[go: up one dir, main page]

CN110417935A - A Reverse Domain Name Resolution Method Based on IPv6 Technology - Google Patents

A Reverse Domain Name Resolution Method Based on IPv6 Technology Download PDF

Info

Publication number
CN110417935A
CN110417935A CN201910839171.6A CN201910839171A CN110417935A CN 110417935 A CN110417935 A CN 110417935A CN 201910839171 A CN201910839171 A CN 201910839171A CN 110417935 A CN110417935 A CN 110417935A
Authority
CN
China
Prior art keywords
ipv6
domain name
method based
dns server
reverse
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910839171.6A
Other languages
Chinese (zh)
Inventor
姜海华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Ground Pass Information Network Inc
Original Assignee
Shanghai Ground Pass Information Network Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Ground Pass Information Network Inc filed Critical Shanghai Ground Pass Information Network Inc
Priority to CN201910839171.6A priority Critical patent/CN110417935A/en
Publication of CN110417935A publication Critical patent/CN110417935A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/659Internet protocol version 6 [IPv6] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/686Types of network addresses using dual-stack hosts, e.g. in Internet protocol version 4 [IPv4]/Internet protocol version 6 [IPv6] networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明涉及一种基于IPv6技术的反向域名解析方法,包括:S1、在支持IPv6的DNS服务器中创建IPv6反解区域,域后缀为“IP6.ARPA.”;S2、当收到反向解析IPv6地址对应的域名的请求时,通过所述IPv6反解区域将该请求指向DNS服务器资源记录中的AAAA记录;S3、根据AAAA记录进行查询匹配,最终以后缀名为“.IP6.ARPA”的格式加上域名返回给请求端。与现有技术相比,本发明在现有DNS IPv4域名服务器的基础上,利用原环境添加IPv6相应的区域及文件即可.保证IPv 6和IPv 4共存,不需要额外加硬件设备,节约了成本。

The present invention relates to a reverse domain name analysis method based on IPv6 technology, comprising: S1, creating an IPv6 reverse resolution area in a DNS server supporting IPv6, and the domain suffix is "IP6.ARPA."; S2, when receiving reverse resolution When requesting the domain name corresponding to the IPv6 address, point the request to the AAAA record in the DNS server resource record through the IPv6 reverse solution area; S3, perform query matching according to the AAAA record, and finally the suffix name ".IP6.ARPA" The format plus the domain name is returned to the requester. Compared with the prior art, on the basis of the existing DNS IPv4 domain name server, the present invention can use the original environment to add IPv6 corresponding areas and files. It ensures the coexistence of IPv6 and IPv4 without additional hardware equipment, saving cost.

Description

一种基于IPv6技术的反向域名解析方法A Reverse Domain Name Resolution Method Based on IPv6 Technology

技术领域technical field

本发明涉及网络技术领域,尤其是涉及一种基于IPv6技术的反向域名解析方法。The invention relates to the field of network technology, in particular to a reverse domain name resolution method based on IPv6 technology.

背景技术Background technique

由于IPv4最大的问题在于网络地址资源有限,严重制约了互联网的应用和发展。IPv6的使用不仅能解决网络地址资源数量的问题,而且也解决了多种接入设备连入互联网的障碍,因此IPv6正逐渐普及。The biggest problem with IPv4 is that the network address resources are limited, which seriously restricts the application and development of the Internet. The use of IPv6 can not only solve the problem of the number of network address resources, but also solve the obstacles for various access devices to connect to the Internet, so IPv6 is gradually becoming popular.

IPv6,顾名思义,就是IP地址的第6版协议。我们现在用的是IPv4,IPv4的地址是32位,总数有43亿个左右,还要减去内网专用的192、170地址段,就更少了。而IPv6的地址是128位的,大概是43亿的4次方,地址极为丰富,几乎是取之不尽的。IPv6更加安全,标配加密选项,用户和服务器之间的通信很难被破解。除此之外,IPv6能大大降低网络延迟,可以从现在普遍100ms左右降到个位数。现有的IPv4 DNS不能解析IPv6的地址,需要额外增加硬件设备实现,成本高。IPv6, as the name suggests, is version 6 of the IP address protocol. We are using IPv4 now, and IPv4 addresses are 32 bits, and the total number is about 4.3 billion, and the 192 and 170 address segments dedicated to the intranet are also subtracted, which is even less. The IPv6 address is 128 bits, which is about 4.3 billion to the 4th power. The addresses are extremely rich and almost inexhaustible. IPv6 is more secure, with standard encryption options, the communication between the user and the server is difficult to crack. In addition, IPv6 can greatly reduce network latency, which can be reduced from the current general 100ms to single digits. The existing IPv4 DNS cannot resolve IPv6 addresses, and additional hardware equipment is needed to implement it, which is costly.

发明内容Contents of the invention

本发明的目的就是为了克服上述现有技术存在的缺陷而提供一种基于IPv6技术的反向域名解析方法。The object of the present invention is to provide a reverse domain name resolution method based on IPv6 technology in order to overcome the above-mentioned defects in the prior art.

本发明的目的可以通过以下技术方案来实现:The purpose of the present invention can be achieved through the following technical solutions:

一种基于IPv6技术的反向域名解析方法,包括:A reverse domain name resolution method based on IPv6 technology, comprising:

S1、在支持IPv6的DNS服务器中创建IPv6反解区域,域后缀为“IP6.ARPA.”;S1. Create an IPv6 anti-resolution zone in a DNS server that supports IPv6, and the domain suffix is "IP6.ARPA.";

S2、当收到反向解析IPv6地址对应的域名的请求时,通过所述IPv6反解区域将该请求指向DNS服务器资源记录中的AAAA记录;S2. When receiving a request for reverse resolution of the domain name corresponding to the IPv6 address, point the request to the AAAA record in the resource record of the DNS server through the IPv6 reverse resolution area;

S3、根据AAAA记录进行查询匹配,最终以后缀名为“.IP6.ARPA”的格式加上域名返回给请求端。S3. Query and match according to the AAAA record, and finally return to the requesting end in the format with the suffix ".IP6.ARPA" plus the domain name.

优选的,所述IPv6反解区域包括:用“.”分隔的半字节16进制数字格式字符串,低位地址在前,高位地址在后。Preferably, the IPv6 anti-decomposition area includes: a nibble hexadecimal digital format string separated by ".", the low-order address comes first, and the high-order address follows.

优选的,所述步骤S1在创建IPv6反解区域之前还包括:修改DNS的配置文件,开启IPv6端口监听及修改IPv6地址。Preferably, before creating the IPv6 anti-resolution area, the step S1 further includes: modifying the DNS configuration file, enabling IPv6 port monitoring and modifying the IPv6 address.

优选的,所述步骤S1在创建IPv6反解区域之后还包括:用named-checkzone命令检查配置文件是否有误。Preferably, after creating the IPv6 anti-decomposition zone, the step S1 further includes: using the named-checkzone command to check whether the configuration file is wrong.

优选的,所述DNS服务器接有从DNS服务器。Preferably, the DNS server is connected with a slave DNS server.

优选的,所述DNS服务器的IPv4和IPv6共同拥有统一的域名空间。Preferably, IPv4 and IPv6 of the DNS server share a unified domain name space.

优选的,所述DNS服务器采用支持IPv6的Linux系统。Preferably, the DNS server adopts a Linux system supporting IPv6.

优选的,所述DNS服务器接入的网络为内网或外网。Preferably, the network accessed by the DNS server is an intranet or an extranet.

与现有技术相比,本发明综合了IPv4和IPv6 DNS服务架构技术,在现有DNS IPv4域名服务器的基础上,利用原环境添加IPv6相应的区域及文件,保证IPv6和IPv4共存,不需要额外加硬件设备,节约了成本。Compared with the prior art, the present invention integrates IPv4 and IPv6 DNS service architecture technologies, and uses the original environment to add IPv6 corresponding areas and files on the basis of the existing DNS IPv4 domain name server, ensuring the coexistence of IPv6 and IPv4 without additional Adding hardware equipment saves costs.

附图说明Description of drawings

图1为本发明的实现框图。Fig. 1 is the block diagram of realization of the present invention.

具体实施方式Detailed ways

下面结合附图和具体实施例对本发明进行详细说明。本实施例以本发明技术方案为前提进行实施,给出了详细的实施方式和具体的操作过程,但本发明的保护范围不限于下述的实施例。The present invention will be described in detail below in conjunction with the accompanying drawings and specific embodiments. This embodiment is carried out on the premise of the technical solution of the present invention, and detailed implementation and specific operation process are given, but the protection scope of the present invention is not limited to the following embodiments.

实施例Example

本申请提出一种基于IPv6技术的反向域名解析方法,包括:This application proposes a reverse domain name resolution method based on IPv6 technology, including:

S1、在支持IPv6的DNS服务器中创建IPv6反解区域,域后缀为“IP6.ARPA.”;S1. Create an IPv6 anti-resolution zone in a DNS server that supports IPv6, and the domain suffix is "IP6.ARPA.";

S2、当收到反向解析IPv6地址对应的域名的请求时,通过IPv6反解区域将该请求指向DNS服务器资源记录中的AAAA记录;S2. When receiving a request for reverse resolution of the domain name corresponding to the IPv6 address, point the request to the AAAA record in the resource record of the DNS server through the IPv6 reverse resolution area;

S3、根据AAAA记录进行查询匹配,最终以后缀名为“.IP6.ARPA”的格式加上域名返回给请求端。S3. Query and match according to the AAAA record, and finally return to the requesting end in the format with the suffix ".IP6.ARPA" plus the domain name.

不用额外再搭建IPv6的DNS服务器,只需要在原来IPv4 DNS的基础上添加区域和文件就可以了。IPv4协议与IPv6协议的不同并不意味着需要单独两套IPv4DNS体系和IPv6DNS体系,相反的是,DNS的体系和域名空间必须是一致的,即IPv4和IPv6共同拥有统一的域名空间。There is no need to build an additional IPv6 DNS server, just add areas and files on the basis of the original IPv4 DNS. The difference between the IPv4 protocol and the IPv6 protocol does not mean that two separate IPv4DNS systems and IPv6DNS systems are required. On the contrary, the DNS system and domain name space must be consistent, that is, IPv4 and IPv6 share a unified domain name space.

自建的IPv6 DNS域名服务器,可以减少IPv6网络随意配置和使用公共DNS所带来的风险。在IPv4网络环境下问题不大,因为主机可以在NAT设备之后配置内网IP,没有publicIP地址。但是在IPv6网络中,所有主机都将配置真实IPv6 Public IP地址,一旦IP地址暴露,即可被精准扫描,随时都会被攻窃取数据的可能。The self-built IPv6 DNS domain name server can reduce the risk caused by random configuration and use of public DNS in IPv6 network. In the IPv4 network environment, the problem is not big, because the host can configure the intranet IP behind the NAT device, and there is no public IP address. However, in the IPv6 network, all hosts will be configured with real IPv6 Public IP addresses. Once the IP address is exposed, it can be accurately scanned, and there is a possibility of being attacked and stealing data at any time.

DNS服务器接入的网络可以为内网或外网环境。本实施例中,DNS服务器采用支持IPv6的Linux系统。The network connected to the DNS server can be an internal network or an external network environment. In this embodiment, the DNS server adopts a Linux system supporting IPv6.

步骤S1具体包括:Step S1 specifically includes:

(1)通过inet6选项确认IPv6已开启;(1) Confirm that IPv6 is enabled through the inet6 option;

(2)修改网卡配置:(2) Modify the network card configuration:

IPV6INIT=yesIPV6INIT=yes

IPV6_AUTOCONF=yesIPV6_AUTOCONF=yes

IPV6_DEFROUTE=yesIPV6_DEFROUTE=yes

IPV6_FAILURE_FATAL=noIPV6_FAILURE_FATAL=no

IPV6_ADDR_GEN_MODE=stable-privacyIPV6_ADDR_GEN_MODE=stable-privacy

IPV6_PEERDNS=yesIPV6_PEERDNS=yes

IPV6_PEERROUTES=yesIPV6_PEERROUTES=yes

IPV6_PRIVACY=no;IPV6_PRIVACY=no;

(3)修改DNS的配置文件,开启IPv6端口监听及修改IPv6地址;(3) Modify the configuration file of DNS, open IPv6 port monitoring and modify IPv6 address;

(4)创建IPv6反解区域,用“.”分隔的半字节16进制数字格式字符串,低位地址在前,高位地址在后,域后缀为“IP6.ARPA.”;(4) Create an IPv6 anti-decomposition area, a half-byte hexadecimal digital format string separated by ".", the low-order address comes first, the high-order address follows, and the domain suffix is "IP6.ARPA.";

(5)修改IPV6的反解文件;(5) Modify the reverse solution file of IPV6;

(6)所有配置好后,检查配置文件是否有误,用named-checkzone命令,返回OK则无误;(6) After all the configurations are completed, check whether the configuration file is correct, use the named-checkzone command, if it returns OK, it is correct;

(7)最后重启dns服务。(7) Finally restart the dns service.

本方法还可以搭建主、从DNS服务器,主DNS服务器为创建IPv6反解区域的DNS服务器,如图1所示,实现数据同步,提供冗余,避免单点故障;均衡负载查询需求,提高系统可用性。This method can also set up master and slave DNS servers, the master DNS server is to create the DNS server of the IPv6 anti-resolution area, as shown in Figure 1, realizes data synchronization, provides redundancy, avoids single point of failure; balances load query requirements, improves system availability.

Claims (8)

1. a kind of reverse domain name analysis method based on IPv6 technology characterized by comprising
S1, creation IPv6 is counter in the dns server for supporting IPv6 and IPv4 solves region, and domain suffix is " IP6.ARPA. ";
S2, when receiving the request of the corresponding domain name in the address reverse resolution IPv6, by the anti-region that solves the IPv6 by the request The AAAA record being directed toward in dns server resource record;
S3, progress match query is recorded according to AAAA, finally returned to the format of suffix entitled " .IP6.ARPA " plus domain name Request end.
2. a kind of reverse domain name analysis method based on IPv6 technology according to claim 1, which is characterized in that described IPv6 is counter, and the region that solves includes: the 16 binary digits format string of nibble that use " " separates, and low order address is in preceding, high address Rear.
3. a kind of reverse domain name analysis method based on IPv6 technology according to claim 1, which is characterized in that the step Rapid S1 creation IPv6 is counter solve region before further include: modify the configuration file of DNS, open IPv6 port snoop and modification IPv6 Address.
4. a kind of reverse domain name analysis method based on IPv6 technology according to claim 1, which is characterized in that the step Rapid S1 creation IPv6 is counter solve region after further include: it is whether wrong with named-checkzone order inspection configuration file.
5. a kind of reverse domain name analysis method based on IPv6 technology according to claim 1, which is characterized in that described Dns server is connected to from dns server.
6. a kind of reverse domain name analysis method based on IPv6 technology according to claim 1, which is characterized in that described The IPv4 and IPv6 of dns server co-own unified name space.
7. a kind of reverse domain name analysis method based on IPv6 technology according to claim 1, which is characterized in that described Dns server is using the linux system for supporting IPv6.
8. a kind of reverse domain name analysis method based on IPv6 technology according to claim 1, which is characterized in that described The network of dns server access is Intranet or outer net.
CN201910839171.6A 2019-09-05 2019-09-05 A Reverse Domain Name Resolution Method Based on IPv6 Technology Pending CN110417935A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910839171.6A CN110417935A (en) 2019-09-05 2019-09-05 A Reverse Domain Name Resolution Method Based on IPv6 Technology

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910839171.6A CN110417935A (en) 2019-09-05 2019-09-05 A Reverse Domain Name Resolution Method Based on IPv6 Technology

Publications (1)

Publication Number Publication Date
CN110417935A true CN110417935A (en) 2019-11-05

Family

ID=68370448

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910839171.6A Pending CN110417935A (en) 2019-09-05 2019-09-05 A Reverse Domain Name Resolution Method Based on IPv6 Technology

Country Status (1)

Country Link
CN (1) CN110417935A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111147621A (en) * 2019-12-30 2020-05-12 互联网域名系统北京市工程研究中心有限公司 Method for supporting IPv6 service access of external network user

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090164597A1 (en) * 2007-12-21 2009-06-25 Gary Stephen Shuster Content Restriction Compliance Using Reverse DNS Lookup
US20130290563A1 (en) * 2011-10-19 2013-10-31 Xerocole, Inc. Answer augmentation system for authoritative dns servers
US20160191243A1 (en) * 2014-12-31 2016-06-30 William Manning Out-of-band validation of domain name system records
CN106612339A (en) * 2015-10-27 2017-05-03 中国电信股份有限公司 Domain name updating method, system and main DNS (Domain Name System) server
CN108924012A (en) * 2018-08-24 2018-11-30 赛尔网络有限公司 Method, equipment, system and the medium of IPv6 name server liveness detection
CN109150655A (en) * 2018-07-25 2019-01-04 赛尔网络有限公司 A kind of detection method that IPv4 firewall IPv6 is bypassed
CN210927676U (en) * 2019-09-05 2020-07-03 上海地面通信息网络股份有限公司 Reverse domain name resolution system based on IPv6 technology

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090164597A1 (en) * 2007-12-21 2009-06-25 Gary Stephen Shuster Content Restriction Compliance Using Reverse DNS Lookup
US20130290563A1 (en) * 2011-10-19 2013-10-31 Xerocole, Inc. Answer augmentation system for authoritative dns servers
US20160191243A1 (en) * 2014-12-31 2016-06-30 William Manning Out-of-band validation of domain name system records
CN106612339A (en) * 2015-10-27 2017-05-03 中国电信股份有限公司 Domain name updating method, system and main DNS (Domain Name System) server
CN109150655A (en) * 2018-07-25 2019-01-04 赛尔网络有限公司 A kind of detection method that IPv4 firewall IPv6 is bypassed
CN108924012A (en) * 2018-08-24 2018-11-30 赛尔网络有限公司 Method, equipment, system and the medium of IPv6 name server liveness detection
CN210927676U (en) * 2019-09-05 2020-07-03 上海地面通信息网络股份有限公司 Reverse domain name resolution system based on IPv6 technology

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
顾润龙,刘智涛,侯玉香: "Linux操作系统及应用技术", pages: 10 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111147621A (en) * 2019-12-30 2020-05-12 互联网域名系统北京市工程研究中心有限公司 Method for supporting IPv6 service access of external network user
CN111147621B (en) * 2019-12-30 2022-05-03 互联网域名系统北京市工程研究中心有限公司 Method for supporting IPv6 service access of external network user

Similar Documents

Publication Publication Date Title
CN101043447B (en) Dynamic mapping method of internal and external network of server based on DDNS and NAT
US9491138B2 (en) Internet protocol (IP) address translation
WO2021088254A1 (en) Dual-stack access method, apparatus and device for user-mode network file system
US11146666B2 (en) IPv4/IPv6 bridge
US9270525B2 (en) Distributed dynamic virtual machine configuration service
US12273419B2 (en) Method, client, and system for establishing P2P connection
US20130107881A1 (en) Distributed Address Resolution Service for Virtualized Networks
US11722565B1 (en) System and method for non-disruptive migration of software components to a public cloud system
JP2006503525A (en) Apparatus, method and computer program product for virtual network construction
US20120311185A1 (en) Data transmission based on address translation
CN106412142A (en) Resource device address obtaining method and device
WO2008051325A2 (en) Communicating additional information in a dns update response by requesting deletion of a specific record
JP6905551B2 (en) Network equipment
WO2013097484A1 (en) Method, server and system for balancing loads of virtual machine cluster
CN108696601A (en) Detect the hardware address conflict in computer network
CN103595825A (en) Domain name resolution detection method, domain name resolution detection device and server
CN103118145B (en) Based on the IPv4-over-IPv6 Multiple tunnel auto-creating method of DNS
CN105338128A (en) Domain name resolution method and device
CN115242882A (en) A method and device for accessing k8s container environment based on transport layer routing
CN102196051A (en) Terminal communication method, system and device
CN102685262A (en) Method, device and system for detecting network address translation (NAT) information
CN101068189A (en) A Method of Supporting IPv4 Application Programs Using Tunnel Between Hosts in IPv6
CN110417935A (en) A Reverse Domain Name Resolution Method Based on IPv6 Technology
EP2472788A1 (en) Method and system for implementing id/locator mapping
CN210927676U (en) Reverse domain name resolution system based on IPv6 technology

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20191105

RJ01 Rejection of invention patent application after publication