No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R008C00 CLI-based Configuration Guide

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Understanding DNS

Understanding DNS

DNS Client-Server Exchange

DNS over the Internet

Host names constitute a non-hierarchical namespace. Each name contains a character sequence. The network information center (NIC) manages the namespace and processes new names. The non-hierarchical namespace cannot manage a large number of names for the following reasons:

  • Names consist of characters, which allows for name overlapping.

  • The namespace management architecture resides at a specific site. As the number of host names increases, so does the management workload.

  • The mapping between names and IP addresses frequently changes. Therefore, maintaining the domain namespace is a huge undertaking.

TCP/IP designs a hierarchical DNS structure. The domain name structure of the Internet is defined by the DNS in the TCP/IP protocol stack. The DNS divides the Internet into multiple top-level domains (TLDs). Table 7-54 lists the domain name of each TLD. TLDs are classified in either organization or geography mode. The geography mode is used to classify domain names based on countries. Each country must register a TLD with the NIC before joining the Internet. For example, "cn" represents China, and "us" represents the United States.

Table 7-54  TLDs and their meanings

TLD

Meaning

com

Commercial organizations

edu

Educational agencies

gov

Governmental agencies

mil

Military departments

net

Main network support centers

int

International organizations

org

Other organizations

country code

Other countries (classified in geography mode)

NOTE:

The first seven domains are defined in organization mode, and the country code domain is defined in geography mode.

The NIC authorizes management agencies to classify domains into subdomains. The agencies in charge of this can authorize subordinate agencies to continue classifying domains. As a result, the Internet has a hierarchical domain architecture.

Static Domain Name Resolution

DNS supports dynamic and static domain name resolution. Static domain name resolution is used to resolve a domain name. If it fails, dynamic domain name resolution is used.

Static domain name resolution requires a static domain name resolution table, which lists the mapping created manually between domain names and IP addresses. This table is similar to the hosts file in a Windows 9X. The table contains commonly used domain names. After searching for a specified domain name in the resolution table, clients can obtain the IP address mapped to it. This process improves domain name resolution efficiency.

Dynamic Domain Name Resolution

Dynamic domain name resolution requires a special DNS server. This server runs the domain name resolution program, maps domain names to IP addresses, and collects DNS requests from clients.

The following shows the DNS client-server exchange, which is also the process of dynamic domain name resolution.

Figure 7-81  Implementation diagram of dynamic domain name resolution

In Figure 7-81, the DNS client, consisting of the resolver and the cache, is used to accept and respond to the DNS queries from user programs. Generally, user programs (ping, Tracert), the cache, and the resolver are on the same host; whereas the DNS server is on another host.

  1. A client uses a specific application, such as ping or Telnet, to send a request to the resolver on the DNS client.

  2. The device queries a local cache for the required mapping entry. The resolver first check the local cache.
    • If the resolver finds a mapping entry in the local cache, it directly return the IP address mapping the domain name to the user program.
    • If the resolver does not find a mapping entry in the local cache, it sends a query packet to the DNS server.
  3. The DNS server first checks whether the requested domain name is within the sub-domain it manages and responds to the device according to different results.

    • If the requested domain name is within the sub-domain it manages, this DNS server query the IP address corresponding to the domain name in its own database.
    • If the requested domain name is not within the sub-domain it manages, this DNS server forward the request to the DNS server of the upper level till the resolution is finished and the result of resolution is returned.
  4. The resolver of the DNS client receives and resolves the packet returned by the DNS server, and return the result to the user program.

When resolving a domain name that is stored in the cache, the DNS client obtains the corresponding IP address from the cache directly and does not send a query message to the DNS server. Mappings stored in the cache will be deleted when the aging time expires to ensure that the latest mappings can be obtained from the DNS server. The aging time is set by the DNS server. The DNS client obtains the aging time from protocol packets.

Domain Name Suffix List

Dynamic domain name resolution also supports a domain name suffix list. Pre-defining some domain name suffixes allows you to enter only a field of a domain name to be resolved. The system automatically adds a specific suffix to the domain name before resolving the domain name.

For instance, If you configure "com" in the suffix list and enter "example" in a domain name query, the system automatically associates "example" with the suffix "com" and searches for "example.com."

You may encounter the following situations during a resolution process:

  • If you enter a domain name without a dot (.), such as "example", the system considers it as a host name and adds suffixes one by one used for search. If there are no matched domain names, the system searches for an IP address mapped to "example."

  • If you enter a domain name with a dot (.), such as "www.example", the system immediately searches for it. If the system does not find a matched entry, the system adds every configured suffix to the domain name to search for an IP address mapped to the domain name.

  • If you enter a domain name with a dot (.) at the end, such as "example.com.", the system removes the last dot (.) before searching for an IP address mapped to the domain name. If the search fails, the system adds every configured suffix to the domain name without the last dot to search for an IP address mapped to the domain name.

Query Type of DNS
The AP IPv4 domain name resolution system must support the following DNS query modes:
  • Class-A query is a common type of query, which is used to obtain the IP address corresponding to a specified domain name. For example, when you ping or tracert a domain name, the ping or tracert, as a user program, sends a query to the DNS client for the IP address corresponding to the domain name. If the corresponding IP address does not exist on the DNS client, the DNS client sends a Class-A query to the DNS server to obtain the corresponding IP address.

  • PTR query means that the DNS client obtains the corresponding domain name with the help of PTR records of the according to the IP address. The PTR records means the table of the mapping between the domain names and the IP addresses on the DNS server provided to PRT query.

DNS Proxy/Relay Implementation

DNS proxy or relay is used to forward DNS request and reply packets between the DNS client and DNS server.

In the network where DNS proxy or DNS relay is used, the DNS client sends DNS request packets to the DNS proxy or relay. The DNS proxy or relay forwards request packets to the DNS server and sends reply packets to the DNS client, and domain resolution is realized.

After DNS proxy or relay is enabled, if the IP address of the DNS server changes, you only need to change the configuration on the DNS proxy or relay. In this way, the network management is simplified.

Difference of Function Implementation Between the DNS Proxy and the DNS Relay
  • DNS relay is similar to DNS proxy. The difference is whether they search for DNS entries saved in the local domain name resolution table, including the static domain name resolution table and the local domain name cache after receiving DNS query messages from DNS clients.

  • The DNS proxy searches for DNS entries saved in the local domain name cache after receiving DNS query messages from DNS clients. If requested DNS entries are not saved in the cache, DNS query messages are forwarded to the DNS server.

  • The DNS relay does not searches for DNS entries saved in the local domain name cache after receiving DNS query messages from DNS clients. It forwards the messages directly to the DNS server for resolution. On one hand, it can save the cost for the cache on the DNS relay. On the other hand, it guarantees the real-time requirements for that the DNS client obtain resolution results. (If the domain names and IP addresses on the DNS server changes and the cache on the DNS proxy is not updated in time, the resolution result obtained by the DNS Client is incorrect.)

DNS Proxy Implementation

The application environments and implementation of DNS relay and DNS proxy are similar. Taking DNS Proxy as an example, Figure 7-82 shows the implementation of DNS Proxy and DNS Relay.

Figure 7-82  DNS proxy implementation

The working process of DNS proxy is as follows:
  1. The DNS client sends a request packet to the DNS proxy. The DNS proxy IP address is the destination address of the request packet.
  2. After receiving the request packet, the DNS proxy searches for DNS entries saved in the local domain name resolution tables.
    • If mapping information exists, the DNS proxy sends a reply packet carrying the resolution result to the DNS client.
    • If no mapping information exists, the DNS proxy sends the request packet to the DNS server for resolution.
  3. After receiving the reply packet from the DNS server, the DNS proxy records the resolution result and forwards the reply packet to the DNS client.
NOTE:

Only when the IP address of the DNS server and the route to the DNS server exist on the DNS proxy, the DNS proxy sends domain name resolution requests to the DNS server. Otherwise, the DNS proxy neither sends any domain name resolution request to the DNS server nor replies any request from the DNS client.

Translation
Download
Updated: 2019-01-11

Document ID: EDOC1000176006

Views: 116815

Downloads: 309

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next