「DNS」修訂間的差異

出自ChevyneWiki
跳至導覽 跳至搜尋
 
(未顯示同一使用者於中間所作的 35 次修訂)
行 1: 行 1:
  +
== DNS 運作流程 ==
[[Category:DNS]]
  
  +
[[Image:DNS_Record_Request_Sequence.png|600px|link=]]
  +
* Recursive Resoiver 遞歸名稱伺服器
  +
: 提供使用者查詢網圵或IP,一般說 DNS 要填什麼? 就是說這個
  +
* Root nameserver 根網域名稱伺服器
  +
: 網際網路基礎設施中的重要部分,負責返回頂級網域名稱伺服器位址
  +
: 全球 13 組根網域名稱伺服器,全部已以 anycast 技術在全球多個地點設立鏡像站
  +
* TLD nameserver 頂級網域名稱伺服器
  +
: 全球 1500+ 組頂級網域名稱伺服器
  +
* Authoritative server 權威名稱伺服器
 
== DNS 名詞解釋 ==
  
== DNS 名詞解釋 ==
 
{| class="wikitable"
  
{| class="wikitable"
行 30: 行 39:
 
| Top-Level Domain
  
| Top-Level Domain
 
| 頂級域名
  
| 頂級域名
  +
| [https://www.iana.org/domains/root/db TLD List]
|
  
 
|-
  
|-
 
| ARPA
  
| ARPA
 
| Infrastructure Top-Level Domain
  
| Infrastructure Top-Level Domain
 
| 基礎設施頂級域名
  
| 基礎設施頂級域名
  +
| 1 個
|
  
 
|-
  
|-
 
| .arpa
  
| .arpa
行 45: 行 54:
 
| Generic Top-Level Domain
  
| Generic Top-Level Domain
 
| 通用頂級域名
  
| 通用頂級域名
  +
| 1247 個 (含 grTLD)
|
  
 
|-
  
|-
 
| grTLD
  
| grTLD
 
| Restricted Generic Top-Level Domain
  
| Restricted Generic Top-Level Domain
 
| 受限通用頂級域名
  
| 受限通用頂級域名
  +
| 3 個
|
  
 
|-
  
|-
 
| sTLD
  
| sTLD
 
| Sponsored Top-Level Domain
  
| Sponsored Top-Level Domain
 
| 贊助頂級域名
  
| 贊助頂級域名
| 在2012年沒有使用新gTLD的讚助者和非贊助者之間的區別
 +
| 14 個 在2012年沒有使用新 gTLD 的讚助者和非贊助者之間的區別
 
|-
  
|-
 
| ccTLD
  
| ccTLD
 
| Country Code Top-Level Domain
  
| Country Code Top-Level Domain
 
| 國家及地區頂級域名
  
| 國家及地區頂級域名
  +
| 317 個
|
  
  +
|-
  +
| tTLD
  +
| Testing Top-Level Domain
  +
| 測試頂級域名
  +
| 11 個
 
|-
  
|-
 
| IDN
  
| IDN
 
| Internationalized Domain Name
  
| Internationalized Domain Name
 
| 國際化域名
  
| 國際化域名
  +
| Punycode xn--
|
  
|-
  
| tTLD
  
| Testing Top-Level Domain
  
| 測試頂級域名
  
|
  
 
|}
  
|}
 
== DNS Software ==
  
== DNS Software ==
{| class="wikitable"
  
|+ The two principal roles
  
| Authoritative server
  
| 權威服務器
  
| primary name server, master server, secondary or slave name server
  
|-
  
| Recursive server
  
| 遞歸服務器
  
| proxy name server, cache server. forward name server
  
|}
  
 
{| class="wikitable"
  
{| class="wikitable"
 
| BIG-IP DNS
  
| BIG-IP DNS
| F5 BIG-IP DNS
 +
| F5 Networks
| Key advantage is to use the same application delivery controller to support DNS and application acceleration.
 +
| Key advantage is to use the same application delivery controller
  +
to support DNS and application acceleration.
 
|-
  
|-
 
| BIND
  
| BIND
  +
|
 
| Berkeley Internet Name Domain
  
| Berkeley Internet Name Domain
| 使用最廣的DNS軟體
  
 
|-
  
|-
  +
| Cisco Network Registrar
| DJBDNS
  
  +
| Cisco Systems
| Daniel J. Bernstein's DNS
  
  +
| usually used in conjunction with the CNR DHCP
  +
|-
  +
| CoreDNS
 
|
  
|
  +
| recommended DNS for Kubernetes
  +
graduated from CNCF in 2019
  +
|-
  +
| Dnsmasq
  +
|
  +
| lightweight, easy to configure, provide to a small-scale network.
  +
|-
  +
| djbdns
  +
| Daniel J. Bernstein
  +
| collection of DNS applications, including tinydns
  +
|-
  +
| Knot DNS
  +
| rowspan="2" | CZ.NIC
  +
| fast, resilient DNS usable for infrastructure (root & TLD) and hosting
  +
hosts root zone (K & L Root_name_servers), several top-level domains
  +
|-
  +
| Knot Resolver
  +
| used by Cloudflare for 1.1.1.1, its free DNS service
  +
|-
 
|-
  
|-
 
| MaraDNS
  
| MaraDNS
  +
| Sam Trenholme
  +
| claims a good security history and ease of use
  +
recursive resolver does not use threads
  +
|-
  +
| Microsoft DNS
 
|
  
|
  +
| integrated with Active Directory
|
  
  +
supports DNS policies
 
|-
  
|-
  +
| NSD
| Name Server Daemon
  
  +
| rowspan="2" | NLNet Labs
| Name Server Daemon
  
  +
| test-bed server for DNSSEC
  +
several top-level domains, and operates 3 root nameservers
  +
|-
  +
| Unbound
  +
| validating, recursive & caching DNS designed for high performance
  +
|-
  +
| pdnsd
  +
| GFW
  +
| sloved DNS cache pollution
  +
also use dnsforwarder
  +
|-
  +
| Posadis
  +
|
 
|
  
|
 
|-
  
|-
 
| PowerDNS
  
| PowerDNS
 
|
  
|
  +
| variety of data storage back-ends and load balancing features
  +
|-
  +
| Secure64 DNS
  +
| Secure64
  +
| commercial authoritative name server, completely automated DNSSEC
  +
highly secure recursive DNS, scalable, against DDoS (PRSD) attacks
  +
|-
  +
| Simple DNS Plus
 
|
  
|
  +
| commercial DNS server
  +
runs under Microsoft Windows
 
|-
  
|-
  +
| Technitium DNS Server
| Dnsmasq
  
|
  
 
|
  
|
  +
| used by end users, SOHO networks or mid size networks
  +
support DoT & DoH, support HTTP & SOCKS5 proxy
  +
|-
  +
| YADIFA
  +
| EURid
  +
| Yet Another DNS Implementation For All
  +
.eu top-level domain
 
|}
  
|}
  +
<!-- https://en.wikipedia.org/wiki/Comparison_of_DNS_server_software -->
  +
== Root Name Server ==
  +
__NOTOC__
  +
[[Category:DNS]]

於 2021年1月26日 (二) 22:48 的最新修訂

DNS 運作流程

DNS Record Request Sequence.png

  • Recursive Resoiver 遞歸名稱伺服器
提供使用者查詢網圵或IP,一般說 DNS 要填什麼? 就是說這個
  • Root nameserver 根網域名稱伺服器
網際網路基礎設施中的重要部分,負責返回頂級網域名稱伺服器位址
全球 13 組根網域名稱伺服器,全部已以 anycast 技術在全球多個地點設立鏡像站
  • TLD nameserver 頂級網域名稱伺服器
全球 1500+ 組頂級網域名稱伺服器
  • Authoritative server 權威名稱伺服器

DNS 名詞解釋

DNS Domain Name System 網域名稱系統
ICANN Internet Corporation for Assigned Names and Numbers 網際網路名稱與數字位址分配機構
IANA Internet Assigned Numbers Authority 網際網路號碼分配局
FQDN Fully Qualified Domain Name 完整網域名稱 總長度不得超過 255 個字母, 單項(兩個點之間)不得超過 63 個字母。
Root Domain 根網域 DNS 架構最上層的伺服器, 全球共約 16 台。
TLD Top-Level Domain 頂級域名 TLD List
ARPA Infrastructure Top-Level Domain 基礎設施頂級域名 1 個
.arpa Address and Routing Parameter Area 位址路由參數域
gTLD Generic Top-Level Domain 通用頂級域名 1247 個 (含 grTLD)
grTLD Restricted Generic Top-Level Domain 受限通用頂級域名 3 個
sTLD Sponsored Top-Level Domain 贊助頂級域名 14 個 在2012年沒有使用新 gTLD 的讚助者和非贊助者之間的區別
ccTLD Country Code Top-Level Domain 國家及地區頂級域名 317 個
tTLD Testing Top-Level Domain 測試頂級域名 11 個
IDN Internationalized Domain Name 國際化域名 Punycode xn--

DNS Software

BIG-IP DNS F5 Networks Key advantage is to use the same application delivery controller

to support DNS and application acceleration.

BIND Berkeley Internet Name Domain
Cisco Network Registrar Cisco Systems usually used in conjunction with the CNR DHCP
CoreDNS recommended DNS for Kubernetes

graduated from CNCF in 2019

Dnsmasq lightweight, easy to configure, provide to a small-scale network.
djbdns Daniel J. Bernstein collection of DNS applications, including tinydns
Knot DNS CZ.NIC fast, resilient DNS usable for infrastructure (root & TLD) and hosting

hosts root zone (K & L Root_name_servers), several top-level domains

Knot Resolver used by Cloudflare for 1.1.1.1, its free DNS service
MaraDNS Sam Trenholme claims a good security history and ease of use

recursive resolver does not use threads

Microsoft DNS integrated with Active Directory

supports DNS policies

NSD NLNet Labs test-bed server for DNSSEC

several top-level domains, and operates 3 root nameservers

Unbound validating, recursive & caching DNS designed for high performance
pdnsd GFW sloved DNS cache pollution

also use dnsforwarder

Posadis
PowerDNS variety of data storage back-ends and load balancing features
Secure64 DNS Secure64 commercial authoritative name server, completely automated DNSSEC

highly secure recursive DNS, scalable, against DDoS (PRSD) attacks

Simple DNS Plus commercial DNS server

runs under Microsoft Windows

Technitium DNS Server used by end users, SOHO networks or mid size networks

support DoT & DoH, support HTTP & SOCKS5 proxy

YADIFA EURid Yet Another DNS Implementation For All

.eu top-level domain

Root Name Server

取自「https://chevyne.at.tw/w/index.php?title=DNS&oldid=945