以一个实例考察DNS的解析过程。

使用命令

	dig @8.8.8.8 mit.edu +trace

追踪DNS解析mit.edu域名。

DNS解析mit.edu的总体时序如下图:

Fig.17 DNS resolve mit.edu summory
Fig.17 DNS resolve mit.edu summory

下面考察DNS如何一步一步解析mit.edu域名。

1. 询问DNS root服务器

首先向DNS服务器:8.8.8.8发送一个packet,询问DNS root服务器

Fig.1 query about root
Fig.1 query about root

8.8.8.8服务器回复一个packet,包含了13个root服务器的名字。

Fig.2 response query about root
Fig.2 response query about root

13个DNS root服务器:

.			101252	IN	NS	m.root-servers.net.
.			101252	IN	NS	b.root-servers.net.
.			101252	IN	NS	c.root-servers.net.
.			101252	IN	NS	d.root-servers.net.
.			101252	IN	NS	e.root-servers.net.
.			101252	IN	NS	f.root-servers.net.
.			101252	IN	NS	g.root-servers.net.
.			101252	IN	NS	h.root-servers.net.
.			101252	IN	NS	i.root-servers.net.
.			101252	IN	NS	j.root-servers.net.
.			101252	IN	NS	a.root-servers.net.
.			101252	IN	NS	k.root-servers.net.
.			101252	IN	NS	l.root-servers.net.
.			101252	IN	RRSIG	NS 8 0 518400 20190130050000

2. 询问DNS root服务器地址

接下来向DNS服务器发送packet,一个一个询问每个root服务器的ip地址:

m.root-servers.net
...
l.root-servers.net

询问最后一个root服务器l.root-servers.net

Fig.5 query root l.root-servers.net
Fig.5 query root l.root-servers.net

回复l.root-servers.net的地址。

Fig.6 response query root l.root-servers.net
Fig.6 response query root l.root-servers.net
  • A: ipv4地址
  • AAAA: ipv6地址

3. 向root server询问mit.edu地址

l.root-servers.net服务器询问mit.edu地址:

Fig.6 query root l.root-servers.net about mit.edu
Fig.6 query root l.root-servers.net about mit.edu

l.root-servers.net回复:

Fig.8 root l.root-servers.net response query about mit.edu
Fig.8 root l.root-servers.net response query about mit.edu

一共有14个edu DNS服务器:

edu.			172800	IN	NS	a.edu-servers.net.
edu.			172800	IN	NS	b.edu-servers.net.
edu.			172800	IN	NS	c.edu-servers.net.
edu.			172800	IN	NS	d.edu-servers.net.
edu.			172800	IN	NS	e.edu-servers.net.
edu.			172800	IN	NS	f.edu-servers.net.
edu.			172800	IN	NS	g.edu-servers.net.
edu.			172800	IN	NS	h.edu-servers.net.
edu.			172800	IN	NS	i.edu-servers.net.
edu.			172800	IN	NS	j.edu-servers.net.
edu.			172800	IN	NS	k.edu-servers.net.
edu.			172800	IN	NS	l.edu-servers.net.
edu.			172800	IN	NS	m.edu-servers.net.
edu.			86400	IN	DS	28065 8 2

4. 询问edu服务器地址

接下来向DNS服务器发送packet,一个一个询问每个edu服务器的ip地址:

a.edu-servers.net.
...
m.edu-servers.net.

8.8.8.8服务器询问m.edu-servers.net.地址:

Fig.9 query about m.edu-servers.net.
Fig.9 query about m.edu-servers.net.

8.8.8.8回复:

Fig.10 response query about m.edu-servers.net.
Fig.10 response query about m.edu-servers.net.

5. 向edu DNS server询问mit.edu的地址

m.edu-servers.net.服务器询问mit.edu地址:

Fig.11 query m.edu-servers.net. about mit.edu
Fig.11 query m.edu-servers.net. about mit.edu

m.edu-servers.net.回复:

Fig.12 m.edu-servers.net. response query about mit.edu
Fig.12 m.edu-servers.net. response query about mit.edu

m.edu-servers.net.回复了10个mit.eduDNS服务器:

mit.edu.		172800	IN	NS	usw2.akam.net.
mit.edu.		172800	IN	NS	asia1.akam.net.
mit.edu.		172800	IN	NS	asia2.akam.net.
mit.edu.		172800	IN	NS	use2.akam.net.
mit.edu.		172800	IN	NS	ns1-37.akam.net.
mit.edu.		172800	IN	NS	ns1-173.akam.net.
mit.edu.		172800	IN	NS	eur5.akam.net.
mit.edu.		172800	IN	NS	use5.akam.net.
9DHS4EP5G85PF9NUFK06HEK0O48QGK77.edu. 86400 IN NSEC3 ...
H8CAKHRTFVO1D0BGHOEPUR2UF99DBSQP.edu. 86400 IN NSEC3 .... 

6. 询问每个mit.edu服务器的地址

接下来向DNS服务器发送packet,一个一个询问每个mit.edu服务器的ip地址:

usw2.akam.net.
...
use5.akam.net.

8.8.8.8询问use5.akam.net.:

Fig.13 query about use5.akam.net.
Fig.13 query about use5.akam.net.

8.8.8.8回复:

Fig.14 response query about use5.akam.net.
Fig.14 response query about use5.akam.net.

7. 向use5.akam.net.询问mit.edu的地址

use5.akam.net.询问mit.edu的地址:

Fig.15 query use5.akam.net. about mit.edu
Fig.15 query use5.akam.net. about mit.edu

最后得到mit.edu的地址:

Fig.16 use5.akam.net. response query about mit.edu
Fig.16 use5.akam.net. response query about mit.edu