CN104301346A - Caching method of DNS (Domain Name server) with negative existence - Google Patents
Caching method of DNS (Domain Name server) with negative existence Download PDFInfo
- Publication number
- CN104301346A CN104301346A CN201310301500.4A CN201310301500A CN104301346A CN 104301346 A CN104301346 A CN 104301346A CN 201310301500 A CN201310301500 A CN 201310301500A CN 104301346 A CN104301346 A CN 104301346A
- Authority
- CN
- China
- Prior art keywords
- dns
- domain name
- negative
- server
- resource record
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 26
- 230000004044 response Effects 0.000 claims abstract description 18
- 239000000284 extract Substances 0.000 claims description 2
- 230000013011 mating Effects 0.000 claims 1
- 244000089409 Erythrina poeppigiana Species 0.000 description 4
- 235000009776 Rathbunia alamosensis Nutrition 0.000 description 4
- 240000007711 Peperomia pellucida Species 0.000 description 1
- 235000012364 Peperomia pellucida Nutrition 0.000 description 1
- 230000003139 buffering effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000000052 comparative effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 230000000717 retained effect Effects 0.000 description 1
- 230000011218 segmentation Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/568—Storing data temporarily at an intermediate stage, e.g. caching
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a caching method of a DNS (Domain Name server) with negative existence. The caching method comprises the following steps of sorting domain names recorded in a DNS authority server according to a preset sorting method so as to obtain a domain name sequence; defining a space between the two adjacent domain names in the domain name sequence as a negative existence space, and extracting all negative existence spaces in the DNS authority server to form a negative existence resource record set; when the DNS authority server transmits a negative response to a DNS recursive server, transmitting a negative existence resource record to a cache of the recursive server; and when the DNS recursive server receives a domain name search request, enabling the DNS recursive server to judge whether the domain name search request is matched with the negative existence resource record in the cache firstly, and if a judging result is yes, enabling the DNS recursive server to send the negative response to a client utilizing the DNS recursive server directly.
Description
Technical field
The present invention relates to a kind of way to play for time, particularly relating to a kind of negates the DNS cache method of existence.
Background technology
Dns server is divided into two kinds, authoritative server and recursion server.Authoritative server provides the data of authority, and recursion server obtains from authoritative server the client that data are transmitted to inquiry.
Suppose that client Web browser wants access websites www.sina.com, detailed process is as follows.
(1) Web browser calls client-side program (this program is called " resolver "), first in the DNS cache of this locality, inquires about the record whether having www.sina.com.If there is this record (such as, Web browser just accessed www.sina.com, and the record in buffer memory is not also deleted), then directly access.
(2) if do not find relevant record in the buffer memory of this locality, client according to the DNS recursion server record arranged, will send inquiry request to recursion server.If this recursion server is just in time the server creating www.sina.com record, or within the specific time period, processed identical inquiry and store in the buffer, it will retrieve the corresponding resource record of this domain name (Resource Record from the regional record of oneself or buffer memory, and return to client RR).
(3) otherwise, inquiry is just transmitted to DNS rhizosphere authoritative server by recursion server, finds com name server address, and send to recursion server by rhizosphere authoritative server.
(4) recursion server continues to com authoritative server the request sending inquiry www .sina.com address, and result, after finding the address of sina.com, is sent to recursion server by com name authoritative server.
(5) recursion server sends the request of inquiry www.sina.com to sina.com authoritative server, and sina.com name authoritative server retrieves IP address corresponding to www.sina.com, and result is sent to recursion server.
(6) resource record corresponding for www.sina.com is sent to client by recursion server, and client utilizes IP address to access corresponding main frame.Meanwhile, in above recursive query process, client and recursion server can store described Query Result in the buffer, directly to call during inquiry next time.
Buffer memory comprises recursion server buffer memory and uses the client-cache of recursion server.When after a certain main frame of inquiry, this record buffer memory can be retained a period of time by server.When inquiring about this main frame again next time, due to the existence of buffer memory, communication traffic can reduce greatly.Open the recursion server of buffer memory when processing the DNS query received, can first search in the buffer, inquiry for cache hit directly sends response, and need not inquire about DNS authority server and just can be replied, thus reduces answer delay and network bandwidth consumption.
DNS response has affirmative acknowledgement and negative response, and recursion server is by finding after inquiry authoritative server or the buffer memory of himself that it will send negative response less than after the record matched with the inquiry of client.Up to the present, there is response to negative and take man-to-man cache hit mode in DNS system, therefore often cache hit rate is not high enough, particularly for the non-duplicate domain name of a lot of stochastic generation, and the non-constant of effect of buffer memory.
Summary of the invention
The object of this invention is to provide a kind of negates the DNS cache method of existence, to improve the buffering hit rate of negative response.
The invention provides a kind of negates the DNS cache method of existence, is included in DNS authority server, the domain name recorded is sorted according to a predetermined order method, obtain a domain name sequence in DNS authority server; Space in definition domain name sequence between adjacent two domain names is a negative Existential Space, extracts all negative Existential Spaces in DNS authority server and forms a negative and there is resource record set; When DNS authority server sends negative response to DNS recursion server, be there is resource record in negative and be passed in the buffer memory of recursion server; With when DNS recursion server receives inquiry of the domain name request, first DNS recursion server judges that the negative whether inquiry of the domain name request is matched with in described buffer memory exists resource record, if judged result is be, DNS recursion server sends negative response directly to using the client of DNS recursion server.
In another schematic execution mode of the DNS cache method of negative existence, predetermined order method comprises: each domain name recorded in described DNS authority server is divided into the tag characters string separated with ". "; According to tag characters string order from right to left described in each in domain name, the described tag characters string of more different domain name; With the order sequence that the ASCII value according to described tag characters string increases progressively.
In the schematic execution mode of another kind of the DNS cache method of negative existence, there is resource record and also comprise at least one domain name with it according to the adjacent domain name after described predetermined order method sequence in negative, and all resource record types corresponding with this domain name.
Embodiment
In this article, " schematically " expression " serves as example, example or explanation ", any execution mode being described to " schematically " in this article should be interpreted as a kind of preferred or have more the technical scheme of advantage.
In this article, " one " not only represents " only this ", also can represent the situation of " more than one ".
The DNS cache method that negative exists, comprising: in DNS authority server, the domain name recorded is sorted according to a predetermined order method, obtain a domain name sequence in DNS authority server.In a kind of exemplary embodiment of DNS cache method that negative exists, predetermined order method comprises: each domain name recorded in DNS authority server is divided into the tag characters string separated with ". "; According to tag characters string order from right to left in domain name, the tag characters string of more different domain name; With the order sequence that the ASCII value according to tag characters string increases progressively.
Such as domain name " www.abc.china " is tag characters string with the character string that ". " is separated, then domain name " www.abc.china " has 3 tag characters strings, and their orders are from right to left " china ", " abc " and " www ".
First compare tag characters string " china ", then compare tag characters string " abc ", finally compare tag characters string " www ".
If be all " china " by the rightmost tag characters string of two domain names compared, then continue to compare from next tag characters string " abc " of the right number, by that analogy.Each tag characters string of domain name is regarded as left-Aligned octet character string, and according to the order sequence that the ASCII value of tag characters string increases progressively.In addition, if during the tag characters string comparative sorting of two domain names, the octet position vacancy that the tag characters string of one of them domain name is corresponding, then before the sequence of this octet position in ASCII value is the octet of zero.In addition, during sequence, all capitalization US-ASCII characters are regarded as the small letter US-ASCII character of its correspondence.Such as, according to above-mentioned sortord, the sequence of following domain name is followed successively by: " china ", " abc.china ", " www.abc.CHINA " and " Z.abc.china ".
In DNS authority server, define a negative Existential Space, this negative Existential Space represents in a domain name sequence, the space between adjacent two domain name records, namely there is not other domain name record between these two adjacent domain name records.If there is n bar domain name record in a domain name sequence, then can produce n negative Existential Space.These negative Existential Spaces are extracted composition negative and there is resource record set.
When DNS recursion server to DNS authority server send the request of inquiry of the domain name and this DNS authority server provides negative response time, be there is resource record (negative that the domain name namely corresponding to negative response matches exists resource record) and together returns to DNS recursion server by this DNS authority server in the negative matched with negative response, and this negative is existed resource record by DNS recursion server is saved in its buffer memory.
Afterwards, when DNS recursion server receives the request of inquiry of the domain name, first be there is resource record with the negative in its buffer memory and mates by DNS recursion server in this inquiry of the domain name request, judges whether this domain name drops into negative and exist in resource record.Exist in resource record if this domain name drops into negative, then DNS recursion server makes negative response directly to the client sending domain name inquiry.
In a kind of exemplary embodiment of DNS cache method that negative exists, negate exist in resource record also to comprise one or more domain name, and all resource record types corresponding with these domain names.These domain name necessary beings, but the resource record types corresponding with it has incompleteness.When being there are these domain name comparisons in resource record by DNS recursion server in the domain name in inquiry of the domain name request and negative, if the domain name in inquiry request is mated with these domain names, but the resource record types of the domain name in inquiry request does not mate all resource record types corresponding with these domain names, then DNS recursion server sends negative response to client equally.
Should be appreciated that the use that file quoted as proof is in this article only for reference, and do not comprise any its may with afoul content herein.
Be to be understood that, although this specification describes according to each embodiment, but not each embodiment only comprises an independently technical scheme, this narrating mode of specification is only for clarity sake, those skilled in the art should by specification integrally, technical scheme in each embodiment also through appropriately combined, can form other execution modes that it will be appreciated by those skilled in the art that.
A series of detailed description listed is above only illustrating for possible embodiments of the present invention; they are also not used to limit the scope of the invention; allly do not depart from the skill of the present invention equivalent embodiments done of spirit or change; as the combination of feature, segmentation or repetition, all should be included within protection scope of the present invention.
Claims (3)
1. the DNS cache method of negative existence, comprising:
In DNS authority server, the domain name recorded is sorted according to a predetermined order method, obtain a domain name sequence in described DNS authority server;
Space in definition domain name sequence between adjacent two domain names is a negative Existential Space, extracts described negative Existential Spaces all in described DNS authority server and forms a negative and there is resource record set;
When described DNS authority server sends negative response to DNS recursion server, be there is resource record in the described negative of mating with described negative response and be passed in the buffer memory of described recursion server; With
When described DNS recursion server sends inquiry of the domain name request, first described DNS recursion server judges that the described negative whether domain name inquiry request is matched with in buffer memory exists resource record, if described judged result is be, described DNS recursion server sends negative response directly to using the client of described DNS recursion server.
2. the DNS cache method of negative existence as claimed in claim 1, wherein said predetermined order method comprises:
The each domain name recorded in described DNS authority server is divided into the tag characters string separated with ". ";
According to tag characters string order from right to left described in each in domain name, the described string tag of more different domain name; With
The order sequence increased progressively according to the ASCII value of described tag characters string.
3. the DNS cache method of negative existence as claimed in claim 1, there is resource record and also comprise at least one domain name with it according to the adjacent domain name after described predetermined order method sequence in wherein said negative, and all resource record types corresponding with these domain names.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310301500.4A CN104301346A (en) | 2013-07-18 | 2013-07-18 | Caching method of DNS (Domain Name server) with negative existence |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310301500.4A CN104301346A (en) | 2013-07-18 | 2013-07-18 | Caching method of DNS (Domain Name server) with negative existence |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104301346A true CN104301346A (en) | 2015-01-21 |
Family
ID=52320914
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310301500.4A Pending CN104301346A (en) | 2013-07-18 | 2013-07-18 | Caching method of DNS (Domain Name server) with negative existence |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104301346A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112532766A (en) * | 2020-12-16 | 2021-03-19 | 上海牙木通讯技术有限公司 | DNS response result caching method, DNS server and computer readable storage medium |
| CN114422476A (en) * | 2021-12-28 | 2022-04-29 | 互联网域名系统北京市工程研究中心有限公司 | Method and device for preventing CNAME cache pollution |
| CN116405463A (en) * | 2023-06-07 | 2023-07-07 | 阿里巴巴(中国)有限公司 | Domain name query method, system, electronic device and non-transitory machine-readable medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101815105A (en) * | 2010-03-25 | 2010-08-25 | 上海交通大学 | Domain name resolution service system with intelligent buffer and service method thereof |
| US20110258237A1 (en) * | 2010-04-20 | 2011-10-20 | Verisign, Inc. | System For and Method Of Identifying Closely Matching Textual Identifiers, Such As Domain Names |
-
2013
- 2013-07-18 CN CN201310301500.4A patent/CN104301346A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101815105A (en) * | 2010-03-25 | 2010-08-25 | 上海交通大学 | Domain name resolution service system with intelligent buffer and service method thereof |
| US20110258237A1 (en) * | 2010-04-20 | 2011-10-20 | Verisign, Inc. | System For and Method Of Identifying Closely Matching Textual Identifiers, Such As Domain Names |
Non-Patent Citations (4)
| Title |
|---|
| CNNIC-ISC互联网技术联合实验室: "大RRSIG资源记录集合与否定缓存导致named崩溃", 《HTTP://WWW.CILAB.CN/SECURITY/201106/T20110602_21236.HTM》 * |
| 傲笑红尘路: "简介DNSSEC(Introduction to DNS Security Extensions)", 《HTTP://WWW.LIJYYH.COM/2012/07/DNSSEC-INTRODUCTION-TO-DNSSEC.HTML》 * |
| 王艳峰等: "一种基于域名错误的DNS重定向协议", 《计算机系统应用》 * |
| 谢续平等: "DNSSEC技術評估報告", 《HTTP://R603-06.EIC.NCTU.EDU.TW/IMAGES/DNSSEC/DNSSECTECH.PDF》 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112532766A (en) * | 2020-12-16 | 2021-03-19 | 上海牙木通讯技术有限公司 | DNS response result caching method, DNS server and computer readable storage medium |
| CN112532766B (en) * | 2020-12-16 | 2022-10-28 | 牙木科技股份有限公司 | DNS response result caching method, DNS server and computer readable storage medium |
| CN114422476A (en) * | 2021-12-28 | 2022-04-29 | 互联网域名系统北京市工程研究中心有限公司 | Method and device for preventing CNAME cache pollution |
| CN114422476B (en) * | 2021-12-28 | 2023-09-22 | 互联网域名系统北京市工程研究中心有限公司 | Method and device for preventing CNAME (CNAME) cache pollution |
| CN116405463A (en) * | 2023-06-07 | 2023-07-07 | 阿里巴巴(中国)有限公司 | Domain name query method, system, electronic device and non-transitory machine-readable medium |
| CN116405463B (en) * | 2023-06-07 | 2023-08-11 | 阿里巴巴(中国)有限公司 | Domain name query method, system, electronic device and non-transitory machine-readable medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP7045104B2 (en) | How to process data, devices and computer programs, and zone files for hierarchical Domain Name System | |
| CN106657044B (en) | A web page address jumping method for improving the security defense of the website system | |
| CN104283723B (en) | Network access log processing method and processing device | |
| US20030009453A1 (en) | Method and system for performing a pattern match search for text strings | |
| KR20020082461A (en) | Network address server | |
| CN105357328A (en) | DNS method, DNS recursive server and DNS system | |
| CN103685584A (en) | Method and system of resisting domain name hijacking based on tunnelling | |
| CN104427007A (en) | A domain name searching method for a DNS | |
| CN106464745A (en) | DNS server, client and data synchronization method | |
| US20120210002A1 (en) | Dynamic walled garden | |
| CN104301346A (en) | Caching method of DNS (Domain Name server) with negative existence | |
| CN102572001A (en) | Domain name system (DNS) and method for providing load balancing | |
| US20150106494A1 (en) | Characterization of domain names based on changes of authoritative name servers | |
| EP3462712A1 (en) | Method for mitigating dns-ddos attacks | |
| CN104125310B (en) | Message method based on semi-permanent address | |
| CN118827611B (en) | A domain name resolution method, apparatus, storage medium, and computer program product | |
| CN103347036A (en) | ONS architecture with decentralized management-based EPC parsing method | |
| CN101257501B (en) | Data leading-in method, system as well as Web server | |
| US8572231B2 (en) | Variable-length nonce generation | |
| CN106959975B (en) | Transcoding resource cache processing method, device and equipment | |
| CN113472873A (en) | Method for accessing router homepage by fixed pseudo IP address | |
| KR101524733B1 (en) | A mobile terminal for connecting to website through ip network and a method for reducing connection time to the website | |
| KR101645222B1 (en) | Advanced domain name system and management method | |
| KR101550401B1 (en) | Apparatus of providing internet address capable of terminal identification and method thereof | |
| CN106209999B (en) | Information updating notification method and system based on internet website |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20150121 |
|
| WD01 | Invention patent application deemed withdrawn after publication |