Function:
Each IP address can have a host name, which consists of one or more strings separated by decimal points. With the host name, you don't have to memorize the IP address of each IP device, just remember the relatively intuitive and meaningful host name. This is the function of DNS protocol.
There are two ways to map host names to IP addresses:
1) static mapping, each device is configured with the mapping from host to IP address, and each device independently maintains its own mapping table for its own use;
2) Dynamic mapping, that is, a set of domain name resolution system (DNS) is established, and the mapping from host to IP address is only configured on a special DNS server. For devices that need to communicate with host names on the network, the IP address corresponding to the host needs to be queried from the DNS server first. [ 1]?
The process of finally getting the IP address corresponding to the host name is called domain name resolution (or host name resolution). When resolving domain names, you can use static domain name resolution first, and if the static domain name resolution is unsuccessful, you can use dynamic domain name resolution again. Some commonly used domain names can be put into the static domain name resolution table, which can greatly improve the efficiency of domain name resolution.
Importance:
1, from a technical point of view
DNS resolution is the actual addressing method for most Internet applications. The redevelopment of domain name technology and various applications based on domain name technology have enriched Internet applications and protocols.
2. From the perspective of resources
Domain name is the identity mark on the Internet, and it is the unique identification resource that cannot be repeated. The globalization of the Internet makes domain names a national strategic resource that marks a country's sovereignty.
DNS server:
DNS services are provided by computers with DNS server-side software installed. Server-side software can be based on linux-like operating system or Windows operating system. After installing the DNS server software, you can create a zone file in the specified location. The so-called zone file is a file that contains the name-to-IP address resolution records in this domain. For example, the contents of the file may be as follows: primary name server = dns2 (the host name of the primary server is).
Serial = 29 13 (serial number = 29 13, the role of this serial number is when the secondary domain name server copies this file, if the number increases).
Refresh = 10800 (3 hours) (refresh = 10800 seconds, the secondary domain name server queries the master every 3 hours).
Retries =3600 (1 hour) (retries =3600 seconds. When the secondary domain name service tries to query the primary server for updates and the connection fails, the secondary domain name server visits the primary domain name server every 1 hour).
Expire =604800 (7 days) (Expire =604800 seconds). After the second-level domain name server fails to update the first-level service, the record will be deleted after 7 days. )
Default? TTL? =3600 (1 hour) (default lifetime =3600 seconds, and the time for the cache server to save records is 1 hour. That is, tell the cache server to save the resolution record of this domain as 1 hour).
Structure: Generally speaking, the general structure of Internet host domain name is: host name, third-level domain name, second-level domain name and top-level domain name. Internet top-level domain names are registered and managed by the Domain Name Registration and Inquiry Committee of the Internet Network Association, which is responsible for the distribution of network addresses. It also assigns a unique IP address to each Internet host. There are three major network information centers in the world: Inter-NIC located in the United States, which is responsible for the United States and other regions; RIPE-NIC in the Netherlands, responsible for Europe; APNIC is located in Japan and is responsible for the Asia-Pacific region.
Security issues:
1. Domain name system malicious attack: DDOS attack paralyzes domain name resolution.
2. Domain name hijacking: modify the registration information and hijack the analysis results.
3. National DNS security event: ". Ly "Domain name paralysis and". Af "domain name management rights change.
4. There is a loophole in the DNS service running on the system, which causes hackers to gain permission and tamper with DNS information.
5. improper 5. DNS settings lead to the disclosure of some sensitive information. Provide powerful information for hackers to attack further.
Fault solution
(1) Use nslookup to determine whether it is really a DNS resolution failure;
If you want to judge whether the DNS resolution fault is 100%, you need to solve it through the system's own NSLOOKUP.
Step 1: Make sure your system is an operating system above windows 2000 and windows xp, and then click Start->; Run-> Enter CMD and enter command line mode.
Step 2: Enter the nslookup command and press Enter to enter the DNS parsing query interface.
Step 3: The address of the DNS server currently used by the system will be displayed in the command line window. For example, the author's DNS server IP is 202. 106.0.20.
Step 4: Next, enter the domain name corresponding to the inaccessible site. If it is not accessible, then DNS resolution should not work normally, and you will receive a prompt message that the DNS request has timed out for 2 seconds. This indicates that the local computer does have a DNS resolution failure.
Tip: If DNS resolution is normal, the correct ip address will be fed back.
(2) Query whether the DNS server works normally:
At this time, it is necessary to look at the DNS address used by the local computer and inquire about its operation.
Step 1: Go through Start->; Run-> Enter CMD and enter command line mode.
Step 2: Enter the ipconfig/all command to query the network parameters.
Step 3: In the ipconfig /all display information, you can see a place that says DNS server, which is the address of the local DNS server. For example, the author's values are 202. 106.0.20 and 202.106.46.151. It can be seen from this address that it is an external network address. If there is a parsing error when using the external network DNS, you can replace it with another DNS server address to solve the problem.
Step 4: If the internal network address of the personal company is displayed on the DNS server, it means that the DNS resolution of the company is completed by the internal DNS server of the company. At this time, you need to check the DNS server and perform nslookup operation on the DNS server to see if it can be resolved normally. Generally speaking, the problem can be solved by solving the DNS service failure on the DNS server.
(3) Method of clearing DNS cache information:
Step 1: Go through Start->; Run-> Enter CMD to enter command line mode.
Step 2: In command line mode, we can see that in ipconfig/? There is a parameter named /flushdns in, which is a command to clear dns cache information.
Step 3: Execute the ipconfig /flushdns command. When the prompt "DNS resolver cache successfully refreshed" appears, it means that the cache information of the current computer has been successfully cleared.
Step 4: When we visit the domain name again, we will get the latest resolution address from the DNS server, and there will be no resolution errors caused by the previous cache.
(4) Method of modifying the HOSTS file:
Step 1: Go through Start->; Search ",and then find a file named hosts.
Step 2: Of course, readers who already know his path can go directly to the directory C: \ Windows \ System32 \ drivers \ etc to find the HOSTS file. If your system is windows 2000, you should look in the directory c:\winnt\system32\drivers\etc.
Step 3: Double-click the HOSTS file and select Notepad to open it.
Step 4: After that, we will see all the contents of the HOSTS file. There is only one line "127.0.0.1localhost" by default. (Other lines starting with # are not real content, but just help information. )
Step 5: Add the entry you want DNS to resolve to the HOSTS file. The specific format is to write the IP address corresponding to the domain name first, and then blank the domain name information.
Step 6: After setting up, when we visit the website, we will automatically analyze it according to whether it is in the intranet or the extranet.