CN104468244B

CN104468244B - Domain name analysis system calamity is for constructing method and device

Info

Publication number: CN104468244B
Application number: CN201410852629.9A
Authority: CN
Inventors: 濮灿; 周鸿祎; 谭晓生
Original assignee: Beijing Qihoo Technology Co Ltd; Qizhi Software Beijing Co Ltd
Current assignee: Beijing Qihoo Technology Co Ltd
Priority date: 2014-12-31
Filing date: 2014-12-31
Publication date: 2018-04-20
Anticipated expiration: 2034-12-31
Also published as: CN104468244A

Abstract

The present invention relates to a domain name resolution system disaster recovery construction method, which comprises the following steps: synchronizing the data of the target cluster providing DNS service to the disaster recovery cluster in real time, the data includes cache data for providing domain name resolution basis; receiving A domain name resolution request, using the cached data to perform domain name resolution in response to the domain name resolution request; responding to the domain name resolution request with a domain name resolution result. In addition, the invention also provides a domain name resolution system disaster recovery construction device. The construction method of the present invention can construct a disaster recovery system suitable for the existing domain name service system, and can temporarily and effectively play the role of domain name resolution service when the existing domain name service system or the network it depends on is paralyzed.

Description

Domain name resolution system disaster recovery construction method and device

技术领域technical field

本发明涉及互联网安全技术，涉及一种域名解析系统灾备建构方法及装置。The invention relates to Internet security technology, and relates to a domain name resolution system disaster recovery construction method and device.

背景技术Background technique

灾备系统是用于对网络机群所构成的业务系统进行备份和容灾的技术，广泛应用于互联网服务机群中。通常，以正常运行的业务系统提供互联网服务，而由灾备系统对正常运行的业务系统进行实时的备份和故障检测等，而在业务系统产生故障或者受到攻击之后，就能智能地使用灾备系统替换原业务系统向互联网用户开放相同的服务。The disaster recovery system is a technology for backup and disaster recovery of business systems composed of network clusters, and is widely used in Internet service clusters. Usually, Internet services are provided by the normal operation of the business system, and the disaster recovery system performs real-time backup and fault detection on the normal operation of the business system, and after the business system fails or is attacked, the disaster recovery system can be used intelligently The system replaces the original business system and opens the same service to Internet users.

灾备系统通常包括数据同步、故障检测和业务切换几大管理逻辑。其中，数据同步管理逻辑，是为了保证生产中心和灾备中心两地之间数据的完整性、一致性和可用性；故障检测管理逻辑是根据数据监控的数据依据一定的策略做出故障评估和判断；业务切换管理逻辑，根据故障检测结果，当生产中心的业务系统发生重大故障或者灾难时，负责自动或者手动切换到使用灾备系统开放服务以替代原来的业务系统的运行模式。A disaster recovery system usually includes several major management logics of data synchronization, fault detection and business switching. Among them, the data synchronization management logic is to ensure the integrity, consistency and availability of data between the production center and the disaster recovery center; the fault detection management logic is to make fault assessment and judgment based on the data monitored by the data according to a certain strategy ;Business switching management logic, according to the fault detection results, when a major failure or disaster occurs in the business system of the production center, it is responsible for automatically or manually switching to the operation mode of using the disaster recovery system to open the service to replace the original business system.

尽管灾备系统的原理已经被非常普遍地应用，但是，目前的DNS服务器及其相关系统，由于DNS服务协议较为简单，因此向来不受重视，相关技术有待完善。Although the principle of the disaster recovery system has been widely used, the current DNS server and its related systems have not been taken seriously because the DNS service protocol is relatively simple, and the related technologies need to be improved.

发明内容Contents of the invention

有鉴于上述至少一个方面的问题，本发明的目的便在于提供一种域名解析系统灾备建构方法。In view of the problem in at least one aspect above, the purpose of the present invention is to provide a disaster recovery construction method for a domain name resolution system.

相应的，依据模块化思维，本发明的另一目的在于提供一种域名解析系统灾备建构装置。Correspondingly, according to the modular thinking, another object of the present invention is to provide a disaster recovery construction device for a domain name resolution system.

为实现本发明的目的，本发明采取如下技术方案：For realizing the purpose of the present invention, the present invention takes following technical scheme:

本发明的一种域名解析系统灾备建构方法，包括如下步骤：A domain name resolution system disaster recovery construction method of the present invention comprises the following steps:

将提供DNS服务的目标机群的数据实时同步至灾备机群，所述数据中包含有用于提供域名解析基础的缓存数据；Synchronize the data of the target cluster that provides DNS services to the disaster recovery cluster in real time, and the data includes cache data used to provide the basis for domain name resolution;

接收域名解析请求，响应于该域名解析请求而利用所述缓存数据进行域名解析；receiving a domain name resolution request, and using the cached data to perform domain name resolution in response to the domain name resolution request;

以域名解析结果应答所述的域名解析请求。Responding to the domain name resolution request with a domain name resolution result.

一种实施方式中，本方法各步骤在灾备机群的至少一台设备中执行。In one embodiment, each step of the method is executed in at least one device of the disaster recovery cluster.

另一实施方式中，本方法的各步骤由所述灾备机群的单台设备的一个或多个进程所执行。In another embodiment, each step of the method is executed by one or more processes of a single device of the disaster recovery cluster.

再一实施方式中，所述将数据实时同步至灾备机群的步骤在独立于灾备机群的至少一台设备中执行，其余步骤在灾备机群的同一设备中执行。In yet another embodiment, the step of synchronizing data to the disaster recovery cluster in real time is performed in at least one device independent of the disaster recovery cluster, and the remaining steps are performed in the same device of the disaster recovery cluster.

一种实施例中，所述缓存数据包括历史域名解析记录，所述历史域名解析记录为所述目标机群正常执行DNS服务过程中进行DNS解析而产生的DNS域名解析记录，本方法进行域名解析时，通过检索所述历史域名解析记录而获得相应的域名解析结果。In one embodiment, the cache data includes historical domain name resolution records, and the historical domain name resolution records are DNS domain name resolution records generated by DNS resolution during the normal execution of DNS services by the target cluster. When performing domain name resolution in this method , obtaining the corresponding domain name resolution result by retrieving the historical domain name resolution records.

具体的，所述历史域名解析记录包含有从域名至相应的IP地址的映射关系。Specifically, the historical domain name resolution record includes a mapping relationship from a domain name to a corresponding IP address.

另一实施例中，所述缓存数据还包括授权信息数据库，其存储有域名各层级的授权服务器的授权信息；本方法进行域名解析时，依照授权信息数据库所记录的相应的授权服务器信息，执行递归查询以获得所述的域名解析结果。较佳的，所述授权信息数据库以分布式数据库的形式实现。In another embodiment, the cached data further includes an authorization information database, which stores authorization information of authorization servers at all levels of the domain name; when this method performs domain name resolution, it executes according to the corresponding authorization server information recorded in the authorization information database. Recursive query to obtain the domain name resolution result. Preferably, the authorization information database is implemented in the form of a distributed database.

进一步，所述域名解析请求与所述域名解析结果均经过同一网络地址进行中转。Further, both the domain name resolution request and the domain name resolution result are transferred through the same network address.

较佳的，所述域名解析请求与所述域名解析结果均被加密传输。Preferably, both the domain name resolution request and the domain name resolution result are encrypted for transmission.

本发明提供的一种域名解析系统灾备建构装置，包括：A domain name resolution system disaster recovery construction device provided by the present invention includes:

同步单元，用于将提供DNS服务的目标机群的数据实时同步至灾备机群，所述数据中包含有用于提供域名解析基础的缓存数据；The synchronization unit is used to synchronize the data of the target cluster that provides DNS services to the disaster recovery cluster in real time, and the data includes cache data for providing the basis for domain name resolution;

查询单元，用于接收域名解析请求，响应于该域名解析请求而利用所述缓存数据进行域名解析；a query unit, configured to receive a domain name resolution request, and use the cached data to perform domain name resolution in response to the domain name resolution request;

应答单元，被配置为以域名解析结果应答所述的域名解析请求。The answering unit is configured to answer the domain name resolution request with a domain name resolution result.

一种实施例中，本装置所述各单元被配置为在灾备机群的至少一台设备中执行。In one embodiment, each unit of the device is configured to be executed in at least one device of the disaster recovery cluster.

另一实施例中，本装置所述各单元被配置为在所述灾备机群的单台设备中由一个或多个进程执行。In another embodiment, each unit of the device is configured to be executed by one or more processes in a single device of the disaster recovery cluster.

再一实施例中，所述同步单元被配置为在独立于灾备机群的至少一台设备中执行，所述查询单元和应答单元被配置为在灾备机群的同一设备中执行。In yet another embodiment, the synchronization unit is configured to be executed in at least one device independent of the disaster recovery cluster, and the query unit and the response unit are configured to be executed in the same device of the disaster recovery cluster.

根据本发明的一个实施例所揭示，所述缓存数据包括历史域名解析记录，所述历史域名解析记录为所述目标机群正常执行DNS服务过程中进行DNS解析而产生的DNS域名解析记录，所述查询单元进行域名解析时，通过检索所述历史域名解析记录而获得相应的域名解析结果。According to an embodiment of the present invention, the cache data includes historical domain name resolution records, which are DNS domain name resolution records generated by DNS resolution during the normal execution of DNS services by the target cluster, the When performing domain name resolution, the query unit obtains corresponding domain name resolution results by retrieving the historical domain name resolution records.

较佳的，所述历史域名解析记录包含有从域名至相应的IP地址的映射关系。Preferably, the historical domain name resolution records include a mapping relationship from domain names to corresponding IP addresses.

根据本发明另一实施例所揭示，所述缓存数据还包括授权信息数据库，其存储有域名各层级的授权服务器的授权信息；所述查询单元进行域名解析时，依照授权信息数据库所记录的相应的授权服务器信息，执行递归查询以获得所述的域名解析结果。According to another embodiment of the present invention, the cache data also includes an authorization information database, which stores the authorization information of the authorization server at each level of the domain name; when the query unit performs domain name resolution, it The authoritative server information, execute recursive query to obtain the domain name resolution result.

较佳的，所述授权信息数据库以分布式数据库的形式实现。Preferably, the authorization information database is implemented in the form of a distributed database.

相较于现有技术，本发明至少具有如下优点：Compared with the prior art, the present invention has at least the following advantages:

1、本发明实现了DNS服务系统的灾备系统的构建，通过实时同步DNS服务系统的相关机群的数据，其中较为重要的是备份了该些机群在正常作业时进行正常解析服务所产生的历史解析记录所形成的缓存数据，由此，在常规的DNS服务系统发生故障或者遭受攻击时，即可由实施了本方法的灾备系统提供临时而且准确的DNS解析服务，构建孤岛应答模式，利用灾备系统为互联网用户提供DNS解析服务。1. The present invention realizes the construction of the disaster recovery system of the DNS service system. By synchronizing the data of the relevant clusters of the DNS service system in real time, it is more important to back up the history generated by the normal analysis services of these clusters during normal operations. The cache data formed by parsing records, thus, when the conventional DNS service system breaks down or is under attack, the disaster recovery system that implements the method can provide temporary and accurate DNS parsing services, build an isolated island response mode, and use disaster The backup system provides DNS resolution services for Internet users.

2、作为灾备系统，通常并不直接对客户端暴露，而是以DNS解析服务器为前端服务窗口，由DNS解析服务器将用户的域名解析请求转发给本灾备系统，并且通过将针对该请求的域名解析结果经由该DNS解析服务器中转应答该请求，可以更有效地保护灾备系统，使灾备系统能够更顺畅地为互联网用户提供DNS解析服务。2. As a disaster recovery system, it is usually not directly exposed to the client. Instead, the DNS resolution server is used as the front-end service window. The DNS resolution server forwards the user's domain name resolution request to the disaster recovery system, and through the The domain name resolution result of the domain name is relayed to answer the request through the DNS resolution server, which can protect the disaster recovery system more effectively and enable the disaster recovery system to provide DNS resolution services for Internet users more smoothly.

概括而言，运用本发明的灾备系统建构方法可以建构适用于现有的域名服务系统的灾备系统，在现有的域名服务系统或其所依赖的网络瘫痪时，可以临时且有效地发挥域名解析服务的作用。In a nutshell, using the disaster recovery system construction method of the present invention can construct a disaster recovery system applicable to the existing domain name service system, and can temporarily and effectively play a role when the existing domain name service system or the network it depends on is paralyzed. The role of domain name resolution service.

本发明附加的方面和优点将在下面的描述中部分给出，这些将从下面的描述中变得明显，或通过本发明的实践了解到。Additional aspects and advantages of the invention will be set forth in part in the description which follows, and will become apparent from the description, or may be learned by practice of the invention.

附图说明Description of drawings

本发明上述的和/或附加的方面和优点从下面结合附图对实施例的描述中将变得明显和容易理解，其中：The above and/or additional aspects and advantages of the present invention will become apparent and easy to understand from the following description of the embodiments in conjunction with the accompanying drawings, wherein:

图1是本发明的域名解析系统灾备建构方法的流程示意图；Fig. 1 is a schematic flow chart of the domain name resolution system disaster recovery construction method of the present invention;

图2是传统的DNS解析服务原理示意图；FIG. 2 is a schematic diagram of a traditional DNS resolution service principle;

图3是本发明的域名解析系统灾备建构装置的原理框图；Fig. 3 is the functional block diagram of the domain name resolution system disaster recovery construction device of the present invention;

图4是本发明的DNS灾备系统孤岛应答自动切换方法的流程示意图；Fig. 4 is the schematic flow chart of the DNS disaster recovery system island response automatic switching method of the present invention;

图5是本发明的DNS灾备系统孤岛应答自动切换方法的步骤S22的的流程示意图；Fig. 5 is a schematic flow chart of step S22 of the DNS disaster recovery system island response automatic switching method of the present invention;

图6是本发明的DNS灾备系统孤岛应答自动切换装置的原理框图；Fig. 6 is the functional block diagram of the DNS disaster recovery system island response automatic switching device of the present invention;

图7是本发明的DNS灾备系统孤岛应答自动切换装置的判定单元的原理框图。Fig. 7 is a functional block diagram of the judging unit of the island response automatic switching device of the DNS disaster recovery system according to the present invention.

具体实施方式Detailed ways

下面详细描述本发明的实施例，所述实施例的示例在附图中示出，其中自始至终相同或类似的标号表示相同或类似的元件或具有相同或类似功能的元件。下面通过参考附图描述的实施例是示例性的，仅用于解释本发明，而不能解释为对本发明的限制。Embodiments of the present invention are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals designate the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary only for explaining the present invention and should not be construed as limiting the present invention.

本技术领域技术人员可以理解，除非特意声明，这里使用的单数形式“一”、“一个”、“所述”和“该”也可包括复数形式。应该进一步理解的是，本发明的说明书中使用的措辞“包括”是指存在所述特征、整数、步骤、操作、元件和/或组件，但是并不排除存在或添加一个或多个其他特征、整数、步骤、操作、元件、组件和/或它们的组。应该理解，当我们称元件被“连接”或“耦接”到另一元件时，它可以直接连接或耦接到其他元件，或者也可以存在中间元件。此外，这里使用的“连接”或“耦接”可以包括无线连接或无线耦接。这里使用的措辞“和/或”包括一个或更多个相关联的列出项的全部或任一单元和全部组合。Those skilled in the art will understand that unless otherwise stated, the singular forms "a", "an", "said" and "the" used herein may also include plural forms. It should be further understood that the word "comprising" used in the description of the present invention refers to the presence of said features, integers, steps, operations, elements and/or components, but does not exclude the presence or addition of one or more other features, Integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Additionally, "connected" or "coupled" as used herein may include wireless connection or wireless coupling. The expression "and/or" used herein includes all or any elements and all combinations of one or more associated listed items.

本技术领域技术人员可以理解，除非另外定义，这里使用的所有术语(包括技术术语和科学术语)，具有与本发明所属领域中的普通技术人员的一般理解相同的意义。还应该理解的是，诸如通用字典中定义的那些术语，应该被理解为具有与现有技术的上下文中的意义一致的意义，并且除非像这里一样被特定定义，否则不会用理想化或过于正式的含义来解释。Those skilled in the art can understand that, unless otherwise defined, all terms (including technical terms and scientific terms) used herein have the same meaning as commonly understood by those of ordinary skill in the art to which this invention belongs. It should also be understood that terms, such as those defined in commonly used dictionaries, should be understood to have meanings consistent with their meaning in the context of the prior art, and unless specifically defined as herein, are not intended to be idealized or overly Formal meaning to explain.

本技术领域技术人员可以理解，这里所使用的“终端”、“终端设备”既包括无线信号接收器的设备，其仅具备无发射能力的无线信号接收器的设备，又包括接收和发射硬件的设备，其具有能够在双向通信链路上，执行双向通信的接收和发射硬件的设备。这种设备可以包括：蜂窝或其他通信设备，其具有单线路显示器或多线路显示器或没有多线路显示器的蜂窝或其他通信设备；PCS(Personal Communications Service，个人通信系统)，其可以组合语音、数据处理、传真和/或数据通信能力；PDA(Personal Digital Assistant，个人数字助理)，其可以包括射频接收器、寻呼机、互联网/内联网访问、网络浏览器、记事本、日历和/或GPS(Global Positioning System，全球定位系统)接收器；常规膝上型和/或掌上型计算机或其他设备，其具有和/或包括射频接收器的常规膝上型和/或掌上型计算机或其他设备。这里所使用的“终端”、“终端设备”可以是便携式、可运输、安装在交通工具(航空、海运和/或陆地)中的，或者适合于和/或配置为在本地运行，和/或以分布形式，运行在地球和/或空间的任何其他位置运行。这里所使用的“终端”、“终端设备”还可以是通信终端、上网终端、音乐/视频播放终端，例如可以是PDA、MID(Mobile Internet Device，移动互联网设备)和/或具有音乐/视频播放功能的移动电话，也可以是智能电视、机顶盒等设备。Those skilled in the art can understand that the "terminal" and "terminal equipment" used here not only include wireless signal receiver equipment, which only has wireless signal receiver equipment without transmission capabilities, but also include receiving and transmitting hardware. A device having receiving and transmitting hardware capable of performing bi-directional communication over a bi-directional communication link. Such equipment may include: cellular or other communication equipment, which has a single-line display or a multi-line display or a cellular or other communication equipment without a multi-line display; PCS (Personal Communications Service, personal communication system), which can combine voice, data Processing, facsimile and/or data communication capabilities; PDA (Personal Digital Assistant, Personal Digital Assistant), which may include radio frequency receiver, pager, Internet/Intranet access, web browser, notepad, calendar and/or GPS (Global Positioning System (Global Positioning System) receiver; a conventional laptop and/or palmtop computer or other device having and/or including a radio frequency receiver. As used herein, a "terminal", "terminal device" may be portable, transportable, installed in a vehicle (air, sea, and/or land), or adapted and/or configured to operate locally, and/or In distributed form, the operation operates at any other location on Earth and/or in space. The "terminal" and "terminal equipment" used here can also be communication terminals, Internet terminals, music/video playback terminals, such as PDAs, MIDs (Mobile Internet Devices, mobile Internet devices) and/or with music/video playback terminals. Functional mobile phones, smart TVs, set-top boxes and other devices.

本技术领域技术人员可以理解，这里所使用的服务器、云端、远端网络设备等概念，具有等同效果，其包括但不限于计算机、网络主机、单个网络服务器、多个网络服务器集或多个服务器构成的云。在此，云由基于云计算(Cloud Computing)的大量计算机或网络服务器构成，其中，云计算是分布式计算的一种，由一群松散耦合的计算机集组成的一个超级虚拟计算机。本发明的实施例中，远端网络设备、终端设备与WNS服务器之间可通过任何通信方式实现通信，包括但不限于，基于3GPP、LTE、WIMAX的移动通信、基于TCP/IP、UDP协议的计算机网络通信以及基于蓝牙、红外传输标准的近距无线传输方式。Those skilled in the art can understand that the concepts of server, cloud, and remote network equipment used here have equivalent effects, including but not limited to computers, network hosts, single network servers, multiple network server sets, or multiple servers. Composed of clouds. Here, the cloud is composed of a large number of computers or network servers based on cloud computing (Cloud Computing), wherein cloud computing is a kind of distributed computing, a super virtual computer composed of a group of loosely coupled computer sets. In the embodiment of the present invention, the communication between the remote network equipment, the terminal equipment and the WNS server can be realized through any communication method, including but not limited to, mobile communication based on 3GPP, LTE, WIMAX, based on TCP/IP, UDP protocol Computer network communication and short-distance wireless transmission methods based on Bluetooth and infrared transmission standards.

本领域技术人员应当理解，本发明所称的“应用”、“应用程序”、“应用软件”以及类似表述的概念，是业内技术人员所公知的相同概念，是指由一系列计算机指令及相关数据资源有机构造的适于电子运行的计算机软件。除非特别指定，这种命名本身不受编程语言种类、级别，也不受其赖以运行的操作系统或平台所限制。理所当然地，此类概念也不受任何形式的终端所限制。Those skilled in the art should understand that the concepts of "application", "application program", "application software" and similar expressions referred to in the present invention are the same concepts well known to those skilled in the art, and refer to a series of computer instructions and related Computer software that is organically constructed from data resources and suitable for electronic operation. Unless otherwise specified, this naming itself is not limited by the type of programming language, level, or the operating system or platform on which it runs. Naturally, such concepts are also not limited by any form of terminal.

本文即将揭示的涉及本发明的相关技术方案，包括两个方面，第一方面是如何实现灾备系统的构建的服务开放，第二方面是如何实现灾害识别从而确保在正常DNS服务系统及其灾备系统之间实现有效、及时、智能地切换，藉此两方面的披露，将有助于本领域技术人员更为系统地理解本发明。The relevant technical solutions related to the present invention that this article will disclose include two aspects. The first aspect is how to realize the service opening of the construction of the disaster recovery system, and the second aspect is how to realize disaster identification so as to ensure that the normal DNS service system and its disaster recovery Effective, timely, and intelligent switching between standby systems, the disclosure of these two aspects will help those skilled in the art to understand the present invention more systematically.

有关本发明的相关技术方案的第一个方面，即提供一种域名解析系统建构方法和装置，其中的装置是依据模块化思维对其中的方法的实例化，可以通过编程的方式将所述的方法和装置实现为软件，安装到计算机设备中特别是专用的具有服务器能力的计算机设备中进行运行，接入互联网开放其服务，而构造出一台本地DNS解析服务器，或者构造出实现本地DNS解析服务器的机群，用于为客户端提供DNS域名解析服务，以便应答客户端。The first aspect of the related technical solution of the present invention is to provide a domain name resolution system construction method and device, wherein the device is an instantiation of the method based on modular thinking, and the described The method and device are implemented as software, installed in computer equipment, especially dedicated computer equipment with server capabilities, for operation, accessing the Internet to open its services, and constructing a local DNS resolution server, or constructing a local DNS resolution server. The cluster of servers is used to provide DNS domain name resolution services for clients so as to answer clients.

请参阅图1，本发明的域名解析系统灾备建构方法，实现为一个或多个可以安装于诸如Windows系列操作系统(包括但不限于Windows XP,Window 7,Windows 8的系列版本等)或者Unix系列操作系统(包括但不限于Unix、Linux、IOS、Ubuntu等)的软件，由该软件的运行，而实现相应的具体步骤。具体包括如下步骤：Referring to Fig. 1, the domain name resolution system disaster recovery construction method of the present invention is implemented as one or more operating systems such as Windows series (including but not limited to Windows XP, Window 7, Windows 8 series versions, etc.) or Unix The software of a series of operating systems (including but not limited to Unix, Linux, IOS, Ubuntu, etc.), the corresponding specific steps are realized by the operation of the software. Specifically include the following steps:

步骤S11，将提供DNS服务的目标机群的数据实时同步至灾备机群，所述数据中包含有用于提供域名解析基础的缓存数据。Step S11 , synchronizing the data of the target cluster providing DNS service to the disaster recovery cluster in real time, the data includes cache data for providing the basis for domain name resolution.

通常，提供DNS服务的服务器，类似于云端架构，由多台服务器设备有机建构形成机群，与DNS解析服务器相互配置，实现DNS解析服务。其中，DNS服务机群主要用于实现递归系统，通过该递归系统向互联网中的对于于域名各层级的服务器递归调用以解析相应的域名，获取IP地址，以构造域名解析结果，以响应于外部请求。而DNS解析服务器作为前端应用窗口，负责接收发起请求的客户端的域名解析请求，并且将该请求提供给机群，要求机群作出域名解析结果回应，然后以相应的域名解析结果应答相应的域名解析请求。Usually, the server that provides DNS service is similar to the cloud architecture, which is organically constructed by multiple server devices to form a cluster, and is mutually configured with the DNS resolution server to realize DNS resolution service. Among them, the DNS service cluster is mainly used to realize the recursive system, through which the recursive calls are made to the servers at each level of the domain name in the Internet to resolve the corresponding domain name, obtain the IP address, and construct the domain name resolution result in response to external requests . As the front-end application window, the DNS resolution server is responsible for receiving the domain name resolution request from the requesting client, and providing the request to the cluster, requiring the cluster to respond with the domain name resolution result, and then responding to the corresponding domain name resolution request with the corresponding domain name resolution result.

本发明所构建的灾备系统，既是对互联网整个域名系统的灾备，又是基于对多个本地DNS服务器的相关机群的灾备而实现的。灾备系统的实现，以数据同步为基础；以故障检测为其切换运行的前提；以切换控制为管理逻辑。但灾备系统可以实时开放，其故障检测及后续的切换控制可由第三方来实现，因此本本发明的第一方面并不涉及有关故障检测和切换控制的技术。The disaster recovery system constructed by the present invention is not only the disaster recovery of the entire domain name system of the Internet, but also based on the disaster recovery of the relevant clusters of multiple local DNS servers. The realization of the disaster recovery system is based on data synchronization; fault detection is the premise of switching operation; switching control is the management logic. However, the disaster recovery system can be opened in real time, and its fault detection and subsequent switching control can be realized by a third party. Therefore, the first aspect of the present invention does not involve technologies related to fault detection and switching control.

数据同步是本发明实现DNS服务系统的灾备的关键基础。实现数据同步管理逻辑，通常采用数据备份手段。数据备份是系统、数据容灾的基础，也是低端容灾的实现，是高端容灾(实时数据保护)的有力保障。目前备份技术主要有快照备份、离线备份、异地存储备份。备份系统通过备份策略，对计算机信息系统的操作系统、文件系统、应用程序、数据库系统等数据集，实现某一时间点的完整拷贝，拷贝的数据处在非在线状态，不能被立刻访问，必须通过相应操作，如恢复等方式使用备份数据。在建设高端容灾系统的前提，一定要做好本地系统的备份，这是容灾技术的起点。Data synchronization is the key basis for realizing the disaster recovery of the DNS service system in the present invention. Realize data synchronization management logic, usually adopt data backup means. Data backup is the foundation of system and data disaster recovery, the realization of low-end disaster recovery, and the powerful guarantee of high-end disaster recovery (real-time data protection). Currently, backup technologies mainly include snapshot backup, offline backup, and remote storage backup. The backup system realizes a complete copy at a certain point in time of the operating system, file system, application program, database system and other data sets of the computer information system through the backup strategy. The copied data is in an offline state and cannot be accessed immediately. Use the backup data through corresponding operations, such as restoring. On the premise of building a high-end disaster recovery system, the backup of the local system must be done well, which is the starting point of disaster recovery technology.

本发明实现数据同步时，采用高端容灾方式，以实现对DNS服务机群的实时数据保护，具体而言，就是在多块磁盘上、多个阵列、多台服务器、多个数据中心实时地保存同一份数据的多份存储，目的是为了避免物理故障。实时数据保护需要以数据备份作为前提，它不能防范人为误操作和恶性操作。需要强调的是，容灾的目的是让数据在灾难发生时，还能被访问，通过实时数据保护，保证数据的完整性，因此，本发明所建构的容灾系统并不能保证数据的最新。When the present invention realizes data synchronization, a high-end disaster recovery method is adopted to realize real-time data protection for DNS service clusters. Multiple copies of the same data are stored to avoid physical failures. Real-time data protection requires data backup as a premise, and it cannot prevent human misoperation and malicious operations. It should be emphasized that the purpose of disaster recovery is to allow data to be accessed when a disaster occurs, and to ensure data integrity through real-time data protection. Therefore, the disaster recovery system constructed by the present invention cannot guarantee the latest data.

如前所述，数据备份是容灾的手段，不是目的，容灾的目的是数据的访问，因此应用的恢复和网络的恢复以及相关的切换控制，也是容灾的关键。具体而言，就是在灾难发生后，数据库切换、应用重新启动、网络实现切换等等，容灾中心接管原生产中心的整个过程；同时还包含了在原数据中心修复后，数据库、应用、网络需要重新切回来的整个过程。这些过程，可以通过手工切换、也可以通过自动化过程完成；并且，如何据此而做出相应的评估，也是技术人员需要解决的问题。本发明后续将通过另一方法和装置对该部分的实现进行详细的揭示，因此暂按不表。As mentioned above, data backup is a means of disaster recovery, not an end. The purpose of disaster recovery is data access. Therefore, application recovery, network recovery and related switching control are also the key to disaster recovery. Specifically, after the disaster occurs, the disaster recovery center takes over the entire process of the original production center, such as database switching, application restart, network switching, etc. The whole process of switching back again. These processes can be manually switched or completed through an automated process; and how to make a corresponding assessment based on this is also a problem that technicians need to solve. The implementation of this part will be disclosed in detail through another method and device later in the present invention, so it will not be listed for the time being.

由此可知，通过配置为本发明的方法的软件将提供DNS服务的目标机群的数据实时同步至灾备机群，便成就了本发明容灾系统的实现基础。为了进一步说明被同步的所述的数据，如下请先参阅一应用实例。It can be seen that the data of the target cluster providing DNS service is synchronized to the disaster recovery cluster in real time through the software configured as the method of the present invention, which is the basis for realizing the disaster recovery system of the present invention. In order to further illustrate the synchronized data, please refer to an application example as follows.

请结合图2，如下以网易门户地址www.163.com这一域名的解析过程为例，说明正常情况下的DNS解析的主要过程：Please combine with Figure 2, and take the resolution process of the domain name www.163.com as an example to illustrate the main process of DNS resolution under normal circumstances:

步骤1：用户电脑向其系统上设置的本地DNS(解析)服务器发送解析www.163.com的请求。所谓本地DNS服务器是指一个DNS服务IP地址，可以是从运营商自动获取的，也可以是手动设置。Step 1: The user computer sends a request to resolve www.163.com to the local DNS (analysis) server set on its system. The so-called local DNS server refers to a DNS service IP address, which can be obtained automatically from the operator or manually set.

步骤2：本地DNS服务器会在自己的空间里查看是否有这个域名的缓存，如果没有，就会向根服务器发送www.163.com的域名解析请求。Step 2: The local DNS server will check whether there is a cache of this domain name in its own space, and if not, it will send a domain name resolution request of www.163.com to the root server.

步骤3：根服务器接收到本地DNS服务器关于域名的解析请求后，分析请求的域名，返回给本地服务器.com这个域名节点的服务器的IP地址。Step 3: After receiving the resolution request of the local DNS server for the domain name, the root server analyzes the requested domain name and returns the IP address of the server of the domain name node of the local server .com.

步骤4：本地DNS服务器在接到.com顶级域的服务器IP地址后，向.com顶级域发出查询www.163.com的解析请求。Step 4: After receiving the server IP address of the .com top-level domain, the local DNS server sends a resolution request for www.163.com to the .com top-level domain.

步骤5：.com顶级域服务器在接收到关于www.163.com的解析请求后，返回给本地DNS服务器关于163这个二级域的DNS服务器的IP地址。Step 5: After receiving the resolution request about www.163.com, the .com top-level domain server returns to the local DNS server the IP address of the DNS server about the second-level domain 163.

步骤6：本地DNS服务器继续向163这个二级域的DNS服务器发起关于www.163.com的解析请求。Step 6: The local DNS server continues to initiate a resolution request for www.163.com to the DNS server of the secondary domain 163.

步骤7：163这个域的管理服务器管理163.com下的所有的子域名。它的域名空间中有www这个子域名，其对应的IP地址为111.1.53.220，因此163.com域的DNS服务器会返回www.163.com对应的IP地址111.1.53.220给本地DNS服务器。Step 7: The management server of the domain 163 manages all subdomain names under 163.com. Its domain name space has the subdomain name www, and its corresponding IP address is 111.1.53.220, so the DNS server of the 163.com domain will return the IP address 111.1.53.220 corresponding to www.163.com to the local DNS server.

步骤8：本地DNS服务器接收到163.com这个域服务器关于www.163.com解析结果后，返回给用户对应的IP地址111.1.53.220，同时会将这个结果保留一段时间，以备其他用户的查询。Step 8: After receiving the resolution result of www.163.com from the domain server 163.com, the local DNS server returns the corresponding IP address 111.1.53.220 to the user, and will keep the result for a period of time for other users to query .

步骤9：用户电脑在获得www.163.com域名对应的IP地址111.1.53.220后，就开始向111.1.53.220这个IP请求网页内容。至此，DNS的一个完整请求解析流程结束。Step 9: After obtaining the IP address 111.1.53.220 corresponding to the www.163.com domain name, the user's computer starts to request webpage content from the IP address 111.1.53.220. At this point, a complete DNS request resolution process ends.

上述的示例中，本地DNS服务器被简化为一台服务器，实际上，通常情况下，其后台可能由多台服务器共同构成的前述的机群所实现。DNS解析服务器，无论何种情况，都需要充当应用前端的DNS服务器。本领域技术人员对此应当知晓。In the above example, the local DNS server is simplified as one server. In fact, usually, its background may be realized by the aforementioned cluster composed of multiple servers. The DNS resolution server, in any case, needs to act as the front-end DNS server of the application. Those skilled in the art should know this.

上述的示例中，步骤2会首先在本地DNS服务器的空间中查看是否有域名解析请求中的域名的请求，而步骤8中则介绍了会将域名解析结果保存一段时间以备其他用户查询的事实。由此可以知晓，目标机群的数据中，必然包含一些缓存数据，这些缓存数据通常以日志类型的格式进行存储，在本发明中也可以以数据库的形式加以改进。In the above example, step 2 will first check whether there is a request for the domain name in the domain name resolution request in the space of the local DNS server, and step 8 introduces the fact that the domain name resolution result will be saved for a period of time for other users to query . It can be known from this that the data of the target cluster must contain some cached data, and these cached data are usually stored in a log format, which can also be improved in the form of a database in the present invention.

本发明有关缓存数据的实现的一个实施例中，可以沿用正常提供DNS服务的服务机群的格式，使所述缓存数据包括历史域名解析记录，所述历史域名解析记录为所述目标机群正常执行DNS服务过程中进行DNS解析而产生的DNS域名解析记录，通常是以日志文件的格式存储的。每条域名解析记录均至少包括有域名、与域名相应的IP地址，这里的域名与IP地址之间的相应性，主要是指它们彼此之间映射关系。进一步，可以为缓存数据库中的每条域名解析记录赋予一个生命周期，在该生命周期内，该记录有效，超过该生命周期，则可由本发明予以删除或者忽略。本发明在需要使用该缓存数据库用于解析域名时，优先依据请求数据中的域名，从历史域名解析记录中检索所述的缓存数据库，找到相应的有效的记录，获得相应的IP地址，然后应答相应的域名解析请求。当然，如果超过所述的生命周期，或者缓存数据中不存在相应的记录，则仍需通过递归系统来实现查询(如果启用灾备系统时公网上的各层级域名服务器仍能正常访问的话)。由于同一个终端设备一般由同一用户使用，其上网行为表现出一定的惯性，惯于访问部分特定网站，因此，通过这一缓存数据及其相关技术，可以为用户提高更高效更快速的DNS解析服务，并且可以节省一些移动终端设备的流量消耗，对于域名各层级服务器已经瘫痪导致无法递归查询的情况而言，这些缓存数据将发挥至关重要的解析作用。In an embodiment of the present invention related to the realization of the cached data, the format of the server cluster that normally provides DNS services can be used, so that the cached data includes historical domain name resolution records, and the historical domain name resolution records are the normal execution of DNS by the target cluster. The DNS domain name resolution records generated by DNS resolution during the service process are usually stored in the format of log files. Each domain name resolution record includes at least a domain name and an IP address corresponding to the domain name. The correspondence between the domain name and the IP address here mainly refers to the mapping relationship between them. Further, each domain name resolution record in the cache database can be given a life cycle, within the life cycle, the record is valid, and if it exceeds the life cycle, it can be deleted or ignored by the present invention. When the present invention needs to use the cache database for resolving domain names, it first retrieves the cache database from the historical domain name resolution records based on the domain name in the request data, finds the corresponding valid records, obtains the corresponding IP address, and then responds The corresponding domain name resolution request. Of course, if the life cycle is exceeded, or there is no corresponding record in the cached data, the query still needs to be realized through the recursive system (if the domain name servers at all levels on the public network can still be accessed normally when the disaster recovery system is enabled). Since the same terminal device is generally used by the same user, their online behavior shows a certain inertia and is used to visiting some specific websites. Therefore, through this cache data and related technologies, more efficient and faster DNS resolution can be improved for users. service, and can save the traffic consumption of some mobile terminal devices. For the situation where the server at each level of the domain name has been paralyzed and cannot be recursively queried, these cached data will play a crucial role in parsing.

本发明有关缓存数据的实现的另一实施例中，所述缓存数据包括一授权信息数据库，这一数据库可以使用公知的Anycast(任播)技术分布进行构建。所述授权信息数据库存储有域名各层级的授权服务器的授权信息；可以在进行域名解析时，依照授权信息数据库所记录的相应的授权服务器信息，执行递归查询以获得所述的域名解析结果，适用于作为DNS递归查询机群瘫痪的场景使用。In another embodiment of the present invention related to the implementation of cached data, the cached data includes an authorization information database, which can be constructed using the known Anycast (Anycast) technology distribution. The authorization information database stores the authorization information of the authorization server at each level of the domain name; when performing domain name resolution, according to the corresponding authorization server information recorded in the authorization information database, a recursive query can be performed to obtain the domain name resolution result, applicable It is used in the scenario where DNS recursive query cluster is paralyzed.

所述的授权信息数据库也是利用所述的历史域名解析记录为基础进行构建的。众所周知的，域名服务机群在执行递归查询的过程中，能获得域名各层级相对应的授权服务器的授权信息，利用这些授权信息便可构造所述的授权信息数据库，用于实现虚拟根节点，向互联网开放虚拟根节点服务，实现更为系统的灾备解析效果。在这种情况下，依据本发明所实备系统，还可以结合虚拟根节点技术提供安全服务，当根节点出现DNS解析故障时，虚拟根节点能够代替根节点实现DNS解析功能。当然，授权信息数据库中必须存储有足够的信息，即，授权信息数据库中存储指定区域内的所有DNS请求及对应的授权信息，这样虚拟根节点才能够有足够的资源对DNS请求进行应答。因此，虚拟根节点的实现是在授权信息数据库的基础上实现的。结合新增的授权信息数据库以及虚拟根节点，能够在根节点解析故障的时候为客户端提供DNS解析功能，能够降低DNS单点故障和提高DNS防御攻击能力，同时还可以对虚拟根节点设置访问权限控制，屏蔽DNS的攻击数据，提高DNS解析的安全性及稳定性。对于危险DNS攻击，从授权信息数据库中查询不到具体的授权信息，则虚拟根节点不会为其提供解析服务等。The authorization information database is also constructed on the basis of the historical domain name resolution records. As we all know, in the process of performing recursive query, the domain name service cluster can obtain the authorization information of the authorization server corresponding to each level of the domain name, and use the authorization information to construct the authorization information database, which is used to realize the virtual root node and send The Internet opens the virtual root node service to achieve a more systematic disaster recovery analysis effect. In this case, according to the system implemented in the present invention, the virtual root node technology can also be combined to provide security services. When the root node has a DNS resolution failure, the virtual root node can replace the root node to realize the DNS resolution function. Of course, enough information must be stored in the authorization information database, that is, all DNS requests and corresponding authorization information in the specified area are stored in the authorization information database, so that the virtual root node can have enough resources to answer the DNS requests. Therefore, the realization of the virtual root node is realized on the basis of the authorization information database. Combined with the newly added authorization information database and virtual root node, it can provide DNS resolution function for the client when the root node resolves the failure, which can reduce DNS single point of failure and improve DNS defense attack capability, and can also set up access to the virtual root node Authority control, shielding DNS attack data, improving the security and stability of DNS resolution. For dangerous DNS attacks, if no specific authorization information can be queried from the authorization information database, the virtual root node will not provide resolution services for it.

依据前述揭示的关于实现所述缓存数据的两种实施例以及其相应的扩展功能，本领域技术人员理应知晓，关于缓存数据的更多具体实现形式以及其扩充应用，是本领域技术人员可以根据本发明的需要而灵活实现的。例如，所述的缓存数据也可以理解为同时包括前述两个实施例中的历史域名解析记录与所述授权信息数据库，并且，不仅可以将所述历史域名解析记录作为临时缓存，还可以将所述历史域名解析记录作为具有更长生命周期的数据存储于授权信息数据库的相关独立数据表中，在临时缓存达到一定时间长度被高频率使用时，即可将临时缓存的历史域名解析记录转化为具有更长生命周期的历史域名解析记录存储于该数据表中，并且在后续进行域名解析时被作为查询对象优先于递归系统进行查询。According to the two embodiments disclosed above for realizing the cached data and their corresponding extended functions, those skilled in the art should know that more specific implementation forms of the cached data and their extended applications can be obtained by those skilled in the art according to The needs of the present invention are realized flexibly. For example, the cached data can also be understood as including the historical domain name resolution records and the authorization information database in the above two embodiments at the same time, and not only the historical domain name resolution records can be used as a temporary cache, but also the The above-mentioned historical domain name resolution records are stored in the relevant independent data tables of the authorization information database as data with a longer life cycle. When the temporary cache reaches a certain length of time and is frequently used, the temporary cached historical domain name resolution records can be converted into Historical domain name resolution records with a longer life cycle are stored in the data table, and are used as query objects prior to the recursive system in the subsequent domain name resolution.

有关DNS服务机群的拓扑及其层次架构，以及灾备系统的拓扑及层次架构，可以由本领域技术人员根据公知的网络原理加以实现，本发明中更为关注两者之间的数据和控制关系，因此，涉及其拓扑与层次架构关系，恕不赘述。The topology and hierarchical structure of the DNS service cluster, and the topology and hierarchical structure of the disaster recovery system can be realized by those skilled in the art according to known network principles. In the present invention, more attention is paid to the data and control relationship between the two. Therefore, the relationship between its topology and hierarchical structure will not be described in detail.

如前所述，将DNS服务机群上的数据，尤其是其中的缓存数据同步到灾备机群之后，灾备机群即具备相应的解析能力，可以在后续步骤中进一步开放其解析服务。As mentioned above, after synchronizing the data on the DNS service cluster, especially the cached data, to the disaster recovery cluster, the disaster recovery cluster will have the corresponding resolution capability, and its resolution service can be further opened in the subsequent steps.

步骤S12、接收域名解析请求，响应于该域名解析请求而利用所述缓存数据进行域名解析。Step S12, receiving a domain name resolution request, and using the cached data to perform domain name resolution in response to the domain name resolution request.

本发明灾备系统，由于其高效地利用了缓存数据，实现了虚拟根节点的功能，因此拥有独立的虚拟根节点。具体而言便是通过一个授权信息数据库起到虚拟根域的作用。当根域或顶级域服务器发生故障不能正常服务时，甚至当外部所有其他的授权服务器都出现故障时，本地DNS系统或许成为解析孤岛，这种情况下，理论上应当允许这种系统实现类似的灾备模式，启动灾备紧急应答模式，保障互联网在根域服务器或授权服务器修复之前基本正常运行，为系统抢修和恢复留下足够的时间。The disaster recovery system of the present invention has an independent virtual root node because it efficiently utilizes cached data and realizes the function of a virtual root node. Specifically, an authorization information database acts as a virtual root domain. When the root domain or top-level domain server fails and cannot serve normally, or even when all other external authoritative servers fail, the local DNS system may become an island of resolution. In this case, in theory, this system should be allowed to achieve a similar Disaster recovery mode, start the disaster recovery emergency response mode, to ensure that the Internet is basically running normally before the root zone server or authorization server is repaired, leaving enough time for system repair and recovery.

借助本发明后续将揭示的切换方法，应用了本发明的相关技术方案的相关系统，在灾难发生后，相关的DNS服务功能将被切换到指向灾备中心，也即本发明所构建的灾备机群。然而，客户端需要重新访问容灾节点的服务，带来另外一个问题，网络如何切换。具体而言就是DNS服务器的本地应用访问路径(网络地址)如何由指向原生产中心改为指向容灾中心。在灾难修复后，又要反过来需要指向原生产中心。最简单得方法就是更改DNS解析服务器的IP映射关系，由原来的目的地址改为灾备系统的提供DNS服务的网络地址。在灾难发生前，IP地址映射为生产中心服务器；在灾难发生后，IP地址由映射为容灾中心得服务器；在灾难修复后，IP又映射为生产中心得服务器。With the help of the switching method that will be disclosed later in the present invention, the relevant system that applies the related technical solution of the present invention, after the disaster occurs, the relevant DNS service function will be switched to point to the disaster recovery center, that is, the disaster recovery system constructed by the present invention fleet. However, the client needs to revisit the service of the disaster recovery node, which brings another problem, how to switch the network. Specifically, it is how the local application access path (network address) of the DNS server is changed from pointing to the original production center to pointing to the disaster recovery center. After the disaster recovery, it needs to point to the original production center in turn. The easiest way is to change the IP mapping relationship of the DNS resolution server, from the original destination address to the network address of the disaster recovery system that provides DNS services. Before the disaster, the IP address is mapped to the server of the production center; after the disaster, the IP address is mapped to the server of the disaster recovery center; after the disaster is restored, the IP is mapped to the server of the production center.

关于实现这种智能切换的细节将在本发明的第二个方面中详述，本发明的第一方面暂以能够实现这种智能切换为前提进行说明。在第一方面中，客户端将其域名解析请求转发给DNS解析服务器，DNS解析服务器将该域名解析请求转发给灾备系统的服务，由灾备系统的服务执行解析，向DNS解析服务器返回域名解析结果，再由DNS解析服务器将该域名解析结果应答原来被中转的域名解析请求。The details of realizing such intelligent switching will be described in detail in the second aspect of the present invention, and the first aspect of the present invention will be described on the premise that such intelligent switching can be realized. In the first aspect, the client forwards its domain name resolution request to the DNS resolution server, and the DNS resolution server forwards the domain name resolution request to the service of the disaster recovery system, and the service of the disaster recovery system executes the resolution and returns the domain name to the DNS resolution server The resolution result, and then the DNS resolution server responds to the original domain name resolution request with the domain name resolution result.

因此，本发明的灾备系统，当其接收到DNS解析服务器转发来的域名解析请求后，将需要对其作为解析。其解析方案可以结合前述的多种变例灵活实现不同的解析机制，例如：Therefore, after the disaster recovery system of the present invention receives the domain name resolution request forwarded by the DNS resolution server, it needs to resolve it. Its parsing scheme can flexibly implement different parsing mechanisms in combination with the aforementioned variants, for example:

第一种解析机制中，对应于缓存数据仅仅包括历史域名解析记录的情况，则灾备系统可以从所述的域名解析请求中提取域名之后，优先从其存储的缓存数据的海量历史域名解析记录中检索是否存在与该域名相对应的记录，当存在时，则以该记录中与该域名存在映射关系的IP地址作为域名解析结果。当然，也可以考虑有关为历史域名解析记录设置生命周期的因素，对于超过预设的生命周期的历史域名解析记录不再考虑。但通常不推荐使用这一策略，因为如果灾备系统是基于公网瘫痪或者域名各层级服务器瘫痪的原因，可能已经无法通过公网向域名对应各层级的服务器进行递归查询获得实际的域名了，应用这一策略的意义也便不大了。考虑到域名各层级服务器可能还有效，只是DNS服务器的机群出现了故障，这种情况下，如果从缓存数据中不能获得IP地址，则可进一步由本发明的灾备系统执行递归查询，如果能够获得有效的解析，则同理可生成更为准确的域名解析结果。In the first resolution mechanism, corresponding to the case where the cached data only includes historical domain name resolution records, the disaster recovery system can extract the domain name from the domain name resolution request and prioritize the massive historical domain name resolution records stored in the cache data Search whether there is a record corresponding to the domain name, and if it exists, use the IP address in the record that has a mapping relationship with the domain name as the domain name resolution result. Of course, factors related to setting a life cycle for historical domain name resolution records can also be considered, and historical domain name resolution records beyond the preset life cycle will not be considered. However, this strategy is generally not recommended, because if the disaster recovery system is based on the failure of the public network or servers at all levels of the domain name, it may not be possible to obtain the actual domain name by recursively querying the servers at each level of the domain name through the public network. There is little point in applying this strategy. Considering that the servers at all levels of the domain name may still be effective, but the cluster of DNS servers has broken down, in this case, if the IP address cannot be obtained from the cached data, then the disaster recovery system of the present invention can further perform recursive query, if the IP address can be obtained Effective resolution can generate more accurate domain name resolution results in the same way.

第二种解析机制，对应于缓存数据包括授权信息数据库的情况。可以先由灾备系统从所述的域名解析请求中提取域名之后，优先利用授权信息执行查询，如果能获得有效的IP解析结果，则以此应答。如果授权信息数据库中包括有历史域名解析记录相应的数据表，则可以沿用第一种解析机制，先从该数据表中尝试获取结果，如果不能获得结果，再利用授权信息数据库中的授权信息进行查询；或者反之，先利用授权信息进行查询，查询不得再利用历史域名解析记录进行查询。The second parsing mechanism corresponds to the case where the cached data includes the authorization information database. After the disaster recovery system extracts the domain name from the domain name resolution request, the authorization information is used first to execute the query, and if a valid IP resolution result can be obtained, it is answered accordingly. If the authorization information database includes a data table corresponding to the historical domain name resolution records, the first resolution mechanism can be used to try to obtain the result from the data table first, and if the result cannot be obtained, then use the authorization information in the authorization information database. Inquiry; or vice versa, first use authorization information to inquire, and then inquire cannot use historical domain name resolution records to inquire.

第三种解析机制，是对应于既有缓存数据中既有授权信息数据库，又有作为缓存数据的历史域名解析记录，且授权信息数据库中也有优选的历史域名解析记录的情况。这种情况下，也可以结合前述两种机制灵活运用。例如，先从缓存历史域名解析记录中查询，查询不得再从数据表的历史域名解析记录中查询，再查询不得便进一步利用授权信息进行查询；或者反之。The third resolution mechanism corresponds to the situation that the existing cache data includes both the authorization information database and the historical domain name resolution records as the cache data, and the authorization information database also has preferred historical domain name resolution records. In this case, it can also be flexibly used in combination with the aforementioned two mechanisms. For example, query from the cached historical domain name resolution records first, and then query from the historical domain name resolution records in the data table, and then query cannot further use authorization information for query; or vice versa.

由以上的多种解析机制的分析可以看出，只要在前一步骤中利用缓存数据搭建了有效的存储表达体系，则在本步骤中便可以灵活地对之加以有效利用，最终获得相应的域名解析结果。From the above analysis of various resolution mechanisms, it can be seen that as long as an effective storage expression system is built using cached data in the previous step, it can be flexibly and effectively used in this step, and finally the corresponding domain name can be obtained parse the result.

步骤S13、以域名解析结果应答所述的域名解析请求。Step S13, responding to the domain name resolution request with a domain name resolution result.

在前一步获得域名解析结果后，本步骤便可以将域名解析结果按照域名解析请求的转发方地址反馈给DNS解析服务器进行中转，由DNS解析服务器将域名解析结果应答原始的域名解析请求发起方，完成域名解析过程。After the domain name resolution result is obtained in the previous step, in this step, the domain name resolution result can be fed back to the DNS resolution server for forwarding according to the forwarder address of the domain name resolution request, and the DNS resolution server will reply the domain name resolution result to the originator of the original domain name resolution request. Complete the domain name resolution process.

需要指出的是，本发明的灾备系统，可以不直接接收客户端发起的域名解析请求，也不直接向客户端应答域名解析结果，而是通过同一网络地址，主要是指IP地址所指向的DNS解析服务器来实现域名解析请求和域名解析结果的中转。由于灾备系统具有更高的安全要求，域名解析请求和域名解析结果在DNS解析服务器与灾备系统机群之间传输之前，可以先行加密，加密的方式多种多样，优先推荐公钥加密(非对称加密)的方式。It should be pointed out that the disaster recovery system of the present invention may not directly receive the domain name resolution request initiated by the client, nor directly respond to the domain name resolution result to the client, but through the same network address, mainly referring to the domain name pointed to by the IP address. The DNS resolution server implements the transfer of domain name resolution requests and domain name resolution results. Due to the higher security requirements of the disaster recovery system, domain name resolution requests and domain name resolution results can be encrypted before being transmitted between the DNS resolution server and the disaster recovery system cluster. There are various encryption methods, and public key encryption is preferred (non symmetric encryption).

尽管以上说明的内容，是以灾备机群为主体来进行描述的，然而，依据本发明第一方面所实现的软件，却可以灵活安装于多台设备中。可以考虑以如下几种方式安全本发明第一方面的软件，以构成实现本发明第一方面的方法和装置的体系：Although the content described above is based on the disaster recovery cluster, the software implemented according to the first aspect of the present invention can be flexibly installed in multiple devices. The software of the first aspect of the present invention can be considered to be secured in the following ways to form a system for realizing the method and device of the first aspect of the present invention:

一种方式中，将本发明的各个步骤实现于同一软件中，并且安装于本发明的灾备机群的单独一台设备中，而灾备机群的其它设备则只需配备与该单独一台设备进行通信的客户端模块，以此形成类似于C/S架构的模式，来实现机群的集中控制。作为这种方式的变化实例，表现在运行层面，相应的软件可以运行单独一个服务进程或多个相配合的进程来执行本方法，单独一个服务进程相对便于理解，至于多个进程的情况，例如，可以将本发明的步骤S11实现为一个进程，而将步骤S12、S13实现为一个进程，两个进程分别独立工作，完成各自的任务。两个进程均可设置为系统服务进程。In one mode, each step of the present invention is implemented in the same software, and installed in a single device of the disaster recovery cluster of the present invention, while other devices of the disaster recovery cluster only need to be equipped with the single device The client module for communication forms a mode similar to the C/S architecture to realize centralized control of the cluster. As a variation example of this method, it is shown at the operation level that the corresponding software can run a single service process or multiple coordinated processes to execute the method. A single service process is relatively easy to understand. As for the situation of multiple processes, for example , step S11 of the present invention can be implemented as a process, and steps S12 and S13 can be implemented as a process, and the two processes work independently to complete their respective tasks. Both processes can be set as system service processes.

另一种方式，考虑到步骤S11与其余两个步骤的相互独立性，可以考虑将步骤S11的数据同步功能实现成单独一个软件安装于独立于灾备机群的一台独立设备中，例如所述的DNS(解析)服务器中，而其余两个步骤仍然实现为同一软件安装于灾备机群的一台前端服务设备中，两者分装于两台设备中，并行不悖又互相配合，同理也可满足本发明的需求。In another way, considering the mutual independence between step S11 and the other two steps, it can be considered to implement the data synchronization function of step S11 as a single piece of software installed in an independent device independent of the disaster recovery cluster, such as the In the DNS (analysis) server, the other two steps are still implemented as the same software installed in a front-end service device of the disaster recovery cluster, and the two are installed in two devices, which are not contradictory and cooperate with each other. The same reason can also be used meet the requirements of the present invention.

因此，可以知晓，涉及本发明应用过程中系统搭建和软件实现方面的知识，可以结合本领域的公知技术进行灵活实现，本领域技术人员不应以此限制对本发明第一方面技术方案的理解。Therefore, it can be known that the knowledge related to system construction and software implementation in the application process of the present invention can be flexibly implemented in combination with known technologies in this field, and those skilled in the art should not limit their understanding of the technical solution of the first aspect of the present invention.

请参阅图3，本发明的域名解析系统灾备建构装置，在前述方法的基础上，依据模块化思维改进实现，具体包括同步单元11、查询单元12、应答单元13通过同步而得的缓存数据：Please refer to FIG. 3 , the domain name resolution system disaster recovery construction device of the present invention, on the basis of the aforementioned method, is improved and implemented according to the modular thinking, and specifically includes the cache data obtained by synchronizing the synchronization unit 11, the query unit 12, and the response unit 13 :

所述的同步单元11，用于将提供DNS服务的目标机群的数据实时同步至灾备机群，所述数据中包含有用于提供域名解析基础的缓存数据。The synchronization unit 11 is used for synchronizing the data of the target cluster providing DNS service to the disaster recovery cluster in real time, and the data includes the cache data used to provide the basis for domain name resolution.

由此可知，通过配置为本发明的装置的软件将提供DNS服务的目标机群的数据实时同步至灾备机群，便成就了本发明容灾系统的实现基础。为了进一步说明被同步的所述的数据，如下请先参阅一应用实例。It can be seen from this that the data of the target cluster providing DNS service is synchronized to the disaster recovery cluster in real time through the software configured as the device of the present invention, which is the basis for realizing the disaster recovery system of the present invention. In order to further illustrate the synchronized data, please refer to an application example as follows.

本发明有关缓存数据的实现的另一实施例中，所述缓存数据包括一授权信息数据库，这一数据库可以使用公知的BGP Anycast(任播)技术分布进行构建。所述授权信息数据库存储有域名各层级的授权服务器的授权信息；可以在进行域名解析时，依照授权信息数据库所记录的相应的授权服务器信息，执行递归查询以获得所述的域名解析结果，适用于作为DNS递归查询机群瘫痪的场景使用。In another embodiment of the present invention related to the realization of the cached data, the cached data includes an authorization information database, and this database can be constructed using the known BGP Anycast (Anycast) technology distribution. The authorization information database stores the authorization information of the authorization server at each level of the domain name; when performing domain name resolution, according to the corresponding authorization server information recorded in the authorization information database, a recursive query can be performed to obtain the domain name resolution result, applicable It is used in the scenario where DNS recursive query cluster is paralyzed.

如前所述，将DNS服务机群上的数据，尤其是其中的缓存数据同步到灾备机群之后，灾备机群即具备相应的解析能力，可以在后续进一步开放其解析服务。As mentioned above, after synchronizing the data on the DNS service cluster, especially the cached data, to the disaster recovery cluster, the disaster recovery cluster will have the corresponding resolution capability, and its resolution service can be further opened in the future.

所述的查询单元12，用于接收域名解析请求，响应于该域名解析请求而利用所述缓存数据进行域名解析。The query unit 12 is configured to receive a domain name resolution request, and use the cached data to perform domain name resolution in response to the domain name resolution request.

由以上的多种解析机制的分析可以看出，只要在同步单元11中利用缓存数据搭建了有效的存储表达体系，则在本查询单元12中便可以灵活地对之加以有效利用，最终获得相应的域名解析结果。From the above analysis of various analysis mechanisms, it can be seen that as long as an effective storage expression system is built using cached data in the synchronization unit 11, it can be flexibly and effectively used in the query unit 12, and finally the corresponding The domain name resolution result of .

所述的应答单元13，被配置为以域名解析结果应答所述的域名解析请求。The response unit 13 is configured to respond to the domain name resolution request with a domain name resolution result.

在查询单元12获得域名解析结果后，本应答单元13便可以将域名解析结果按照域名解析请求的转发方地址反馈给DNS解析服务器进行中转，由DNS解析服务器将域名解析结果应答原始的域名解析请求发起方，完成域名解析过程。After the query unit 12 obtains the domain name resolution result, the response unit 13 can feed back the domain name resolution result to the DNS resolution server for transfer according to the forwarder address of the domain name resolution request, and the DNS resolution server will respond to the original domain name resolution request with the domain name resolution result The initiator completes the domain name resolution process.

一种方式中，将本发明的同步单元11、查询单元12以及应答单元13由同一软件构造，并且该软件安装于本发明的灾备机群的单独一台设备中，而灾备机群的其它设备则只需配备与该单独一台设备进行通信的客户端模块，以此形成类似于C/S架构的模式，来实现机群的集中控制。作为这种方式的变化实例，表现在运行层面，相应的软件可以运行单独一个服务进程或多个相配合的进程来执行本所述的单元，单独一个服务进程相对便于理解，至于多个进程的情况，例如，可以将本发明的同步单元11实现为一个进程，而将步骤查询单元12和应答单元13实现为一个进程，两个进程分别独立工作，完成各自的任务。两个进程均可设置为系统服务进程。In one mode, the synchronization unit 11, the query unit 12 and the response unit 13 of the present invention are constructed by the same software, and this software is installed in a single device of the disaster recovery cluster of the present invention, while other equipment of the disaster recovery cluster It only needs to be equipped with a client module that communicates with the single device, so as to form a mode similar to the C/S architecture to realize centralized control of the cluster. As a variation example of this method, it is shown at the operation level that the corresponding software can run a single service process or multiple coordinated processes to execute the units described herein. A single service process is relatively easy to understand. As for multiple processes In this case, for example, the synchronization unit 11 of the present invention can be implemented as a process, and the step query unit 12 and the response unit 13 can be implemented as a process, and the two processes work independently to complete their respective tasks. Both processes can be set as system service processes.

另一种方式，考虑到同步单元11与其余两个单元的相互独立性，可以考虑将同步单元11的数据同步功能采用单独一个软件进行构造，将该软件安装于独立于灾备机群的一台独立设备中，例如所述的DNS(解析)服务器中，而其余两个单元仍然采用同一软件来构造，将该软件安装于灾备机群的一台前端服务设备中，两者分装于两台设备中，并行不悖又互相配合，同理也可满足本发明的需求。In another way, considering the mutual independence of the synchronization unit 11 and the other two units, it can be considered that the data synchronization function of the synchronization unit 11 is constructed using a single software, and the software is installed on a computer independent of the disaster recovery cluster. In an independent device, such as the DNS (analysis) server mentioned above, while the other two units are still constructed with the same software, the software is installed in a front-end service device of the disaster recovery cluster, and the two are distributed in two In the equipment, parallelism does not interfere with each other and cooperates with each other, and the requirements of the present invention can also be met in the same way.

进一步，请继续了解本发明第二方面的技术方案。同理，本发明的第二方面的技术方案，也可以实现了相关的软件，安装于具有服务器能力的计算机设备中，与便于服务器搭建的操作系统相配合，提供相应的服务。Further, please continue to understand the technical solution of the second aspect of the present invention. Similarly, the technical solution of the second aspect of the present invention can also implement related software, which can be installed in a computer device with server capabilities, and cooperate with an operating system that is convenient for server construction to provide corresponding services.

本发明的第二方面技术方案的任务，在于实现灾备系统的故障检测和智能切换控制逻辑，但是可以独立于本发明第一方面技术方案而独立安装于其它设备中。通常，依据本发明第二方面技术方案所涉的方法和装置，被安装于作为业务前端的DNS(解析)服务器中，以便在第一时间识别到提供DNS服务的机群或者相关网络故障，而快速地将提供DNS服务的机群定位到前述第一方面技术方案构建的灾备机群。而在所述的故障清除时，又能快速地回切。需要指出的是，前述有关本发明第一方面技术方案所采用的内容，也将在以下有关本发明第二方面技术方案的揭示中被引用，本领域技术人员不应割裂这两个方面的联系。The task of the technical solution of the second aspect of the present invention is to realize the fault detection and intelligent switching control logic of the disaster recovery system, but it can be independently installed in other devices independently of the technical solution of the first aspect of the present invention. Usually, according to the method and device involved in the technical solution of the second aspect of the present invention, it is installed in the DNS (analysis) server as the front end of the business, so as to identify the cluster or related network faults that provide DNS services at the first time, and quickly The cluster that provides the DNS service is positioned to the disaster recovery cluster constructed by the aforementioned technical solution of the first aspect. And when the fault is cleared, it can be switched back quickly. It should be pointed out that the above-mentioned content adopted in the technical solution of the first aspect of the present invention will also be cited in the following disclosure of the technical solution of the second aspect of the present invention, and those skilled in the art should not separate the connection between these two aspects .

请参阅图4，本发明为此而提供的一种DNS灾备系统孤岛应答自动切换方法，包括如下步骤：Please refer to Fig. 4, a kind of DNS disaster recovery system island answer automatic switching method that the present invention provides for this purpose, comprises the following steps:

步骤S21、接收并采集提供DNS服务的机群的运行数据。Step S21 , receiving and collecting operation data of the machine cluster providing DNS service.

作为实现了本发明的自动切换方法的作为应用前端的DNS服务器，其与DNS提供DNS服务的机群之间建构有通信关系，能够通过预定的通信端口包括约定的TCP或UDP协议端口等采集这些机群中的每台设备的运行数据，这些运行数据选用的类型非常灵活，并且也可以被灵活使用。以下列举一些运行数据供参考：As the application front-end DNS server that realizes the automatic switching method of the present invention, it has a communication relationship with the clusters that DNS provides DNS services, and can collect these clusters through predetermined communication ports including agreed TCP or UDP protocol ports, etc. The operating data of each device in the system, the type of operating data selected is very flexible, and can also be used flexibly. Here are some running data for reference:

1、性能数据，用于表征所述机群每秒钟进行DNS解析的吞吐量信息。通常，每台机器在正常使用的情况下，其能执行的DNS解析数量的有限且相对恒定的，因此，通过一个预设定的吞吐量阈值，便可以判断某台设备，或者判定整个机群的吞吐量是否正常。这里所称的吞吐量是指接收域名解析请求并返回相应的域名解析结果进行应答的次数。1. Performance data, which is used to represent the DNS resolution throughput information of the cluster per second. Usually, under normal use, the number of DNS resolutions that each machine can perform is limited and relatively constant. Therefore, through a preset throughput threshold, it is possible to judge a certain device or determine the status of the entire cluster. Is the throughput normal. The throughput referred to here refers to the number of times of receiving domain name resolution requests and returning corresponding domain name resolution results as responses.

2、机器数据，用于表征机群中每台设备的至少一个硬件的运行信息。机器数据主要是指机器运行时的CPU和/或内存的占用状态，例如，CPU长期处于高利用率如100％运行的状态，以及可用内存长期较低的状态，可能意味着某种不必要的繁忙。理论上也可通过这些机器数据来判定单台设备或整个机群的运行质量。2. Machine data, which is used to represent the operation information of at least one hardware of each device in the cluster. Machine data mainly refers to the CPU and/or memory usage status when the machine is running. For example, if the CPU is in a state of high utilization such as 100% for a long time, and the state of available memory is low for a long time, it may mean that some unnecessary busy. In theory, these machine data can also be used to determine the operating quality of a single device or the entire fleet.

3、应用数据，用于表征域名解析记录的日志信息。这里所称的日志信息，主要是指用于形成本发明第一方面的缓存数据的历史域名解析记录的原始信息。这些信息既可以在灾备系统中被后续开发出授权信息进行利用，也可以仅仅是在本方法中充当判断依据之用。利用这些日志信息，至少可以看出是否存在大范围的解析异常，例如大量域名解析请求不能获得相应的正常解析等，因此应用数据显然也可作为一个运行数据加以使用。3. Application data, which is used to represent the log information of domain name resolution records. The log information referred to here mainly refers to the original information used to form the historical domain name resolution records of the cache data in the first aspect of the present invention. Such information can be used in the subsequent development of authorization information in the disaster recovery system, or it can only be used as a basis for judgment in this method. Using these log information, it can at least be seen whether there are large-scale parsing exceptions, such as a large number of domain name resolution requests that cannot obtain corresponding normal resolution, etc. Therefore, application data can obviously also be used as a running data.

4、告警数据，用于表征机群所产生的告警信息。这里所称的告警数据，主要是机群中的设备的系统监控功能产生的告警数据，例如Windows系统“管理”组件所产生的告警数据，利用这些数据，也可判定单台设备或者机群的运行状态。4. Alarm data, which is used to represent the alarm information generated by the fleet. The alarm data referred to here is mainly the alarm data generated by the system monitoring function of the equipment in the cluster, such as the alarm data generated by the "management" component of the Windows system. Using these data, the operating status of a single device or cluster can also be determined .

5、差异数据，用于表征缓存池与数据库之间的差异信息。这里所称的缓冲池，是指缓冲历史域名解析记录的缓冲空间中的数据，而这里所称的数据库，则是指已经将历史域名解析记录从缓冲空间中提取出成规范的存储格式的专用文件中。记录这些差异数据，主要是为了提供关于已经临时缓存数据与规范缓存数据之间的差异。5. Difference data, which is used to represent the difference information between the cache pool and the database. The buffer pool referred to here refers to the data in the buffer space for buffering historical domain name resolution records, while the database referred to here refers to a dedicated database that has extracted historical domain name resolution records from the buffer space into a standardized storage format. in the file. These difference data are recorded mainly to provide information about the difference between the temporarily cached data and the canonical cached data.

上述给出各种类型的运行数据，只是运行数据具体类型的列举，并不是对运行数据做全面限定。这些运行数据被收集后，还要视其不同的作用进行进一步的利益，在不同的情况下，所用到的运行数据的类型可能不同，这些灵活变化将在后续进一步介绍。The various types of operating data given above are just enumerations of specific types of operating data, and do not make a comprehensive limitation on the operating data. After these operating data are collected, further benefits should be carried out depending on their different functions. In different situations, the types of operating data used may be different. These flexible changes will be further introduced later.

步骤S22、依据预设的配置信息对所述运行数据进行运算，以形成所述DNS服务机群的运行状态判定结果。Step S22 , performing calculations on the operation data according to preset configuration information to form an operation state determination result of the DNS service cluster.

DNS服务器在收集了有关提供DNS服务的机群的大量的运行数据的基础上，可以进行智能的数据挖掘，结合机器学习的原理，对正常机群的运行状态做出更为智能准确的判定。为了达到这一目的，请参阅图5，本步骤采用如下具体步骤实现：On the basis of collecting a large amount of operating data about the clusters that provide DNS services, the DNS server can carry out intelligent data mining, combined with the principle of machine learning, to make more intelligent and accurate judgments on the operating status of the normal clusters. In order to achieve this purpose, please refer to Figure 5, this step is implemented by the following specific steps:

步骤S221、建立作为判定基准的指标数据集。Step S221, establishing an index data set as a judgment criterion.

所述的指标数据集的建立，需要结合所述运行数据的选用而定的，而选用运行数据，则依赖于预设的配置信息。以下给出对应所述表格中的四种情况的指标数据集供参考：The establishment of the index data set needs to be determined in conjunction with the selection of the operation data, and the selection of the operation data depends on the preset configuration information. The indicator data sets corresponding to the four situations in the table are given below for reference:

1、性能数据：1000，机器数据：90％1. Performance data: 1000, machine data: 90%

2、告警数据：危险，机器数据：10％2. Alarm data: danger, machine data: 10%

3、差异数据：90％，应用数据：file.log3. Difference data: 90%, application data: file.log

4、应用数据：file.log4. Application data: file.log

依照上述四项指标数据集，可以对本发明建立的指标做如下的相应理解：According to the above four index data sets, the index established by the present invention can be understood as follows:

1、当性能数据达到1000次的吞吐量但机器数据(CPU和/或内存占比)便已经到达90％时，便构成了本发明的判定基准。1. When the performance data reaches the throughput of 1000 times but the machine data (CPU and/or memory ratio) has reached 90%, it constitutes the judgment criterion of the present invention.

2、当机器数据(CPU和/或内存占比)仅使用了10％便出现“危险”状态的告警数据时，便构成了本发明的判定基准。2. When only 10% of the machine data (CPU and/or memory ratio) is used and the alarm data of "dangerous" state appears, it constitutes the judgment criterion of the present invention.

3、当应用数据为file.log的文件中的差异数据达到90％时，便构成了本发明的判定基准。3. When the difference data in the file whose application data is file.log reaches 90%, it constitutes the judgment criterion of the present invention.

4、仅仅采用应用数据file.log文件作为实时判定基准。4. Only use the application data file.log file as the real-time judgment benchmark.

在构建了上述的指标数据集的基础上，便可在后续基于这些指标数据集做进一步的处理。需要注意的是，这些指标数据集既可以是在软件安装之前便已给定的，也可以通过软件提供的用户界面进行按需维护。这些指标数据集可以存储于一个文件中以供验证本发明的实施。On the basis of constructing the above-mentioned indicator data sets, further processing can be performed based on these indicator data sets. It should be noted that these indicator data sets can be given before the software is installed, or can be maintained on demand through the user interface provided by the software. These metrics data sets can be stored in a file for verification of the practice of the invention.

尽管以上给出了四组指标数据集，但是，某些实施例中，也可以将所述指标数据集理解为仅仅一组标准指标，用于表征提供DNS服务的机群的正常状态，以此简化软件编程难度。Although four sets of indicator data sets are given above, in some embodiments, the indicator data sets can also be understood as only a set of standard indicators, which are used to characterize the normal state of the cluster that provides DNS services, so as to simplify Difficulty of software programming.

步骤S222、依据预设的配置信息，选定或生成相应的算法。Step S222: Select or generate a corresponding algorithm according to preset configuration information.

所述的配置信息，某些情况下，可能与指标数据集之间存在一一对应关系，但如果指标数据集仅为标准的一组，则只需对应到该组指标数据集即可。配置信息通常是遵守由本发明所规范的一定格式进行表达的策略配置信息。例如，本发明中，针对前述具有多组指标数据集的示例，可以制定如下的策略配置信息，其所相应表征的含义也在下表中给出：In some cases, there may be a one-to-one correspondence between the configuration information and the indicator dataset, but if the indicator dataset is only a standard set, it only needs to correspond to this set of indicator datasets. Configuration information is usually policy configuration information expressed in a certain format specified by the present invention. For example, in the present invention, for the aforementioned example with multiple sets of indicator data sets, the following policy configuration information can be formulated, and the corresponding meanings are also given in the following table:

序号serial number 第一要素first element 第二要素second element 算法algorithm 表征意义representational meaning 11 性能数据performance data 机器数据machine data AA 对于性能和机器数据适用算法AAlgorithm A for performance and machine data 22 告警数据Alarm data 机器数据machine data BB 对于告警和机器数据适用算法BAlgorithm B applies to alarms and machine data 33 差异数据difference data 应用数据application data CC 对差异和应用数据适用算法CApply Algorithm C to diff and apply data 44 应用数据application data 无应答no response DD. 对应用数据无应答部分适用算法DAlgorithm D is applied to the unresponsive part of the application data

以上的策略配置信息仅仅用于示例，实际上有非常灵活的配置方式，理论上，只要能够将指标数据集与算法建立起关联，便可以构成本发明的配置信息，而不论这些配置信息的具体表达形式和要素个数等。通常，一组策略配置信息应当对应于一组指标数据集，以便区分不同的情形适用不同的算法，不同组策略配置信息作用下，参与运算的所述运行数据与所述指标数据集均不同于其他组策略配置信息作用下所涉的运行数据和指标数据集。但是也可以如前所述将指标数据集统一成一个标准指标数据集，而各策略配置信息对应到该同一标准指标数据集。The above policy configuration information is just for example. In fact, there are very flexible configuration methods. In theory, as long as the indicator data set can be associated with the algorithm, the configuration information of the present invention can be constituted, regardless of the specific configuration information. Expression form and number of elements, etc. Usually, a set of policy configuration information should correspond to a set of indicator data sets, so as to distinguish different situations and apply different algorithms. Operational data and metrics datasets under the influence of other Group Policy configuration information. However, as mentioned above, the indicator data sets can also be unified into a standard indicator data set, and each policy configuration information corresponds to the same standard indicator data set.

由此可见，通过策略配置信息，便可选定系统中已知的算法，整个过程非常智能。进一步，也可以在策略配置信息的算法项中，给出相应的表达式来动态地给出算法生成依据，再由软件依照约定规则利用这些由策略配置信息给出的依据生成相应的算法，采用生成的算法适用之。可见，本发明通过配置信息关联起指标数据集与已经或未知算法之间的关系，给出了机器学习模型，具有高度智能特征，能够动态识别各种运行状况，由此在后续做出更为智能的灾备切换控制。It can be seen that through policy configuration information, known algorithms in the system can be selected, and the whole process is very intelligent. Furthermore, in the algorithm item of the policy configuration information, corresponding expressions can be given to dynamically give the basis for algorithm generation, and then the software can use the basis given by the policy configuration information to generate the corresponding algorithm according to the agreed rules. The generated algorithm applies to it. It can be seen that the present invention associates the relationship between the index data set and the existing or unknown algorithm through the configuration information, and provides a machine learning model, which has highly intelligent features and can dynamically identify various operating conditions. Intelligent disaster recovery switching control.

同理，所述配置信息，尤其是其中的策略配置信息，和/或所述动态给定的算法，可以通过提供一个图形用户界面来提供给用户进行输入和维护，相应的数据则可存储于一个数据表或文件中，以备本发明的软件使用。进一步，用于输入或改进指标数据集的用户界面以及用于设定或改变所述策略配置信息和/可算法的用户界面，可以是同一用户界面，可以由编程人员根据需要灵活设计。Similarly, the configuration information, especially the policy configuration information, and/or the dynamically given algorithm can be provided to the user for input and maintenance by providing a graphical user interface, and the corresponding data can be stored in In a data table or file, the software of the present invention is used. Further, the user interface for inputting or improving the indicator data set and the user interface for setting or changing the policy configuration information and/or algorithm may be the same user interface, which can be flexibly designed by programmers according to needs.

步骤S223、以指标数据集为基准，利用所述的算法对所述的运行数据进行运算，判定运行数据所表征的运行状态是否异常。Step S223 , using the index data set as a reference, using the algorithm to operate on the operation data, and determine whether the operation state represented by the operation data is abnormal.

在前述确定了指标数据集以及配置信息，具体指策略配置信息之后，便可以利用策略配置信息给出的算法选项，确定相应的算法，利用该算法对照配置信息中给出的要素，将运行数据中的相应要素与指标数据集这一基准进行数学上的运行，诸如统计、比较、归纳等等，获得最终的运算结果，做出所述运行数据所表征的机群中的设备或者整个机群的运行状态是否异常的判定。After determining the indicator data set and configuration information, specifically the policy configuration information, you can use the algorithm options given by the policy configuration information to determine the corresponding algorithm, and use the algorithm to compare the elements given in the configuration information to compare the operating data. The corresponding elements in the benchmark and the index data set are mathematically operated, such as statistics, comparison, induction, etc., to obtain the final calculation results, and to make the operation of the equipment in the fleet or the entire fleet represented by the operating data. Whether the status is abnormal or not.

某些情况下，所述的配置信息还可以给出一个执行选项，例如表征丢弃数据包不予应答的选项，这种情况下，当运用相应的算法做出不利的判定结果之后，便可适用该选项而对后续的域名解析请求不予应答，直接丢包处理。In some cases, the configuration information can also provide an execution option, such as an option to indicate that the data packet is discarded and not responded. In this case, when the corresponding algorithm is used to make an unfavorable judgment result, it can be applied This option does not respond to subsequent domain name resolution requests, and directly discards packets.

为了更形象地理解本发明，如下给出一个通过本发明的上述机器学习模型识别DNS攻击的实例。In order to understand the present invention more vividly, an example of identifying DNS attacks through the above-mentioned machine learning model of the present invention is given as follows.

在本实例中，指标数据集可以给出时间为100ms，应用数据中在100ms内针对同一域名的解析请求数量为5000次。策略配置信息对应用数据、单位时间相结合的情形采用算法K。这种情况下，当配置有实现了本方法的软件的DNS解析服务器识别到所采集的应用数据，在100ms的单位时间内范围针对同一域名产生了超过5000次的域名解析请求时，不符合历史行为习惯，这种情况下，触发算法K加以进一步运算和验证，由算法K依据历史域名解析请求统计而得出历史使用习惯中，该域名在100ms内被访问的次数远低于5000次，这种情况下，算法K可以进一步做出判定，判定该时间正在发生网络攻击，于是便可做出运行状态异常的判定。在这个示例中，算法K的实现相对复杂，实际上，也可以通过一个额外的统计进程对各域名的历史行为习惯进行统计，以此生成指标数据集中的所述请求数量，这种情况下，算法K只需要将当前针对该域名的访问数量与指标数据集中的请求数量进行比对即可做出判定。In this example, the indicator data set can give a time of 100ms, and the number of resolution requests for the same domain name within 100ms in the application data is 5000 times. Policy configuration information adopts Algorithm K for the combination of application data and unit time. In this case, when the DNS resolution server configured with software implementing this method recognizes the collected application data and generates more than 5,000 domain name resolution requests for the same domain name within a unit time range of 100 ms, it does not meet the historical requirements. Behavioral habits. In this case, algorithm K is triggered for further calculation and verification. Algorithm K obtains historical usage habits based on the statistics of historical domain name resolution requests. In this case, Algorithm K can further make a judgment that a network attack is taking place at that time, so it can make a judgment that the operation status is abnormal. In this example, the implementation of Algorithm K is relatively complicated. In fact, an additional statistical process can also be used to collect statistics on the historical behavior habits of each domain name, so as to generate the number of requests in the indicator data set. In this case, Algorithm K only needs to compare the current number of visits to the domain name with the number of requests in the indicator data set to make a decision.

另一实施例中，可以在指标数据集中指定应用数据为某个日志文件，而策略配置信息中指定对该日志文件的无应答情况适用算法X。算法X运行时，统计该日志文件的无应答记录，当预定时间内，例如100分钟内，所产生的日志记录均为无应答记录时，则可直接判定相应的提供DNS服务的设备或者机群出现故障，从而也可做出运行状态异常的结论。In another embodiment, the application data may be specified as a certain log file in the indicator data set, and the policy configuration information specifies that the algorithm X is applicable to the non-response situation of the log file. When Algorithm X is running, count the non-response records of the log file. When all the log records generated within a predetermined time period, such as 100 minutes, are all non-response records, it can be directly determined that the corresponding device or cluster that provides DNS services appears Faults, so it can also be concluded that the operating state is abnormal.

以上的两种情况，在叙述时，为了简便，将提供DNS服务的机群简化为单机进行阐述，然而本领域技术人员应当理解，这些实例中，当然也可以或者应当考虑机群的有机判断的情况，而这些均属于数学与编程技术的结合，也是本领域技术人员所应当合理掌握的，例如可以是在算法中考虑多达若干台设备出现同类型情况即视为机群的整体瘫痪或公网上的域名各层级DNS服务器的不可到达，据此进一步判定运行状态异常。鉴于类似的情况多变，无法穷举，而本发明又已经揭示了机群与其中的单机之间的关系，使得本领域技术人员足以灵活应变，因此恕不赘述。For the above two cases, in the description, for the sake of simplicity, the cluster providing DNS service is simplified to a single machine for illustration. However, those skilled in the art should understand that in these examples, of course, the organic judgment of the cluster can also or should be considered. And these are the combination of mathematics and programming technology, which should be reasonably grasped by those skilled in the art. For example, it can be considered in the algorithm that as many as several devices have the same type of situation, it is regarded as the overall paralysis of the cluster or the domain name on the public network. The unreachability of DNS servers at each level is used to further determine that the operating status is abnormal. In view of the fact that similar situations are changeable and cannot be exhaustive, and the present invention has revealed the relationship between the cluster and the single machines therein, so that those skilled in the art are flexible enough, so details are not repeated here.

当运用算法实现了DNS服务机群的运行状态判定后，便形成相应的运行状态结果，可以据此做出最终的切换控制。When the algorithm is used to determine the operating status of the DNS service cluster, the corresponding operating status results will be formed, and the final switching control can be made based on this.

步骤23、当所述判定结果表征异常运行状态时，将提供DNS服务的目的地址修改为灾备系统的网络地址；当所述判定结果表征正常运行状态时，将提供DNS服务的目的地址修改为指向原来的目的地址。Step 23. When the judgment result represents an abnormal operation state, modify the destination address of the DNS service to the network address of the disaster recovery system; when the judgment result represents a normal operation state, modify the destination address of the DNS service to Point to the original destination address.

可以知晓，所述的运行状态判定结果的实质是一个二值选项，或者表征运行状态正常，即DNS服务机群正常运行；或者表征运行状态异常，即DNS服务机群异常运行。因此，对应这两种情况可以做出不同的切换。It can be known that the essence of the operation state determination result is a binary option, which either indicates that the operation state is normal, that is, the DNS service cluster is operating normally; or indicates that the operation state is abnormal, that is, the DNS service cluster is operating abnormally. Therefore, different switching can be made corresponding to these two situations.

当所述判定结果表征异常运行状态时，DNS解析服务器知悉原来提供DNS服务的机群已经无法或者难以继续提供DNS解析服务，无论其原因是出于DNS攻击，还是因为网络不可到达，DNS解析服务器依据本步骤实现的逻辑，均需要做出相应的切换操作，使得后续的DNS解析请求能够转发给本发明的第一方面的技术方案所实现的灾备系统，由灾备系统运用前述揭示的技术进行域名解析。当灾备系统获得域名解析结果并转发给本DNS解析服务器之后，再由本DNS解析服务器以该域名解析结果应答发起该域名解析请求的客户端。在这个过程中，DNS解析服务器仅起中转作用，为了避免安全攻击，适宜将域名解析请求和域名解析结果进行加密传输，无论是向DNS解析服务器与发起请求的客户端之间的传输，还是DNS解析服务器与灾备系统之间的传输，均采用加密机制，便可使DNS数据更为安全，完善了传统的DNS协议。When the judgment result represents an abnormal operating state, the DNS resolution server knows that the cluster that originally provided the DNS service has been unable or difficult to continue to provide the DNS resolution service. The logic implemented in this step requires a corresponding switching operation, so that the subsequent DNS resolution request can be forwarded to the disaster recovery system realized by the technical solution of the first aspect of the present invention, and the disaster recovery system uses the technology disclosed above. DNS. After the disaster recovery system obtains the domain name resolution result and forwards it to the DNS resolution server, the DNS resolution server responds to the client that initiates the domain name resolution request with the domain name resolution result. In this process, the DNS resolution server only acts as a relay. In order to avoid security attacks, it is appropriate to encrypt and transmit domain name resolution requests and domain name resolution results, whether it is to the DNS resolution server and the client that initiated the request, or DNS The transmission between the analysis server and the disaster recovery system adopts an encryption mechanism, which can make the DNS data more secure and improve the traditional DNS protocol.

当所述判定结果表征正常运行状态时，DNS解析服务器知悉原来提供的DNS服务的机群已经清除故障恢复正常服务，由此，DNS解析服务器依据本步骤实现的逻辑，需要做出回切操作，使得后续的DNS解析请求不再由灾备系统进行解析，而是由原来提供DNS服务的机群系统进行解析，而灾备系统则回复到虽开放其DNS服务却由于未接收域名解析请求而处于待命状态。When the determination result represents a normal operating state, the DNS resolution server knows that the cluster of DNS services originally provided has cleared the failure and resumed normal service. Therefore, the DNS resolution server needs to perform a switchback operation according to the logic realized in this step, so that Subsequent DNS resolution requests are no longer resolved by the disaster recovery system, but by the cluster system that originally provided DNS services, and the disaster recovery system replied that although its DNS service is open, it is in a standby state because it has not received domain name resolution requests .

在完成上述两种相逆的切换的过程中，DNS服务器也可以通过一个用户数据库向安装有其客户端(例如某种类型的移动终端安全软件)的用户群推送即时消息，用户所安装的相应客户端软件接收到该即时消息后，也可自动修改并切换其DNS服务器地址使其指向灾备系统提供的更为安全的DNS服务器；或者将该即时消息显示给用户自行决策。In the process of completing the above two reverse switching processes, the DNS server can also push instant messages to user groups who have installed its client (such as a certain type of mobile terminal security software) through a user database. After the client software receives the instant message, it can also automatically modify and switch its DNS server address to point to the more secure DNS server provided by the disaster recovery system; or display the instant message to the user to decide on his own.

而在DNS解析服务器中，做出切换的动作，则是通过修改其内部参数实现的。具体是一个以IP地址形式表达的网络地址参数，默认情况下，该网络地址为原来提供DNS服务的机群所指定的开放其DNS解析服务的IP地址(目的地址)，但在判定结果为异常运行状态时，则被本步骤修改为灾备系统的用于开放其DNS解析服务的IP地址。反之，当原来提供DNS服务的机群恢复正常服务时，则需要将该网络地址参数从灾备系统的IP地址修改回原来提供DNS服务的机群的开放其DNS解析服务的IP地址。这一网络参数可以配置于一个文件或注册表中，并且可以通过相应的系统设置界面，或者本发明提供的用户界面进行手动修改。前者的具体实现形式依据不同的操作系统而定。In the DNS resolution server, the action of switching is realized by modifying its internal parameters. Specifically, it is a network address parameter expressed in the form of an IP address. By default, the network address is the IP address (destination address) designated by the cluster that originally provided the DNS service to open its DNS resolution service, but the result of the judgment is abnormal operation state, it is modified by this step to the IP address of the disaster recovery system for opening its DNS resolution service. Conversely, when the cluster that originally provided DNS service returns to normal service, it is necessary to modify the network address parameter from the IP address of the disaster recovery system back to the IP address of the cluster that originally provided DNS service and opened its DNS resolution service. This network parameter can be configured in a file or registry, and can be manually modified through the corresponding system setting interface or the user interface provided by the present invention. The specific implementation form of the former depends on different operating systems.

请参阅图6，本发明为此而提供的一种DNS灾备系统孤岛应答自动切换装置，包括采集单元21、判定单元22以及切换单元23。Referring to FIG. 6 , the present invention provides an island response automatic switching device for a DNS disaster recovery system, which includes a collecting unit 21 , a judging unit 22 and a switching unit 23 .

所述的采集单元21，用于接收并采集提供DNS服务的机群的运行数据。The collection unit 21 is used to receive and collect the operation data of the cluster providing DNS service.

作为实现了本发明的自动切换装置的作为应用前端的DNS服务器，其与DNS提供DNS服务的机群之间建构有通信关系，能够通过预定的通信端口包括约定的TCP或UDP协议端口等采集这些机群中的每台设备的运行数据，这些运行数据选用的类型非常灵活，并且也可以被灵活使用。以下列举一些运行数据供参考：As the front-end DNS server that realizes the automatic switching device of the present invention, it has a communication relationship with the clusters that DNS provides DNS services, and can collect these clusters through predetermined communication ports including agreed TCP or UDP protocol ports, etc. The operating data of each device in the system, the type of operating data selected is very flexible, and can also be used flexibly. Here are some running data for reference:

2、机器数据，用于表征机群中每台设备的至少一个硬件的运行信息。机器数据主要是指机器运行时的CPU和/或内存的占用状态，例如，CPU长期处于高利用率如100％运行的状态，以及可用内存长期较低的状态，可能意味着某种不必要的繁忙。理论上也可通过这些机器数据来判定单台设备或整个机群的运行质量。2. Machine data, which is used to represent the operation information of at least one hardware of each device in the cluster. Machine data mainly refers to the CPU and/or memory usage status when the machine is running. For example, if the CPU is in a state of high utilization such as 100% operation for a long time, and the state of available memory is low for a long time, it may mean that some unnecessary busy. In theory, these machine data can also be used to determine the operating quality of a single device or the entire fleet.

3、应用数据，用于表征域名解析记录的日志信息。这里所称的日志信息，主要是指用于形成本发明第一方面的缓存数据的历史域名解析记录的原始信息。这些信息既可以在灾备系统中被后续开发出授权信息进行利用，也可以仅仅是在本装置中充当判断依据之用。利用这些日志信息，至少可以看出是否存在大范围的解析异常，例如大量域名解析请求不能获得相应的正常解析等，因此应用数据显然也可作为一个运行数据加以使用。3. Application data, which is used to represent the log information of domain name resolution records. The log information referred to here mainly refers to the original information used to form the historical domain name resolution records of the cache data in the first aspect of the present invention. These information can be used in the subsequent development of authorization information in the disaster recovery system, or can only be used as a basis for judgment in the device. Using these log information, it can at least be seen whether there are large-scale parsing exceptions, such as a large number of domain name resolution requests that cannot obtain corresponding normal resolution, etc. Therefore, application data can obviously also be used as a running data.

所述的判定单元22，被配置为依据预设的配置信息对所述运行数据进行运算，以形成所述DNS服务机群的运行状态判定结果。The determination unit 22 is configured to perform calculations on the operation data according to preset configuration information to form an operation state determination result of the DNS service cluster.

DNS服务器在收集了有关提供DNS服务的机群的大量的运行数据的基础上，可以进行智能的数据挖掘，结合机器学习的原理，对正常机群的运行状态做出更为智能准确的判定。为了达到这一目的，请参阅图7，本判定单元22具体包括指标建立模块221、算法生成模块222以及运算判定模块223。On the basis of collecting a large amount of operating data about the clusters that provide DNS services, the DNS server can carry out intelligent data mining, combined with the principle of machine learning, to make more intelligent and accurate judgments on the operating status of the normal clusters. In order to achieve this purpose, please refer to FIG. 7 , the determination unit 22 specifically includes an index establishment module 221 , an algorithm generation module 222 and an operation determination module 223 .

所述的指标建立模块221，用于建立作为判定基准的指标数据集。The index establishment module 221 is used to establish an index data set as a criterion for determination.

4、应用数据：file.log4. Application data: file.log

所述的算法生成模块222，用于依据预设的配置信息，选定或生成相应的算法。The algorithm generation module 222 is configured to select or generate a corresponding algorithm according to preset configuration information.

同理，所述配置信息，尤其是其中的策略配置信息，和/或所述动态给定的算法，可以通过本发明的一个设定单元提供的一个图形用户界面来提供给用户进行输入和维护，相应的数据则可存储于一个数据表或文件中，以备本发明的软件使用。进一步，用于输入或改进指标数据集的用户界面以及用于设定或改变所述策略配置信息和/可算法的用户界面，可以是同一用户界面，可以由编程人员根据需要灵活设计。Similarly, the configuration information, especially the policy configuration information therein, and/or the dynamically given algorithm can be provided to the user for input and maintenance through a graphical user interface provided by a setting unit of the present invention , and the corresponding data can be stored in a data table or file for use by the software of the present invention. Further, the user interface for inputting or improving the indicator data set and the user interface for setting or changing the policy configuration information and/or algorithm may be the same user interface, which can be flexibly designed by programmers according to needs.

所述运算判定模块223，被配置为以指标数据集为基准，利用所述的算法对所述的运行数据进行运算，判定运行数据所表征的运行状态是否异常。The operation determination module 223 is configured to use the index data set as a reference, use the algorithm to perform calculations on the operation data, and determine whether the operation state represented by the operation data is abnormal.

某些情况下，所述的配置信息还可以给出一个执行选项，例如表征丢弃数据包不予应答的选项，这种情况下，当运用相应的算法做出不利的判定结果之后，便可适用该选项而对后续的域名解析请求不予应答，直接丢包处理。In some cases, the configuration information can also provide an execution option, such as an option to indicate that the data packet is discarded and not responded. In this case, after using the corresponding algorithm to make an unfavorable judgment result, it can be applied This option does not respond to subsequent domain name resolution requests, and directly discards packets.

在本实例中，指标数据集可以给出时间为100ms，应用数据中在100ms内针对同一域名的解析请求数量为5000次。策略配置信息对应用数据、单位时间相结合的情形采用算法K。这种情况下，当配置有用于构造本装置的软件的DNS解析服务器识别到所采集的应用数据，在100ms的单位时间内范围针对同一域名产生了超过5000次的域名解析请求时，不符合历史行为习惯，这种情况下，触发算法K加以进一步运算和验证，由算法K依据历史域名解析请求统计而得出历史使用习惯中，该域名在100ms内被访问的次数远低于5000次，这种情况下，算法K可以进一步做出判定，判定该时间正在发生网络攻击，于是便可做出运行状态异常的判定。在这个示例中，算法K的实现相对复杂，实际上，也可以通过一个额外的统计进程对各域名的历史行为习惯进行统计，以此生成指标数据集中的所述请求数量，这种情况下，算法K只需要将当前针对该域名的访问数量与指标数据集中的请求数量进行比对即可做出判定。In this example, the indicator data set can give a time of 100ms, and the number of resolution requests for the same domain name within 100ms in the application data is 5000 times. Policy configuration information adopts Algorithm K for the combination of application data and unit time. In this case, when the DNS resolution server configured with the software used to construct this device recognizes that the collected application data has generated more than 5,000 domain name resolution requests for the same domain name within a unit time range of 100 ms, it does not comply with the history. Behavioral habits. In this case, algorithm K is triggered for further calculation and verification. Algorithm K obtains historical usage habits based on the statistics of historical domain name resolution requests. In this case, Algorithm K can further make a judgment that a network attack is taking place at that time, so it can make a judgment that the operation status is abnormal. In this example, the implementation of Algorithm K is relatively complicated. In fact, an additional statistical process can also be used to collect statistics on the historical behavior habits of each domain name, so as to generate the number of requests in the indicator data set. In this case, Algorithm K only needs to compare the current number of visits to the domain name with the number of requests in the indicator data set to make a decision.

所述的切换单元23，被配置为当所述判定结果表征异常运行状态时，将提供DNS服务的目的地址修改为灾备系统的网络地址；当所述判定结果表征正常运行状态时，将提供DNS服务的目的地址修改为指向原来的目的地址。The switching unit 23 is configured to modify the destination address of the DNS service to the network address of the disaster recovery system when the judgment result represents an abnormal operation state; when the judgment result represents a normal operation state, it will provide The destination address of the DNS service is changed to point to the original destination address.

当所述判定结果表征异常运行状态时，DNS解析服务器知悉原来提供DNS服务的机群已经无法或者难以继续提供DNS解析服务，无论其原因是出于DNS攻击，还是因为网络不可到达，DNS解析服务器依据本切换单元23实现的逻辑，均需要做出相应的切换操作，使得后续的DNS解析请求能够转发给本发明的第一方面的技术方案所实现的灾备系统，由灾备系统运用前述揭示的技术进行域名解析。当灾备系统获得域名解析结果并转发给本DNS解析服务器之后，再由本DNS解析服务器以该域名解析结果应答发起该域名解析请求的客户端。在这个过程中，DNS解析服务器仅起中转作用，为了避免安全攻击，适宜将域名解析请求和域名解析结果进行加密传输，无论是向DNS解析服务器与发起请求的客户端之间的传输，还是DNS解析服务器与灾备系统之间的传输，均采用加密机制，便可使DNS数据更为安全，完善了传统的DNS协议。When the judgment result represents an abnormal operating state, the DNS resolution server knows that the cluster that originally provided the DNS service has been unable or difficult to continue to provide the DNS resolution service. The logic implemented by the switching unit 23 needs to perform a corresponding switching operation, so that the subsequent DNS resolution request can be forwarded to the disaster recovery system realized by the technical solution of the first aspect of the present invention, and the disaster recovery system uses the aforementioned disclosure technology for domain name resolution. After the disaster recovery system obtains the domain name resolution result and forwards it to the DNS resolution server, the DNS resolution server responds to the client that initiates the domain name resolution request with the domain name resolution result. In this process, the DNS resolution server only acts as a relay. In order to avoid security attacks, it is appropriate to encrypt and transmit domain name resolution requests and domain name resolution results, whether it is to the DNS resolution server and the client that initiated the request, or DNS The transmission between the analysis server and the disaster recovery system adopts an encryption mechanism, which can make the DNS data more secure and improve the traditional DNS protocol.

当所述判定结果表征正常运行状态时，DNS解析服务器知悉原来提供的DNS服务的机群已经清除故障恢复正常服务，由此，DNS解析服务器依据本切换单元23实现的逻辑，需要做出回切操作，使得后续的DNS解析请求不再由灾备系统进行解析，而是由原来提供DNS服务的机群系统进行解析，而灾备系统则回复到虽开放其DNS服务却由于未接收域名解析请求而处于待命状态。When the determination result represents a normal operating state, the DNS resolution server knows that the cluster of the DNS service provided originally has cleared the failure and resumed normal service, thus, the DNS resolution server needs to perform a switchback operation according to the logic realized by the switching unit 23 , so that the subsequent DNS resolution request is no longer resolved by the disaster recovery system, but by the cluster system that originally provided the DNS service, and the disaster recovery system replies that although its DNS service is open, it is in a state of failure because it has not received the domain name resolution request. Standby.

而在DNS解析服务器中，做出切换的动作，则是通过修改其内部参数实现的。具体是一个以IP地址形式表达的网络地址参数，默认情况下，该网络地址为原来提供DNS服务的机群所指定的开放其DNS解析服务的IP地址(目的地址)，但在判定结果为异常运行状态时，则被本切换单元23修改为灾备系统的用于开放其DNS解析服务的IP地址。网络地址一旦被修改，便完成了不同系统之间的切换。反之，当原来提供DNS服务的机群恢复正常服务时，则需要将该网络地址参数从灾备系统的IP地址修改回原来提供DNS服务的机群的开放其DNS解析服务的IP地址。这一网络参数可以配置于一个文件或注册表中，并且可以通过相应的系统设置界面，或者通过本发明的一个设定单元提供的用户界面进行手动修改。前者的具体实现形式依据不同的操作系统而定。In the DNS resolution server, the action of switching is realized by modifying its internal parameters. Specifically, it is a network address parameter expressed in the form of an IP address. By default, the network address is the IP address (destination address) designated by the cluster that originally provided the DNS service to open its DNS resolution service, but the result of the judgment is abnormal operation state, it is modified by the switching unit 23 to be the IP address of the disaster recovery system for opening its DNS resolution service. Once the network address is modified, switching between different systems is completed. Conversely, when the cluster that originally provided DNS service returns to normal service, it is necessary to modify the network address parameter from the IP address of the disaster recovery system back to the IP address of the cluster that originally provided DNS service and opened its DNS resolution service. This network parameter can be configured in a file or registry, and can be manually modified through a corresponding system setting interface, or through a user interface provided by a setting unit of the present invention. The specific implementation form of the former depends on different operating systems.

根据本发明第二方面技术方案所涉的方法和装置的上述多个实施例的揭示可以看出，本发明的其中一个实质是通过结合机器学习技术实现了智能攻击行为判定的功能，尽管本文仅给出部分实施例，但依据与本发明的相同的原理，本领域技术人员可以在本文的基础上继续变化出多种判定方法。这种行为判定功能，再结合底层实现，可以实现DNS服务器的更安全的防御效果。According to the disclosure of the above multiple embodiments of the method and device involved in the technical solution of the second aspect of the present invention, it can be seen that one of the essences of the present invention is to realize the function of intelligent attack behavior judgment by combining machine learning technology, although this article only Some examples are given, but according to the same principle as the present invention, those skilled in the art can continue to change a variety of determination methods on the basis of this article. This behavior judgment function, combined with the underlying implementation, can achieve a more secure defense effect for the DNS server.

例如，在本发明的一种实施例中，对于接收的每个域名解析请求相对应的网络数据包，可以以类似前述机器学习的方式判断出该网络数据包对应的DNS行为类型，并根据确定的DNS行为类型确定对该网络数据包进行处理的处理主体，进而将该网络数据包转至确定的处理主体进行处理。在本发明实施例中，处理主体可以由两层组成，分别是内核层、应用层。内核层包括网络层、驱动层等，可以实现高速缓存、攻击防护等功能，而应用层可以对网络数据包进行基本解析，包括域名解析后的地址、数据存储地址的获取等。与现有技术中的DNS行为的处理方法相比较，将网络数据包分别划分至内核层和应用层处理，可以将DNS请求根据实际请求处理，若遇到一秒几百万次的DNS请求攻击，也可以由处理能力较强的内核对其进行处理，而遇见时效性要求相对较低的DNS请求，则可以由应用层处理。采用内核和应用层分别处理DNS请求，考虑到内核的巨大的处理能力，能够实现大流量的DNS查询。并且，因DNS请求所导致的修改或启动导致加载时，因内核和应用层是分别处理的，因此可以利用其中之一处理当前DNS请求，另一继续对外提供服务。因此，本发明实施例提高了单机的业务处理能力，大大提高系统的处理能力和安全防护能力的同时，还能实现快速域名动态管理和配置，进而实现很多定制化的复杂功能需求。For example, in one embodiment of the present invention, for the network data packet corresponding to each domain name resolution request received, the DNS behavior type corresponding to the network data packet can be judged in a manner similar to the aforementioned machine learning, and based on the determined The DNS behavior type determines the processing subject for processing the network data packet, and then transfers the network data packet to the determined processing subject for processing. In the embodiment of the present invention, the processing body may be composed of two layers, namely a kernel layer and an application layer. The kernel layer includes the network layer, driver layer, etc., which can implement functions such as high-speed cache and attack protection, while the application layer can perform basic analysis of network data packets, including the address after domain name analysis, and the acquisition of data storage addresses. Compared with the processing method of DNS behavior in the prior art, network data packets are divided into kernel layer and application layer for processing, and DNS requests can be processed according to actual requests. If there are millions of DNS request attacks per second , it can also be processed by the kernel with strong processing capability, and DNS requests with relatively low timeliness requirements can be processed by the application layer. The kernel and the application layer are used to process DNS requests separately. Considering the huge processing capacity of the kernel, DNS queries with large traffic can be realized. Moreover, when the modification caused by the DNS request or the loading caused by the startup, since the kernel and the application layer are processed separately, one of them can be used to process the current DNS request, while the other continues to provide external services. Therefore, the embodiment of the present invention improves the business processing capability of a single machine, greatly improves the processing capability and security protection capability of the system, and at the same time realizes fast domain name dynamic management and configuration, and further realizes many customized complex functional requirements.

当DNS行为类型确定为攻击行为时，那么，可以确定处理主体为内核，而当DNS行为类型为域名解析行为时，可以确定处理主体为应用层。为了提升域名解析服务的响应速度、处理性能及安全防护能力，根据DNS的解析原理，在内核模块中可以实现高速缓存和安全防护，正常情况内核模块能高效、稳定地处理98％的解析请求和绝大部分的攻击防护。而处理逻辑相对复杂，对性能要求并不是那么高的基础解析和管理功能放在应用层实现。When the DNS behavior type is determined to be an attack behavior, then it can be determined that the processing subject is the kernel, and when the DNS behavior type is domain name resolution behavior, it can be determined that the processing subject is the application layer. In order to improve the response speed, processing performance and security protection capabilities of domain name resolution services, according to the DNS resolution principle, high-speed cache and security protection can be implemented in the kernel module. Under normal circumstances, the kernel module can efficiently and stably process 98% of resolution requests and Protection against most attacks. The processing logic is relatively complex, and the basic analysis and management functions that do not have such high performance requirements are implemented at the application layer.

因此，处理主体为内核时，由内核检测所述网络数据包，过滤将网络数据包中携带的DNS攻击行为；以及，将过滤后的网络数据包转发至应用层进行处理。内核检测网络数据包时，可以启动防DDOS攻击策略、IP限速策略、域名限速策略等策略，相应的，可以在内核中为每个策略设置独立的内部模块，用于实现不同策略。Therefore, when the processing subject is the kernel, the kernel detects the network data packet, filters the DNS attack behavior carried in the network data packet; and forwards the filtered network data packet to the application layer for processing. When the kernel detects network packets, strategies such as anti-DDOS attack strategy, IP speed limit strategy, and domain name speed limit strategy can be activated. Correspondingly, independent internal modules can be set for each strategy in the kernel to implement different strategies.

此处需要说明的是，每个网络数据包都具备一个特征码，且每个特征码是独一无二的，因此，可以根据特征码判断网络数据包的DNS请求的属性，识破伪装成正常数据包的DNS攻击操作。现根据如下步骤判断所述网络数据包中是否携带有DNS攻击行为：What needs to be explained here is that each network data packet has a feature code, and each feature code is unique. Therefore, the attribute of the DNS request of the network data packet can be judged according to the feature code, and the fake data packet masquerading as a normal data packet can be detected. DNS attack operations. Now judge whether the network data packet carries DNS attack behavior according to the following steps:

步骤A、计算网络数据包的特征码；Step A, calculating the characteristic code of the network data packet;

步骤B、判断特征码是否是DNS攻击行为的特征码，若是，执行步骤C，若否，执行步骤D；Step B, determine whether the characteristic code is a characteristic code of DNS attack behavior, if so, perform step C, if not, perform step D;

步骤C、若是，则确定网络数据包中携带有DNS攻击行为；Step C, if yes, then determine that the DNS attack behavior is carried in the network data packet;

步骤D、若否，则确定网络数据包中未携带有DNS攻击行为。Step D. If not, it is determined that the network data packet does not carry DNS attack behavior.

其中，数据库中通常存储有已知DNS攻击行为的特征码的集合，当需要校验时，将步骤A中计算出的特征码与数据库的集合进行匹配，若步骤A计算出的特征码存在所述集合中，则是DNS攻击行为，反之则不是。Among them, the database usually stores a collection of signatures of known DNS attack behaviors. When verification is required, the signatures calculated in step A are matched with the collection of databases. If the signatures calculated in step A exist In the above set, it is a DNS attack behavior, and vice versa.

其中，特征码可以根据IP或域名等域名信息确定，例如，计算指定时间内接收的来自同一IP的网络数据包数得到特征码，和/或计算指定时间内接收的来自同一域名的网络数据包数。若1秒内从同一IP或同一域名接收的网络数据包数远远大于应该接收的包数，就证明该IP地址或域名已被变成攻击源。这也是IP限速策略、域名限速策略的基本原理。被证明变为攻击源的IP地址或域名，之后再接收到来自这一源头的网络数据包，可以直接舍弃或过滤掉，避免被其攻击，提高系统安全性能及处理效率。Among them, the feature code can be determined according to domain name information such as IP or domain name, for example, calculate the number of network data packets received from the same IP within a specified time to obtain the feature code, and/or calculate the network data packets received from the same domain name within a specified time number. If the number of network data packets received from the same IP or the same domain name within 1 second is far greater than the number of packets that should be received, it proves that the IP address or domain name has become an attack source. This is also the basic principle of IP speed limit strategy and domain name speed limit strategy. The IP address or domain name that has been proven to be the source of the attack, and then receive the network data packets from this source, can be directly discarded or filtered out to avoid being attacked by it, and improve system security performance and processing efficiency.

内核对攻击行为进行过滤之后，将网络数据包发至应用层进行处理。应用层可以对网络数据包进行解析，获取域名对应的地址信息，从而获取相关数据反馈给客户端。以及，应用层可以对域名信息等数据进行管理，实现数据管理功能。After the kernel filters the attack behavior, it sends the network data packet to the application layer for processing. The application layer can analyze the network data packets to obtain the address information corresponding to the domain name, so as to obtain relevant data and feed it back to the client. And, the application layer can manage data such as domain name information to realize a data management function.

结合本发明全文的说明，可以看出，本发明的第一方面的技术方案所涉的方法和装置，构造出了灾备系统，使得灾备系统能够提供孤岛式的域名解析服务；而本发明的第二方面的技术方案所涉的方法和装置，则可以在灾备机群与普通机群之间做出智能的故障检测和切换控制，因此，由本发明构造的DNS服务系统，对互联网的DNS服务安全做出了较为显著的贡献。In combination with the description of the full text of the present invention, it can be seen that the method and device involved in the technical solution of the first aspect of the present invention construct a disaster recovery system, so that the disaster recovery system can provide isolated domain name resolution services; and the present invention The method and device involved in the technical solution of the second aspect can perform intelligent fault detection and switching control between the disaster recovery cluster and the common cluster. Therefore, the DNS service system constructed by the present invention can support DNS services on the Internet Safety has made a more significant contribution.

综上所述，本发明的实施，有利于构建灾备系统，并且使灾备系统服务于传统的DNS服务机群的安全管控。To sum up, the implementation of the present invention is beneficial to construct a disaster recovery system, and make the disaster recovery system serve the security management and control of the traditional DNS service cluster.

应当注意，在此提供的算法和公式不与任何特定计算机、虚拟系统或者其它设备固有相关。各种通用系统也可以与基于在此的示例一起使用。根据上面的描述，构造这类系统所要求的结构是显而易见的。此外，本发明也不针对任何特定编程语言。应当明白，可以利用各种编程语言实现在此描述的本发明的内容，并且上面对特定语言所做的描述是为了披露本发明的最佳实施方式。It should be noted that the algorithms and formulas presented herein are not inherently related to any particular computer, virtual system, or other device. Various general systems can also be used with the examples based here. The structure required to construct such a system is apparent from the above description. Furthermore, the present invention is not specific to any particular programming language. It should be understood that various programming languages can be used to implement the content of the present invention described herein, and the above description of specific languages is for disclosing the best mode of the present invention.

在此处所提供的说明书中，说明了大量具体细节。然而，能够理解，本发明的实施例可以在没有这些具体细节的情况下实践。在一些实例中，并未详细示出公知的方法、结构和技术，以便不模糊对本说明书的理解。In the description provided herein, numerous specific details are set forth. However, it is understood that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure the understanding of this description.

类似地，应当理解，为了精简本发明并帮助理解本发明各个方面中的一个或多个，在上面对本发明的示例性实施例的描述中，本发明的各个特征有时被一起分组到单个实施例、图、或者对其的描述中。然而，并不应将该公开的方法和装置解释成反映如下意图：即所要求保护的本发明要求比在每个权利要求中所明确记载的特征更多的特征。更确切地说，如权利要求书所反映，发明方面在于少于前面公开的单个实施例的所有特征。因此，遵循具体实施方式的权利要求书由此明确地并入该具体实施方式，其中每个权利要求本身都作为本发明的单独实施例。Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, in order to streamline the present invention and to facilitate an understanding of one or more of its various aspects, various features of the invention are sometimes grouped together into a single embodiment , figure, or description of it. This disclosed method and apparatus, however, is not to be interpreted as reflecting an intention that the claimed invention requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the Detailed Description are hereby expressly incorporated into this Detailed Description, with each claim standing on its own as a separate embodiment of this invention.

本领域那些技术人员可以理解，可以对实施例中的设备中的模块进行自适应性地改变并且把它们设置在与该实施例不同的一个或多个设备中。可以把实施例中的模块或单元或组件组合成一个模块或单元或组件，以及此外可以把它们分成多个子模块或子单元或子组件。除了这样的特征和/或过程或者单元中的至少一些是相互排斥之外，可以采用任何组合对本说明书(包括伴随的权利要求、摘要和附图)中公开的所有特征以及如此公开的任何方法或者设备的所有过程或单元进行组合。除非另外明确陈述，本说明书(包括伴随的权利要求、摘要和附图)中公开的每个特征可以由提供相同、等同或相似目的的替代特征来代替。Those skilled in the art can understand that the modules in the device in the embodiment can be adaptively changed and arranged in one or more devices different from the embodiment. Modules or units or components in the embodiments may be combined into one module or unit or component, and furthermore may be divided into a plurality of sub-modules or sub-units or sub-assemblies. All features disclosed in this specification (including accompanying claims, abstract and drawings) and any method or method so disclosed may be used in any combination, except that at least some of such features and/or processes or units are mutually exclusive. All processes or units of equipment are combined. Each feature disclosed in this specification (including accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.

此外，本领域的技术人员能够理解，尽管在此所述的一些实施例包括其它实施例中所包括的某些特征而不是其它特征，但是不同实施例的特征的组合意味着处于本发明的范围之内并且形成不同的实施例。。Furthermore, those skilled in the art will understand that although some embodiments described herein include some features included in other embodiments but not others, combinations of features from different embodiments are meant to be within the scope of the invention. and form different embodiments. .

本发明的各个部件实施例可以以硬件实现，或者以在一个或者多个处理器上运行的软件模块实现，或者以它们的组合实现。本领域的技术人员应当理解，可以在实践中使用微处理器或者数字信号处理器(DSP)来实现根据本发明实施例的网站安全检测设备中的一些或者全部部件的一些或者全部功能。本发明还可以实现为用于执行这里所描述的方法的一部分或者全部的设备或者装置程序(例如，计算机程序和计算机程序产品)。这样的实现本发明的程序可以存储在计算机可读介质上，或者可以具有一个或者多个信号的形式。这样的信号可以从因特网网站上下载得到，或者在载体信号上提供，或者以任何其他形式提供。The various component embodiments of the present invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art should understand that a microprocessor or a digital signal processor (DSP) can be used in practice to implement some or all functions of some or all components in the website security detection device according to the embodiment of the present invention. The present invention can also be implemented as an apparatus or an apparatus program (for example, a computer program and a computer program product) for performing a part or all of the methods described herein. Such a program for realizing the present invention may be stored on a computer-readable medium, or may be in the form of one or more signals. Such a signal may be downloaded from an Internet site, or provided on a carrier signal, or provided in any other form.

以上所述仅是本发明的部分实施方式，应当指出，对于本技术领域的普通技术人员来说，在不脱离本发明原理的前提下，还可以做出若干改进和润饰，这些改进和润饰也应视为本发明的保护范围。The above descriptions are only part of the embodiments of the present invention. It should be pointed out that those skilled in the art can make some improvements and modifications without departing from the principles of the present invention. It should be regarded as the protection scope of the present invention.

Claims

1. A domain name resolution system disaster recovery construction method, is characterized in that, comprises the steps:

Synchronize the authorization information database of the target cluster that provides DNS services to the disaster recovery cluster constructed with a virtual root node in real time, and the authorization information database stores the authorization information of the authorization server at each level of the domain name;

receiving a domain name resolution request, in response to the domain name resolution request, using the authorization information database and the virtual root node of the disaster recovery cluster, and performing a recursive query according to the corresponding authorization server information recorded in the authorization information database to obtain all The above domain name resolution results;

Responding to the domain name resolution request with a domain name resolution result.

2. The domain name resolution system disaster recovery construction method according to claim 1, characterized in that each step of the method is executed in at least one device of the disaster recovery cluster.

3. The domain name resolution system disaster recovery construction method according to claim 1, characterized in that: each step of the method is executed by one or more processes of a single device of the disaster recovery cluster.

4. The domain name resolution system disaster recovery construction method according to claim 1, characterized in that: the step of synchronizing the authorization information database to the disaster recovery cluster with a virtual root node in real time is independent of the disaster recovery cluster Execute in at least one device, and execute the remaining steps in the same device of the disaster recovery cluster.

5. The domain name resolution system disaster recovery construction method according to claim 1, characterized in that: the authorization information database also stores historical domain name resolution records, and the historical domain name resolution records are the normal execution of the DNS service process by the target cluster The DNS domain name resolution record generated by performing DNS resolution in the method, when the method performs domain name resolution, obtains the corresponding domain name resolution result by retrieving the historical domain name resolution record.

6. The domain name resolution system disaster recovery construction method according to claim 5, characterized in that: said historical domain name resolution records include mapping relationships from domain names to corresponding IP addresses.

7. The domain name resolution system disaster recovery construction method according to claim 1, characterized in that: the authorization information database is realized in the form of a distributed database.

8. The method for constructing disaster recovery of a domain name resolution system according to claim 1, characterized in that: the domain name resolution request and the domain name resolution result are transferred through the same network address.

9. The domain name resolution system disaster recovery construction method according to claim 1, characterized in that: both the domain name resolution request and the domain name resolution result are encrypted for transmission.

10. A domain name resolution system disaster recovery construction device, characterized in that it comprises:

The synchronization unit is used to synchronize the authorization information database of the target cluster that provides DNS services to the disaster recovery cluster configured with a virtual root node in real time, and the authorization information database stores the authorization information of the authorization server at each level of the domain name;

The query unit is configured to receive a domain name resolution request, and in response to the domain name resolution request, use the authorization information database and the virtual root node of the disaster recovery cluster to execute according to the corresponding authorization server information recorded in the authorization information database. Recursive query to obtain the domain name resolution results;

The answering unit is configured to answer the domain name resolution request with a domain name resolution result.

11. The domain name resolution system disaster recovery construction device according to claim 10, characterized in that each unit of the device is configured to be executed in at least one device of the disaster recovery cluster.

12. The domain name resolution system disaster recovery construction device according to claim 10, characterized in that: one or more processes of a single device of the disaster recovery cluster are configured to be executed in each unit of the device.

13. The domain name resolution system disaster recovery construction device according to claim 10, characterized in that: the synchronization unit is configured to be executed in at least one device independent of the disaster recovery cluster, and the query unit and the response unit are Configured to execute on the same device in the disaster recovery cluster.

14. The domain name resolution system disaster recovery construction device according to claim 10, characterized in that: the authorization information database also stores historical domain name resolution records, and the historical domain name resolution records are the normal execution of the DNS service process by the target cluster The DNS domain name resolution record generated by performing DNS resolution in the system, when the query unit performs domain name resolution, obtains the corresponding domain name resolution result by retrieving the historical domain name resolution record.

15. The domain name resolution system disaster recovery construction device according to claim 14, characterized in that: the historical domain name resolution records include a mapping relationship from domain names to corresponding IP addresses.

16. The domain name resolution system disaster recovery construction device according to claim 10, characterized in that: the authorization information database is realized in the form of a distributed database.

17. The domain name resolution system disaster recovery construction device according to claim 10, characterized in that: the domain name resolution request and the domain name resolution result are transferred through the same network address.

18. The domain name resolution system disaster recovery construction device according to claim 10, characterized in that: both the domain name resolution request and the domain name resolution result are encrypted for transmission.