RFC 1035 DNS域
域名压缩显示
完整域名
比如表示 “www.google.com” 这样一个完整的域名,需要以下16个字节:
| B0 | B1 | B2 | B3 | B4 | B5 | B6 | B7 | B8 | B9 | B10 | B11 | B12 | B13 | B14 | B15 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
\3 |
w |
w |
w |
\6 |
g |
o |
o |
g |
l |
e |
\3 |
c |
o |
m |
\0 |
标号显示
前文我们提到,域名的每一段,最长不能超过 63 个字节,因此在表示域名段长度的这个字节的最高两位(0xC0),必然是 0。这就引申出了这里的第二种用法。
这种表示法中,相当于一个指针,指代 DNS 报文中的某一个域名段。在解析一段 RR 数据段时,需要判断域长度嘛,判断的逻辑是:
- 如果最高两位是 00,则表示上面第一种
- 如果最高两位是 11,则表示这是一个压缩表示法。这一个字节
去掉最高两位后剩下的6位,以及接下来的 8 位总共 14 位长的数据,指向 DNS 数据报文中的某一段域名(不一定是完整域名,参见第三种),可以算是指针吧。
比如 0xC150,表示从 DNS 正文(UDP payload)的 offset = 0x0150 处所表示的域名。0x0150 是将 0xC150 最高两位清零得到的数字。
混合表示
这就是上面两种的混合表示。比如说,我们假设前文表示 www.google.com 的完整域名的数据段处于 DNS 报文偏移 0x20 处,那么有以下几种可能的用法:
0xC020:自然就表示www.google.com了0xC024:从完整域名的第二段开始,指代google.com0x016DC024:其中0x6d就是字符m,因而0x016D单独指代字符串m;而第二段0xC024则指代google.com,因此整段表示m.google.com
domain name和charactor string
<domain-name> is a domain name represented as a series of labels, and
terminated by a label with zero length. <character-string> is a single
length octet followed by that number of characters. <character-string>
is treated as binary information, and can be up to 256 characters in
length (including the length octet).
Header格式定义
段 占用大小 含义ID2字节A 16 bit identifier assigned by the program that generates any kind of query. This identifier is copied the corresponding reply and can be used by the requester to match up replies to outstanding queries.QR1个比特位A one bit field that specifies whether this message is a query (0), or a response (1).OPCODE4个比特位A four bit field that specifies kind of query in this message. This value is set by the originator of a query and copied into the response. The values are: 0 a standard query (QUERY) 1 an inverse query (IQUERY) 2 a server status request (STATUS) 3-15 reserved for future useAA1个比特位Authoritative Answer - this bit is valid in responses, and specifies that the responding name server is an authority for the domain name in question section. Note that the contents of the answer section may have multiple owner names because of aliases. The AA bit corresponds to the name which matches the query name, or the first owner name in the answer section.TC1个比特位TrunCation - specifies that this message was truncated due to length greater than that permitted on the transmission channel.RD1个比特位Recursion Desired - this bit may be set in a query and is copied into the response. If RD is set, it directs the name server to pursue the query recursively. Recursive query support is optional.RA1个比特位Recursion Available - this be is set or cleared in a response, and denotes whether recursive query support is available in the name server.Z3个比特位Reserved for future use. Must be zero in all queries and responses.RCODE4个比特位
Response code - this 4 bit field is set as part of responses. The values have the following interpretation:
| 0 | No error condition |
| 1 | Format error - The name server was unable to interpret the query. |
| 2 | Server failure - The name server was unable to process this query due to a problem with the name server. |
| 3 | Name Error - Meaningful only for responses from an authoritative name server, this code signifies that the domain name referenced in the query does not exist. |
| 4 | Not Implemented - The name server does not support the requested kind of query. |
| 5 | Refused - The name server refuses to perform the specified operation for policy reasons. For example, a name server may not wish to provide the information to the particular requester, or a name server may not wish to perform a particular operation (e.g., zone transfer) for particular data. |
| 6-15 | Reserved for future use. |
QDCOUNT2字节an unsigned 16 bit integer specifying the number of entries in the question section.ANCOUNT2字节an unsigned 16 bit integer specifying the number of resource records in the answer section.NSCOUNT2字节an unsigned 16 bit integer specifying the number of name server resource records in the authority records section.ARCOUNT2字节an unsigned 16 bit integer specifying the number of resource records in the additional records section.
Question格式定义
| 段 | 占用字节 | 含义 |
|---|---|---|
| QNAME | 不定长 | a domain name represented as a sequence of labels, where each label consists of a length octet followed by that number of octets. The domain name terminates with the zero length octet for the null label of the root. Note that this field may be an odd number of octets; no padding is used. |
| QTYPE | 2 | a two octet code which specifies the type of the query. The values for this field include all codes valid for a TYPE field, together with some more general codes which can match more than one type of RR. |
| QCLASS | 2 | a two octet code that specifies the class of the query. For example, the QCLASS field is IN for the Internet. |
ResourceRecord格式定义
| 段 | 占用字节 | 含义 |
|---|---|---|
| NAME | 不定长 | 域名 |
| TYPE | 2 | 资源类型 |
| CLASS | 2 | 类 |
| TTL | 4 | 缓存时间(秒) |
| RDLENGTH | 4 | 指定RDATA的长度 |
| RDATA | RDLENGTH | 描述资源的字符串 |
TYPE资源类型定义
| 类型 | 值 | 含义 |
|---|---|---|
| A | 1 | a host address |
| NS | 2 | an authoritative name server |
| MD | 3 | a mail destination (Obsolete - use MX) |
| MF | 4 | a mail forwarder (Obsolete - use MX) |
| CNAME | 5 | the canonical name for an alias |
| SOA | 6 | marks the start of a zone of authority |
| MB | 7 | a mailbox domain name (EXPERIMENTAL) |
| MG | 8 | a mail group member (EXPERIMENTAL) |
| MR | 9 | a mail rename domain name (EXPERIMENTAL) |
| NULL | 10 | a null RR (EXPERIMENTAL) |
| WKS | 11 | a well known service description |
| PTR | 12 | a domain name pointer |
| HINFO | 13 | host information |
| MINFO | 14 | mailbox or mail list information |
| MX | 15 | mail exchange |
| TXT | 16 | text strings |
CLASS定义
| 类型 | 值 | 含义 |
|---|---|---|
| IN | 1 | the Internet |
| CS | 2 | the CSNET class (Obsolete - used only for examples in some obsolete RFCs) |
| CH | 3 | the CHAOS class |
| HS | 4 | Hesiod [Dyer 87] |
RDATA定义
RDATA根据TYPE含义来确定,以下列表只展示部分现在常用类型
| 类型 | 字段 | 占用字节 | 含义 |
|---|---|---|---|
| CNAME | CNAME | 域名,不定长 | A which specifies the canonical or primary name for the owner. The owner name is an alias. |
| MX | PREFERENCE | 2字节 | A 16 bit integer which specifies the preference given to this RR among others at the same owner. Lower values are preferred. |
| EXCHANGE | 域名,不定长 | A which specifies a host willing to act as a mail exchange for the owner name. | |
| NS | NSDNAME | 域名,不定长 | A which specifies a host which should be authoritative for the specified class and domain. |
| PTR | PTRDNAME | 域名,不定长 | A which points to some location in the domain name space. |
| SOA | MNAME | 域名,不定长 | The of the name server that was the original or primary source of data for this zone. |
| RNAME | 域名,不定长 | A which specifies the mailbox of the person responsible for this zone. | |
| SERIAL | 4字节 | The unsigned 32 bit version number of the original copy of the zone. Zone transfers preserve this value. This value wraps and should be compared using sequence space arithmetic. | |
| REFRESH | 4字节 | A 32 bit time interval before the zone should be refreshed. | |
| RETRY | 4字节 | A 32 bit time interval that should elapse before a failed refresh should be retried. | |
| EXPIRE | 4字节 | A 32 bit time value that specifies the upper limit on the time interval that can elapse before the zone is no longer authoritative. | |
| MINIMUM | 4字节 | The unsigned 32 bit minimum TTL field that should be exported with any RR from this zone. | |
| TXT | TXT-DATA | 字符串 | One or more |
标准Resource Record
| 类型 | 字段 | 占用字节 | 含义 |
|---|---|---|---|
| A | ADDRESS | 4字节 | A 32 bit Internet address |
| WKS | ADDRESS | 4字节 | An 32 bit Internet address |
| PROTOCOL | 1字节 | An 8 bit IP protocol number | |
| 整数字节 | A variable length bit map. The bit map must be a multiple of 8 bits long. |
因特网Resource Record