Network knowledge: Detailed explanation of DNS access principle

Today I will introduce the DNS access principle to you. I hope it will be helpful to you!

1. The meaning and structure of DNS

As we all know, IP is used to identify a server on the Internet. Although the IP address can represent a device, it is difficult to remember, so it is replaced with a name that can be understood and recognized. This name is called a domain name.

For example, www.baidu.com is a domain name, and an IP address is defined behind the domain name to point to the website server. So the question is, who will do the mapping from domain name to IP address? The answer is through DNS.

DNS is the Domain Name System (DNS) and is a service of the Internet. It is a distributed database that maps domain names and IP addresses to each other, and stores the corresponding relationship between domain names and IP addresses in the database, making it easier for people to access the Internet.

DNS resolution is distributed storage. Structurally, the top layer is the root DNS server, which stores the IP addresses of 260 top-level domain name servers. For IPv4, there are 13 root DNS servers in the world, which store the resolution and address information of each domain (such as .com .net .cn). Simply put, the root DNS server is where the top-level domain name server addresses are stored.

The next level below the root domain name server is the top-level domain name server. For example, the domain name server of .com stores the authoritative DNS server addresses of some first-level domain names (such as the DNS of toutiao.com).

Top-level domain names are also called first-level domain names. Top-level domain names can be divided into three categories, namely gTLD, ccTLD and New gTLD:

• gTLD: Generic top-level domains (gTLD), for example: .com/.net/.org, etc. are all gTLDs;
• ccTLD: country code top-level domains (ccTLD for short), for example: China is .cn domain name, Japan is .jp domain name;
• New gTLD: New top-level domain name (New gTLD), for example: .xyz/.top/.red/.help and other new top-level domain names.

The top-level domain name server stores domain name IP corresponding data based on the above three categories.

One level below the top-level domain name server is the local domain name server (Local DNS), which is generally the operator's DNS. Its main function is to perform domain name analysis on behalf of users.

As shown in Figure 1, DNS domain name servers are divided into three levels, from top to bottom: root domain name servers (Root DNS Server), top-level domain name servers (gTLD, ccTLD, New gTLD), and local domain name servers (Local DNS Server).

Figure 1 DNS hierarchical structure

2. DNS resolution principle

After talking about the structure of DNS, let's talk about its operating principle. Through the process of users accessing web pages, we will describe the entire process of DNS resolution and obtaining the URL to IP mapping. The process is relatively complicated, and there will be information transmission back and forth. In the process of drawing, we will simplify the line segments of information transmission back and forth, focus on the path of information transmission, and interpret the DNS resolution process through 9 steps.

Figure 2 The entire process of user request and DNS resolution

1. The user requests to enter the address of the website to be visited through the browser, for example: www..com. The browser will search for the URL corresponding to the IP address in its own cache. If it has been visited before and the cache of the URL corresponding to the IP address is saved, then the IP address is accessed directly. If there is no cache, go to step 2.

2. You can set the mapping between URL and IP address through the local Host file configuration of the computer. For example, in Windows, it is set through the C:\windwos\system32\driver\etc\hosts file, and in Linux, it is the /etc/named.confg file. Here, search for the local Host file to see if there is a cache of IP addresses. If the mapping relationship is still not found in the file, go to step 3.

3. Request the Local DNS Server and obtain the mapping relationship between URL and IP through the local operator. If it is a campus network, the DNS server is in the school. If it is a community network, the DNS server is provided by the operator. In short, this server is physically close to the computer that initiates the request. The Local DNS Server caches a large number of DNS resolution results. Due to its good performance and relatively close physical distance, it usually returns the resolution result of the specified domain name in a very short time. 80% of DNS resolution requirements are met in this step. If the DNS resolution is still not completed in this step, proceed to step 4.

4. After resolving through the Root DNS Server, the ROOT DNS Server will return the address of the top-level domain name server to the Local DNS Server according to the requested URL. For example, if the query is for a ".com" domain name, the address of the domain name server corresponding to the gTL will be queried.

5. After returning the address of the top-level domain name server, access the corresponding top-level domain name server (gTLD, ccTLD, New gTLD), and return the Name Server server address. This Name Server is the domain name server registered by the website, which contains the corresponding information of the website URL and IP. For example, if you apply for a domain name from a domain name service provider, this domain name will be resolved by their server. This Name Server is maintained by the domain name provider.

6. The Name Server will return the A record or CNAME of the specified domain name to the Local DNS Server and set a TTL.

 A (Address) record is used to specify the IP address record corresponding to the host name (or domain name). Users can point the website server under the domain name to their own web server. You can also set the subdomain of your domain name. 
 
 CNAME: Alias ​​record. This record allows you to map multiple names to another domain name. It is usually used for computers that provide both WWW and MAIL services. For example, there is a computer named "host.mydomain.com" (A record). It provides both WWW and MAIL services, in order to facilitate user access to the services. Service providers generally recommend that users use CNAME records to bind domain names for ease of maintenance. If the host uses dual-line IP, it is obviously more convenient to use CNAME. 
 
 TTL   To Live): This means setting the expiration time of this DNS resolution on the Local DNS Server. After this expiration time, the mapping between the URL and the IP will be deleted, and you need to request the Name Server to obtain it.

7. If you get an A record at this time, you can directly access the website's IP. However, generally speaking, large websites will return CNAME and then pass it to the GTM Server.

GTM (abbreviation of Global Traffic Manager) is global traffic management. Based on Wangsu's intelligent DNS and distributed monitoring system, it realizes real-time fault switching and global load balancing to ensure the continuous high availability of application services. The purpose of passing it to GTM is to help users find the most suitable server IP through GTM's load balancing mechanism.

That is, the server that is closest to you, has the best performance, and is in the healthiest state. And most websites will do CDN caching, so it is even more necessary to use GTM to help you find the CDN cache server that suits you in the network node.

8. After finding the CDN cache server, you can directly obtain some static resources from the server, such as HTML, CSS, JS and pictures. However, some dynamic resources, such as product information and order information, need to go through step 9.

9. For dynamic resources that are not cached, they need to be obtained from the application server. There is usually a load balancer between the application server and the Internet that is responsible for reverse proxy. It routes to the application server.

3. Summary

NS server is used to resolve URL and IP address, helping users find the IP address of the server to be accessed. The structure of DNS server is roughly divided into three layers: root domain name server, top-level domain name server, and local domain name server.

The domain name provider will provide a Name Server for DNS resolution. When a user visits a website, it goes through the browser, local host file, Local DNS Server, Root DNS Server, top-level domain name server (gTLD, ccTLD, New gTLD), Name Server, GTM, CDN, and Application Server. There are nine steps in total.