DNS UDP端口为53,且UDP payload的长度最大为512字节。
UDP header格式
1 1 1 1 1 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | ID | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ |QR| Opcode |AA|TC|RD|RA| Z | RCODE | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | QDCOUNT | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | ANCOUNT | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | NSCOUNT | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | ARCOUNT | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
ID,是16位请求的id,reply和request的id相同。
QR,0表示是query,1表示是response。
OPCODE,0,标准请求,1查询服务器状态。DNS查询和响应,这个字段都是0。
AA,用于响应,表示namse server是一个authoriy。
TC,表示消息被截断
RD,recursion desired
RA,recursion available,响应表示是否支持recursive
Z,保留
RCODE,response code
0,没有错
1,格式错误
2,服务器错误
3,域名不存在
QDCOUNT,请求的个数
ANCOUNT,响应的个数
NSCOUNT,authority records的个数
ARCOUNT,additional records的个数
个数可以为0。
Question section format
1 1 1 1 1 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | | / QNAME / / / +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | QTYPE | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | QCLASS | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
Resource record format
1 1 1 1 1 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | | / / / NAME / | | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | TYPE | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | CLASS | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | TTL | | | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | RDLENGTH | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--| / RDATA / / / +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
RR type的类型
TYPE value and meaning A 1 a host address NS 2 an authoritative name server MD 3 a mail destination (Obsolete - use MX) MF 4 a mail forwarder (Obsolete - use MX) CNAME 5 the canonical name for an alias SOA 6 marks the start of a zone of authority MB 7 a mailbox domain name (EXPERIMENTAL) MG 8 a mail group member (EXPERIMENTAL) MR 9 a mail rename domain name (EXPERIMENTAL) NULL 10 a null RR (EXPERIMENTAL) WKS 11 a well known service description PTR 12 a domain name pointer HINFO 13 host information MINFO 14 mailbox or mail list information MX 15 mail exchange TXT 16 text strings AAAA 28 IPv6 address
QTYPE是RR type的超集
RR Class
IN 1 the Internet CS 2 the CSNET class (Obsolete - used only for examples in some obsolete RFCs) CH 3 the CHAOS class HS 4 Hesiod [Dyer 87]
对于A记录查询,RR记录的RDLENGTH是4,RDATA是IPv4地址。
对于AAAA记录查询,RR记录的RDLENGTH是16,RDATA是IPv6地址。
QNAME和Name的格式。
域名分成多个label组成。每个label存储为 1个字节的长度+label。
3 w w w 5 b a i d u 3 com 0
label的最大长度为63
重复的Domain name可以压缩,此时Name存储为指针,此时长度的高2位为11,防止和label的长度冲突
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | 1 1| OFFSET | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
编码为16位。offset是DNS内部的偏移,头ID的偏移为0。
压缩和label可以混合,因此name共有3种格式:
- a sequence of labels ending in a zero octet - a pointer - a sequence of labels ending with a pointer
参考
DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION
https://datatracker.ietf.org/doc/html/rfc1035