13.1 DNS domain name resolution service

Domain names are easier to understand and remember than digital IP addresses, so we are usually more accustomed to accessing resources on the network through domain names. However, computers in the network can only identify each other based on IP addresses, and in order to transfer data over the Internet, they must also be based on the IP address of the external network.

DNS (Domain Name System, Domain Name System) technology was born to lower the threshold for users to access network resources. T his is a technology for managing and parsing the correspondence between a domain name and an IP address, simply by accepting a domain name or IP address entered by the user, and then automatically finding an IP address or domain name that matches (or has a mapping relationship), that is, the domain name resolves to an IP address (positive resolution), or an IP address to a domain name (reverse resolution). T hat way, we only need to enter the domain name in the browser to open the website we want to visit. Positive resolution of DNS domain name resolution technology is also one of our most commonly used modes of operation.

In view of the large number of domain names and IP address correspondence databases in the Internet, DNS domain name resolution services use a tree-like hierarchy to record the correspondence between domain names and IP addresses, thus forming a distributed database system, as shown in Figure 13-1.

Figure 13-1 The directory tree hierarchy used by the DNS domain name resolution service

Domain suffixes are generally divided into international and domestic domain names. I n principle, domain suffixes are strictly defined, but they do not have to be strictly adhered to when actually used. The most common domain name suffixes are .com (business organizations), .org (non-profit organizations), .gov (government departments), .net (network service providers), .edu (teaching and research institutions), .pub (public), .cn (China's national top-level domain names), etc.

Today's world is becoming more and more information-based, big data, cloud computing, the Internet of Things, artificial intelligence and other new technologies are emerging, the number of Internet users around the world is said to be more than 3.5 billion, and is still growing at a rate of 10% per year. T hese factors have led to a further surge in the number of domain names on the Internet and a further increase in the frequency with which they are accessed. A ssuming that the world's Internet users each visit only one website domain name per day, and only once, will also generate 3.5 billion query requests, such a large number of requests can certainly not be all processed by a server. DNS technology, as an important part of the Internet infrastructure, provides the following three types of servers in order to provide Internet users with uninterrupted, stable and fast domain name query service and ensure the normal operation of the Internet.

Primary server: Unique in a particular region and responsible for maintaining the correspondence between domain names and IP addresses within that region.

From the server: Get the corresponding relationship between the domain name and the IP address from the primary server and maintain it in case the primary server goes down, etc.

Cache server: by querying other domain name resolution server to obtain the corresponding relationship between domain name and IP address, and often query the domain name information saved to the server local, in order to improve the efficiency of repeated queries.

Simply put, the primary server is the real server used to manage the correspondence between domain name and IP address, from the server to help the primary server "hands down", scattered in various countries, provinces or regions, so that users can query the domain name near, thereby reducing the load on the primary server. Cache servers are less commonly used and are typically deployed at gateway locations on the enterprise intranet to speed up users' domain name query requests.

DNS domain name resolution service uses distributed data structure to store a large amount of "zone data" information, and has two ways of recursive query and iterative query when executing user-initiated domain name query request. R ecursive query means that the DNS server must return an accurate query result to the user when it receives a request initiated by the user. I f the DNS server does not store the corresponding information locally, the server needs to ask for another server and submit the returned query results to the user. An iterative query means that when a DNS server receives a user-initiated request, it does not respond directly to the query results, but rather tells the address of another DNS server, and the user submits the request to the DNS server, which repeats itself until the query results are returned.

Thus, when a user initiates a query request for a domain name from a nearest DNS server (in this case, www.linuxprobe.com), the query process is roughly as shown in Figure 13-2.

Figure 13-2 The process of initiating a domain name query request to the DNS server

When a user initiates a domain name request to a network-specified DNS server, an iterative query request is typically sent locally from the DNS server up to the DNS server, and if the DNS server does not have information to query, an iterative query request is sent further to the parent DNS server until accurate query results are obtained. The most advanced and authoritative root DNS servers have a total of 13 servers distributed around the world, with their management units, specific geographic locations, and IP addresses as shown in Table 13-1.

Table 13-1 Specific information for 13 root DNS servers

Name Management Unit Geographic Location IP Address A INTERNIC.NET United States-Virginia 198.41.0.4 B American Institute of Information Science USA-California 128.9.0.107 C PSINet Corporation USA-Virginia 19 2.33.4.12 D University of Maryland USA-Maryland 128.8.10.90 E NASA California 192.203.230.10 F I nternet Software Alliance California 192.5.5.241 G U.S. Department of Defense Network Information Center Virginia 192.112.36.4 H U.S. Army Institute U.S.-Maryland 128.63.2. 53 I Autonomica, Sweden-Stockholm 192.36.148.17 J VeriSign, USA-Virginia 192.58.128.30 K RIPE NCC UK-London 193.0.14.129 L IANA USA-Virginia 199.7.83.42 M WIDE Project Japan-Tokyo 202.12.27.33