DNS原理以及A/NS Record Cname

阮一峰 老师的一篇关于DNS的好博客,尤其喜欢里面对于分级查询以及A-Record, NS-Record, CNAME的解释, 简单明了, 所以转载了这一部分如下:   四、域名的层级 DNS服务器怎么会知道每个域名的IP地址呢?答案是分级查询。 请仔细看前面的例子,每个域名的尾部都多了一个点。 比如,域名math.stackexchange.com显示为math.stackexchange.com.。这不是疏忽,而是所有域名的尾部,实际上都有一个根域名。 举例来说,http://www.example.com真正的域名是http://www.example.com.root,简写为http://www.example.com.。因为,根域名.root对于所有域名都是一样的,所以平时是省略的。 根域名的下一级,叫做”顶级域名”(top-level domain,缩写为TLD),比如.com、.net;再下一级叫做”次级域名”(second-level domain,缩写为SLD),比如http://www.example.com里面的.example,这一级域名是用户可以注册的;再下一级是主机名(host),比如http://www.example.com里面的www,又称为”三级域名”,这是用户在自己的域里面为服务器分配的名称,是用户可以任意分配的。 总结一下,域名的层级结构如下。 主机名.次级域名.顶级域名.根域名 # 即 host.sld.tld.root 五、根域名服务器 DNS服务器根据域名的层级,进行分级查询。 需要明确的是,每一级域名都有自己的NS记录,NS记录指向该级域名的域名服务器。这些服务器知道下一级域名的各种记录。 所谓”分级查询”,就是从根域名开始,依次查询每一级域名的NS记录,直到查到最终的IP地址,过程大致如下。 从”根域名服务器”查到”顶级域名服务器”的NS记录和A记录(IP地址) 从”顶级域名服务器”查到”次级域名服务器”的NS记录和A记录(IP地址) 从”次级域名服务器”查出”主机名”的IP地址 仔细看上面的过程,你可能发现了,没有提到DNS服务器怎么知道”根域名服务器”的IP地址。回答是”根域名服务器”的NS记录和IP地址一般是不会变化的,所以内置在DNS服务器里面。 下面是内置的根域名服务器IP地址的一个例子。 上面列表中,列出了根域名(.root)的三条NS记录A.ROOT-SERVERS.NET、B.ROOT-SERVERS.NET和C.ROOT-SERVERS.NET,以及它们的IP地址(即A记录)198.41.0.4、192.228.79.201、192.33.4.12。 另外,可以看到所有记录的TTL值是3600000秒,相当于1000小时。也就是说,每1000小时才查询一次根域名服务器的列表。 目前,世界上一共有十三组根域名服务器,从A.ROOT-SERVERS.NET一直到M.ROOT-SERVERS.NET。 六、分级查询的实例 dig命令的+trace参数可以显示DNS的整个分级查询过程。 $ dig +trace math.stackexchange.com 上面命令的第一段列出根域名.的所有NS记录,即所有根域名服务器。 根据内置的根域名服务器IP地址,DNS服务器向所有这些IP地址发出查询请求,询问math.stackexchange.com的顶级域名服务器com.的NS记录。最先回复的根域名服务器将被缓存,以后只向这台服务器发请求。 接着是第二段。 上面结果显示.com域名的13条NS记录,同时返回的还有每一条记录对应的IP地址。 然后,DNS服务器向这些顶级域名服务器发出查询请求,询问math.stackexchange.com的次级域名stackexchange.com的NS记录。 上面结果显示stackexchange.com有四条NS记录,同时返回的还有每一条NS记录对应的IP地址。 然后,DNS服务器向上面这四台NS服务器查询math.stackexchange.com的主机名。 上面结果显示,math.stackexchange.com有4条A记录,即这四个IP地址都可以访问到网站。并且还显示,最先返回结果的NS服务器是ns-463.awsdns-57.com,IP地址为205.251.193.207。 七、NS 记录的查询 dig命令可以单独查看每一级域名的NS记录。 $ dig ns com $ dig ns…

JPA SequenceGenerator with allocationSize 1 performance tuning

I had a blog last year about fixing the sequence number going wild by setting the allocationSize to 1. Overall it solves the inconsistency problem if you are using a sequence with ‘INCREMENT BY’ value 1 in database. Issue One problem comes up today is I am facing some performance issue with the above setting when I…

3d css with perspective and transform rotate

The perspective CSS property gives an element a 3D-space by affecting the distance between the Z plane and the user. The strength of the effect is determined by the value. The smaller the value, the closer you get from the Z plane and the more impressive the visual effect. The greater the value, the more…

java generic multi-level wild card

Was having a interesting issue on Generic which i thought i was pretty familiar with. Basically i need to pass a Map<String, List<SubClass>()> to a Map<String, List<SuperClass>()> I was thinking i could just do Map<String, List<? extends SuperClass>()> in the method signature, then i should be fine. But i get compiler error complaining type not…

hive jdbc with Spring Beanpropertyrowmapper

In our project we need to port some hive table data to our local RDBMS(Oracle). For tables with a lot of columns(hundreds), it could be very tedious to wrote the hive sql and convert the resultSet to the Jpa entity object. Spring jdbctemplate provides us a good class which would do camel-case conversion to the underscore for us….

ng-show ng-if not just in DOM or not

I was thinking I had enough knowledge about the different about ng-if and ng-show which are one adds/removes the containing stuff from the DOM and the latter one just use CSS to hide/show. What’s ironic is I even sometimes use this as an interview question. Today I was bitten by it. According to the Angualrjs Doc:…

bcrypt 加密算法

The prefix “$2a$” or “$2b$” (or “$2y$”) in a hash string in a shadow password file indicates that hash string is a bcrypt hash in modular crypt format.[3] The rest of the hash string includes the cost parameter, a 128-bit salt (base-64 encoded as 22 characters), and B184 bits of the resulting hash value (base-64…

Add Username password auth to Hive

In my previous post, we achieved end to end SSL encryption from client to ELB to the EMR master. Our next requirement is to add username password authentication. There are different ways in hive to do this: 1. LDAP, 2. PAM, 3. CUSTOM mode. After some evaluation we finally choosed the  CUSTOM mode way. We…

EMR hive JDBC over SSL with ELB

Recently we need to setup a hive cluster consuming S3 objects so that we could run query from our java server(tomcat) via JDBC. Several challenges: our java server is on prem(will move to aws in 2017) so we have to secure the channel to the ERM cluster in emr. Solution: use SSL cross the board….

Some notes on javascript the core

Some notes on reading an article:  javascript the core Execution context(EC) VO Variable Object (VO): includes variables and function declarations.              function expression will not be included in the VO Activation Object (AO): include VO + function arguments In ES5, the VO and AO is combined into the lexical environments….

java synchronized on object, class and block

synchronized Blocks do have advantages over methods, most of all in flexibility because you can use other object as lock whereas syncing the method would lock the complete class. Compare: // locks the whole object … private synchronized void someInputRelatedWork() { … } private synchronized void someOutputRelatedWork() { … } Vs. // Using specific locks…