技术领域Technical field
本申请涉及计算机网络技术领域,尤其涉及一种DNS访问请求处理方法、装置、设备及存储介质。The present application relates to the field of computer network technology, and in particular to a DNS access request processing method, device, equipment and storage medium.
背景技术Background technique
域名服务系统(Domain Name System,DNS)是互联网的一项服务。它作为将域名和IP地址相互映射的一个分布式数据库,能够使人更方便地访问互联网。在DNS中,DNS服务器角色可划分为DNS缓存服务器、DNS递归服务器、DNS授权服务器、DNS根服务器等。其中,DNS缓存服务器是存放频繁访问内容的服务器,是直接面向用户的设备。因此,对DNS缓存服务器性能有着很高的要求。Domain Name System (DNS) is a service of the Internet. As a distributed database that maps domain names and IP addresses to each other, it can make people access the Internet more conveniently. In DNS, DNS server roles can be divided into DNS cache server, DNS recursive server, DNS authorization server, DNS root server, etc. Among them, the DNS cache server is a server that stores frequently accessed content and is a device directly facing users. Therefore, there are high requirements for DNS cache server performance.
而DNS缓存服务器中配置的缓存存储方式,会直接影响查询效率,进而会对整体的DNS访问请求处理过程造成影响。目前,缓存服务器中配置的缓存存储方式是将域名完全解压缩,以及解析记录结果完全解压缩后,并对其进行存储;在查询过程中,当接收到终端的DNS访问请求,在DNS缓存服务器中缓存命中时,会对其重新进行域名和/或解析记录结果的压缩,再向终端反馈相应的DNS访问请求响应。然而这种存储方式,在查询过程中每次缓存命中便会重复执行一次,这极大的拖慢整体处理性能,尤其是在域名的解析记录结果比较多的情况下,会降低查询过程的处理效率,增加DNS访问请求的时延。The cache storage method configured in the DNS cache server will directly affect the query efficiency, which will in turn affect the overall DNS access request processing process. Currently, the cache storage method configured in the cache server is to fully decompress the domain name and the parsing record results, and then store them; during the query process, when a DNS access request from the terminal is received, the DNS cache server When the cache is hit, the domain name and/or resolution record results will be re-compressed, and then the corresponding DNS access request response will be fed back to the terminal. However, this storage method will be executed repeatedly every time the cache is hit during the query process, which greatly slows down the overall processing performance. Especially when there are many domain name resolution record results, it will reduce the processing of the query process. Efficiency, increasing the delay of DNS access requests.
发明内容Contents of the invention
本申请提供了一种DNS访问请求处理方法,用以提高访问请求过程的处理效率。This application provides a DNS access request processing method to improve the processing efficiency of the access request process.
第一方面,提供一种DNS访问请求处理方法,包括:In a first aspect, a method for processing a DNS access request is provided, comprising:
接收来自于终端的DNS访问请求,并根据所述DNS访问请求中携带的目标DNS数据包,确定所述目标DNS数据包所属的类型;Receive a DNS access request from the terminal, and determine the type of the target DNS data packet according to the target DNS data packet carried in the DNS access request;
若所述类型为请求类型,则在DNS缓存结构中进行查询;If the type is a request type, query the DNS cache structure;
当在所述DNS缓存结构中查询到有所述目标DNS数据包的缓存结果时,获取所述目标DNS数据包的目标资源记录缓存列表,并根据所述目标资源记录缓存列表确定所述目标DNS数据包的目标域名是否被压缩;When the cache result of the target DNS data packet is queried in the DNS cache structure, the target resource record cache list of the target DNS data packet is obtained, and the target DNS is determined according to the target resource record cache list. Whether the destination domain name of the data packet is compressed;
若是,则拷贝所述目标域名对应的压缩后的第一目标域名和第一资源记录结果;If so, copy the compressed first target domain name and the first resource record result corresponding to the target domain name;
若否,则拷贝所述目标域名和所述目标域名的原始资源记录结果;If not, copy the target domain name and the original resource record result of the target domain name;
向所述终端发送DNS访问请求响应;其中,所述DNS访问请求响应携带有封装后的第一目标域名和第一资源记录结果,或封装后的目标域名和原始资源记录结果。Send a DNS access request response to the terminal; wherein the DNS access request response carries the encapsulated first target domain name and the first resource record result, or the encapsulated target domain name and the original resource record result.
本申请实施例中,有益效果如下:In the embodiments of this application, the beneficial effects are as follows:
针对请求类型的目标DNS数据包,在DNS缓存服务器中缓存命中时,可在DNS缓存结构中直接获取该目标DNS数据包的目标资源记录缓存列表;根据该目标资源记录缓存列表中记录的内容,确定出目标DNS数据包的目标域名是否压缩,若是,则可拷贝目标域名对应的压缩后的第一目标域名和第一资源记录结果,若否,则拷贝目标域名和该目标域名的原始资源记录结果;最后,便可向终端发送DNS访问请求响应,因此在DNS缓存结构命中缓存时,只需将压缩后的域名进行拷贝,并向终端反馈DNS访问请求响应,无需要每次都进行域名压缩,减小了DNS访求请求响应时延,从而提高对DNS访问请求处理的效率,满足高性能需求。For the target DNS packet of the request type, when the cache is hit in the DNS cache server, the target resource record cache list of the target DNS packet can be directly obtained in the DNS cache structure; according to the content recorded in the target resource record cache list, Determine whether the target domain name of the target DNS packet is compressed. If so, copy the compressed first target domain name and the first resource record result corresponding to the target domain name. If not, copy the target domain name and the original resource record of the target domain name. Finally, the DNS access request response can be sent to the terminal. Therefore, when the DNS cache structure hits the cache, only the compressed domain name needs to be copied and the DNS access request response is fed back to the terminal. There is no need to compress the domain name every time. , reducing the response delay of DNS access requests, thereby improving the efficiency of DNS access request processing and meeting high-performance requirements.
在一种可能实现的方式中,所述DNS缓存结构的缓存存储格式为依次嵌套的第一存储结构、第二存储结构、第三存储结构、第四存储结构;In a possible implementation manner, the cache storage format of the DNS cache structure is a first storage structure, a second storage structure, a third storage structure, and a fourth storage structure nested in sequence;
所述第一存储结构表征存储有至少一个DNS数据包的缓存结果;其中,每个缓存结果中至少包括域名、类型、域名长度、响应结果;The first storage structure represents a cache result that stores at least one DNS data packet; wherein each cache result includes at least a domain name, type, domain name length, and response result;
所述第二存储结构表征存储每个响应结果中M个资源记录各自的有效TTL、记录结果数、记录结果数组,所述记录结果数组中包括所述M个资源记录,所述M为大于0的整数;The second storage structure represents the storage of the effective TTL, the number of record results, and the record result array of the M resource records in each response result. The record result array includes the M resource records, and the M is greater than 0. an integer;
所述第三存储结构表征存储所述记录结果数组中每个资源记录对应的资源记录缓存列表;The third storage structure represents a resource record cache list that stores each resource record in the record result array;
所述第四存储结构表征存储所述每个资源记录对应的解析记录结果列表。The fourth storage structure represents a list of parsing record results corresponding to each resource record.
采用上述这种缓存存储格式的DNS缓存结构,针对请求类型的DNS数据包,可以使在后续DNS访问请求过程中,当缓存命中时,可直接从该DNS缓存结构中存储有的资源记录缓存列表中获取相应的DNS访问请求响应,相较于现有技术,无需每次都重新进行压缩处理后,再向终端反馈DNS访问请求响应,从而提高了DNS访问请求处理的效率。Using the DNS cache structure of the above cache storage format, for the DNS packet of the request type, during the subsequent DNS access request process, when the cache is hit, the cache list of resource records can be directly stored from the DNS cache structure. The corresponding DNS access request response is obtained from the system. Compared with the existing technology, there is no need to perform compression processing again each time before feeding back the DNS access request response to the terminal, thereby improving the efficiency of DNS access request processing.
在一种可能实现的方式中,所述获取所述目标DNS数据包的目标资源记录缓存列表,并根据所述目标资源记录缓存列表确定所述目标DNS数据包的目标域名是否被压缩,包括:In a possible implementation manner, obtaining the target resource record cache list of the target DNS data packet, and determining whether the target domain name of the target DNS data packet is compressed according to the target resource record cache list includes:
当在所述DNS缓存结构的第一存储结构中查询到所述目标DNS数据包的目标缓存结果时,根据所述目标缓存结果,在所述DNS缓存结构的第二存储结构中获取所述目标DNS数据包对应的目标响应结果;When the target cache result of the target DNS packet is queried in the first storage structure of the DNS cache structure, the target is obtained in the second storage structure of the DNS cache structure according to the target cache result. The target response result corresponding to the DNS packet;
根据所述目标响应结果,在所述DNS缓存结构的第三存储结果获取所述目标DNS数据包的目标资源记录缓存列表;According to the target response result, obtain the target resource record cache list of the target DNS data packet from the third storage result of the DNS cache structure;
若所述目标资源记录缓存列表中记录所述目标域名有压缩标识,则确定所述目标域名被压缩,否则,确定所述目标域名未被压缩。If the target domain name recorded in the target resource record cache list has a compression mark, it is determined that the target domain name is compressed; otherwise, it is determined that the target domain name is not compressed.
在一种可能实现的方式中,所述方法,还包括:In one possible implementation, the method further includes:
若所述类型为响应类型,则解析所述目标DNS数据包中的请求部分,得到所述请求部分的第二目标域名,以及解析所述目标数据包中的响应部分,得到所述响应部分的响应结果;If the type is a response type, parse the request part in the target DNS data packet to obtain the second target domain name of the request part, and parse the response part in the target data packet to obtain the response part response result;
将所述第二目标域名和所述响应结果按照所述DNS缓存结构的缓存存储格式进行存储;Store the second target domain name and the response result according to the cache storage format of the DNS cache structure;
根据所述第二目标域名、所述响应结果创建压缩数据结果表;其中,所述压缩数据结果表用于表征所述响应结果中包括的N个资源记录各自是否被压缩,所述N为大于0的整数;Create a compressed data result table according to the second target domain name and the response result; wherein the compressed data result table is used to represent whether each of the N resource records included in the response result is compressed, and the N is greater than 0 integer;
根据所述压缩数据结果表,在所述DNS缓存结构中的第三存储结构更新所述N个资源记录中被压缩的资源记录对应的资源记录缓存列表。According to the compressed data result table, the third storage structure in the DNS cache structure updates the resource record cache list corresponding to the compressed resource records among the N resource records.
针对响应类型的DNS数据包,由于可只解析该数据包的请求部分和响应部分,而对该数据包的其余部分可不进行解析处理,再基于解析得到的域名和响应结果按照DNS缓存结构(如图3所示的DNS缓存存储结构)的缓存存储格式进行存储,且在插入资源记录缓存列表时,只进行一次性的域名压缩计算,以便于在后续使用时可直接使用压缩后的结果;因此相较于现有技术,在实际场景中,可减少对带宽资源的占用,以及减少DNS缓存结构。For response-type DNS packets, only the request part and response part of the packet can be parsed, and the rest of the packet does not need to be parsed. Then based on the parsed domain name and response results, the DNS cache structure (such as The DNS cache storage structure shown in Figure 3) is stored in the cache storage format, and when inserting the resource record cache list, only a one-time domain name compression calculation is performed so that the compressed result can be used directly in subsequent use; therefore Compared with the existing technology, in actual scenarios, it can reduce the occupation of bandwidth resources and reduce the DNS cache structure.
在一种可能实现的方式中,所述每个资源记录对应的资源记录缓存列表至少包括域名、类型、域名长度、网络类型、是否有压缩标识、域名压缩后结果、解析结果记录数、解析结果数组;In one possible implementation, the resource record cache list corresponding to each resource record at least includes domain name, type, domain name length, network type, whether there is a compression identifier, domain name compression results, number of parsing result records, parsing results array;
所述每个资源记录对应的解析记录结果列表中至少包括解析记录TTL值、解析记录结果、解析记录结果长度。The parsing record result list corresponding to each resource record at least includes parsing record TTL value, parsing record result, and parsing record result length.
第二方面,提供一种DNS访问请求处理装置,包括:In a second aspect, a DNS access request processing device is provided, including:
接收模块,用于接收来自于终端的DNS访问请求,并根据所述DNS访问请求中携带的目标DNS数据包,确定所述目标DNS数据包所属的类型;A receiving module, configured to receive a DNS access request from the terminal, and determine the type of the target DNS data packet according to the target DNS data packet carried in the DNS access request;
查询模块,若所述类型为请求类型,则在DNS缓存结构中进行查询;Query module, if the type is a request type, query in the DNS cache structure;
处理模块,当在所述DNS缓存结构中查询到有所述目标DNS数据包的缓存结果时,获取所述目标DNS数据包的目标资源记录缓存列表,并根据所述目标资源记录缓存列表确定所述目标DNS数据包的目标域名是否被压缩;若是,则拷贝所述目标域名对应的压缩后的第一目标域名和第一资源记录结果;若否,则拷贝所述目标域名和所述目标域名的原始资源记录结果;A processing module, when the cache result of the target DNS data packet is queried in the DNS cache structure, obtains the target resource record cache list of the target DNS data packet, and determines the target resource record cache list according to the target resource record cache list. Whether the target domain name of the target DNS data packet is compressed; if so, copy the compressed first target domain name and first resource record result corresponding to the target domain name; if not, copy the target domain name and the target domain name The original resource recording results;
发送模块,用于向所述终端发送DNS访问请求响应;其中,所述DNS访问请求响应携带有封装后的第一目标域名和第一资源记录结果,或封装后的目标域名和原始资源记录结果。A sending module, configured to send a DNS access request response to the terminal; wherein the DNS access request response carries the encapsulated first target domain name and the first resource record result, or the encapsulated target domain name and the original resource record result. .
在一种可能实现的方式中,所述DNS缓存结构的所述DNS缓存结构的缓存存储格式为依次嵌套的第一存储结构、第二存储结构、第三存储结构、第四存储结构;In a possible implementation manner, the cache storage format of the DNS cache structure is a first storage structure, a second storage structure, a third storage structure, and a fourth storage structure that are nested in sequence;
所述第一存储结构表征存储有至少一个DNS数据包的缓存结果;其中,每个缓存结果中至少包括域名、类型、域名长度、响应结果;The first storage structure represents a cache result that stores at least one DNS data packet; wherein each cache result includes at least a domain name, type, domain name length, and response result;
所述第二存储结构表征存储每个响应结果中M个资源记录的有效TTL、记录结果数、记录结果数组;其中,所述记录结果数组中包括所述M个资源记录,所述M为大于0的整数;The second storage structure represents the effective TTL, the number of record results, and the record result array of the M resource records stored in each response result; wherein the record result array includes the M resource records, and the M is greater than 0 integer;
所述第三存储结构表征存储所述记录结果数组中每个资源记录对应的资源记录缓存列表;The third storage structure represents a resource record cache list that stores each resource record in the record result array;
所述第四存储结构表征存储所述每个资源记录对应的解析记录结果列表。The fourth storage structure represents a list of parsing record results corresponding to each resource record.
在一种可能实现的方式中,所述处理模块,具体用于:In a possible implementation manner, the processing module is specifically used to:
当在所述DNS缓存结构的第一存储结构中查询到所述目标DNS数据包的目标缓存结果时,根据所述目标缓存结果,在所述DNS缓存结构的第二存储结构中获取所述目标DNS数据包对应的目标响应结果;When the target cache result of the target DNS packet is queried in the first storage structure of the DNS cache structure, the target is obtained in the second storage structure of the DNS cache structure according to the target cache result. The target response result corresponding to the DNS packet;
根据所述目标响应结果,在所述DNS缓存结构的第三存储结果获取所述目标DNS数据包的目标资源记录缓存列表;According to the target response result, obtain the target resource record cache list of the target DNS data packet from the third storage result of the DNS cache structure;
若所述目标资源记录缓存列表中记录有压缩标识,则确定所述目标DNS数据包的目标域名被压缩,否则,确定所述目标DNS数据包的目标域名未被压缩。If a compression identifier is recorded in the target resource record cache list, it is determined that the target domain name of the target DNS data packet is compressed; otherwise, it is determined that the target domain name of the target DNS data packet is not compressed.
在一种可能实现的方式中,所述处理模块,还用于:In a possible implementation manner, the processing module is also used to:
若所述类型为响应类型,则解析所述目标DNS数据包中的请求部分,得到所述请求部分的第二目标域名,以及解析所述目标数据包中的响应部分,得到所述响应部分的响应结果;If the type is a response type, parse the request part in the target DNS data packet to obtain the second target domain name of the request part, and parse the response part in the target data packet to obtain the response part response result;
将所述第二目标域名和所述响应结果按照所述DNS缓存结构的缓存存储格式进行存储;Store the second target domain name and the response result according to the cache storage format of the DNS cache structure;
根据所述第二目标域名、所述响应结果创建压缩数据结果表;其中,所述压缩数据结果表用于表征所述响应结果中包括的N个资源记录各自是否被压缩,所述N为大于0的整数;Create a compressed data result table according to the second target domain name and the response result; wherein the compressed data result table is used to represent whether each of the N resource records included in the response result is compressed, and the N is greater than 0 integer;
根据所述压缩数据结果表,在所述DNS缓存结构中的第三存储结构更新所述N个资源记录中被压缩的资源记录对应的资源记录缓存列表。According to the compressed data result table, the third storage structure in the DNS cache structure updates the resource record cache list corresponding to the compressed resource records among the N resource records.
在一种可能实现的方式中,所述每个资源记录对应的资源记录缓存列表至少包括域名、类型、域名长度、网络类型、是否有压缩标识、域名压缩后结果、解析结果记录数、解析结果数组;In one possible implementation, the resource record cache list corresponding to each resource record at least includes domain name, type, domain name length, network type, whether there is a compression identifier, domain name compression results, number of parsing result records, parsing results array;
所述每个资源记录对应的解析记录结果列表中至少包括解析记录TTL值、解析记录结果、解析记录结果长度。The parsing record result list corresponding to each resource record at least includes parsing record TTL value, parsing record result, and parsing record result length.
第三方面,提供一种电子设备,包括:In a third aspect, an electronic device is provided, including:
存储器,用于存放计算机程序;处理器,用于执行所述存储器上所存放的计算机程序时,实现第一方面中任一项所述的方法步骤。The memory is used to store computer programs; the processor is used to implement the method steps described in any one of the first aspects when executing the computer program stored in the memory.
第四方面,提供一种计算机可读存储介质,所述计算机可读存储介质内存储有计算机程序,所述计算机程序被处理器执行时实现第一方面中任一项所述的方法步骤。A fourth aspect provides a computer-readable storage medium. A computer program is stored in the computer-readable storage medium. When the computer program is executed by a processor, the method steps described in any one of the first aspects are implemented.
上述第二方面至第四方面中的各个方面以及各个方面可能达到的技术效果请参照上述针对第一方面或第一方面中的各种可能方案可以达到的技术效果说明,这里不再重复赘述。For each aspect in the above second to fourth aspects and the technical effects that may be achieved by each aspect, please refer to the above description of the technical effects that can be achieved by the first aspect or various possible solutions in the first aspect, and will not be repeated here.
附图说明Description of drawings
图1为本申请实施例适用的应用场景示意图;Figure 1 is a schematic diagram of application scenarios applicable to the embodiment of this application;
图2为本申请实施例提供的一种DNS访问请求处理方法的流程图;Figure 2 is a flow chart of a DNS access request processing method provided by an embodiment of the present application;
图3为本申请实施例提供的一种DNS缓存结构的存储结构示意图;Figure 3 is a schematic diagram of the storage structure of a DNS cache structure provided by an embodiment of the present application;
图4为本申请实施例提供的另一种DNS访问请求处理方法的流程图;Figure 4 is a flow chart of another DNS access request processing method provided by an embodiment of the present application;
图5为本申请实施例提供的一种DNS访问请求处理的逻辑示意图;Figure 5 is a logical schematic diagram of DNS access request processing provided by an embodiment of the present application;
图6为本申请实施例提供的一种DNS访问请求处理装置的结构示意图;Figure 6 is a schematic structural diagram of a DNS access request processing device provided by an embodiment of the present application;
图7为本申请实施例提供的一种电子设备的结构示意图。FIG. 7 is a schematic structural diagram of an electronic device provided by an embodiment of the present application.
具体实施方式Detailed ways
为了使本申请的目的、技术方案和优点更加清楚,下面将结合附图对本申请作进一步地详细描述。方法实施例中的具体操作方法也可以应用于装置实施例或系统实施例中。需要说明的是,在本申请的描述中“多个”理解为“至少两个”。“和/或”,描述关联对象的关联关系,表示可以存在三种关系,例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B这三种情况。A与B连接,可以表示:A与B直接连接和A与B通过C连接这两种情况。另外,在本申请的描述中,“第一”、“第二”等词汇,仅用于区分描述的目的,而不能理解为指示或暗示相对重要性,也不能理解为指示或暗示顺序。In order to make the purpose, technical solutions and advantages of the present application clearer, the present application will be described in further detail below in conjunction with the accompanying drawings. The specific operation methods in the method embodiments can also be applied to the device embodiments or system embodiments. It should be noted that in the description of this application, "plurality" is understood to mean "at least two". "And/or" describes the relationship between related objects, indicating that there can be three relationships. For example, A and/or B can mean: A exists alone, A and B exist simultaneously, and B exists alone. The connection between A and B can represent two situations: A and B are directly connected and A and B are connected through C. In addition, in the description of this application, words such as "first" and "second" are only used for the purpose of distinguishing descriptions, and cannot be understood as indicating or implying relative importance, nor can they be understood as indicating or implying order.
为了更好地理解本申请实施例,下面首先对本申请实施例中涉及的技术术语进行说明。In order to better understand the embodiments of the present application, the technical terms involved in the embodiments of the present application are first described below.
(1)域名是由一串用点分隔的名字组成的网络上某一台计算机或计算机组的名称,用于在数据传输时标识计算机的电子方位(可以是也指地理位置、地理上的域名等)(1) A domain name is the name of a computer or computer group on the network consisting of a string of names separated by dots. It is used to identify the electronic location of the computer during data transmission (it can also refer to geographical location, geographical domain name wait)
(2)生存时间(Time To Live,TTL)是一条资源记录在DNS服务器中的存留时间。例如,有一个域名为myhost.abc.com,这就是一条资源记录,通常表示abc.com域中有一台名为myhost的主机对应的IP地址为1.1.1.1,它的TTL为10,这条资源记录存储在一台为dns.abc.com的DNS服务器上。(2) Time To Live (TTL) is the retention time of a resource record in the DNS server. For example, there is a domain name myhost.abc.com, which is a resource record. It usually means that there is a host named myhost in the abc.com domain. The corresponding IP address is 1.1.1.1, and its TTL is 10. This resource record Records are stored on a DNS server called dns.abc.com.
(3)资源记录(Resource record,RR)是指添加到区域文件中的记录。资源记录的类型有很多种,每种类型有不同的用处,可以理解为每个域名所包含的与之相关的资源。例如,每个RR用于记录域名的信息映射关系,可包括域名的所属、类型、TTL等。(3) Resource record (RR) refers to the record added to the zone file. There are many types of resource records, each type has different uses and can be understood as the related resources contained in each domain name. For example, each RR is used to record the information mapping relationship of the domain name, which may include the domain name's ownership, type, TTL, etc.
下面对本申请实施例的技术方案能够适用的应用场景做一些简单介绍,需要说明的是,以下介绍的应用场景仅用于说明本申请实施例而非限定。在具体实施时,可以根据实际需要灵活地应用本申请实施例提供的技术方案。The following is a brief introduction to the applicable application scenarios of the technical solutions of the embodiments of the present application. It should be noted that the application scenarios introduced below are only used to illustrate the embodiments of the present application and are not limiting. During specific implementation, the technical solutions provided by the embodiments of this application can be flexibly applied according to actual needs.
图1为本申请实施例适用的应用场景示意图。如图所示,该场景主要包括终端10、DNS缓存服务器11、DNS递归服务器12;其中,该DNS递归服务器12可管辖有DNS根服务器、顶级域名服务器、二级域名服务器、DNS授权服务器等多个等级的服务器组成;终端10与DNS缓存服务器11之间可通过通信网络进行信息交互,DNS缓存服务器11与DNS递归服务器12之间可通过通信网络进行信息交互,该通信网络采用的通信方式可包括:无线通信方式和有线通信方式。Figure 1 is a schematic diagram of an application scenario applicable to the embodiment of the present application. As shown in the figure, this scenario mainly includes a terminal 10, a DNS cache server 11, and a DNS recursive server 12; among them, the DNS recursive server 12 can manage a DNS root server, a top-level domain name server, a second-level domain name server, a DNS authorization server, etc. The terminal 10 and the DNS cache server 11 can interact with each other through the communication network, and the DNS cache server 11 and the DNS recursive server 12 can interact with each other through the communication network. The communication method adopted by the communication network can be Including: wireless communication method and wired communication method.
示例性的,终端10可通过蜂窝移动通信技术接入网络,与DNS缓存服务器11进行通信,例如,终端10可向DNS缓存服务器11发送DNS访问请求,该蜂窝移动通信技术,可包括第五代移动通信(5th Generation Mobile Networks,5G)技术。Exemplarily, the terminal 10 can access the network through cellular mobile communication technology and communicate with the DNS cache server 11. For example, the terminal 10 can send a DNS access request to the DNS cache server 11. The cellular mobile communication technology can include fifth generation Mobile communications (5th Generation Mobile Networks, 5G) technology.
示例性的,终端10可通过短距离无线通信方式接入网络,与DNS缓存服务器11进行通信,例如,终端10可向DNS缓存服务器11发送DNS访问请求,该短距离无线通信方式,可包括无线保真(Wireless Fidelity,Wi-Fi)技术。For example, the terminal 10 can access the network through a short-distance wireless communication method and communicate with the DNS cache server 11. For example, the terminal 10 can send a DNS access request to the DNS cache server 11. The short-distance wireless communication method can include wireless communication. Fidelity (Wireless Fidelity, Wi-Fi) technology.
终端10是一种可以向用户提供语音和/或数据连通性的设备,包括:具有无线连接功能的手持式终端设备、车载终端设备等。例如,终端10包括但不限于:手机、平板电脑、笔记本电脑、掌上电脑、移动互联网设备(Mobile Internet Device,MID)、可穿戴设备,虚拟现实(Virtual Reality,VR)设备、增强现实(Augmented Reality,AR)设备、工业控制中的无线终端设备、无人驾驶中的无线终端设备、智能电网中的无线终端设备、运输安全中的无线终端设备、智慧城市中的无线终端设备,或智慧家庭中的无线终端设备等。The terminal 10 is a device that can provide voice and/or data connectivity to users, including: handheld terminal devices with wireless connection functions, vehicle-mounted terminal devices, etc. For example, the terminal 10 includes but is not limited to: a mobile phone, a tablet computer, a notebook computer, a handheld computer, a mobile Internet device (Mobile Internet Device, MID), a wearable device, a virtual reality (Virtual Reality, VR) device, an augmented reality (Augmented Reality) device. , AR) equipment, wireless terminal equipment in industrial control, wireless terminal equipment in driverless driving, wireless terminal equipment in smart grids, wireless terminal equipment in transportation safety, wireless terminal equipment in smart cities, or in smart homes wireless terminal equipment, etc.
DNS缓存服务器11搭载有DNS访问请求处理装置,可用于接收来自于终端10的DNS访问请求,并根据该NDS访问请求进行相应的处理。The DNS cache server 11 is equipped with a DNS access request processing device, which can be used to receive a DNS access request from the terminal 10 and perform corresponding processing according to the NDS access request.
例如,终端10向DNS缓存服务器11发送携带有目标DNS数据包的DNS访问请求,当DNS缓存服务器11解析到该目标DNS数据包为请求类型的数据包时,在自身的DNS缓存结构中查询缓存,若未查询到,则将该DNS访问请求转发给DNS递归服务器12,该DNS递归服务器12可负责向DNS根服务器、顶级域名服务器、二级域名服务器、DNS授权服务器发起该DNS访问请求,获取最终的结果,再将该结果发送给DNS缓存服务器11,以使DNS缓存服务器11根据该结果进行后续处理;若在DNS缓存服务器11中查找缓存,查询到,则DNS缓存服务器基于查询到的结果进行后续处理。For example, the terminal 10 sends a DNS access request carrying a target DNS packet to the DNS cache server 11. When the DNS cache server 11 parses that the target DNS packet is a request type packet, it queries the cache in its own DNS cache structure. , if not found, the DNS access request is forwarded to the DNS recursive server 12. The DNS recursive server 12 can be responsible for initiating the DNS access request to the DNS root server, top-level domain name server, second-level domain name server, and DNS authorization server to obtain The final result is then sent to the DNS cache server 11, so that the DNS cache server 11 performs subsequent processing based on the result; if the cache is searched for in the DNS cache server 11 and the query is found, the DNS cache server will based on the query result. Carry out subsequent processing.
再例如,终端10向DNS缓存服务器11发送携带有目标DNS数据包的DNS访问请求,当DNS缓存服务器11解析到该目标DNS数据包为响应类型的数据包时,DNS缓存服务器11将解析到该目标DNS数据包的响应结果按照自身的缓存存储格式存储在DNS缓存结构中,以便后续使用。For another example, the terminal 10 sends a DNS access request carrying a target DNS packet to the DNS cache server 11. When the DNS cache server 11 parses that the target DNS packet is a response type packet, the DNS cache server 11 will parse the target DNS packet. The response result of the target DNS packet is stored in the DNS cache structure according to its own cache storage format for subsequent use.
为进一步说明本申请实施例提供的技术方案,下面结合附图以及具体实施方式对此进行详细的说明。虽然本申请实施例提供了如下述实施例或附图所示的方法操作步骤,但基于常规或者无需创造性的劳动在所述方法中可以包括更多或者更少的操作步骤。在逻辑上不存在必要因果关系的步骤中,这些步骤的执行顺序不限于本申请实施例提供的执行顺序。所述方法在实际的处理过程中或者装置执行时,可按照实施例或者附图所示的方法顺序执行或者并执行。In order to further explain the technical solutions provided by the embodiments of the present application, this will be described in detail below with reference to the accompanying drawings and specific implementation modes. Although the embodiments of the present application provide method operation steps as shown in the following embodiments or drawings, more or fewer operation steps may be included in the method based on routine or without creative effort. In steps where there is no necessary causal relationship logically, the execution order of these steps is not limited to the execution order provided by the embodiments of the present application. During the actual processing or when the device is executed, the method may be executed sequentially or concurrently according to the methods shown in the embodiments or drawings.
图2为本申请实施例提供的一种DNS访问请求处理方法的流程图。该流程可由DNS访问请求处理装置所执行,该装置可通过软件和/或硬件方式实现。如图2所示,该流程包括如下步骤:Figure 2 is a flow chart of a DNS access request processing method provided by an embodiment of the present application. This process can be executed by a DNS access request processing device, which can be implemented by software and/or hardware. As shown in Figure 2, the process includes the following steps:
201:接收来自于终端的DNS访问请求,并根据DNS访问请求中携带的目标DNS数据包,确定该目标DNS数据包所属的类型。201: Receive the DNS access request from the terminal, and determine the type of the target DNS data packet according to the target DNS data packet carried in the DNS access request.
该步骤中,具体可以是:DNS缓存服务器(如图1所示的DSN缓存服务器11)接收来自于终端(如图1所示的终端10)的DNS访问请求后,对DNS访问请求中携带的目标DNS数据包进行解析,确定该目标DNS数据包所属的类型。In this step, the specific method may be: after the DNS cache server (DSN cache server 11 shown in Figure 1) receives the DNS access request from the terminal (terminal 10 shown in Figure 1), it The target DNS packet is parsed to determine the type of the target DNS packet.
202:若目标DNS数据包所属的类型为请求类型,则在DNS缓存结构中进行查询。202: If the type of the target DNS packet is the request type, query the DNS cache structure.
示例性的,DNS缓存结构的缓存存储格式为依次嵌套的第一存储结构、第二存储结构、第三存储结构、第四存储结构,如图3所示,示例性示出了DNS缓存结构的存储结构示意图。Exemplarily, the cache storage format of the DNS cache structure is a first storage structure, a second storage structure, a third storage structure, and a fourth storage structure that are nested in sequence. As shown in Figure 3, an exemplary DNS cache structure is shown. Schematic diagram of the storage structure.
图3中的第一存储结构表征存储有至少一个DNS数据包的缓存结果;示例性的,每个缓存结果中至少包括域名、类型、域名长度、响应结果。The first storage structure in Figure 3 represents a cached result that stores at least one DNS packet; for example, each cached result includes at least a domain name, type, domain name length, and response result.
图3中的第二存储结构表征存储每个响应结果中M(M为大于0的整数)个资源记录的有效TTL、记录结果数、记录结果数组;示例性的,该记录结果数可具体划分成统计该M个资源记录中属于域名服务器记录结果数,以及属于响应资源记录结果数;该记录结果数组中包括该M个资源记录。The second storage structure in Figure 3 represents the effective TTL, number of record results, and record result array that stores M (M is an integer greater than 0) resource records in each response result; for example, the number of record results can be specifically divided The number of domain name server record results and the number of response resource record results among the M resource records are counted; the record result array includes the M resource records.
图3中的第三存储结构表征存储记录结果数组中每个资源记录对应的资源记录缓存列表;示例性的,每个资源记录对应的资源记录缓存列表至少包括域名、类型、域名长度、网络类型、是否有压缩标识、域名压缩后结果、解析结果记录数、解析结果数组。The third storage structure in Figure 3 represents the resource record cache list corresponding to each resource record in the storage record result array; for example, the resource record cache list corresponding to each resource record at least includes domain name, type, domain name length, and network type. , whether there is a compression mark, the domain name compression result, the number of parsing result records, and the parsing result array.
图3中的第四存储结构表征存储每个资源记录对应的解析记录结果列表;示例性的,每个资源记录对应的解析记录结果列表中至少包括解析记录TTL值、解析记录结果、解析记录结果长度。The fourth storage structure in Figure 3 represents the storage of a parsing record result list corresponding to each resource record; for example, the parsing record result list corresponding to each resource record at least includes the parsing record TTL value, the parsing record result, and the parsing record result. length.
本申请实施例中,采用上述这种缓存存储格式的DNS缓存结构,针对请求类型的DNS数据包,可以使在后续DNS访问请求过程中,当缓存命中时,可直接从该DNS缓存结构中存储有的资源记录缓存列表中获取相应的DNS访问请求响应,相较于现有技术,无需每次都重新进行压缩处理后,再向终端反馈DNS访问请求响应,从而提高了DNS访问请求处理的效率。In the embodiment of this application, the above-mentioned DNS cache structure of the cache storage format is used. For the DNS data packet of the request type, during the subsequent DNS access request process, when the cache is hit, it can be directly stored from the DNS cache structure. The corresponding DNS access request response is obtained from the cache list of some resource records. Compared with the existing technology, there is no need to re-compress each time and then feed back the DNS access request response to the terminal, thereby improving the efficiency of DNS access request processing. .
在另一些实施例中,针对目标DNS数据为响应类型的DNS数据包,可按照上述DNS缓存结构的缓存存储格式进行存储,如图4所示,示例性示出了本申请实施例提供的另一种DNS访问请求处理方法的流程图。In other embodiments, DNS data packets whose target DNS data is a response type can be stored according to the cache storage format of the above-mentioned DNS cache structure, as shown in Figure 4, which exemplarily illustrates another method provided by the embodiment of the present application. A flow chart of a DNS access request processing method.
401:若DNS数据包所属的类型为响应类型,则解析该目标DNS数据包中的请求部分,得到请求部分的第二目标域名,以及解析目标数据包中的响应部分,得到该响应部分的响应结果。401: If the type of the DNS packet is a response type, parse the request part in the target DNS packet to obtain the second target domain name of the request part, and parse the response part in the target data packet to obtain the response of the response part. result.
该步骤中,假设响应结果中包括了N个资源记录,针对每个资源记录,可按照各自对应的网络协议格式进行解析。In this step, it is assumed that the response result includes N resource records, and each resource record can be parsed according to its corresponding network protocol format.
402:将该第二目标域名和响应结果按照DNS缓存结构的缓存存储格式进行存储。402: Store the second target domain name and response result according to the cache storage format of the DNS cache structure.
示例性的,可将该目标DNS数据包的第二目标域名存储在DNS缓存结构中的第一存储结构,以及还可将目标DNS数据包所属的类型存储在第一存储结构中等;将该响应结果中N个资源记录各自的有效TTL、记录结果数、记录结果数组存储在第二存储结构中;将N个资源记录各自的具体资源内容存储在第三存储结构中,生成各自的资源记录缓存列表;将N个资源记录各自的具体解析记录内容存储在第四存储结构中,生成各自的解析记录结果列表。For example, the second target domain name of the target DNS data packet may be stored in the first storage structure in the DNS cache structure, and the type of the target DNS data packet may also be stored in the first storage structure, etc.; the response The effective TTL, number of record results, and record result array of each of the N resource records in the result are stored in the second storage structure; the specific resource content of each of the N resource records is stored in the third storage structure, and each resource record cache is generated. List; store the specific parsing record contents of each of the N resource records in the fourth storage structure, and generate a list of respective parsing record results.
在一些实施例中,针对有域名压缩的,可按照域名压缩算法完全展开后,再存储,以便于将相同资源记录的资源记录内容进行归纳存储,即将相同资源记录的资源记录内容归纳成数组中的一个资源记录。In some embodiments, for domain name compression, it can be fully expanded according to the domain name compression algorithm and then stored, so that the resource record contents of the same resource record can be summarized and stored, that is, the resource record contents of the same resource record can be summarized into an array. A resource record of .
403:根据上述第二目标域名、上述响应结果创建压缩数据结果表。403: Create a compressed data result table based on the above second target domain name and the above response result.
示例性的,该压缩数据结果表用于表征响应结果中包括的N个资源记录各自是否被压缩,N为大于0的整数。For example, the compressed data result table is used to characterize whether each of the N resource records included in the response result is compressed, and N is an integer greater than 0.
404:根据上述压缩数据结果表,在DNS缓存结构中的第三存储结构更新该N个资源记录中被压缩的资源记录对应的资源记录缓存列表。404: According to the above compressed data result table, the third storage structure in the DNS cache structure updates the resource record cache list corresponding to the compressed resource records among the N resource records.
示例性的,更新被压缩的资源记录对应的资源记录缓存列表,具体可以是:将该资源记录缓存列表中的是否有压缩标识进行置位,更新该资源记录缓存列表中记录的域名长度,以及记录的域名压缩后结果两个变量。For example, updating the resource record cache list corresponding to the compressed resource record may specifically include: setting whether there is a compression flag in the resource record cache list, updating the domain name length recorded in the resource record cache list, and The recorded domain name is compressed and results in two variables.
通过上述图4所示的方法,针对响应类型的DNS数据包,由于可只解析该数据包的请求部分和响应部分,而对该数据包的其余部分可不进行解析处理,再基于解析得到的域名和响应结果按照DNS缓存结构(如图3所示的DNS缓存存储结构)的缓存存储格式进行存储,且在插入资源记录缓存列表时,只进行一次性的域名压缩计算,以便于在后续使用时可直接使用压缩后的结果;因此相较于现有技术,在实际场景中,可减少对带宽资源的占用,以及减少DNS缓存结构的存储资源占用,进一步还可避免其余部分对该DNS缓存结构进行攻击。Through the method shown in Figure 4 above, for the response type DNS packet, only the request part and the response part of the packet can be parsed, and the rest of the packet does not need to be parsed, and then based on the parsed domain name and response results are stored according to the cache storage format of the DNS cache structure (the DNS cache storage structure shown in Figure 3), and when inserting the resource record cache list, only a one-time domain name compression calculation is performed to facilitate subsequent use. The compressed results can be used directly; therefore, compared with the existing technology, in actual scenarios, it can reduce the occupation of bandwidth resources and the storage resources of the DNS cache structure, and further avoid the remaining parts of the DNS cache structure. to attack.
203:当在该DNS缓存结构中查询到有目标DNS数据包的缓存结果时,获取该目标DNS数据包的目标资源记录缓存列表,并根据目标资源记录缓存列表确定目标DNS数据包的目标域名是否被压缩,若是,则转入204,若否,则转入205。203: When the cache result of the target DNS packet is queried in the DNS cache structure, obtain the target resource record cache list of the target DNS packet, and determine whether the target domain name of the target DNS packet is based on the target resource record cache list. is compressed, if yes, go to 204, if not, go to 205.
示例性的,该步骤具体可以是:当在DNS缓存结构的第一存储结构中查询到目标DNS数据包的目标缓存结果时,根据目标缓存结果,在DNS缓存结构的第二存储结构中获取目标DNS数据包对应的目标响应结果;根据目标响应结果,在DNS缓存结构的第三存储结果获取目标DNS数据包的目标资源记录缓存列表;若目标资源记录缓存列表中记录有压缩标识,则确定目标域名被压缩,转入204,否则,确定目标域名未被压缩,转入205。For example, this step may be: when the target cache result of the target DNS packet is queried in the first storage structure of the DNS cache structure, according to the target cache result, obtain the target in the second storage structure of the DNS cache structure. The target response result corresponding to the DNS data packet; according to the target response result, obtain the target resource record cache list of the target DNS data packet in the third storage result of the DNS cache structure; if there is a compression mark recorded in the target resource record cache list, determine the target If the domain name is compressed, go to 204. Otherwise, it is determined that the target domain name is not compressed, and go to 205.
同理,在针对该目标DNS数据包的目标域名不止一个的情况下,也可按照上述203所示的逻辑过程执行,在此不再重复描述。Similarly, when there is more than one target domain name for the target DNS packet, the logical process shown in step 203 above can also be followed, and the description will not be repeated here.
在一些实施例中,当在DNS缓存结构中未查询到该目标DNS数据包的目标缓存结果时,搭载有DNS访问请求处理装置的DNS缓存服务器可将该DNS访问请求转发给DNS递归服务器(如图1所示的DNS递归服务器12),以使该DNS递归服务器12可负责向DNS根服务器、顶级域名服务器、二级域名服务器、DNS授权服务器发起该DNS访问请求,获取最终的结果(资源记录结果),再将该结果发送给DNS缓存服务器11,该DNS缓存服务器11接收到该结果后,便可向终端进行反馈。In some embodiments, when the target cache result of the target DNS packet is not queried in the DNS cache structure, the DNS cache server equipped with the DNS access request processing device can forward the DNS access request to the DNS recursive server (such as DNS recursive server 12) shown in Figure 1, so that the DNS recursive server 12 can be responsible for initiating the DNS access request to the DNS root server, top-level domain name server, second-level domain name server, and DNS authorization server to obtain the final result (resource record result), and then sends the result to the DNS cache server 11. After receiving the result, the DNS cache server 11 can provide feedback to the terminal.
204:拷贝该目标域名对应的压缩后的第一目标域名和第一资源记录结果。204: Copy the compressed first target domain name and the first resource record result corresponding to the target domain name.
示例性的,该第一资源记录结果表征与该第一目标域名相关的所有资源记录。For example, the first resource record result represents all resource records related to the first target domain name.
205:拷贝上述目标域名和该目标域名的原始资源记录结果。205: Copy the above target domain name and the original resource record result of the target domain name.
示例性的,该原始资源记录结果表征与该目标域名相关的所有资源记录。For example, the original resource record result represents all resource records related to the target domain name.
206:向终端发送DNS访问请求响应。206: Send a DNS access request response to the terminal.
其中,该DNS访问请求响应携带有封装后的第一目标域名和第一资源记录结果,或封装后的目标域名和原始资源记录结果。The DNS access request response carries the encapsulated first target domain name and the first resource record result, or the encapsulated target domain name and the original resource record result.
具体的,该DNS访问请求响应中可包括name(表征域名的名称,例如WWW.AAA.com),type(用于标识当前资源记录的类型),TTL(表征该资源记录中的信息存放在DNS存储结构中的时间长度)、IN(标识为一个网络的记录信息)等信息。Specifically, the DNS access request response may include name (a name that represents the domain name, such as WWW.AAA.com), type (used to identify the type of the current resource record), TTL (which represents the information in the resource record stored in DNS The length of time in the storage structure), IN (record information identified as a network) and other information.
在一些实施例中,在针对目标域名不止一个的情况下,若各目标域名中存在被压缩的目标域名,也存在未被压缩的目标域名,则该DNS访问请求响应中携带有被压缩的目标域名和它的资源记录结果,以及未被压缩的目标域名和它的资源记录结果。In some embodiments, when there is more than one target domain name, if there is a compressed target domain name and an uncompressed target domain name in each target domain name, the DNS access request response carries the compressed target domain name. The domain name and its resource record results, and the uncompressed target domain name and its resource record results.
本申请实施例中,有益效果如下:In the embodiments of this application, the beneficial effects are as follows:
针对请求类型的目标DNS数据包,在DNS缓存服务器中缓存命中时,可在DNS缓存结构中直接获取该目标DNS数据包的目标资源记录缓存列表;根据该目标资源记录缓存列表中记录的内容,确定出目标DNS数据包的目标域名是否压缩,若是,则可拷贝目标域名对应的压缩后的第一目标域名和第一资源记录结果,若否,则拷贝目标域名和该目标域名的原始资源记录结果;最后,便可向终端发送DNS访问请求响应,因此在DNS缓存结构命中缓存时,只需将压缩后的域名进行拷贝,并向终端反馈DNS访问请求响应,无需要每次都进行域名压缩,减小了DNS访求请求响应时延,从而提高对DNS访问请求处理的效率,满足高性能需求。For the target DNS packet of the request type, when the cache is hit in the DNS cache server, the target resource record cache list of the target DNS packet can be directly obtained in the DNS cache structure; according to the content recorded in the target resource record cache list, Determine whether the target domain name of the target DNS packet is compressed. If so, copy the compressed first target domain name and the first resource record result corresponding to the target domain name. If not, copy the target domain name and the original resource record of the target domain name. Finally, the DNS access request response can be sent to the terminal. Therefore, when the DNS cache structure hits the cache, only the compressed domain name needs to be copied and the DNS access request response is fed back to the terminal. There is no need to compress the domain name every time. , reducing the response delay of DNS access requests, thereby improving the efficiency of DNS access request processing and meeting high-performance requirements.
基于上述图2和图4所示的方法,图5为本申请实施例提供的一种DNS访问请求处理的逻辑示意图。Based on the methods shown in Figures 2 and 4 above, Figure 5 is a logical schematic diagram of DNS access request processing provided by an embodiment of the present application.
501:DNS缓存服务器接收来自于终端的DNS访问请求。501: The DNS cache server receives the DNS access request from the terminal.
该步骤中,DNS缓存服务器具体可以是图1中的DNS缓存服务器11,该终端具体可以是图1中的终端10。In this step, the DNS cache server may be the DNS cache server 11 in Figure 1, and the terminal may be the terminal 10 in Figure 1.
502:根据该DNS访问请求中携带的目标DNS数据包,确定该目标DNS数据包所属的类型,若该类型为请求类型,则转入503,若该类型为响应类型,则转入510。502: Determine the type of the target DNS packet according to the target DNS packet carried in the DNS access request. If the type is a request type, go to 503. If the type is a response type, go to 510.
503:在DNS缓存结构中进行查询,确定是否查询该目标DNS数据包的缓存结果,若是,则转入504,若否,则将该DNS访问请求转发到DNS递归服务器,以使DNS递归服务器执行后续操作。503: Query in the DNS cache structure to determine whether to query the cache result of the target DNS packet. If so, go to 504. If not, forward the DNS access request to the DNS recursive server so that the DNS recursive server can execute Follow-up operations.
该步骤中,DNS缓存结构的具体解释可参照图3所示的描述,在此不再重复描述。In this step, the specific explanation of the DNS cache structure may refer to the description shown in Figure 3, and the description will not be repeated here.
504:获取该目标DNS数据包的目标资源记录缓存列表。504: Obtain the target resource record cache list of the target DNS packet.
该步骤中,获取目标资源缓存列表的具体过程,可参照图2中的203,在此不再重复描述。In this step, the specific process of obtaining the target resource cache list can be referred to 203 in Figure 2, and the description will not be repeated here.
505:根据该目标资源记录缓存列表确定目标DNS数据包的目标域名是否被压缩,若是,则转入506,若否,则转入507。505: Determine whether the target domain name of the target DNS packet is compressed according to the target resource record cache list. If so, go to 506. If not, go to 507.
该步骤中,确定目标DNS数据包的目标域名是否被压缩的具体过程,可参照图2中的203,在此不再重复描述。In this step, the specific process of determining whether the target domain name of the target DNS packet is compressed can be referred to 203 in Figure 2, and the description will not be repeated here.
506:拷贝该目标域名对应的压缩后的第一目标域名和第一资源记录结果。506: Copy the compressed first target domain name and the first resource record result corresponding to the target domain name.
507:拷贝该目标域名和该目标域名的原始资源记录结果。507: Copy the target domain name and the original resource record result of the target domain name.
508:判断该目标DNS数据包是否还有其他的目标域名,若是,则转入504,若否,则转入509。508: Determine whether the target DNS packet has other target domain names. If so, go to 504. If not, go to 509.
509:向终端发送DNS访问请求响应。509: Send a DNS access request response to the terminal.
该步骤与图2中的206相似,在此不再重复描述。This step is similar to step 206 in Figure 2 and will not be described again here.
510:解析该目标DNS数据包中的请求部分,得到请求部分的第二目标域名,以及解析目标数据包中的响应部分,得到该响应部分的响应结果。510: Parse the request part in the target DNS packet to obtain the second target domain name of the request part, and parse the response part in the target data packet to obtain the response result of the response part.
511:将该第二目标域名和响应结果按照DNS缓存结构的缓存存储格式进行存储。511: Store the second target domain name and response result according to the cache storage format of the DNS cache structure.
该步骤与图4中的402相似,在此不再重复描述。This step is similar to step 402 in Figure 4 and will not be described again here.
512:根据上述第二目标域名、上述响应结果创建压缩数据结果表。512: Create a compressed data result table based on the above second target domain name and the above response result.
该步骤中,压缩数据结果表的解释可参照图4中的403,在此不再重复描述。In this step, the explanation of the compressed data result table may refer to 403 in Figure 4, and the description will not be repeated here.
513:根据上述压缩数据结果表,在DNS缓存结构中的第三存储结构更新该N个资源记录中被压缩的资源记录对应的资源记录缓存列表。513: According to the above compressed data result table, the third storage structure in the DNS cache structure updates the resource record cache list corresponding to the compressed resource records among the N resource records.
该步骤,与图4中的404相似,在此不再重复描述。This step is similar to step 404 in Figure 4 and will not be described again here.
514:向终端发送目标DNS访问请求响应。514: Send target DNS access request response to the terminal.
示例性的,该目标DNS访问请求响应可携带有更新后的资源记录缓存列表。For example, the target DNS access request response may carry the updated resource record cache list.
基于相同的技术构思,本申请实施例中还提供了一种DNS访问请求处理装置,该装置可实现本申请实施例中上述DNS访问请求处理方法流程。Based on the same technical concept, the embodiment of the present application also provides a DNS access request processing device, which can implement the above-mentioned DNS access request processing method flow in the embodiment of the present application.
图6为本申请实施例提供的一种DNS访问请求处理装置的结构示意图。该装置包括:接收模块601、查询模块602、处理模块603、发送模块604。Figure 6 is a schematic structural diagram of a DNS access request processing device provided by an embodiment of the present application. The device includes: a receiving module 601, a query module 602, a processing module 603, and a sending module 604.
接收模块601,用于接收来自于终端的DNS访问请求,并根据所述DNS访问请求中携带的目标DNS数据包,确定所述目标DNS数据包所属的类型;The receiving module 601 is used to receive a DNS access request from the terminal, and determine the type of the target DNS data packet according to the target DNS data packet carried in the DNS access request;
查询模块602,若所述类型为请求类型,则在DNS缓存结构中进行查询;Query module 602, if the type is a request type, performs a query in the DNS cache structure;
处理模块603,当在所述DNS缓存结构中查询到有所述目标DNS数据包的缓存结果时,获取所述目标DNS数据包的目标资源记录缓存列表,并根据所述目标资源记录缓存列表确定所述目标DNS数据包的目标域名是否被压缩;若是,则拷贝所述目标域名对应的压缩后的第一目标域名和第一资源记录结果;若否,则拷贝所述目标域名和所述目标域名的原始资源记录结果;Processing module 603, when the cache result of the target DNS data packet is queried in the DNS cache structure, obtains the target resource record cache list of the target DNS data packet, and determines based on the target resource record cache list Whether the target domain name of the target DNS data packet is compressed; if so, copy the compressed first target domain name and first resource record result corresponding to the target domain name; if not, copy the target domain name and the target The original resource record result of the domain name;
发送模块604,用于向所述终端发送DNS访问请求响应;其中,所述DNS访问请求响应携带有封装后的第一目标域名和第一资源记录结果,或封装后的目标域名和原始资源记录结果。Sending module 604, configured to send a DNS access request response to the terminal; wherein the DNS access request response carries the encapsulated first target domain name and the first resource record result, or the encapsulated target domain name and the original resource record result.
可选的,所述处理模块603,具体用于:Optionally, the processing module 603 is specifically used for:
当在所述DNS缓存结构的第一存储结构中查询到所述目标DNS数据包的目标缓存结果时,根据所述目标缓存结果,在所述DNS缓存结构的第二存储结构中获取所述目标DNS数据包对应的目标响应结果;根据所述目标响应结果,在所述DNS缓存结构的第三存储结果获取所述目标DNS数据包的目标资源记录缓存列表;若所述目标资源记录缓存列表中记录有压缩标识,则确定所述目标DNS数据包的目标域名被压缩,否则,确定所述目标DNS数据包的目标域名未被压缩。When the target cache result of the target DNS packet is queried in the first storage structure of the DNS cache structure, the target is obtained in the second storage structure of the DNS cache structure according to the target cache result. The target response result corresponding to the DNS data packet; according to the target response result, obtain the target resource record cache list of the target DNS data packet in the third storage result of the DNS cache structure; if the target resource record cache list is If the compression identifier is recorded, it is determined that the target domain name of the target DNS data packet is compressed; otherwise, it is determined that the target domain name of the target DNS data packet is not compressed.
可选的,所述处理模块603,还用于:Optionally, the processing module 603 is also used to:
若所述类型为响应类型,则解析所述目标DNS数据包中的请求部分,得到所述请求部分的第二目标域名,以及解析所述目标数据包中的响应部分,得到所述响应部分的响应结果;将所述第二目标域名和所述响应结果按照所述DNS缓存结构的缓存存储格式进行存储;根据所述第二目标域名、所述响应结果创建压缩数据结果表;其中,所述压缩数据结果表用于表征所述响应结果中包括的N个资源记录各自是否被压缩,所述N为大于0的整数;根据所述压缩数据结果表,在所述DNS缓存结构中的第三存储结构更新所述N个资源记录中被压缩的资源记录对应的资源记录缓存列表。If the type is a response type, parse the request part in the target DNS data packet to obtain the second target domain name of the request part, and parse the response part in the target data packet to obtain the response part Response result; store the second target domain name and the response result according to the cache storage format of the DNS cache structure; create a compressed data result table according to the second target domain name and the response result; wherein, The compressed data result table is used to represent whether each of the N resource records included in the response result is compressed, and the N is an integer greater than 0; according to the compressed data result table, the third node in the DNS cache structure The storage structure updates the resource record cache list corresponding to the compressed resource record among the N resource records.
在此需要说明的是,本申请实施例提供的上述装置,能够实现上述方法实施例中的所有方法步骤,且能够达到相同的技术效果,在此不再对本实施例中与方法实施例相同的部分及有益效果进行具体赘述。It should be noted here that the above-mentioned devices provided by the embodiments of the present application can implement all the method steps in the above-mentioned method embodiments and can achieve the same technical effects. The same features as those in the method embodiments in this embodiment are no longer discussed here. Some of them and their beneficial effects will be described in detail.
基于相同的技术构思,本申请实施例中还提供了一种电子设备,所述电子设备可以实现前述一种DNS访问请求处理装置的功能。Based on the same technical concept, embodiments of the present application also provide an electronic device, which can implement the function of the aforementioned DNS access request processing device.
图7为本申请实施例提供的电子设备的结构示意图。FIG. 7 is a schematic structural diagram of an electronic device provided by an embodiment of the present application.
至少一个处理器701,以及与至少一个处理器701连接的存储器702,本申请实施例中不限定处理器701与存储器702之间的具体连接介质,图7中是以处理器701和存储器702之间通过总线700连接为例。总线700在图7中以粗线表示,其它部件之间的连接方式,仅是进行示意性说明,并不引以为限。总线700可以分为地址总线、数据总线、控制总线等,为便于表示,图7中仅用一条粗线表示,但并不表示仅有一根总线或一种类型的总线。或者,处理器701也可以称为控制器,对于名称不做限制。At least one processor 701, and a memory 702 connected to the at least one processor 701. The specific connection medium between the processor 701 and the memory 702 is not limited in the embodiment of this application. In Figure 7, the connection medium between the processor 701 and the memory 702 is Take the example of connecting via bus 700. The bus 700 is represented by a thick line in FIG. 7 , and the connection methods between other components are only schematically illustrated and not limited thereto. The bus 700 can be divided into an address bus, a data bus, a control bus, etc. For ease of presentation, only one thick line is used to represent it in Figure 7, but it does not mean that there is only one bus or one type of bus. Alternatively, the processor 701 may also be called a controller, and there is no restriction on the name.
在本申请实施例中,存储器702存储有可被至少一个处理器701执行的指令,至少一个处理器701通过执行存储器702存储的指令,可以执行前文论述的一种DNS访问请求处理方法。处理器701可以实现图6所示的装置中各个模块的功能。In this embodiment of the present application, the memory 702 stores instructions that can be executed by at least one processor 701. By executing the instructions stored in the memory 702, at least one processor 701 can execute a DNS access request processing method discussed above. The processor 701 can implement the functions of each module in the device shown in FIG. 6 .
其中,处理器701是该装置的控制中心,可以利用各种接口和线路连接整个该控制设备的各个部分,通过运行或执行存储在存储器702内的指令以及调用存储在存储器702内的数据,该装置的各种功能和处理数据,从而对该装置进行整体监控。Among them, the processor 701 is the control center of the device and can use various interfaces and lines to connect various parts of the entire control device. By running or executing instructions stored in the memory 702 and calling data stored in the memory 702, the processor 701 can Various functions of the device and process data to provide overall monitoring of the device.
在一种可能的设计中,处理器701可包括一个或多个处理单元,处理器701可集成应用处理器和调制解调处理器,其中,应用处理器主要处理操作系统、用户界面和应用程序等,调制解调处理器主要处理无线通信。可以理解的是,上述调制解调处理器也可以不集成到处理器701中。在一些实施例中,处理器701和存储器702可以在同一芯片上实现,在一些实施例中,它们也可以在独立的芯片上分别实现。In a possible design, the processor 701 may include one or more processing units, and the processor 701 may integrate an application processor and a modem processor, where the application processor mainly processes the operating system, user interface and application programs. etc., the modem processor mainly handles wireless communications. It can be understood that the above modem processor may not be integrated into the processor 701. In some embodiments, the processor 701 and the memory 702 can be implemented on the same chip, and in some embodiments, they can also be implemented on separate chips.
处理器701可以是通用处理器,例如中央处理器(CPU)、数字信号处理器、专用集成电路、现场可编程门阵列或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件,可以实现或者执行本申请实施例中公开的各方法、步骤及逻辑框图。通用处理器可以是微处理器或者任何常规的处理器等。结合本申请实施例所公开的一种DNS访问请求处理方法的步骤可以直接体现为硬件处理器执行完成,或者用处理器中的硬件及软件模块组合执行完成。Processor 701 may be a general-purpose processor, such as a central processing unit (CPU), a digital signal processor, an application specific integrated circuit, a field programmable gate array or other programmable logic device, a discrete gate or transistor logic device, a discrete hardware component, or Implement or execute each method, step and logical block diagram disclosed in the embodiments of this application. A general-purpose processor may be a microprocessor or any conventional processor, etc. The steps of a DNS access request processing method disclosed in conjunction with the embodiments of the present application can be directly implemented by a hardware processor, or executed by a combination of hardware and software modules in the processor.
存储器702作为一种非易失性计算机可读存储介质,可用于存储非易失性软件程序、非易失性计算机可执行程序以及模块。存储器702可以包括至少一种类型的存储介质,例如可以包括闪存、硬盘、多媒体卡、卡型存储器、随机访问存储器(Random AccessMemory,RAM)、静态随机访问存储器(Static Random Access Memory,SRAM)、可编程只读存储器(Programmable Read Only Memory,PROM)、只读存储器(Read Only Memory,ROM)、带电可擦除可编程只读存储器(Electrically Erasable Programmable Read-Only Memory,EEPROM)、磁性存储器、磁盘、光盘等等。存储器702是能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质,但不限于此。本申请实施例中的存储器702还可以是电路或者其它任意能够实现存储功能的装置,用于存储程序指令和/或数据。As a non-volatile computer-readable storage medium, the memory 702 can be used to store non-volatile software programs, non-volatile computer executable programs and modules. The memory 702 may include at least one type of storage medium, for example, may include flash memory, hard disk, multimedia card, card-type memory, random access memory (Random Access Memory, RAM), static random access memory (Static Random Access Memory, SRAM), Programmable Read Only Memory (PROM), Read Only Memory (ROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), magnetic memory, disk, CDs etc. Memory 702 is, but is not limited to, any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. The memory 702 in the embodiment of the present application can also be a circuit or any other device capable of realizing a storage function, used to store program instructions and/or data.
通过对处理器701进行设计编程,可以将前述实施例中介绍的一种DNS访问请求处理方法所对应的代码固化到芯片内,从而使芯片在运行时能够执行图2或图6所示的实施例的一种DNS访问请求处理方法。如何对处理器701进行设计编程为本领域技术人员所公知的技术,这里不再赘述。By designing and programming the processor 701, the code corresponding to a DNS access request processing method introduced in the previous embodiment can be solidified into the chip, so that the chip can execute the implementation shown in Figure 2 or Figure 6 during runtime. An example of a DNS access request processing method. How to design and program the processor 701 is a technology well known to those skilled in the art, and will not be described in detail here.
在此需要说明的是,本申请实施例提供的上述通电子设备,能够实现上述方法实施例所实现的所有方法步骤,且能够达到相同的技术效果,在此不再对本实施例中与方法实施例相同的部分及有益效果进行具体赘述。It should be noted here that the above-mentioned communication electronic equipment provided by the embodiments of the present application can implement all the method steps implemented by the above-mentioned method embodiments, and can achieve the same technical effect. The implementation of the methods in this embodiment will no longer be carried out. The same parts and beneficial effects will be described in detail.
本申请实施例还提供了一种计算机可读存储介质,计算机可读存储介质存储有计算机可执行指令,计算机可执行指令用于使计算机执行上述实施例中的一种DNS访问请求处理方法。Embodiments of the present application also provide a computer-readable storage medium. The computer-readable storage medium stores computer-executable instructions. The computer-executable instructions are used to cause the computer to execute a DNS access request processing method in the above embodiment.
本申请实施例还提供了一种计算机程序产品,所述计算机程序产品在被计算机调用时,使得所述计算机执行上述实施例中的一种DNS访问请求处理方法。An embodiment of the present application also provides a computer program product. When called by a computer, the computer program product causes the computer to execute a DNS access request processing method in the above embodiment.
本领域内的技术人员应明白,本申请的实施例可提供为方法、系统、或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art will understand that embodiments of the present application may be provided as methods, systems, or computer program products. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment that combines software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
本申请是参照根据本申请的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to the present application. It will be understood that each process and/or block in the flowchart illustrations and/or block diagrams, and combinations of processes and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing device to produce a machine, such that the instructions executed by the processor of the computer or other programmable data processing device produce a use A device for realizing the functions specified in one process or multiple processes of the flowchart and/or one block or multiple blocks of the block diagram.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory that causes a computer or other programmable data processing apparatus to operate in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction means, the instructions The device implements the functions specified in a process or processes of the flowchart and/or a block or blocks of the block diagram.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions may also be loaded onto a computer or other programmable data processing device, causing a series of operating steps to be performed on the computer or other programmable device to produce computer-implemented processing, thereby executing on the computer or other programmable device. Instructions provide steps for implementing the functions specified in a process or processes of a flowchart diagram and/or a block or blocks of a block diagram.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311362950.4ACN117749762B (en) | 2023-10-19 | 2023-10-19 | DNS access request processing method, device, equipment and storage medium |
| PCT/CN2023/132142WO2025081566A1 (en) | 2023-10-19 | 2023-11-16 | Dns access request processing method and apparatus, device, and storage medium |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311362950.4ACN117749762B (en) | 2023-10-19 | 2023-10-19 | DNS access request processing method, device, equipment and storage medium |
| Publication Number | Publication Date |
|---|---|
| CN117749762Atrue CN117749762A (en) | 2024-03-22 |
| CN117749762B CN117749762B (en) | 2025-03-04 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311362950.4AActiveCN117749762B (en) | 2023-10-19 | 2023-10-19 | DNS access request processing method, device, equipment and storage medium |
| Country | Link |
|---|---|
| CN (1) | CN117749762B (en) |
| WO (1) | WO2025081566A1 (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2025081566A1 (en)* | 2023-10-19 | 2025-04-24 | 天翼安全科技有限公司 | Dns access request processing method and apparatus, device, and storage medium |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070110051A1 (en)* | 2005-11-15 | 2007-05-17 | Nominum, Inc. | Numeric approach to telephone number management in domain name systems |
| CN105306606A (en)* | 2014-05-28 | 2016-02-03 | 无锡韩光电器有限公司 | Domain name analysis method and system |
| US20170111389A1 (en)* | 2015-10-18 | 2017-04-20 | NxLabs Limited | Method and system for protecting domain name system servers against distributed denial of service attacks |
| CN109729183A (en)* | 2018-05-16 | 2019-05-07 | 平安科技(深圳)有限公司 | Request processing method, device, equipment and storage medium |
| CN112839113A (en)* | 2019-11-22 | 2021-05-25 | 中国互联网络信息中心 | Domain name storage and resolution method, device, electronic device and storage medium |
| WO2021139240A1 (en)* | 2020-07-28 | 2021-07-15 | 平安科技(深圳)有限公司 | Domain name compression method and product related thereto |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117749762B (en)* | 2023-10-19 | 2025-03-04 | 天翼安全科技有限公司 | DNS access request processing method, device, equipment and storage medium |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070110051A1 (en)* | 2005-11-15 | 2007-05-17 | Nominum, Inc. | Numeric approach to telephone number management in domain name systems |
| CN105306606A (en)* | 2014-05-28 | 2016-02-03 | 无锡韩光电器有限公司 | Domain name analysis method and system |
| US20170111389A1 (en)* | 2015-10-18 | 2017-04-20 | NxLabs Limited | Method and system for protecting domain name system servers against distributed denial of service attacks |
| CN109729183A (en)* | 2018-05-16 | 2019-05-07 | 平安科技(深圳)有限公司 | Request processing method, device, equipment and storage medium |
| CN112839113A (en)* | 2019-11-22 | 2021-05-25 | 中国互联网络信息中心 | Domain name storage and resolution method, device, electronic device and storage medium |
| WO2021139240A1 (en)* | 2020-07-28 | 2021-07-15 | 平安科技(深圳)有限公司 | Domain name compression method and product related thereto |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2025081566A1 (en)* | 2023-10-19 | 2025-04-24 | 天翼安全科技有限公司 | Dns access request processing method and apparatus, device, and storage medium |
| Publication number | Publication date |
|---|---|
| CN117749762B (en) | 2025-03-04 |
| WO2025081566A1 (en) | 2025-04-24 |
| Publication | Publication Date | Title |
|---|---|---|
| US11275530B2 (en) | Method, system, and related device for NAS data access | |
| CN110764688B (en) | Method and device for processing data | |
| CN110413418A (en) | Cache synchronization device and method, cache synchronization system, electronic equipment | |
| CN108228799A (en) | The storage method and device of object indexing information | |
| CN109426631A (en) | A kind of communication means based on RDMA, device and storage medium | |
| CN115086001B (en) | Sampling data caching method, device and storage medium | |
| CN110083307A (en) | Date storage method, memory and server | |
| CN117714398A (en) | A data transmission system, method, electronic device and storage medium | |
| CN107544916B (en) | Caching method and storage device | |
| CN114328453A (en) | KV database data management method, device, computing device and storage medium | |
| CN117749762A (en) | DNS access request processing method, device, equipment and storage medium | |
| CN113254476B (en) | Request processing method and device, electronic equipment and storage medium | |
| CN116866429A (en) | A data access method and related devices | |
| CN118612272A (en) | Vehicle-mounted image transmission method, device, electronic device and storage medium | |
| CN116257521B (en) | KV storage method based on FPGA | |
| CN118093219A (en) | A message processing method, device, equipment and storage medium | |
| WO2024093958A1 (en) | Access method and apparatus for storage pool | |
| CN107977381B (en) | Data configuration method, index management method, related device and computing equipment | |
| CN115935101A (en) | A data processing method about MQTT-Topic | |
| CN114547422A (en) | Method and device for preventing repeated clicking of page elements | |
| CN105897832A (en) | Service data providing server, method and system | |
| CN105912477A (en) | Directory reading method, device and system | |
| WO2015085764A1 (en) | Method of file access and cloud gateway | |
| CN115866094B (en) | Data transmission system, method and electronic equipment | |
| CN114827655B (en) | Content storage and forwarding method and device, electronic device, and storage medium |
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |