  IN      NS      d.gtld-servers.net.
com.                    172800  IN      NS      g.gtld-servers.net.
com.                    172800  IN      NS      c.gtld-servers.net.
com.                    172800  IN      NS      i.gtld-servers.net.
com.                    172800  IN      NS      l.gtld-servers.net.
com.                    86400   IN      DS      30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com.                    86400   IN      RRSIG   DS 8 1 86400 20191126170000 20191113160000 22545 . LWPm4uhPYc0oAdzsyNO358tIcxOimMy/iMgMqLFpk6yv6GNyomSmG59m sa3pu5LAqjmiEn/nTM0bPWLUmJWj4knwaJJdAZ7/Gy8Y96JDaNGfFS+W sywq06R5ejig7dNOuz46lI/gz3RamgjwJ70sIyk+mBMEDJ8SUYcxFy9Y 2mu/r/3q1siSlQQnAJSZlAfqzw8H1Co6NGyNz4NtbCjSnu1ua3X3X6cQ GK7iSxnWX0CSE2ieFxjxl9XpkKuAm82DxAfUB7MiJwIsp+t6G+Qb+uiA gAh0Yc2EwcTia4RgNwBY/yyz1nkKDw8FXVku9NDdXVY5eRrB2SSW5kr8 +khqtA==
;; Received 1169 bytes from 202.12.27.33#53(m.root-servers.net) in 79 ms
yahoo.com.              172800  IN      NS      ns1.yahoo.com.
yahoo.com.              172800  IN      NS      ns5.yahoo.com.
yahoo.com.              172800  IN      NS      ns2.yahoo.com.
yahoo.com.              172800  IN      NS      ns3.yahoo.com.
yahoo.com.              172800  IN      NS      ns4.yahoo.com.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20191119054905 20191112043905 12163 com. DWeezLYg0WoPrctVhXYCQrY7V3R1Ue6M7Wik02NqCEI1wvkGFPY+C0IZ gQF3yb8KZdoymT4YbWIxoTRn7J13y0q1Bt1D406GiMtL5lW9t7mTFDx1 I2B6kZwlT8y+EScHJgNPhgMZRuClmKR3PNZv34q3eEicFHk27wXq7NkU vB7l6mWl0rthDhRfVJ7JiMz+qg7B7+5y2MBnNw4IBhkVFg==
GPIOKD3LN30P876AAMCH37FFI1N9IGBC.com. 86400 IN NSEC3 1 1 0 - GPIOVE5CC3CA0D1H14G1GI4J0835GEKB NS DS RRSIG
GPIOKD3LN30P876AAMCH37FFI1N9IGBC.com. 86400 IN RRSIG NSEC3 8 2 86400 20191121064901 20191114053901 12163 com. QlsSF3r2HBAqoODnNcWXpaOX3yOheShtlnzfVREcbc2QQyNMuRz+IjQ9 IJsa47vB+fA8z3lRhNKCKC+5YzAgb9FgGV7awbuygeoIXTF1UADfQoen CKhIyxvxrfLkIi+vS3JOS7C9f+0ShDJP9l3zfIi9dkX9NhfamkM49ZuT vp6dfS749B89u2v6LofFxfAuNxmV2k3SdVpFFrEeaDwS8A==
;; Received 841 bytes from 192.33.14.30#53(b.gtld-servers.net) in 633 ms
yahoo.com.              1800    IN      A       98.137.246.8
yahoo.com.              1800    IN      A       98.138.219.231
yahoo.com.              1800    IN      A       98.138.219.232
yahoo.com.              1800    IN      A       72.30.35.9
yahoo.com.              1800    IN      A       72.30.35.10
yahoo.com.              1800    IN      A       98.137.246.7
yahoo.com.              172800  IN      NS      ns2.yahoo.com.
yahoo.com.              172800  IN      NS      ns5.yahoo.com.
yahoo.com.              172800  IN      NS      ns4.yahoo.com.
yahoo.com.              172800  IN      NS      ns1.yahoo.com.
yahoo.com.              172800  IN      NS      ns3.yahoo.com.
;; Received 388 bytes from 68.142.255.16#53(ns2.yahoo.com) in 178 ms

202.106.46.151 是北京联通的DNS地址,作为Resolver

c.root-servers.net. 是root server

j.gtld-servers.net. 是TLD server

ns1.yahoo.com. 是 Authoritative Name Server

五、视频讲解

dns解析过程

六、附录

Root Server的IP地址和管理机构

HOSTNAMEIP ADDRESSESMANAGER
a.root-servers.net198.41.0.4, 2001:503:ba3e::2:30VeriSign, Inc.
b.root-servers.net199.9.14.201, 2001:500:200::bUniversity of Southern California (ISI)
c.root-servers.net192.33.4.12, 2001:500:2::cCogent Communications
d.root-servers.net199.7.91.13, 2001:500:2d::dUniversity of Maryland
e.root-servers.net192.203.230.10, 2001:500:a8::eNASA (Ames Research Center)
f.root-servers.net192.5.5.241, 2001:500:2f::fInternet Systems Consortium, Inc.
g.root-servers.net192.112.36.4, 2001:500:12::d0dUS Department of Defense (NIC)
h.root-servers.net198.97.190.53, 2001:500:1::53US Army (Research Lab)
i.root-servers.net192.36.148.17, 2001:7fe::53Netnod
j.root-servers.net192.58.128.30, 2001:503:c27::2:30VeriSign, Inc.
k.root-servers.net193.0.14.129, 2001:7fd::1RIPE NCC
l.root-servers.net199.7.83.42, 2001:500:9f::42ICANN
m.root-servers.net202.12.27.33, 2001:dc3::35WIDE Project

13个根DNS由12个组织维护,其中 Verisign 维护两个根DNS。

全世界有750个以上的根服务器实例,只有13个IP地址。

为保证访问速率,在世界上不同的地点看到的13个根DNS也是在不同的地方。

https://root-servers.org/



0 条评论

发表评论

电子邮件地址不会被公开。 必填项已用*标注