需要了解DNS查询过程的递归和迭代的机制,找到了RFC的相关章节,
对这个进行了简单的翻译(水平有限),可以留下来做个参考。
RFC 1034
4.3.1. Queries and responses(查询和响应)
The principal activity of name servers is to answer standard queries. Both
the query and its response are carried in a standard message format which is
described in [RFC-1035]. The query contains a QTYPE, QCLASS, and QNAME, which
describe the types and classes of desired information and the name of interest.
域名服务器的首要任务是响应标准查询。查询和响应报文都有标准的格式(参考RFC1035)。一个查询会包括描述查询类型的QTYPE,查询类的QCLASS,以及查询名称QNAME.
The way that the name server answers the query depends upon whether it is
operating in recursive mode or not:
名称服务器处理查询信息的方法依赖于他是否支持递归查询模式:
- The simplest
mode for the server is non-recursive, since it can answer queries using
only local information: the response contains an error, the answer, or a
referral to some other server "closer" to the answer. All name
servers must implement non-recursive queries.
- 对于服务器而言,最简单的查询模式是非递归模式(迭代查询),因为这样可以仅仅使用本地资源信息就可以完成响应:响应报文可以是返回出错信息,或者查询客户下一步可以去找的“最近”的服务器。所有的服务器都必须实现迭代查询。
- The simplest
mode for the client is recursive, since in this mode the name server acts
in the role of a resolver and returns either an error or the answer, but
never referrals. This service is optional in a name server, and the name
server may also choose to restrict the clients which can use recursive
mode.
- 对于客户端而言最简单的查询模式是递归查询,因为这种模式下名称服务器充当了一个查询者的角色,会返回给客户出错信息或者最终的查询结果,但是从来不会返回下一步客户应该去找的服务器。这种递归查询的模式对于名称服务器而言是可选的,并且名称服务器可以设置禁止客户端使用递归查询模式。
Recursive service is helpful in several situations:
递归查询服务在以下情况下是很有用的:
- a relatively
simple requester that lacks the ability to use anything other than a
direct answer to the question.
- 一个功能相对简单的查询客户,他只能处理最终的查询结果。
- a request
that needs to cross protocol or other boundaries and can be sent to a
server which can act as intermediary.
- 一个发送给中转服务器的需要跨网际,或者跨协议的查询请求。
- a network
where we want to concentrate the cache rather than having a separate cache
for each client.
- 当我们需要将cache集中起来而不是将cache分散到其他客户端
Non-recursive service is appropriate if the requester is capable of
pursuing referrals and interested in information which will aid future
requests.
当请求者的目标是得到下一个可以访问的服务器时使用非递归(迭代)服务是合适的。
The use of recursive mode is limited to cases where both the client and
the name server agree to its use. The agreement is negotiated through the use
of two bits in query and response messages:
递归服务只能在客户端请求使用递归服务并且服务器同意提供相应服务的情况下。这种协议是使用查询和响应报文中的两位来进行协商的。
- The recursion
available, or RA bit, is set or cleared by a name server in all responses.
The bit is true if the name server is willing to provide recursive service
for the client, regardless of whether the client requested recursive
service. That is, RA signals availability rather than use.
- 域名服务器通过在所有的响应报文中设置或清除RA位来表明是否支持递归。
- Queries
contain a bit called recursion desired or RD. This bit specifies specifies
whether the requester wants recursive service for this query. Clients may
request recursive service from any name server, though they should depend
upon receiving it only from servers which have previously sent an RA, or
servers which have agreed to provide service through private agreement or
some other means outside of the DNS protocol.
- 查询报文中包含了一位(RD)用来表明请求递归。RD位用来表明查询客户是否请求递归服务。客户端有可能向任何域名服务器发送请求递归服务的查询报文,尽管他们是建立在收到服务器端预先发送过来的RA位的信息,或者服务器端已经同意通过私下协商来提供服务,或者其他在DNS服务协议之外的情况。
The recursive mode occurs when a query with RD set arrives at a server
which is willing to provide recursive service; the client can verify that
recursive mode was used by checking that both RA and RD are set in the reply.
Note that the name server should never perform recursive service unless asked
via RD, since this interferes with trouble shooting of name servers and their
databases.
递归模式出现在设置了RD位的查询请求到达了一个可以提供递归服务的服务器上,客户端可以通过查看响应报文中的RA和RD位来确定是否使用了递归模式。注意:名称服务器永远不会主动提供递归查询模式,除非请求报文中设置了RD位,因为这样会干扰到服务器的指向和他们的数据库。
If recursive service is requested and available, the recursive response to
a query will be one of the following:
如果递归请求被成功响应,返回给查询的递归结果会是以下几种情况:
- The answer to
the query, possibly preface by one or more CNAME RRs that specify aliases
encountered on the way to an answer.
- 针对查询的回答,可能是在查询过程中遇到的由别名所标识的CNAME资源记录。
- A name error
indicating that the name does not exist. This may include CNAME RRs that
indicate that the original query name was an alias for a name which does
not exist.
- 查询域名不存在的错误。这个有可能是包含在CNAME记录中的结果指明查询的原始域名是一个指向不明确的别名。
- A temporary
error indication.
If recursive service is not requested or is not available, the non-
recursive response will be one of the following:
如果没有请求递归服务或者递归服务不可用,迭代响应会是以下几种情况:
- An
authoritative name error indicating that the name does not exist.
- 一个权威域名错误,指出当前查询的名字不存在。
- A temporary
error indication.
- 一个临时的错误指向。
- Some
combination of:
- 下面几种情况的组合:
- RRs that
answer the question, together with an indication whether the data comes
from a zone or is cached.
- 回答资源记录集,指明这个结果是来自缓存还是区域文件。
- A referral
to name servers which have zones which are closer ancestors to the name
than the server sending the reply.
- 一个授权域名服务器的指向。
- RRs that the
name server thinks will prove useful to the requester.
- 名称服务器认为会提供给查询客户有用信息的资源记录。
结论:何时使用递归何时使用迭代
使用迭代:
1.根域名服务器或者流量较大的域名服务器使用迭代查询,以减轻服务器的压力。
2.服务器被配置为不使用递归的情况。
使用递归:
1.查询报文中RD位设置为1,同时服务器支持递归,也就是响应报文中RA
设置为1。
2.需要将cache集中起来的时候。
阅读(2879) | 评论(1) | 转发(0) |