Packt publishing dns in action_3

Giao thức DNS làm việc với một số loại hoạt động. Các hoạt động được sử dụng phổ biến nhất là một QUERY DNS. Đó là một truy vấn mà cho phép có một hoặc nhiều hồ sơ từ cơ sở dữ liệu DNS. Các hoạt động QUERY DNS đã được một thời gian dài hoạt động duy nhất có thể trong hệ thống DNS.
Nội dung trích xuất từ tài liệu:
Packt publishing dns in action_3 Chapter 2 Type Name Description of the RDATA field NXT Next domain Name of another domain. Authenticating a nonexistent domain name and type. A6 A6 host Can contain up to three fields: prefix length, part of an IP version 6 address, address and prefix name. Table 2.1: The most common RR2.2 DNS ProtocolThe DNS protocol works with several types of operations. The most commonly used operation is aDNS QUERY. It is a query that enables the obtaining of one or more records from the DNSdatabase. The DNS QUERY operation was for a long time the only operation possible in the DNSsystem. New modifications to the DNS protocol have brought new kinds of operations, as DNSNOTIFY or DNS UPDATE. These will be dealt with in the next chapter.The DNS protocol operates on a query/answer basis. A client sends a query to a server and theserver answers it. DNS protocol uses name compression in order to make DNS packets ascompact as possible.The DNS protocol is an application-layer protocol and, as such, it does not carry out packettransfer on its own. The packet transfer is delegated to a transport protocol. Unlike theoverwhelming majority of other application protocols, DNS protocol uses both UDP and TCP.Each query and the answer to it are transferred by the same transport protocol.With translation queries (asking RR), UDP is preferred. Where a DNS answer is longer than 512B, the answer includes only a 512 B part of the information, and the truncation (TC) bit is set inthe header to mark that the answer is incomplete. The complete answer can be requested by theclient via TCP.For zone transfer between a primary and a secondary name server, TCP is used. Name servers waitfor queries both on the 53/UDP port and the 53/TCP port. Some UDP implementations do not fill in the checksum field in the UDP packet header and take advantage of this option. This feature can be useful, for example, for NFS, but it is precarious with DNS. A network failure can result in a meaningless answer, especially where SLIP has been used on the way between a server and a client. Therefore make sure before a name server installation that your system is set to fill in the checksum in the UDP packet.2.3 DNS QueryThe DNS QUERY operation consists of a query and an answer. A query contains a request for anRR (or several RRs) from the DNS database. The answer either contains the particular RR or is adenial. The RR contained in an answer can be the ultimate answer or help the client to formulateanother DNS QUERY to achieve the aim, i.e., to formulate another iteration. 29DNS Protocol2.3.1 DNS Query Packet FormatDNS query uses the same packet format for both queries and answers as shown in the following figure: Figure 2.2: DNS Query packet formatA packet can consist of up to five sections. Each packet has to contain the HEADER section.The term query is used in two senses: 1. A DNS QUERY operation. A basic DNS protocol operation through which records (RR) are searched for in DNS databases. Several other operations will be discussed in the next chapter. 2. The DNS QUERY operation always consists of a query (sent by a client) and an answer to it sent to the client by the name server. The client is either a resolver or a name server that cannot provide the answer on its own. A resolver usually marks its query with a tag showing it is a recursive query, i.e., it asks the name server to retrieve a final answer. On the contrary, if the query is sent by a name server, it is usually marked with a tag showing it is an interactive query, i.e., the name server asks another name server to help it with the translation, but does not send a recursive query as it is able to arrive at what it needs by iteration.2.3.2 DNS Query Packet HeaderThe packet header is obligatory and is contained both in the query and in the answer.The first two bytes (16 bits) of a header contain a query identifier (query ID). A query ID isgenerated by a client and copied into the answer by a server. The ID is used to match a query withan answer. It identifies uniquely which particular query goes with which particular answer. The IDallows a client to send several queries at a time without waiting for an answer.30 Chapter 2The next two bytes of a header contain the con ...