CN102263837A - Domain name system (DNS) analysis method and device - Google Patents
Domain name system (DNS) analysis method and deviceDownload PDFInfo
- Publication number
- CN102263837A CN102263837ACN2011102284432ACN201110228443ACN102263837ACN 102263837 ACN102263837 ACN 102263837ACN 2011102284432 ACN2011102284432 ACN 2011102284432ACN 201110228443 ACN201110228443 ACN 201110228443ACN 102263837 ACN102263837 ACN 102263837A
- Authority
- CN
- China
- Prior art keywords
- dns resolution
- machine
- dns
- module
- request package
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004458analytical methodMethods0.000titleclaimsabstractdescription47
- 238000001914filtrationMethods0.000claimsabstractdescription52
- 238000000034methodMethods0.000claimsabstractdescription31
- 230000004044responseEffects0.000claimsdescription20
- 230000008569processEffects0.000description12
- 244000089409Erythrina poeppigianaSpecies0.000description5
- 235000009776Rathbunia alamosensisNutrition0.000description5
- 230000008878couplingEffects0.000description4
- 238000010168coupling processMethods0.000description4
- 238000005859coupling reactionMethods0.000description4
- 238000002224dissectionMethods0.000description4
- 238000013507mappingMethods0.000description4
- 230000002155anti-virotic effectEffects0.000description3
- 238000004891communicationMethods0.000description3
- 238000012545processingMethods0.000description3
- 230000009471actionEffects0.000description2
- 230000008859changeEffects0.000description2
- 238000005516engineering processMethods0.000description2
- 230000003068static effectEffects0.000description2
- 230000009286beneficial effectEffects0.000description1
- 230000006872improvementEffects0.000description1
- 238000012423maintenanceMethods0.000description1
- 238000010295mobile communicationMethods0.000description1
- 230000004048modificationEffects0.000description1
- 238000012986modificationMethods0.000description1
- 230000009897systematic effectEffects0.000description1
- 238000012546transferMethods0.000description1
- 230000009466transformationEffects0.000description1
- 230000007704transitionEffects0.000description1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Technical field
The present invention relates to field of mobile communication, particularly relate to a kind of domain name system (Domain Name System abbreviates DNS as) analytic method and device.
Background technology
In computer communication network, domain name (Domain Name, abbreviate DN as) exist one to one or many-to-one mapping relations between (shape such as www.baidu.com) and procotol (Internet Protocol the abbreviates IP as) address (shape such as 61.135.169.105).The user uses the computer on the domain name access network of being convenient to remember usually, but intercomputer must use the IP address to carry out data communication.Therefore, need to exist for the service system that the user provides domain name to arrive the IP address transition in the communication network, this service system is called domain name analysis system or DNS.For the user provides the main frame of this Transformation Service, be called dns server.Domain name is called dns resolution or address resolution to the transfer process of IP address.
Is example with the user by internet (Internet) visit Baidu (www.baidu.com): receive user's browse request when operating system after, at first send query message to dns server, the pairing IP of inquiry www.baidu.com address.Receive the response packet of dns server when operating system after, parse the pairing IP of www.baidu.com address earlier, carry out network service with this IP address again, the user side can normally visit the Baidu website.
Large enterprise for guaranteeing the ease for use and the ease for maintenance of network, adopts domain name system to come deployment server when disposing its internal network usually.Certain main frame on the user-specified network carries out dns resolution as dns server by dns server, rather than directly resolves at this machine.But at some in particular cases, the analysis service that long-range dns server provides possibly can't be met consumers' demand, and these situations comprise: 1, the user need be certain particular address with domain name mapping, and dns server can't correctly carry out this parsing; 2, the user does not specify dns server, must carry out dns resolution again; 3, the domain name addresses that need resolve of user is registered on dns server; 4, some other special circumstances.Therefore, the user needs a kind of technology that can carry out dns resolution in this locality, resolves at the above-mentioned dns address that in particular cases carries out.
In the prior art, mainstream operation system all is built-in with the solution that local dns is resolved.Fig. 1 is the local dns dissection process flow chart of the built-in configuration file of operating system in the prior art, as shown in Figure 1, and this scheme configuration file that normally a built-in domain name is tabulated to IP address corresponding relation in operating system.When operating system need be carried out dns resolution to certain domain name, at first in this configuration file, retrieve this domain name, as retrieve success, then directly the IP address of this domain name correspondence is returned as the dns resolution result; As retrieve failure, send the dns resolution request to dns server again.
In addition, manually all right or this configuration file of modification of program of user writes this document with self-defining domain name-IP address corresponding relation, realizes the local dns of certain domain name is resolved.In Windows operating system, this domain name to IP address corresponding relation configuration file be windows system32 drivers hosts file under the etc catalogue.
But therefore technique scheme in the security requirement higher system, forbids revising this file usually because domain name is a system core file to IP address corresponding relation configuration file; Revise this configuration file in addition and can trigger anti-virus software usually, cause and revise failure; The user can only clear and definite designated domain name arrive IP address corresponding relation, and can not define complicated local dns parses policy.For example, the parses policy " except that all the sina.com second level domains (shape is as * .sina.com) the news.sina.com all resolve to 127.0.0.1 " can't realize by revising configuration file; And, belong to file operation owing to revise configuration file, thus high frequency time on-the-fly modify this file, can influence systematic function.
In the prior art, can also realize the dns resolution of this machine by dns server is installed in this locality.In this technical scheme, Fig. 2 is the local local dns dissection process flow chart that dns server is installed in the prior art, as shown in Figure 2, the user at first installs dns server in this locality, and self-defining dns resolution rule write server profile, be this machine address with this machine primary dns server address setting at last.Like this, when this machine need carry out dns resolution, can at first carry out address resolution by local dns server.As this machine dns resolution failure, operating system can continue to send the dns resolution request to follow-up dns server.
The shortcoming of technique scheme is as follows: the user need install dns server software in this locality, and it is configured; As this machine dns server has been installed, then can't have been adopted this kind technical scheme; If this machine dns resolution failure, operating system must just can be carried out follow-up dns resolution operation, thereby prolong the time of dns resolution after this machine of receiving dns server be responded bag; Can not define complicated local dns parses policy.
Summary of the invention
The invention provides a kind of dns resolution method and device, long to solve in the prior art local dns parsing time, and can not define the problem of the local dns parses policy of complexity.
The invention provides a kind of dns resolution method, comprising:
The network data filtering module filters this machine dns resolution request package, this machine dns resolution request package that will meet the local dns parses policy that sets in advance is forwarded to this machine dns resolution module, and this machine dns resolution request package that does not meet the local dns parses policy is forwarded to operating system bottom module;
This machine dns resolution module is resolved this machine dns resolution request package that receives, and obtains analysis result, and analysis result is carried at sends to operating system bottom module in this machine dns resolution response packet.
The present invention also provides a kind of dns resolution device, comprising:
The network data filtering module, be used for this machine dns resolution request package is filtered, this machine dns resolution request package that will meet the local dns parses policy that sets in advance is forwarded to this machine dns resolution module, and this machine dns resolution request package that does not meet the local dns parses policy is forwarded to operating system bottom module;
This machine dns resolution module is used for this machine dns resolution request package that receives is resolved, and obtains analysis result, and analysis result is carried at sends to operating system bottom module in this machine dns resolution response packet.
Beneficial effect of the present invention is as follows:
Filter this machine dns resolution request package by the network data filtering module, the request msg that will meet this machine dns resolution strategy is forwarded to this machine dns resolution module and handles, it is long to have solved in the prior art local dns parsing time, and can not define the problem of complicated local dns parses policy, therefore the embodiment of the invention can realize complicated dns resolution strategy owing to use the network data filtering module that the DNS request msg is filtered; Because the network data filtering module can directly be transmitted the packet of this machine of not meeting dns resolution strategy, therefore can improve dns resolution speed; Because the network data filtering module need not listening port, therefore can not exist and conflict with the mounted dns server software of this machine; In addition, need not to revise domain name, can not trigger the anti-virus software action, and can improve the execution efficient that local dns is resolved to IP address corresponding relation configuration file.
Description of drawings
Fig. 1 is the local dns dissection process flow chart of the built-in configuration file of operating system in the prior art;
Fig. 2 is the local local dns dissection process flow chart that dns server is installed in the prior art;
Fig. 3 is the flow chart of the dns resolution method of the embodiment of the invention;
Fig. 4 is the detailed process flow chart of the dns resolution method of the embodiment of the invention;
Fig. 5 is the flow chart that the dns resolution policy configurations of the embodiment of the invention is upgraded;
Fig. 6 is the structural representation of the dns resolution device of the embodiment of the invention.
Embodiment
Long in order to solve in the prior art local dns parsing time, and can not define the problem of complicated local dns parses policy, the invention provides a kind of dns resolution method and device, that is, in Intranet, realize the technical scheme of this machine dns resolution.This technical scheme is filtered this machine dns resolution request package by the network data filtering module, and the request msg that will meet this machine dns resolution strategy is forwarded to this machine dns resolution module.This machine dns resolution module directly writes back operating system with analysis result after receiving the dns resolution request msg of forwarding, finishes the flow process of dns resolution.If the DNS request msg does not meet this machine dns resolution strategy, then the network data filtering module directly sends to these data operating system bottom module, thereby improves the resolution speed that non-local dns is resolved.Below in conjunction with accompanying drawing and embodiment, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, does not limit the present invention.
Method embodiment
According to embodiments of the invention, a kind of dns resolution method is provided, Fig. 3 is the flow chart of the dns resolution method of the embodiment of the invention, as shown in Figure 3, comprises following processing according to the dns resolution method of the embodiment of the invention:
Step 301, the network data filtering module filters this machine dns resolution request package, this machine dns resolution request package that will meet the local dns parses policy that sets in advance is forwarded to this machine dns resolution module, and this machine dns resolution request package that does not meet the local dns parses policy is forwarded to operating system bottom module;
Before execution in step 301, this machine dns resolution module need be provided with listening port and listening port and local dns parses policy are inserted the network data filtering module.
In step 301, the network data filtering module need filter this machine dns resolution request package according to the local dns parses policy,, judges whether this machine dns resolution request package needs to carry out local dns and resolve that is; Determining under the situation that this machine dns resolution request package need carry out handling this locality, the network data filtering module is revised as this machine address with the former destination address of this machine dns resolution request package, and the former destination interface of this machine dns resolution request package is revised as the listening port that this machine dns resolution module is provided with, and this machine dns resolution request package is transmitted to this machine dns resolution module; Subsequently, follow-up inquiry for convenience, the network data filtering module is preserved the source port of this machine dns resolution request package, former destination address and former destination interface.
Step 302, this machine dns resolution module is resolved this machine dns resolution request package that receives, and obtains analysis result, and analysis result is carried at sends to operating system bottom module in this machine dns resolution response packet.
In step 302, this machine dns resolution module need resolve to corresponding IP address with the domain name addresses in this machine dns resolution request package according to user-defined domain name and procotol IP address corresponding relation; Subsequently, this machine dns resolution module is inquired about the former destination address and the former destination interface of this machine dns resolution request package according to the source port in this machine dns resolution request package to the network data filtering module; At last, this machine dns resolution module is constructed this machine dns resolution response packet according to IP address, former destination address and former destination interface after resolving, and by raw socket this machine dns resolution response packet is sent to operating system bottom module.
In actual applications, can expand the local dns parses policy, particularly: this machine dns resolution module receives the current local dns parses policy of DNS strategic server distribution; This machine dns resolution module is upgraded former local dns resolution strategy according to current local dns parses policy, and the local dns parses policy after will upgrading is inserted the network data filtering module.
Below in conjunction with accompanying drawing, be example with the Windows system, the technical scheme of the embodiment of the invention is elaborated.
In the Windows system, the network data filtering module is TDI filter (Transport Driver Interface Filter abbreviates TDI Filter as).Fig. 4 is the detailed process flow chart of the dns resolution method of the embodiment of the invention, as shown in Figure 4, comprises following processing:
TDI Filter mainly finishes filtration, coupling and the forwarding work of network data as the realization of network data filtering module on Windows operating system.After operating system was sent the dns resolution request, TDI Filter can intercept and capture this request msg, and according to presetting its inner dns resolution strategy, judged whether to carry out local parsing.As need not to carry out local parsing, then TDI Filter can directly carry out subsequent treatment for operating system bottom module this data forwarding; Carry out local parsing as needs, then TDI Filter can revise the destination address and the port of this request msg, and it is transmitted to DNS local parsing module.
DNS local parsing module (promptly, above-mentioned machine dns resolution module) mainly be to receive TDI Filter to be forwarded to the dns resolution request msg, and according to user-defined domain name to IP address corresponding relation, convert the domain name addresses of request analysis to the IP address, according to dns resolution response packet of analysis result structure, (RAW Socket) writes back to operating system by raw socket then.
In this example, can at first monitor certain udp port after DNS local parsing module starts at this machine.This udp port can be made an appointment, and is selected at random in the time of also can being started by DNS local parsing module.
After DNS local parsing module starts successfully, udp port number (UDP 53) and local dns parses policy can be inserted TDI Filter.
After TDI Filter receives udp port that DNS local parsing module inserts number and local dns parses policy, think that promptly DNS local parsing module has started success, can open the local dns analytical capabilities.From after this, TDI Filter promptly begins to filter all data of flowing through on UDP 53 ports.
Intercept the data of UDP 53 ports of flowing through as TDI Filter after,, judge whether these data are the dns resolution request msg at first according to network protocol type and port numbers.As not, then call TDI Filter and send function, data forwarding operating system bottom assembly is carried out subsequent treatment.As being the dns resolution request msg, then, judge whether to meeting the data of local dns parses policy according to the local dns parses policy of inserting.As not, then call TDI Filter and send function, data forwarding operating system bottom assembly is carried out subsequent treatment.
After intercepting the dns resolution request msg that meets the local dns parses policy as TDI Filter, then revise the destination address and the destination interface of this request msg.Destination address is revised as this machine address, and destination interface is set to the listening port of DNS local parsing module, calls TDI Filter then and sends function, and data forwarding operating system bottom assembly is carried out subsequent treatment.TDI Filter simultaneously can be with the source port of this packet, and original purpose address and original purpose port are preserved for future reference.
Revised and the dns resolution request msg after operating system is handled by TDI Filter, finally can be received by DNS local parsing module.DNS local parsing module after the analysis request data, the domain name addresses of extract to need resolving, and the domain name that presets according to the user obtains the IP address of this domain name correspondence to the corresponding relation of IP.
After DNS local parsing module is finished domain name mapping, can inquire about the original purpose address and the original purpose port of this request msg to TDI Filter according to the source port of dns resolution request msg.After successful inquiring, can be according to the original purpose address, the original purpose port, data such as the IP address after the parsing are constructed a complete dns resolution request and are responded bag, write back system by RAW Socket, finish the local dns process of analysis.
In above-mentioned example, the dns resolution strategy presets, and can not change.But for some complicated Intranet, static dns resolution strategy possibly can't satisfy its needs.Therefore, can expand, the dns resolution strategy is carried out remote deployment and management the embodiment of the invention.Fig. 5 is the flow chart that the dns resolution policy configurations of the embodiment of the invention is upgraded, as shown in Figure 5:
At first, the keeper is by the DNS strategic server, and editor's dns resolution strategy after forming the dns resolution strategy file, is distributed this strategy file by the DNS strategic server.DNS local parsing module is understood its dns resolution strategy of real-time update behind the dns resolution strategy file of receiving the distribution of DNS strategic server, and strategy is write among the TDI Filter.By at enterprises DNS strategic server, can carry out telemanagement and renewal to user's local dns parses policy, improve manageability and ease for use.Need to prove that the content that the local dns parses policy is comprised is: the domain name of predefined type is made local dns resolve, perhaps, the domain name of predefined type is done outside dns resolution.
In sum, the embodiment of the invention proposes a kind of technical scheme that local dns is resolved that realizes in Intranet.Different with prior art, the embodiment of the invention is by inserting network data filtering module (the present invention is an example with Windows TDI Filter) in operating system, and the dns resolution request msg that will meet the local dns parses policy is transmitted to DNS local parsing module.After DNS local parsing module is finished dns resolution, by RAW Socket analysis result is write back system again, realize the local dns parsing.
In the present invention, the network data filtering module can determine whether that needs are transmitted to DNS local parsing module with request msg according to the local dns parses policy that the user is provided with, thereby realize complicated local dns parses policy after intercepting the dns resolution request msg.For example, the user can the local dns parses policy be set to: " all domain names are all made local dns and resolved, and only tangible domain name as * .sina.com is carried out outside dns resolution ".
In embodiments of the present invention, the network data filtering module as is judged as non-local dns analysis request data after coupling local dns parses policy, then directly the DNS request msg is sent to operating system bottom module and carry out subsequent treatment.Compare with the prior art scheme, the present invention need not to non-local dns request msg provides the response data of dns resolution mistake, thereby accelerates the resolution speed that non-local dns is resolved.In addition, in embodiments of the present invention, the local dns resolution rules can be specified in advance, also can be by the long-range issue of DNS policy manager.
Need to prove, in embodiments of the present invention, be example with Windows operating system, described the handling process of the embodiment of the invention.But the embodiment of the invention is not limited to Windows operating system.
Device embodiment
According to embodiments of the invention, a kind of dns resolution device is provided, Fig. 6 is the structural representation of the dns resolution device of the embodiment of the invention, as shown in Figure 6, dns resolution device according to the embodiment of the invention comprises: networkdata filtering module 60, this machinedns resolution module 62 below are described in detail each module of the embodiment of the invention.
Networkdata filtering module 60 is used for this machine dns resolution request package is filtered, this machine dns resolution request package that will meet the local dns parses policy that sets in advance is forwarded to this machinedns resolution module 62, and this machine dns resolution request package that does not meet the local dns parses policy is forwarded to operating system bottom module;
Networkdata filtering module 60 specifically is used for:
According to the local dns parses policy this machine dns resolution request package is filtered, judge whether this machine dns resolution request package needs to carry out local dns and resolve; Determining under the situation that this machine dns resolution request package need carry out handling this locality, the former destination address of this machine dns resolution request package is revised as this machine address, and the former destination interface of this machine dns resolution request package is revised as the listening port of this machine dns resolution module, and this machine dns resolution request package is transmitted to this machinedns resolution module 62; The source port of this machine dns resolution request package, former destination address and former destination interface are preserved.
This machinedns resolution module 62 is used for this machine dns resolution request package that receives is resolved, and obtains analysis result, and analysis result is carried at sends to operating system bottom module in this machine dns resolution response packet.
This machinedns resolution module 62 specifically is used for:
According to user-defined domain name and procotol IP address corresponding relation, the domain name addresses in this machine dns resolution request package is resolved to corresponding IP address; According to the source port in this machine dns resolution request package, inquire about the former destination address and the former destination interface of this machine dns resolution request package to the network data filtering module; Construct this machine dns resolution response packet according to IP address, former destination address and former destination interface after resolving, and this machine dns resolution response packet is sent to operating system bottom module by raw socket.
The dns resolution device of the embodiment of the invention also comprises:
Module is set, is used to be provided with listening port, and listening port and local dns parses policy are inserted the network data filtering module.
Update module is used to receive the current local dns parses policy that the DNS strategic server is distributed, and according to current local dns parses policy former local dns resolution strategy is upgraded, and the local dns parses policy after upgrading is inserted the network data filtering module.
Below in conjunction with accompanying drawing, be example with the Windows system, the technical scheme of the embodiment of the invention is elaborated.
In the Windows system, networkdata filtering module 60 is TDI filter (Transport Driver Interface Filter abbreviates TDI Filter as).As shown in Figure 4, comprise following processing:
TDI Filter mainly finishes filtration, coupling and the forwarding work of network data as the realization of networkdata filtering module 60 on Windows operating system.After operating system was sent the dns resolution request, TDI Filter can intercept and capture this request msg, and according to presetting its inner dns resolution strategy, judged whether to carry out local parsing.As need not to carry out local parsing, then TDI Filter can directly carry out subsequent treatment for operating system bottom module this data forwarding; Carry out local parsing as needs, then TDI Filter can revise the destination address and the port of this request msg, and it is transmitted to this machinedns resolution module 62.
This machinedns resolution module 62 mainly is to receive TDI Filter to be forwarded to the dns resolution request msg, and according to user-defined domain name to IP address corresponding relation, convert the domain name addresses of request analysis to the IP address, according to dns resolution response packet of analysis result structure, (RAW Socket) writes back to operating system by raw socket then.
In this example, can at first monitor certain udp port after this machinedns resolution module 62 starts at this machine.This udp port can be made an appointment, and is selected at random in the time of also can being started by this machinedns resolution module 62.
After this machinedns resolution module 62 starts successfully, udp port number (UDP 53) and local dns parses policy can be inserted TDI Filter.
After TDI Filter receives udp port that this machinedns resolution module 62 inserts number and local dns parses policy, think that promptly this machinedns resolution module 62 has started success, can open the local dns analytical capabilities.From after this, TDI Filter promptly begins to filter all data of flowing through on UDP 53 ports.
Intercept the data of UDP 53 ports of flowing through as TDI Filter after,, judge whether these data are the dns resolution request msg at first according to network protocol type and port numbers.As not, then call TDI Filter and send function, data forwarding operating system bottom assembly is carried out subsequent treatment.As being the dns resolution request msg, then, judge whether to meeting the data of local dns parses policy according to the local dns parses policy of inserting.As not, then call TDI Filter and send function, data forwarding operating system bottom assembly is carried out subsequent treatment.
After intercepting the dns resolution request msg that meets the local dns parses policy as TDI Filter, then revise the destination address and the destination interface of this request msg.Destination address is revised as this machine address, and destination interface is set to the listening port of DNS local parsing module, calls TDI Filter then and sends function, and data forwarding operating system bottom assembly is carried out subsequent treatment.TDI Filter simultaneously can be with the source port of this packet, and original purpose address and original purpose port are preserved for future reference.
Revised and the dns resolution request msg after operating system is handled by TDI Filter, finally can be received by this machine dns resolution module 62.This machinedns resolution module 62 after the analysis request data, the domain name addresses of extract to need resolving, and the domain name that presets according to the user obtains the IP address of this domain name correspondence to the corresponding relation of IP.
After this machinedns resolution module 62 is finished domain name mapping, can inquire about the original purpose address and the original purpose port of this request msg to TDI Filter according to the source port of dns resolution request msg.After successful inquiring, can be according to the original purpose address, the original purpose port, data such as the IP address after the parsing are constructed a complete dns resolution request and are responded bag, write back system by RAW Socket, finish the local dns process of analysis.
In above-mentioned example, the dns resolution strategy presets, and can not change.But for some complicated Intranet, static dns resolution strategy possibly can't satisfy its needs.Therefore, can expand, the dns resolution strategy is carried out remote deployment and management the embodiment of the invention.As shown in Figure 5: at first, the keeper is by the DNS strategic server, and editor's dns resolution strategy after forming the dns resolution strategy file, is distributed this strategy file by the DNS strategic server.This machinedns resolution module 62 is understood its dns resolution strategy of real-time update behind the dns resolution strategy file of receiving the distribution of DNS strategic server, and strategy is write among the TDI Filter.By at enterprises DNS strategic server, can carry out telemanagement and renewal to user's local dns parses policy, improve manageability and ease for use.Need to prove that the content that the local dns parses policy is comprised is: the domain name of predefined type is made local dns resolve, perhaps, the domain name of predefined type is done outside dns resolution.
In sum, the embodiment of the invention proposes a kind of technical scheme that local dns is resolved that realizes in Intranet.Different with prior art, the embodiment of the invention is by inserting network data filtering module 60 (the present invention is an example with Windows TDI Filter) in operating system, the dns resolution request msg that will meet the local dns parses policy is transmitted to this machine dns resolution module 62.After this machinedns resolution module 62 is finished dns resolution, by RAW Socket analysis result is write back system again, realize the local dns parsing.
In the present invention, networkdata filtering module 60 is after intercepting the dns resolution request msg, can determine whether that needs are transmitted to this machinedns resolution module 62 with request msg according to the local dns parses policy that the user is provided with, thereby realize complicated local dns parses policy.For example, the user can the local dns parses policy be set to: " all domain names are all made local dns and resolved, and only tangible domain name as * .sina.com is carried out outside dns resolution ".
In embodiments of the present invention, networkdata filtering module 60 as is judged as non-local dns analysis request data after coupling local dns parses policy, then directly the DNS request msg is sent to operating system bottom module and carry out subsequent treatment.Compare with the prior art scheme, the present invention need not to non-local dns request msg provides the response data of dns resolution mistake, thereby accelerates the resolution speed that non-local dns is resolved.In addition, in embodiments of the present invention, the local dns resolution rules can be specified in advance, also can be by the long-range issue of DNS policy manager.
Need to prove, in embodiments of the present invention, be example with Windows operating system, described the handling process of the embodiment of the invention.But the embodiment of the invention is not limited to Windows operating system.
The embodiment of the invention is filtered this machine dns resolution request package by the network data filtering module, the request msg that will meet this machine dns resolution strategy is forwarded to this machine dns resolution module and handles, it is long to have solved in the prior art local dns parsing time, and can not define the problem of complicated local dns parses policy, therefore the embodiment of the invention can realize complicated dns resolution strategy owing to use the network data filtering module that the DNS request msg is filtered; Because the network data filtering module can directly be transmitted the packet of this machine of not meeting dns resolution strategy, therefore can improve dns resolution speed; Because the network data filtering module need not listening port, therefore can not exist and conflict with the mounted dns server software of this machine; In addition, need not to revise domain name, can not trigger the anti-virus software action, and can improve the execution efficient that local dns is resolved to IP address corresponding relation configuration file.
Although be the example purpose, the preferred embodiments of the present invention are disclosed, it also is possible those skilled in the art will recognize various improvement, increase and replacement, therefore, scope of the present invention should be not limited to the foregoing description.
Claims (10)
1. a domain name system DNS analytic method is characterized in that, comprising:
The network data filtering module filters this machine dns resolution request package, this machine dns resolution request package that will meet the local dns parses policy that sets in advance is forwarded to this machine dns resolution module, and this machine dns resolution request package that does not meet described local dns parses policy is forwarded to operating system bottom module;
Described machine dns resolution module resolved described the machine dns resolution request package that receives, and obtains analysis result, and described analysis result is carried at sends to described operating system bottom module in this machine dns resolution response packet.
2. the method for claim 1, it is characterized in that, described network data filtering module filters this machine dns resolution request package, and this machine dns resolution request package that will meet the local dns parses policy that sets in advance is forwarded to this machine dns resolution module and specifically comprises:
Described network data filtering module filters described machine dns resolution request package according to described local dns parses policy, judges whether described machine dns resolution request package needs to carry out local dns and resolve;
Determining under the situation that described machine dns resolution request package need carry out handling this locality, described network data filtering module is revised as this machine address with the former destination address of described machine dns resolution request package, and the former destination interface of described machine dns resolution request package is revised as the listening port that described machine dns resolution module is provided with, and described machine dns resolution request package is transmitted to described machine dns resolution module;
Described network data filtering module is preserved the source port of described machine dns resolution request package, described former destination address and described former destination interface.
3. method as claimed in claim 2, it is characterized in that, described machine dns resolution module resolved described the machine dns resolution request package that receives, obtain analysis result, and described analysis result is carried at sends to described operating system bottom module in this machine dns resolution response packet and specifically comprise:
Described machine dns resolution module resolves to corresponding IP address according to user-defined domain name and procotol IP address corresponding relation with the domain name addresses in described the machine dns resolution request package;
Described machine dns resolution module is according to the described source port in described the machine dns resolution request package, to the described former destination address and the described former destination interface of described machine dns resolution request package of described network data filtering module inquiry;
Described machine dns resolution module constructed described machine dns resolution response packet according to the described IP address after resolving, described former destination address and described former destination interface, and by raw socket described machine dns resolution response packet sent to described operating system bottom module.
4. the method for claim 1 is characterized in that, before described network data filtering module filtered this machine dns resolution request package, described method also comprised:
Described machine dns resolution module is provided with listening port;
Described machine dns resolution module inserted described network data filtering module with described listening port and described local dns parses policy.
5. the method for claim 1 is characterized in that, described method also comprises:
Described machine dns resolution module receives the current local dns parses policy of DNS strategic server distribution;
Described machine dns resolution module upgraded former local dns resolution strategy according to described current local dns parses policy, and the described local dns parses policy after will upgrading is inserted described network data filtering module.
6. a domain name system DNS resolver is characterized in that, comprising:
The network data filtering module, be used for this machine dns resolution request package is filtered, this machine dns resolution request package that will meet the local dns parses policy that sets in advance is forwarded to this machine dns resolution module, and this machine dns resolution request package that does not meet described local dns parses policy is forwarded to operating system bottom module;
Described machine dns resolution module is used for described the machine dns resolution request package that receives resolved, and obtains analysis result, and described analysis result is carried at sends to described operating system bottom module in this machine dns resolution response packet.
7. device as claimed in claim 6 is characterized in that, described network data filtering module specifically is used for:
According to described local dns parses policy described machine dns resolution request package filtered, judge whether described machine dns resolution request package needs to carry out local dns and resolve;
Determining under the situation that described machine dns resolution request package need carry out handling this locality, the former destination address of described machine dns resolution request package is revised as this machine address, and the former destination interface of described machine dns resolution request package is revised as the listening port of described machine dns resolution module, and described machine dns resolution request package is transmitted to described machine dns resolution module;
The source port of described machine dns resolution request package, described former destination address and described former destination interface are preserved.
8. device as claimed in claim 7 is characterized in that, described machine dns resolution module specifically is used for:
According to user-defined domain name and procotol IP address corresponding relation, the domain name addresses in described the machine dns resolution request package is resolved to corresponding IP address;
According to the described source port in described the machine dns resolution request package, to the described former destination address and the described former destination interface of described machine dns resolution request package of described network data filtering module inquiry;
Construct described machine dns resolution response packet according to the described IP address after resolving, described former destination address and described former destination interface, and described machine dns resolution response packet sent to described operating system bottom module by raw socket.
9. device as claimed in claim 6 is characterized in that, described device also comprises:
Module is set, is used to be provided with listening port, and described listening port and described local dns parses policy are inserted described network data filtering module.
10. device as claimed in claim 6 is characterized in that, described device also comprises:
Update module, be used to receive the current local dns parses policy of DNS strategic server distribution, and according to described current local dns parses policy former local dns resolution strategy is upgraded, the described local dns parses policy after upgrading is inserted described network data filtering module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110228443.2ACN102263837B (en) | 2011-08-10 | 2011-08-10 | A kind of domain name system DNS analysis method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110228443.2ACN102263837B (en) | 2011-08-10 | 2011-08-10 | A kind of domain name system DNS analysis method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102263837Atrue CN102263837A (en) | 2011-11-30 |
| CN102263837B CN102263837B (en) | 2017-09-19 |
Family
ID=45010283
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110228443.2AActiveCN102263837B (en) | 2011-08-10 | 2011-08-10 | A kind of domain name system DNS analysis method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102263837B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104468865A (en)* | 2014-12-25 | 2015-03-25 | 北京奇虎科技有限公司 | Domain name resolution control and response methods and corresponding device |
| CN105450787A (en)* | 2014-08-20 | 2016-03-30 | 阿里巴巴集团控股有限公司 | Network-address-mapping method, device, and system |
| CN106161669A (en)* | 2015-04-28 | 2016-11-23 | 阿里巴巴集团控股有限公司 | A kind of quick domain name analytic method and system and terminal thereof and server |
| CN106302856A (en)* | 2016-08-18 | 2017-01-04 | 福建联迪商用设备有限公司 | A kind of method and system shortening Android intelligence POS exchange hour |
| CN106487945A (en)* | 2016-09-09 | 2017-03-08 | 中国互联网络信息中心 | A kind of DNS forwarding inquiries method |
| CN107231409A (en)* | 2017-05-08 | 2017-10-03 | 北京三快在线科技有限公司 | DNS data processing method, device, storage medium and computer equipment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101277306A (en)* | 2008-05-14 | 2008-10-01 | 华为技术有限公司 | A method, system and device for processing DNS services |
| JP2009505567A (en)* | 2005-08-19 | 2009-02-05 | マイクロソフト コーポレーション | Branch office DNS storage and resolution |
| US20100023611A1 (en)* | 2007-04-04 | 2010-01-28 | Huawei Technologies Co., Ltd. | Method and device for storing domain name system records, method and device for parsing domain name |
- 2011
- 2011-08-10CNCN201110228443.2Apatent/CN102263837B/enactiveActive
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2009505567A (en)* | 2005-08-19 | 2009-02-05 | マイクロソフト コーポレーション | Branch office DNS storage and resolution |
| US20100023611A1 (en)* | 2007-04-04 | 2010-01-28 | Huawei Technologies Co., Ltd. | Method and device for storing domain name system records, method and device for parsing domain name |
| CN101277306A (en)* | 2008-05-14 | 2008-10-01 | 华为技术有限公司 | A method, system and device for processing DNS services |
Non-Patent Citations (3)
| Title |
|---|
| CASPER: "用 dnsmasq 从 IPv6 高效访问 Google 服务", 《北大未名站》, 4 July 2011 (2011-07-04)* |
| VENOY: "配置dnsmasq为本地DNS服务器,加快firefox的dns解析速度", 《CHINAUNIX博客》, 10 June 2010 (2010-06-10), pages 1 - 10* |
| XIAOLU: "Tomato Dnsmasq设置", 《XIAOLU的博客》, 24 July 2011 (2011-07-24), pages 1 - 3* |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105450787A (en)* | 2014-08-20 | 2016-03-30 | 阿里巴巴集团控股有限公司 | Network-address-mapping method, device, and system |
| CN105450787B (en)* | 2014-08-20 | 2018-12-04 | 阿里巴巴集团控股有限公司 | Mapping network addresses methods, devices and systems |
| CN104468865A (en)* | 2014-12-25 | 2015-03-25 | 北京奇虎科技有限公司 | Domain name resolution control and response methods and corresponding device |
| CN104468865B (en)* | 2014-12-25 | 2019-03-05 | 北京奇虎科技有限公司 | Domain name mapping control, response method and corresponding device |
| CN106161669A (en)* | 2015-04-28 | 2016-11-23 | 阿里巴巴集团控股有限公司 | A kind of quick domain name analytic method and system and terminal thereof and server |
| CN106302856A (en)* | 2016-08-18 | 2017-01-04 | 福建联迪商用设备有限公司 | A kind of method and system shortening Android intelligence POS exchange hour |
| WO2018033018A1 (en)* | 2016-08-18 | 2018-02-22 | 福建联迪商用设备有限公司 | Method and system for shortening android smart pos transaction time |
| CN106302856B (en)* | 2016-08-18 | 2018-11-20 | 福建联迪商用设备有限公司 | A kind of method and system shortening Android intelligence POS exchange hour |
| CN106487945A (en)* | 2016-09-09 | 2017-03-08 | 中国互联网络信息中心 | A kind of DNS forwarding inquiries method |
| CN106487945B (en)* | 2016-09-09 | 2019-05-17 | 中国互联网络信息中心 | A kind of DNS forwarding inquiries method |
| CN107231409A (en)* | 2017-05-08 | 2017-10-03 | 北京三快在线科技有限公司 | DNS data processing method, device, storage medium and computer equipment |
| CN107231409B (en)* | 2017-05-08 | 2020-01-03 | 北京三快在线科技有限公司 | DNS data processing method and device, storage medium and computer equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102263837B (en) | 2017-09-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105376114B (en) | The identifying system and method for wireless terminal type under router bridge mode | |
| CN107508795B (en) | Cross-container cluster access processing device and method | |
| CN102263837A (en) | Domain name system (DNS) analysis method and device | |
| CN102075537B (en) | Method and system for realizing data transmission between virtual machines | |
| CN115189897B (en) | Access processing method and device of zero trust network, electronic equipment and storage medium | |
| CN101488965B (en) | Domain name filtering system and method | |
| CN106330849A (en) | Method and device for preventing domain name hijacking | |
| CN103595825B (en) | Domain name mapping detection method and device, server | |
| CN101383746A (en) | Access control method and system for wireless network | |
| CN104079683A (en) | Domain name resolution method and system authorizing direct response of domain name server | |
| CN103327008A (en) | HTTP reorienting method and HTTP reorienting device | |
| CN108023877B (en) | System method for realizing firewall domain name control based on home gateway | |
| CN105897758A (en) | Container access control method and device | |
| KR101700198B1 (en) | Method and device for expressing address of node for device management | |
| CN108076025B (en) | Method and device for registering network equipment | |
| CN102316034A (en) | Method for preventing manual Internet protocol (IP) address specification in local area network and device | |
| CN113014664A (en) | Gateway adaptation method, device, electronic equipment and storage medium | |
| CN118555267A (en) | Flow control method, system, equipment and medium based on cloud native gateway | |
| US8239930B2 (en) | Method for controlling access to a network in a communication system | |
| CN114363902B (en) | 5G private network service security assurance method, device, equipment and storage medium | |
| CN1863193B (en) | Method for implementing safety tactics of network safety apparatus | |
| CN107124293B (en) | Protocol management method and system of distributed network system | |
| CN107302448B (en) | Port snoop method and device | |
| EP2564552B1 (en) | Network management in a communications network | |
| CN102694681A (en) | Adaptation management entity and method and system for self-configuration of base station |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent of invention or patent application | ||
| CB02 | Change of applicant information | Address after:100085 Beijing East Road, No. 1, building No. 301, building on the north side of the floor, room 3, room 3 Applicant after:BEIJING TOPSEC TECHNOLOGY CO., LTD. Address before:100085 Beijing East Road, No. 1, building No. 301, building on the north side of the floor, room 3, room 3 Applicant before:Beijing heaven melts letter Science Technologies Co., Ltd. | |
| COR | Change of bibliographic data | Free format text:CORRECT: APPLICANT; FROM: BEIJING HEAVEN MELTS LETTER SCIENCE TECHNOLOGIES CO., LTD. TO: BEIJING TOPSEC TECHNOLOGY CO., LTD. | |
| C53 | Correction of patent of invention or patent application | ||
| CB02 | Change of applicant information | Address after:100085 Beijing East Road, No. 1, building No. 301, building on the north side of the floor, room 3, room 3 Applicant after:Beijing heaven melts letter Science Technologies Co., Ltd. Address before:100085 Beijing East Road, No. 1, building No. 301, building on the north side of the floor, room 3, room 3 Applicant before:BEIJING TOPSEC TECHNOLOGY CO., LTD. | |
| COR | Change of bibliographic data | Free format text:CORRECT: APPLICANT; FROM: BEIJING TOPSEC TECHNOLOGY CO., LTD. TO: BEIJING HEAVEN MELTS LETTER SCIENCE TECHNOLOGIES CO., LTD. | |
| CB02 | Change of applicant information | Address after:100085 Beijing East Road, No. 1, building No. 301, building on the north side of the floor, room 3, room 3 Applicant after:BEIJING TOPSEC TECHNOLOGY CO., LTD. Address before:100085 Beijing East Road, No. 1, building No. 301, building on the north side of the floor, room 3, room 3 Applicant before:Beijing heaven melts letter Science Technologies Co., Ltd. | |
| COR | Change of bibliographic data | ||
| CB02 | Change of applicant information | Address after:100085 Beijing East Road, No. 1, building No. 301, building on the north side of the floor, room 3, room 3 Applicant after:Beijing heaven melts letter Science Technologies Co., Ltd. Address before:100085 Beijing East Road, No. 1, building No. 301, building on the north side of the floor, room 3, room 3 Applicant before:BEIJING TOPSEC TECHNOLOGY CO., LTD. | |
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |