CN112187902A - DNS proxy method, device, storage medium and terminal equipment under IPv6 tunnel mode - Google Patents

DNS proxy method, device, storage medium and terminal equipment under IPv6 tunnel mode Download PDF

Info

Publication number
CN112187902A
CN112187902A CN202010999620.6A CN202010999620A CN112187902A CN 112187902 A CN112187902 A CN 112187902A CN 202010999620 A CN202010999620 A CN 202010999620A CN 112187902 A CN112187902 A CN 112187902A
Authority
CN
China
Prior art keywords
dns
message
ipv6
server
ipv4
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010999620.6A
Other languages
Chinese (zh)
Other versions
CN112187902B (en
Inventor
宋俊举
朱海明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Pulian International Co ltd
Original Assignee
Pulian International Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Pulian International Co ltd filed Critical Pulian International Co ltd
Priority to CN202010999620.6A priority Critical patent/CN112187902B/en
Publication of CN112187902A publication Critical patent/CN112187902A/en
Application granted granted Critical
Publication of CN112187902B publication Critical patent/CN112187902B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/146Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/566Grouping or aggregating service requests, e.g. for unified processing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching
    • H04L67/5682Policies or rules for updating, deleting or replacing the stored data

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a DNS proxy method, a device, a storage medium and a terminal device under an IPv6 tunnel mode, wherein the DNS proxy method, the device, the storage medium and the terminal device comprise: when a DNS request message sent by downstream equipment is received, generating a new Transaction ID according to an original Transaction ID carried in the DNS request message and a preset index matching algorithm; judging whether cache information corresponding to the DNS request message exists in a preset cache table or not according to the generated new Transaction ID; if so, switching a destination server in the DNS request message according to the last sent server serial number corresponding to the DNS request message recorded in the cache table, and sending the DNS request message to the switched server; if not, sending the DNS request message to the destination server; and correspondingly updating the cache table according to the DNS request message. By adopting the technical scheme of the invention, the DNS proxy can be simply and conveniently realized under the condition that the IPv4 server and the IPv6 server exist at the same time.

Description

DNS proxy method, device, storage medium and terminal equipment under IPv6 tunnel mode
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a DNS proxy method and apparatus in an IPv6 tunnel mode, a computer-readable storage medium, and a terminal device.
Background
The network technology mainly used by current network operators and users is still IPv4, and the access of IPv6 hosts to IPv6 networks is faster and simpler by traversing IPv4 networks, so it is very important to rapidly deploy IPv6 hosts in IPv4 networks.
At present, IPv6 hosts are deployed quickly in an IPv4 network, the most important method is to establish a tunnel between an IPv6 host and an IPv6 network to traverse the IPv4 network, so that the IPv6 host does not perceive the existence of an IPv4 network, addresses of the IPv4 network side of user boundary equipment can be allocated by the IPv4 network, and for IPv6 users, the following two methods are mainly used for obtaining IPv6 addresses and parameters: one method is that after user authentication, an application of IPv6 can be connected to an IPv6 device through a tunnel to perform address and parameter allocation, which needs additional devices to complete, and the other method is that only existing device software is upgraded to complete, and IPv6 parameters are transmitted over an IPv4 network, which does not need to additionally deploy IPv6 devices, but cannot implement issuing IPv6DNS information in an IPv4 network.
Disclosure of Invention
The technical problem to be solved in the embodiments of the present invention is to provide a DNS proxy method, apparatus, computer-readable storage medium, and terminal device in IPv6 tunnel mode, which can easily and conveniently implement DNS proxy when an IPv4 server and an IPv6 server coexist.
In order to solve the foregoing technical problem, a first aspect of an embodiment of the present invention provides a DNS proxy method in an IPv6 tunnel mode, including:
when a DNS request message sent by downstream equipment is received, generating a new Transaction ID according to an original Transaction ID carried in the DNS request message and a preset index matching algorithm;
judging whether cache information corresponding to the DNS request message exists in a preset cache table or not according to the generated new Transaction ID; the cache table comprises a plurality of cache information corresponding to a plurality of historical DNS request messages, and each cache information comprises an original Transaction ID, a new Transaction ID, a source address, a source port number, a last sent server serial number, IPv4 request failure times and IPv6 request failure times corresponding to the historical DNS request messages; the server sequence number comprises an IPv4 server sequence number and an IPv6 server sequence number;
if so, switching a destination server in the DNS request message according to the last sent server serial number corresponding to the DNS request message recorded in the cache table, and sending the DNS request message to the switched server; if not, sending the DNS request message to the destination server;
and correspondingly updating the cache table according to the DNS request message.
Further, the index matching algorithm is a hash algorithm; generating a new Transaction ID according to the original Transaction ID carried in the DNS request message and a preset index matching algorithm, specifically including:
performing remainder operation on the original Transaction ID carried in the DNS request message and the size of a preset hash table to obtain the first 8 bits of the new Transaction ID, and initializing the last 8 bits of the new Transaction ID to be 0;
and inserting the initialized new Transaction ID into the linked list of the hash table, acquiring the position serial number of the inserted linked list, and taking the position serial number as the last 8 bits of the new Transaction ID.
Further, the correspondingly updating the cache table according to the DNS request packet specifically includes:
when the cache information corresponding to the DNS request message exists in the cache table, updating the server serial number sent for the last time corresponding to the DNS request message in the cache table according to the server serial number currently sent by the DNS request message;
and when the cache information corresponding to the DNS request message does not exist in the cache table, recording the original Transaction ID, the new Transaction ID, the source address, the source port number and the currently sent server sequence number corresponding to the DNS request message into the cache table.
In order to solve the foregoing technical problem, a first aspect of the embodiments of the present invention further provides a DNS proxy management apparatus in an IPv6 tunnel mode, including:
the Transaction ID generation module is used for generating a new Transaction ID according to an original Transaction ID carried in a DNS request message and a preset index matching algorithm when the DNS request message sent by downstream equipment is received;
the cache information judgment module is used for judging whether cache information corresponding to the DNS request message exists in a preset cache table according to the generated new Transaction ID; the cache table comprises a plurality of cache information corresponding to a plurality of historical DNS request messages, and each cache information comprises an original Transaction ID, a new Transaction ID, a source address, a source port number, a last sent server serial number, IPv4 request failure times and IPv6 request failure times corresponding to the historical DNS request messages; the server sequence number comprises an IPv4 server sequence number and an IPv6 server sequence number;
the message processing module is used for switching a target server in the DNS request message according to the last sent server serial number corresponding to the DNS request message recorded in the cache table if the DNS request message is received, and sending the DNS request message to the switched server; if not, sending the DNS request message to the destination server;
and the cache table updating module is used for correspondingly updating the cache table according to the DNS request message.
In order to solve the foregoing technical problem, a second aspect of the embodiments of the present invention provides a DNS proxy method in an IPv6 tunnel mode, including:
when a DNS response message sent by an upstream server is received, judging whether cache information of a DNS request message corresponding to the DNS response message exists in a preset cache table or not according to a new Transaction ID carried in the DNS response message; the cache table comprises a plurality of cache information corresponding to a plurality of historical DNS request messages, and each cache information comprises an original Transaction ID, a new Transaction ID, a source address, a source port number, a last sent server serial number, IPv4 request failure times and IPv6 request failure times corresponding to the historical DNS request messages; the server sequence number comprises an IPv4 server sequence number and an IPv6 server sequence number;
when the cache information of the DNS request message corresponding to the DNS response message exists in the cache table, judging whether the response fails according to the identification bit in the DNS response message;
when the response fails, judging the message type of the DNS response message;
when the message type is an IPv4 message, judging whether IPv6 response fails according to the IPv6 request failure times corresponding to the DNS response message recorded in the cache table; if yes, sending the DNS response message to corresponding downstream equipment;
when the message type is an IPv6 message, judging whether IPv4 response fails according to the IPv4 request failure times corresponding to the DNS response message recorded in the cache table; if yes, sending the DNS response message to corresponding downstream equipment;
and deleting the cache information of the DNS request message corresponding to the DNS response message from the cache table.
Further, the method further comprises:
when the response is not failed, the DNS response message is sent to corresponding downstream equipment;
and deleting the cache information of the DNS request message corresponding to the DNS response message from the cache table.
Further, the method further comprises:
when the cache information of the DNS request message corresponding to the DNS response message does not exist in the cache table, discarding the DNS response message;
when the IPv6 response does not fail, discarding the DNS response message;
and when the IPv4 response does not fail, discarding the DNS response message.
In order to solve the foregoing technical problem, a second aspect of the embodiments of the present invention further provides a DNS proxy management apparatus in an IPv6 tunnel mode, including:
the cache information judging module is used for judging whether cache information of a DNS request message corresponding to the DNS response message exists in a preset cache table or not according to a new Transaction ID carried in the DNS response message when the DNS response message sent by an upstream server is received; the cache table comprises a plurality of cache information corresponding to a plurality of historical DNS request messages, and each cache information comprises an original Transaction ID, a new Transaction ID, a source address, a source port number, a last sent server serial number, IPv4 request failure times and IPv6 request failure times corresponding to the historical DNS request messages; the server sequence number comprises an IPv4 server sequence number and an IPv6 server sequence number;
the response judgment module is used for judging whether the response fails according to the identification bit in the DNS response message when the cache information of the DNS request message corresponding to the DNS response message exists in the cache table;
the message type judging module is used for judging the message type of the DNS response message when the response fails;
the first message processing module is configured to, when the message type is an IPv4 message, determine whether an IPv6 response fails according to IPv6 request failure times corresponding to the DNS response message recorded in the cache table; if yes, sending the DNS response message to corresponding downstream equipment;
the second message processing module is configured to, when the message type is an IPv6 message, determine whether an IPv4 response fails according to the IPv4 request failure times corresponding to the DNS response message recorded in the cache table; if yes, sending the DNS response message to corresponding downstream equipment;
and the cache table updating module is used for deleting the cache information of the DNS request message corresponding to the DNS response message from the cache table.
In order to solve the foregoing technical problem, a third aspect of the embodiments of the present invention provides a DNS proxy method in an IPv6 tunnel mode, including:
when receiving a connection request message sent by downstream equipment, sending the connection request message to all upstream servers; wherein the upstream servers comprise IPv4 servers and IPv6 servers;
when a connection response message returned by the upstream server is received in a preset time period, storing a corresponding connection relation; wherein, the connection relation comprises an IPv4 connection or/and an IPv6 connection;
and when receiving a DNS request message sent by downstream equipment, forwarding the DNS request message to an upstream server which establishes connection according to the connection relation.
Further, the method further comprises:
and when the connection response message returned by the upstream server is not received in a preset time period, discarding the connection request message.
In order to solve the foregoing technical problem, a third aspect of the embodiments of the present invention further provides a DNS proxy management apparatus in an IPv6 tunnel mode, including:
the message sending module is used for sending the connection request message to all the upstream servers when receiving the connection request message sent by the downstream equipment; wherein the upstream servers comprise IPv4 servers and IPv6 servers;
the connection relation storage module is used for storing the corresponding connection relation when receiving a connection response message returned by the upstream server in a preset time period; wherein, the connection relation comprises an IPv4 connection or/and an IPv6 connection;
and the first message processing module is used for forwarding the DNS request message to an upstream server which establishes connection according to the connection relation when the DNS request message sent by the downstream equipment is received.
In order to solve the foregoing technical problem, a fourth aspect of the present invention provides a DNS proxy method in an IPv6 tunnel mode, including:
when a DNS response message sent by an upstream server is received, judging whether the response fails according to an identification bit in the DNS response message;
when the response fails, judging the message type of the DNS response message;
when the message type is an IPv4 message, judging whether IPv6 connection exists according to a pre-stored connection relation; wherein, the connection relation comprises an IPv4 connection or/and an IPv6 connection; if not, the DNS response message is sent to corresponding downstream equipment;
when the message type is an IPv6 message, judging whether an IPv4 connection exists or not according to the connection relation; and if not, sending the DNS response message to corresponding downstream equipment.
Further, the method further comprises:
and when the response is not failed, sending the DNS response message to corresponding downstream equipment.
Further, the method further comprises:
when the IPv6 connection exists, judging whether the IPv6 connection fails to respond or not;
if yes, sending the DNS response message to corresponding downstream equipment, and deleting the IPv6 connection from the connection relation;
if not, discarding the DNS response message.
Further, the method further comprises:
when the IPv4 connection exists, judging whether the IPv4 connection fails to respond or not;
if yes, sending the DNS response message to corresponding downstream equipment, and deleting the IPv4 connection from the connection relation;
if not, discarding the DNS response message.
In order to solve the foregoing technical problem, a fourth aspect of the embodiments of the present invention further provides a DNS proxy management apparatus in an IPv6 tunnel mode, including:
the response judgment module is used for judging whether the response fails according to the identification bit in the DNS response message when the DNS response message sent by the upstream server is received;
the message type judging module is used for judging the message type of the DNS response message when the response fails;
the first message processing module is used for judging whether IPv6 connection exists according to a pre-stored connection relation when the message type is an IPv4 message; wherein, the connection relation comprises an IPv4 connection or/and an IPv6 connection; if not, the DNS response message is sent to corresponding downstream equipment;
the second message processing module is used for judging whether IPv4 connection exists or not according to the connection relation when the message type is an IPv6 message; and if not, sending the DNS response message to corresponding downstream equipment.
An embodiment of the present invention further provides a computer-readable storage medium, where the computer-readable storage medium includes a stored computer program; wherein the computer program, when executed, controls an apparatus in which the computer-readable storage medium is located to perform:
the DNS proxy method in IPv6 tunnel mode according to any of the first aspect above; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any one of the second aspect; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any of the third aspects; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any of the above fourth aspects.
An embodiment of the present invention further provides a terminal device, including a processor, a memory, and a computer program stored in the memory and configured to be executed by the processor, where the processor, when executing the computer program, implements:
the DNS proxy method in IPv6 tunnel mode according to any of the first aspect above; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any one of the second aspect; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any of the third aspects; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any of the above fourth aspects.
Compared with the prior art, the embodiments of the present invention provide a DNS proxy method, apparatus, computer-readable storage medium, and terminal device in IPv6 tunnel mode, where a received DNS request packet and connection request packet sent by a downstream device are sent to a corresponding IPv4 server or IPv6 server, and a received DNS response packet sent by an upstream IPv4 server or an upstream IPv6 server is sent to a corresponding downstream device, so that DNS proxy can be easily and conveniently implemented in the presence of both an IPv4 server and an IPv6 server.
Drawings
Fig. 1 is a flowchart of a preferred embodiment of a DNS proxy method in IPv6 tunnel mode according to a first aspect of the present invention;
fig. 2 is a block diagram illustrating a preferred embodiment of a DNS proxy apparatus in IPv6 tunnel mode according to a first aspect of the present invention;
fig. 3 is a flowchart of a preferred embodiment of a DNS proxy method in IPv6 tunnel mode according to a second aspect of the present invention;
fig. 4 is a block diagram of a preferred embodiment of a DNS proxy apparatus in IPv6 tunnel mode according to a second aspect of the present invention;
fig. 5 is a flowchart of a preferred embodiment of a DNS proxy method in IPv6 tunnel mode according to a third aspect of the present invention;
fig. 6 is a block diagram of a preferred embodiment of a DNS proxy apparatus in IPv6 tunnel mode according to a third aspect of the present invention;
fig. 7 is a flowchart of a preferred embodiment of a DNS proxy method in IPv6 tunnel mode according to a fourth aspect of the present invention;
fig. 8 is a block diagram illustrating a preferred embodiment of a DNS proxy apparatus in IPv6 tunnel mode according to a fourth aspect of the present invention;
fig. 9 is a block diagram of a preferred embodiment of a terminal device provided by the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without any inventive step, are within the scope of the present invention.
A DNS proxy method in IPv6 tunnel mode provided in the first aspect of the embodiment of the present invention is, as shown in fig. 1, a flowchart of a preferred embodiment of a DNS proxy method in IPv6 tunnel mode provided in the first aspect of the present invention, where the method includes steps S11 to S14:
step S11, when receiving a DNS request message sent by downstream equipment, generating a new Transaction ID according to an original Transaction ID carried in the DNS request message and a preset index matching algorithm;
step S12, judging whether cache information corresponding to the DNS request message exists in a preset cache table according to the generated new Transaction ID; the cache table comprises a plurality of cache information corresponding to a plurality of historical DNS request messages, and each cache information comprises an original Transaction ID, a new Transaction ID, a source address, a source port number, a last sent server serial number, IPv4 request failure times and IPv6 request failure times corresponding to the historical DNS request messages; the server sequence number comprises an IPv4 server sequence number and an IPv6 server sequence number;
step S13, if yes, switching a destination server in the DNS request message according to the last sent server serial number corresponding to the DNS request message recorded in the cache table, and sending the DNS request message to the switched server; if not, sending the DNS request message to the destination server;
and step S14, updating the cache table correspondingly according to the DNS request message.
Specifically, a terminal device (for example, a network device such as a router) is preset with a cache table, and is used to record a plurality of cache information corresponding to a plurality of received history DNS request messages, where one history DNS request message corresponds to one cache information, and each cache information includes an original Transaction ID, a new Transaction ID, a source address, a source port number, a last sent server number (the server includes an IPv4 server and an IPv6 server, and the server number includes an IPv4 server number and an IPv6 server number), an IPv4 request failure number (i.e., an IPv4 server request failure number), an IPv6 request failure number (i.e., an IPv6 server request failure number), and information such as cache information recording time.
When receiving a DNS request message sent by downstream equipment, the terminal equipment correspondingly generates a new Transaction ID according to an original Transaction ID carried in the received DNS request message and a preset index matching algorithm, and writes the new Transaction ID into the DNS request message; the terminal equipment judges whether cache information corresponding to the DNS request message exists in a preset cache table or not according to the generated new Transaction ID; if the DNS request message exists, the corresponding last-sent server serial number is obtained according to the cache information corresponding to the DNS request message recorded in the cache table, the server to which the DNS request message is sent last is determined according to the last-sent server serial number, the target server (namely, a main DNS server) carried in the DNS request message is switched according to the determined server, and the DNS request message is sent to the switched server; if not, directly sending the DNS request message to a target server carried in the DNS request message; after the terminal equipment sends the DNS request message to a corresponding server, the cache table is correspondingly updated according to the cache information corresponding to the DNS request message.
In this embodiment, the information about the IPv4 server and the IPv6 server recorded in the cache table is used to switch to the corresponding server when receiving the DNS request message, so as to send the DNS request message to the switched server, for example, if the DNS request sent by the intranet host is received, and the entry is found in the cache table, it indicates that the last request sent has failed (corresponding update failure times), and a request needs to be sent again, and at this time, the address of the server to which the request is sent is determined according to the server number sent last time (i.e., last time).
It should be noted that when the terminal device determines whether the cache information corresponding to the DNS request message exists in the preset cache table according to the generated new Transaction ID, it may determine whether the information, such as the original Transaction ID, the new Transaction ID, the source address, and the source port number, corresponding to the DNS request message matches with the cache information in the cache table, and if the matching cache information is found, it indicates that the cache information corresponding to the DNS request message exists in the cache table.
In addition, the DNS request message in the embodiment of the present invention includes, but is not limited to, a DNS request message supporting the UDP protocol.
In another preferred embodiment, the index matching algorithm is a hash algorithm; generating a new Transaction ID according to the original Transaction ID carried in the DNS request message and a preset index matching algorithm, specifically including:
performing remainder operation on the original Transaction ID carried in the DNS request message and the size of a preset hash table to obtain the first 8 bits of the new Transaction ID, and initializing the last 8 bits of the new Transaction ID to be 0;
and inserting the initialized new Transaction ID into the linked list of the hash table, acquiring the position serial number of the inserted linked list, and taking the position serial number as the last 8 bits of the new Transaction ID.
Specifically, with reference to the foregoing embodiment, the index matching algorithm may adopt a hash algorithm, the Transaction ID is 16 bits, the terminal device performs a remainder operation on the original Transaction ID carried in the received DNS request packet and the size of the preset hash table, and uses the operation result as the first 8 bits of the new Transaction ID; initializing the last 8 bits of the new Transaction ID to 0, inserting the initialized new Transaction ID into a linked list of a preset hash table, and taking the position sequence number of the new Transaction ID inserted into the linked list as the last 8 bits of the new Transaction ID, thereby generating the new Transaction ID corresponding to the DNS request message according to the first 8 bits and the last 8 bits of the obtained new Transaction ID.
For example, assuming that the hash table is m (0< m <256), the first 8 bits of the new Transaction ID are obtained using the original Transaction ID and the m's remainder; the last eight bits are initialized to 0, and when the hash table is inserted into the linked list of the hash table, the last eight bits can be regarded as the position sequence number of the hash table in the linked list, and the position sequence number is inserted and used when the position sequence number is not used. Because of the limitation of the model memory, the existing entry supporting the simultaneous existence is 128 (the overtime deletion mechanism is provided), so that 256 position sequence numbers on a linked list cannot cause duplication, and if more connection entries need to be supported, the generation mode of the new Transaction ID can be modified.
It should be noted that the index matching algorithm may adopt a hash algorithm, may also adopt a bitmap index algorithm, or adopts other data structures/algorithms supporting bidirectional indexes, and the embodiment of the present invention is not particularly limited.
In another preferred embodiment, the updating the cache table according to the DNS request packet specifically includes:
when the cache information corresponding to the DNS request message exists in the cache table, updating the server serial number sent for the last time corresponding to the DNS request message in the cache table according to the server serial number currently sent by the DNS request message;
and when the cache information corresponding to the DNS request message does not exist in the cache table, recording the original Transaction ID, the new Transaction ID, the source address, the source port number and the currently sent server sequence number corresponding to the DNS request message into the cache table.
Specifically, with reference to the foregoing embodiment, when updating the cache table according to the received DNS request message, it is also necessary to perform corresponding updating according to whether the cache information corresponding to the DNS request message is already recorded in the cache table, and when the cache information corresponding to the DNS request message exists in the cache table, only the server number sent last time in the cache information corresponding to the DNS request message in the cache table needs to be updated according to the server number of the server currently sent by the DNS request message, that is, the server number sent last time is replaced with the server number of the server currently sent; when the cache information corresponding to the DNS request message does not exist in the cache table, the cache information corresponding to the DNS request message is directly recorded in the cache table, that is, the original Transaction ID, the new Transaction ID, the source address, the source port number, and the server serial number of the currently-sent server corresponding to the DNS request message are recorded in the cache table.
According to the DNS proxy method in the IPv6 tunnel mode, when a DNS request message sent by downstream equipment is received, a new Transaction ID is generated according to an original Transaction ID carried in the DNS request message and a preset index matching algorithm; judging whether cache information corresponding to the DNS request message exists in a preset cache table or not according to the generated new Transaction ID; if so, switching a destination server in the DNS request message according to the last sent server serial number corresponding to the DNS request message recorded in the cache table, and sending the DNS request message to the switched server; if not, sending the DNS request message to the destination server; correspondingly updating the cache table according to the DNS request message; the DNS proxy can be simply and conveniently realized under the condition that an IPv4 server and an IPv6 server exist at the same time, the cache table does not store messages, domain names and other information in the messages, the occupied storage space is small, meanwhile, the messages can be forwarded to the corresponding servers only by using fields at fixed positions of the messages to operate the cache table, and the delay can be reduced.
The first aspect of the present invention further provides a DNS proxy apparatus in an IPv6 tunnel mode, which is capable of implementing all processes of the DNS proxy method in the IPv6 tunnel mode described in any embodiment of the first aspect, and the functions and implemented technical effects of each module and unit in the apparatus are respectively the same as those of the DNS proxy method in the IPv6 tunnel mode described in any embodiment of the first aspect, and are not described herein again.
Referring to fig. 2, it is a block diagram of a preferred embodiment of a DNS proxy apparatus in IPv6 tunnel mode according to a first aspect of the present invention, where the apparatus includes:
a Transaction ID generation module 11, configured to, when receiving a DNS request message sent by a downstream device, generate a new Transaction ID according to an original Transaction ID carried in the DNS request message and a preset index matching algorithm;
the cache information judgment module 12 is configured to judge whether cache information corresponding to the DNS request message exists in a preset cache table according to the generated new Transaction ID; the cache table comprises a plurality of cache information corresponding to a plurality of historical DNS request messages, and each cache information comprises an original Transaction ID, a new Transaction ID, a source address, a source port number, a last sent server serial number, IPv4 request failure times and IPv6 request failure times corresponding to the historical DNS request messages; the server sequence number comprises an IPv4 server sequence number and an IPv6 server sequence number;
the message processing module 13 is configured to, if yes, switch a destination server in the DNS request message according to the last sent server serial number corresponding to the DNS request message recorded in the cache table, and send the DNS request message to the switched server; if not, sending the DNS request message to the destination server;
and the cache table updating module 14 is configured to perform corresponding updating on the cache table according to the DNS request packet.
Preferably, the index matching algorithm is a hash algorithm; the Transaction ID generation module 11 specifically includes:
the first 8-bit acquisition unit is used for performing remainder operation on the original Transaction ID carried in the DNS request message and the size of a preset hash table, acquiring the first 8 bits of the new Transaction ID, and initializing the last 8 bits of the new Transaction ID to 0;
and the last 8-bit acquisition unit is used for inserting the initialized new Transaction ID into the linked list of the hash table, acquiring the position serial number of the inserted linked list and taking the position serial number as the last 8 bits of the new Transaction ID.
Preferably, the cache table updating module 14 specifically includes:
a first updating unit, configured to update, when cache information corresponding to the DNS request packet exists in the cache table, a last sent server sequence number corresponding to the DNS request packet in the cache table according to a server sequence number currently sent by the DNS request packet;
and a second updating unit, configured to record, when cache information corresponding to the DNS request packet does not exist in the cache table, an original Transaction ID, a new Transaction ID, a source address, a source port number, and a currently sent server sequence number corresponding to the DNS request packet into the cache table.
Referring to fig. 3, a flow chart of a preferred embodiment of a DNS proxy method in IPv6 tunnel mode according to a second aspect of the present invention is a flow chart of a DNS proxy method in IPv6 tunnel mode according to the second aspect of the present invention, where the method includes steps S21 to S26:
step S21, when receiving a DNS response message sent by an upstream server, judging whether cache information of the DNS request message corresponding to the DNS response message exists in a preset cache table according to a new Transaction ID carried in the DNS response message; the cache table comprises a plurality of cache information corresponding to a plurality of historical DNS request messages, and each cache information comprises an original Transaction ID, a new Transaction ID, a source address, a source port number, a last sent server serial number, IPv4 request failure times and IPv6 request failure times corresponding to the historical DNS request messages; the server sequence number comprises an IPv4 server sequence number and an IPv6 server sequence number;
step S22, when the cache table has the cache information of the DNS request message corresponding to the DNS response message, judging whether the response fails according to the identification bit in the DNS response message;
step S23, when the response fails, judging the message type of the DNS response message;
step S24, when the message type is IPv4 message, judging whether IPv6 response fails according to IPv6 request failure times corresponding to the DNS response message recorded in the cache table; if yes, sending the DNS response message to corresponding downstream equipment;
step S25, when the message type is IPv6 message, judging whether IPv4 response fails according to IPv4 request failure times corresponding to the DNS response message recorded in the cache table; if yes, sending the DNS response message to corresponding downstream equipment;
and step S26, deleting the cache information of the DNS request message corresponding to the DNS response message from the cache table.
Specifically, a cache table is preset in a terminal device (e.g., a network device such as a router) to record a plurality of cache information corresponding to a plurality of received historical DNS request messages, one history DNS request message corresponds to one history DNS response message, one history DNS request message corresponds to one cache information, each cache information comprises an original Transaction ID, a new Transaction ID, a source address, a source port number, a server serial number sent last time (the server comprises an IPv4 server and an IPv6 server, and the server serial number comprises an IPv4 server serial number and an IPv6 server serial number), IPv4 request failure times (namely IPv4 server request failure times) and IPv6 request failure times (namely IPv6 server request failure times) which correspond to the corresponding history DNS request message, and the cache information can also comprise information such as cache information recording time and the like.
When terminal equipment receives a DNS response message sent by an upstream server (comprising an IPv4 server and an IPv6 server), whether cache information of the DNS request message corresponding to the DNS response message exists in a preset cache table or not is judged according to a new Transaction ID carried in the received DNS response message; when the cache information of the DNS request message corresponding to the DNS response message exists in the cache table, determining whether the response fails according to the identification bit in the DNS response message (e.g., determining whether the response fails according to the last four bits of the Flag field of the DNS response message, where a value of 0 is not 0 indicates that the response fails, and a value of 0 indicates that the response fails, i.e., the response succeeds); when the response is judged to be failed (namely the last four bits of the Flag field of the DNS response message are not 0), further judging the message type of the DNS response message (the message type comprises an IPv4 message and an IPv6 message); when the message type is judged to be an IPv4 message, judging whether IPv6 response fails according to whether the IPv6 request failure times in the cache information of the DNS request message corresponding to the DNS response message recorded in the cache table are 0, and if the IPv6 response fails (the IPv6 request failure times are not 0), forwarding the DNS response message to corresponding downstream equipment; similarly, when the message type is determined to be an IPv6 message, whether IPv4 response fails is determined according to whether the IPv4 request failure times in the cache information of the DNS request message corresponding to the DNS response message recorded in the cache table are 0, and if IPv4 response fails (the IPv4 request failure times are not 0), the DNS response message is forwarded to the corresponding downstream device; after forwarding the DNS response packet to the corresponding downstream device, the terminal device deletes the cache information of the DNS request packet corresponding to the DNS response packet from the cache table.
It should be noted that, when the cache information of the DNS request message corresponding to the DNS response message exists in the cache table, the terminal device may search the cache table according to a new Transaction ID carried in the DNS response message returned by the upstream server, and correspondingly obtain the source address and the source port number, so as to forward the DNS response message to the corresponding intranet host.
In addition, the DNS response message in the embodiment of the present invention includes, but is not limited to, a DNS response message supporting the UDP protocol.
In yet another preferred embodiment, the method further comprises:
when the response is not failed, the DNS response message is sent to corresponding downstream equipment;
and deleting the cache information of the DNS request message corresponding to the DNS response message from the cache table.
Specifically, with reference to the foregoing embodiment, when the terminal device determines that the response has not failed according to the identification bit in the DNS response message (that is, the last four bits of the Flag field of the DNS response message are 0), indicating that the response of the corresponding DNS request message is successful, the terminal device forwards the DNS response message to the corresponding downstream device, and after forwarding the DNS response message to the corresponding downstream device, the terminal device deletes the cache information of the DNS request message corresponding to the DNS response message from the cache table.
In yet another preferred embodiment, the method further comprises:
when the cache information of the DNS request message corresponding to the DNS response message does not exist in the cache table, discarding the DNS response message;
when the IPv6 response does not fail, discarding the DNS response message;
and when the IPv4 response does not fail, discarding the DNS response message.
Specifically, with reference to the above embodiment, when determining that the cache information of the DNS request message corresponding to the DNS response message does not exist in the preset cache table according to the new Transaction ID carried in the received DNS response message, the terminal device directly discards the DNS response message; when the terminal equipment judges that the message type is an IPv4 message and judges that the IPv6 response does not fail, the DNS response message is directly discarded; and when the terminal equipment judges that the message type is the IPv6 message and judges that the IPv4 response does not fail, directly discarding the DNS response message.
By integrating the above embodiments, the condition of the returned packet (i.e. the number of times of failure of two requests) is recorded in the cache table, and after receiving the request message and recording the relevant cache information, the terminal device directly forwards the received response message to the downstream device (e.g. the downstream client) if the received response message is a message that is successfully responded, and deletes the corresponding cache information; if the received response message is a response failure message, the request failure times corresponding to the two types of messages (namely, an IPv4 message and an IPv6 message) are further judged according to a cache table, if the request failure times of the IPv4 server and the request failure times of the IPv6 server are not 0, the two types of messages are both failed to respond, the request is completely failed, and no waiting is needed, the response failure message is directly forwarded to a downstream client, and corresponding cache information is deleted; when the message type is determined to be an IPv4 message, if the number of times of request failure of the IPv6 server is 0, it is indicated that the result of the IPv6 message is unknown (for example, a response is not received temporarily), and it is necessary to continue to wait for the response of the IPv6 message, directly discarding the IPv4 message, and retaining corresponding cache information until a response message meeting the forwarding requirement for the next time is received or the cache information is deleted overtime; similarly, when the message type is determined to be an IPv6 message, if the number of times of request failure of the IPv4 server is 0, which indicates that the result of the IPv4 message is unknown (for example, a response is not received temporarily), and it is necessary to continue to wait for the response of the IPv4 message, the IPv6 message is directly discarded, and corresponding cache information is retained until a response message meeting the forwarding requirement next time is received or the cache information is deleted overtime.
According to the DNS proxy method in the IPv6 tunnel mode, when a DNS response message sent by an upstream server is received, whether cache information of a DNS request message corresponding to the DNS response message exists in a preset cache table or not is judged according to a new Transaction ID carried in the DNS response message; when the cache information of the DNS request message corresponding to the DNS response message exists in the cache table, judging whether the response fails according to the identification bit in the DNS response message; when the response fails, judging the message type of the DNS response message; when the message type is an IPv4 message, judging whether IPv6 response fails according to the IPv6 request failure times corresponding to the DNS response message recorded in the cache table; if yes, sending the DNS response message to corresponding downstream equipment; when the message type is an IPv6 message, judging whether IPv4 response fails according to the IPv4 request failure times corresponding to the DNS response message recorded in the cache table; if yes, sending the DNS response message to corresponding downstream equipment; deleting the cache information of the DNS request message corresponding to the DNS response message from the cache table; the DNS proxy can be simply and conveniently realized under the condition that an IPv4 server and an IPv6 server exist at the same time, and the cache table does not store messages and information such as domain names in the messages, so that the occupied storage space is small.
A second aspect of the present invention further provides a DNS proxy apparatus in an IPv6 tunnel mode, which is capable of implementing all processes of the DNS proxy method in the IPv6 tunnel mode described in any embodiment of the second aspect, and the functions and implemented technical effects of each module in the apparatus are respectively the same as those of the DNS proxy method in the IPv6 tunnel mode described in any embodiment of the second aspect, and are not described herein again.
Referring to fig. 4, it is a block diagram of a preferred embodiment of a DNS proxy apparatus in IPv6 tunnel mode according to a second aspect of the present invention, where the apparatus includes:
the cache information judgment module 21 is configured to, when receiving a DNS response message sent by an upstream server, judge whether cache information of a DNS request message corresponding to the DNS response message exists in a preset cache table according to a new Transaction ID carried in the DNS response message; the cache table comprises a plurality of cache information corresponding to a plurality of historical DNS request messages, and each cache information comprises an original Transaction ID, a new Transaction ID, a source address, a source port number, a last sent server serial number, IPv4 request failure times and IPv6 request failure times corresponding to the historical DNS request messages; the server sequence number comprises an IPv4 server sequence number and an IPv6 server sequence number;
a response judgment module 22, configured to, when the cache information of the DNS request packet corresponding to the DNS response packet exists in the cache table, judge whether a response fails according to an identification bit in the DNS response packet;
a message type determining module 23, configured to determine, when a response fails, a message type of the DNS response message;
the first message processing module 24 is configured to, when the message type is an IPv4 message, determine whether an IPv6 response fails according to the IPv6 request failure times corresponding to the DNS response message recorded in the cache table; if yes, sending the DNS response message to corresponding downstream equipment;
the second message processing module 25 is configured to, when the message type is an IPv6 message, determine whether an IPv4 response fails according to the IPv4 request failure times corresponding to the DNS response message recorded in the cache table; if yes, sending the DNS response message to corresponding downstream equipment;
a cache table updating module 26, configured to delete the cache information of the DNS request packet corresponding to the DNS response packet from the cache table.
Preferably, the apparatus further comprises a third message processing module; for:
when the response is not failed, the DNS response message is sent to corresponding downstream equipment;
and deleting the cache information of the DNS request message corresponding to the DNS response message from the cache table.
Preferably, the apparatus further comprises a fourth message processing module; for:
when the cache information of the DNS request message corresponding to the DNS response message does not exist in the cache table, discarding the DNS response message;
when the IPv6 response does not fail, discarding the DNS response message;
and when the IPv4 response does not fail, discarding the DNS response message.
Referring to fig. 5, a flow chart of a preferred embodiment of a DNS proxy method in IPv6 tunnel mode according to the third aspect of the present invention is a flow chart of a DNS proxy method in IPv6 tunnel mode according to the third aspect of the present invention, where the method includes steps S31 to S33:
step S31, when receiving the connection request message sent by the downstream equipment, sending the connection request message to all the upstream servers; wherein the upstream servers comprise IPv4 servers and IPv6 servers;
step S32, when receiving the connection response message returned by the upstream server in a preset time period, saving the corresponding connection relation; wherein, the connection relation comprises an IPv4 connection or/and an IPv6 connection;
step S33, when receiving the DNS request packet sent by the downstream device, forwarding the DNS request packet to the upstream server that has established the connection according to the connection relationship.
Specifically, when receiving a connection request message sent by a downstream device, a terminal device (e.g., a network device such as a router) sends the received connection request message to all upstream servers (the upstream servers include an IPv4 server and an IPv6 server) to attempt to establish connections with all upstream IPv4 servers and IPv6 servers at the same time; if a connection response message returned by any IPv4 server or/and IPv6 server is received within a preset time period, storing a corresponding connection relation, wherein the stored connection relation correspondingly comprises an IPv4 connection or/and an IPv6 connection, namely in IPv4 and IPv6, if one connection is successfully established, releasing all other connections of the same type, and finally only one IPv4 connection or one IPv6 connection or both connections are reserved; when the terminal equipment receives a DNS request message sent by downstream equipment, the successfully established upstream connection is obtained according to the stored connection relation, and the received DNS request message is forwarded to the upstream server with the established connection.
It should be noted that the connection request message in the embodiment of the present invention includes, but is not limited to, a connection request message supporting a TCP protocol, and the DNS request message includes, but is not limited to, a DNS request message supporting a TCP protocol.
In yet another preferred embodiment, the method further comprises:
and when the connection response message returned by the upstream server is not received in a preset time period, discarding the connection request message.
Specifically, with reference to the foregoing embodiment, if the terminal device does not receive a connection response packet returned by any one of the IPv4 servers and/or the IPv6 servers within a preset time period, the terminal device discards the connection request packet, and releases the connection request of the downstream device.
According to the DNS proxy method in the IPv6 tunnel mode, when a connection request message sent by downstream equipment is received, the connection request message is sent to all upstream servers; wherein the upstream servers comprise IPv4 servers and IPv6 servers; when a connection response message returned by the upstream server is received in a preset time period, storing a corresponding connection relation; wherein, the connection relation comprises an IPv4 connection or/and an IPv6 connection; when receiving a DNS request message sent by downstream equipment, forwarding the DNS request message to an upstream server which has established connection according to the connection relation; the DNS proxy can be easily and conveniently implemented in the case where the IPv4 server and the IPv6 server coexist, and the connection establishment with all the servers is attempted at the same time, the destination server can be determined at the time of one handshake, so that the delay can be reduced.
The third aspect of the present invention further provides a DNS proxy apparatus in an IPv6 tunnel mode, which is capable of implementing all processes of the DNS proxy method in the IPv6 tunnel mode described in any of the above third aspects, and the functions and implemented technical effects of each module in the apparatus are respectively the same as those of the DNS proxy method in the IPv6 tunnel mode described in any of the above third aspects, and are not described herein again.
Referring to fig. 6, it is a block diagram of a preferred embodiment of a DNS proxy apparatus in IPv6 tunnel mode according to a third aspect of the present invention, where the apparatus includes:
the message sending module 31 is configured to send a connection request message to all the upstream servers when receiving the connection request message sent by the downstream device; wherein the upstream servers comprise IPv4 servers and IPv6 servers;
a connection relation storing module 32, configured to store a corresponding connection relation when receiving a connection response packet returned by the upstream server within a preset time period; wherein, the connection relation comprises an IPv4 connection or/and an IPv6 connection;
the first packet processing module 33 is configured to, when receiving a DNS request packet sent by a downstream device, forward the DNS request packet to an upstream server that has established a connection according to the connection relationship.
Preferably, the apparatus further comprises:
and the second message processing module is used for discarding the connection request message when the connection response message returned by the upstream server is not received in a preset time period.
Referring to fig. 7, a flow chart of a preferred embodiment of a DNS proxy method in IPv6 tunnel mode according to the fourth aspect of the present invention is a flow chart of a DNS proxy method in IPv6 tunnel mode according to the fourth aspect of the present invention, where the method includes steps S41 to S44:
step S41, when receiving a DNS response message sent by an upstream server, judging whether the response fails according to the identification bit in the DNS response message;
step S42, when the response fails, judging the message type of the DNS response message;
step S43, when the message type is IPv4 message, judging whether IPv6 connection exists according to the connection relation preserved in advance; wherein, the connection relation comprises an IPv4 connection or/and an IPv6 connection; if not, the DNS response message is sent to corresponding downstream equipment;
step S44, when the message type is IPv6 message, judging whether IPv4 connection exists according to the connection relation; and if not, sending the DNS response message to corresponding downstream equipment.
Specifically, when receiving a DNS response message sent by an upstream server (the upstream server includes an IPv4 server and an IPv6 server), a terminal device (e.g., a router or other network device) determines whether the response fails according to an identification bit in the DNS response message (e.g., determines whether the response fails according to the last four bits of a Flag field of the DNS response message, where a value of 0 is not 0 indicates that the response fails, and a value of 0 indicates that the response fails, i.e., the response succeeds); when the response is judged to be failed (namely the last four bits of the Flag field of the DNS response message are not 0), further judging the message type of the DNS response message (the message type comprises an IPv4 message and an IPv6 message); when the message type is judged to be the IPv4 message, judging whether the IPv6 connection exists or not according to the pre-stored connection relation (including an IPv4 connection or/and an IPv6 connection); if not, the DNS response message is sent to corresponding downstream equipment; similarly, when the message type is judged to be the IPv6 message, whether the IPv4 connection exists or not is judged according to the connection relation preserved in advance; and if not, sending the DNS response message to corresponding downstream equipment.
It should be noted that the DNS response message in the embodiment of the present invention includes, but is not limited to, a DNS response message supporting a TCP protocol.
In yet another preferred embodiment, the method further comprises:
and when the response is not failed, sending the DNS response message to corresponding downstream equipment.
Specifically, with reference to the foregoing embodiment, when the terminal device determines that the response has not failed according to the identification bit in the DNS response message (that is, the last four bits of the Flag field of the DNS response message are 0), indicating that the response of the corresponding DNS request message is successful, the terminal device forwards the DNS response message to the corresponding downstream device.
In yet another preferred embodiment, the method further comprises:
when the IPv6 connection exists, judging whether the IPv6 connection fails to respond or not;
if yes, sending the DNS response message to corresponding downstream equipment, and deleting the IPv6 connection from the connection relation;
if not, discarding the DNS response message.
Specifically, with reference to the foregoing embodiment, when determining that the packet type is an IPv4 packet and determining that an IPv6 connection exists, the terminal device further determines whether the IPv6 connection fails to respond, and if the IPv6 connection fails, forwards the DNS response packet to the corresponding downstream device, and deletes the IPv6 connection from the already stored connection relationship, so as to release the IPv6 connection; if not, directly discarding the DNS response message.
In yet another preferred embodiment, the method further comprises:
when the IPv4 connection exists, judging whether the IPv4 connection fails to respond or not;
if yes, sending the DNS response message to corresponding downstream equipment, and deleting the IPv4 connection from the connection relation;
if not, discarding the DNS response message.
Specifically, with reference to the foregoing embodiment, when determining that the packet type is an IPv6 packet and determining that an IPv4 connection exists, the terminal device further determines whether the IPv4 connection fails to respond, and if the IPv4 connection fails, forwards the DNS response packet to the corresponding downstream device, and deletes the IPv4 connection from the already stored connection relationship, so as to release the IPv4 connection; if not, directly discarding the DNS response message.
With the above embodiments, the DNS response packet forwarded to the corresponding downstream device includes: (1) if the connection receives a reply message which responds successfully, the reply message is directly forwarded to a downstream client; (2) if the response message of the response failure is received by the connection and the other connection does not exist, the response message is directly forwarded to the downstream client; (3) the connection receives a reply message of response failure, the other connection exists and has failed in response (the message of response failure is received and discarded), and if the connection receives the message or fails in response, the message is directly forwarded to a downstream client; the directly discarded DNS response message includes: the connection receives a response message of response failure, and under the condition that the other connection exists and does not receive the response, the connection directly discards the message of response failure and waits for the response of the other connection.
According to the DNS proxy method in the IPv6 tunnel mode, when a DNS response message sent by an upstream server is received, whether the response fails or not is judged according to the identification bit in the DNS response message; when the response fails, judging the message type of the DNS response message; when the message type is an IPv4 message, judging whether IPv6 connection exists according to a pre-stored connection relation; wherein, the connection relation comprises an IPv4 connection or/and an IPv6 connection; if not, the DNS response message is sent to corresponding downstream equipment; when the message type is an IPv6 message, judging whether an IPv4 connection exists or not according to the connection relation; if not, the DNS response message is sent to corresponding downstream equipment; under the condition that an IPv4 server and an IPv6 server coexist, the DNS proxy can be simply and conveniently realized, and the received DNS response only needs to judge whether the other connection fails to determine a forwarding strategy, so that the delay can be reduced.
A fourth aspect of the present invention further provides a DNS proxy apparatus in an IPv6 tunnel mode, where all processes of the DNS proxy method in the IPv6 tunnel mode described in any embodiment of the fourth aspect can be implemented, and functions and implemented technical effects of each module in the apparatus are respectively the same as those of the DNS proxy method in the IPv6 tunnel mode described in any embodiment of the fourth aspect, and are not described herein again.
Referring to fig. 8, it is a block diagram of a preferred embodiment of a DNS proxy apparatus in IPv6 tunnel mode according to a fourth aspect of the present invention, where the apparatus includes:
a response determining module 41, configured to, when receiving a DNS response message sent by an upstream server, determine whether a response fails according to an identification bit in the DNS response message;
a message type determining module 42, configured to determine, when a response fails, a message type of the DNS response message;
the first message processing module 43 is configured to, when the message type is an IPv4 message, determine whether an IPv6 connection exists according to a pre-stored connection relationship; wherein, the connection relation comprises an IPv4 connection or/and an IPv6 connection; if not, the DNS response message is sent to corresponding downstream equipment;
the second message processing module 44 is configured to, when the message type is an IPv6 message, determine whether an IPv4 connection exists according to the connection relationship; and if not, sending the DNS response message to corresponding downstream equipment.
Preferably, the apparatus further comprises:
and the third message processing module is used for sending the DNS response message to corresponding downstream equipment when the response is not failed.
Preferably, the apparatus further includes a fourth packet processing module, configured to:
when the IPv6 connection exists, judging whether the IPv6 connection fails to respond or not;
if yes, sending the DNS response message to corresponding downstream equipment, and deleting the IPv6 connection from the connection relation;
if not, discarding the DNS response message.
Preferably, the apparatus further includes a fifth message processing module, configured to:
when the IPv4 connection exists, judging whether the IPv4 connection fails to respond or not;
if yes, sending the DNS response message to corresponding downstream equipment, and deleting the IPv4 connection from the connection relation;
if not, discarding the DNS response message.
An embodiment of the present invention further provides a computer-readable storage medium, where the computer-readable storage medium includes a stored computer program; wherein the computer program, when executed, controls an apparatus in which the computer-readable storage medium is located to perform:
the DNS proxy method in IPv6 tunnel mode according to any embodiment of the first aspect; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any embodiment of the second aspect; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any embodiment of the third aspect; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any of the embodiments of the fourth aspect.
An embodiment of the present invention further provides a terminal device, as shown in fig. 9, which is a block diagram of a preferred embodiment of the terminal device provided in the present invention, where the terminal device (for example, a network device such as a router) includes a processor 10, a memory 20, and a computer program stored in the memory 20 and configured to be executed by the processor 10, and the processor 10 implements, when executing the computer program: the DNS proxy method in IPv6 tunnel mode according to any embodiment of the first aspect; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any embodiment of the second aspect; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any embodiment of the third aspect; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any of the embodiments of the fourth aspect.
Preferably, the computer program can be divided into one or more modules/units (e.g. computer program 1, computer program 2,) which are stored in the memory 20 and executed by the processor 10 to accomplish the present invention. The one or more modules/units may be a series of computer program instruction segments capable of performing specific functions, which are used for describing the execution process of the computer program in the terminal device.
The Processor 10 may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, a discrete Gate or transistor logic device, a discrete hardware component, etc., the general purpose Processor may be a microprocessor, or the Processor 10 may be any conventional Processor, the Processor 10 is a control center of the terminal device, and various interfaces and lines are used to connect various parts of the terminal device.
The memory 20 mainly includes a program storage area that may store an operating system, an application program required for at least one function, and the like, and a data storage area that may store related data and the like. In addition, the memory 20 may be a high speed random access memory, may also be a non-volatile memory, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash Card (Flash Card), and the like, or the memory 20 may also be other volatile solid state memory devices.
It should be noted that the terminal device may include, but is not limited to, a processor and a memory, and those skilled in the art will understand that the structural block diagram of fig. 9 is only an example of the terminal device and does not constitute a limitation to the terminal device, and may include more or less components than those shown, or combine some components, or different components.
To sum up, the DNS proxy method, apparatus, computer-readable storage medium, and terminal device in IPv6 tunnel mode provided in the embodiments of the present invention send a received DNS request packet and a received connection request packet sent by a downstream device to a corresponding IPv4 server or IPv6 server, and send a received DNS response packet sent by an upstream IPv4 server or an upstream IPv6 server to a corresponding downstream device, and have the following beneficial effects:
(1) the DNS proxy can be simply and conveniently realized under the condition that an IPv4 server and an IPv6 server exist at the same time;
(2) because the message and the domain name and other information in the message are not stored in the cache table, the occupied storage space is small;
(3) the message can be forwarded to the corresponding server only by using the field of the message fixed position to operate the cache table, so that the delay can be reduced;
(4) meanwhile, connection establishment with all servers is tried, a destination server can be determined within one handshake time, and the received DNS response only needs to judge whether the other connection fails to determine a forwarding strategy, so that delay can be reduced.
The above description is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, several modifications and variations can be made without departing from the technical principle of the present invention, and these modifications and variations should also be regarded as the protection scope of the present invention.

Claims (18)

1. A DNS proxy method in IPv6 tunnel mode is characterized by comprising the following steps:
when a DNS request message sent by downstream equipment is received, generating a new Transaction ID according to an original Transaction ID carried in the DNS request message and a preset index matching algorithm;
judging whether cache information corresponding to the DNS request message exists in a preset cache table or not according to the generated new Transaction ID; the cache table comprises a plurality of cache information corresponding to a plurality of historical DNS request messages, and each cache information comprises an original Transaction ID, a new Transaction ID, a source address, a source port number, a last sent server serial number, IPv4 request failure times and IPv6 request failure times corresponding to the historical DNS request messages; the server sequence number comprises an IPv4 server sequence number and an IPv6 server sequence number;
if so, switching a destination server in the DNS request message according to the last sent server serial number corresponding to the DNS request message recorded in the cache table, and sending the DNS request message to the switched server; if not, sending the DNS request message to the destination server;
and correspondingly updating the cache table according to the DNS request message.
2. The DNS proxy method in IPv6 tunnel mode according to claim 1, wherein the index matching algorithm is a hash algorithm; generating a new Transaction ID according to the original Transaction ID carried in the DNS request message and a preset index matching algorithm, specifically including:
performing remainder operation on the original Transaction ID carried in the DNS request message and the size of a preset hash table to obtain the first 8 bits of the new Transaction ID, and initializing the last 8 bits of the new Transaction ID to be 0;
and inserting the initialized new Transaction ID into the linked list of the hash table, acquiring the position serial number of the inserted linked list, and taking the position serial number as the last 8 bits of the new Transaction ID.
3. The DNS proxy method under IPv6 tunnel mode according to claim 1 or 2, wherein the updating the cache table according to the DNS request packet correspondingly includes:
when the cache information corresponding to the DNS request message exists in the cache table, updating the server serial number sent for the last time corresponding to the DNS request message in the cache table according to the server serial number currently sent by the DNS request message;
and when the cache information corresponding to the DNS request message does not exist in the cache table, recording the original Transaction ID, the new Transaction ID, the source address, the source port number and the currently sent server sequence number corresponding to the DNS request message into the cache table.
4. A DNS proxy apparatus in IPv6 tunnel mode, comprising:
the Transaction ID generation module is used for generating a new Transaction ID according to an original Transaction ID carried in a DNS request message and a preset index matching algorithm when the DNS request message sent by downstream equipment is received;
the cache information judgment module is used for judging whether cache information corresponding to the DNS request message exists in a preset cache table according to the generated new Transaction ID; the cache table comprises a plurality of cache information corresponding to a plurality of historical DNS request messages, and each cache information comprises an original Transaction ID, a new Transaction ID, a source address, a source port number, a last sent server serial number, IPv4 request failure times and IPv6 request failure times corresponding to the historical DNS request messages; the server sequence number comprises an IPv4 server sequence number and an IPv6 server sequence number;
the message processing module is used for switching a target server in the DNS request message according to the last sent server serial number corresponding to the DNS request message recorded in the cache table if the DNS request message is received, and sending the DNS request message to the switched server; if not, sending the DNS request message to the destination server;
and the cache table updating module is used for correspondingly updating the cache table according to the DNS request message.
5. A DNS proxy method in IPv6 tunnel mode is characterized by comprising the following steps:
when a DNS response message sent by an upstream server is received, judging whether cache information of a DNS request message corresponding to the DNS response message exists in a preset cache table or not according to a new Transaction ID carried in the DNS response message; the cache table comprises a plurality of cache information corresponding to a plurality of historical DNS request messages, and each cache information comprises an original Transaction ID, a new Transaction ID, a source address, a source port number, a last sent server serial number, IPv4 request failure times and IPv6 request failure times corresponding to the historical DNS request messages; the server sequence number comprises an IPv4 server sequence number and an IPv6 server sequence number;
when the cache information of the DNS request message corresponding to the DNS response message exists in the cache table, judging whether the response fails according to the identification bit in the DNS response message;
when the response fails, judging the message type of the DNS response message;
when the message type is an IPv4 message, judging whether IPv6 response fails according to the IPv6 request failure times corresponding to the DNS response message recorded in the cache table; if yes, sending the DNS response message to corresponding downstream equipment;
when the message type is an IPv6 message, judging whether IPv4 response fails according to the IPv4 request failure times corresponding to the DNS response message recorded in the cache table; if yes, sending the DNS response message to corresponding downstream equipment;
and deleting the cache information of the DNS request message corresponding to the DNS response message from the cache table.
6. The DNS proxy method in IPv6 tunnel mode according to claim 5, wherein the method further comprises:
when the response is not failed, the DNS response message is sent to corresponding downstream equipment;
and deleting the cache information of the DNS request message corresponding to the DNS response message from the cache table.
7. The DNS proxy method in IPv6 tunnel mode according to claim 5 or 6, wherein the method further comprises:
when the cache information of the DNS request message corresponding to the DNS response message does not exist in the cache table, discarding the DNS response message;
when the IPv6 response does not fail, discarding the DNS response message;
and when the IPv4 response does not fail, discarding the DNS response message.
8. A DNS proxy apparatus in IPv6 tunnel mode, comprising:
the cache information judging module is used for judging whether cache information of a DNS request message corresponding to the DNS response message exists in a preset cache table or not according to a new Transaction ID carried in the DNS response message when the DNS response message sent by an upstream server is received; the cache table comprises a plurality of cache information corresponding to a plurality of historical DNS request messages, and each cache information comprises an original Transaction ID, a new Transaction ID, a source address, a source port number, a last sent server serial number, IPv4 request failure times and IPv6 request failure times corresponding to the historical DNS request messages; the server sequence number comprises an IPv4 server sequence number and an IPv6 server sequence number;
the response judgment module is used for judging whether the response fails according to the identification bit in the DNS response message when the cache information of the DNS request message corresponding to the DNS response message exists in the cache table;
the message type judging module is used for judging the message type of the DNS response message when the response fails;
the first message processing module is configured to, when the message type is an IPv4 message, determine whether an IPv6 response fails according to IPv6 request failure times corresponding to the DNS response message recorded in the cache table; if yes, sending the DNS response message to corresponding downstream equipment;
the second message processing module is configured to, when the message type is an IPv6 message, determine whether an IPv4 response fails according to the IPv4 request failure times corresponding to the DNS response message recorded in the cache table; if yes, sending the DNS response message to corresponding downstream equipment;
and the cache table updating module is used for deleting the cache information of the DNS request message corresponding to the DNS response message from the cache table.
9. A DNS proxy method in IPv6 tunnel mode is characterized by comprising the following steps:
when receiving a connection request message sent by downstream equipment, sending the connection request message to all upstream servers; wherein the upstream servers comprise IPv4 servers and IPv6 servers;
when a connection response message returned by the upstream server is received in a preset time period, storing a corresponding connection relation; wherein, the connection relation comprises an IPv4 connection or/and an IPv6 connection;
and when receiving a DNS request message sent by downstream equipment, forwarding the DNS request message to an upstream server which establishes connection according to the connection relation.
10. The DNS proxy method in IPv6 tunnel mode according to claim 9, wherein the method further comprises:
and when the connection response message returned by the upstream server is not received in a preset time period, discarding the connection request message.
11. A DNS proxy apparatus in IPv6 tunnel mode, comprising:
the message sending module is used for sending the connection request message to all the upstream servers when receiving the connection request message sent by the downstream equipment; wherein the upstream servers comprise IPv4 servers and IPv6 servers;
the connection relation storage module is used for storing the corresponding connection relation when receiving a connection response message returned by the upstream server in a preset time period; wherein, the connection relation comprises an IPv4 connection or/and an IPv6 connection;
and the first message processing module is used for forwarding the DNS request message to an upstream server which establishes connection according to the connection relation when the DNS request message sent by the downstream equipment is received.
12. A DNS proxy method in IPv6 tunnel mode is characterized by comprising the following steps:
when a DNS response message sent by an upstream server is received, judging whether the response fails according to an identification bit in the DNS response message;
when the response fails, judging the message type of the DNS response message;
when the message type is an IPv4 message, judging whether IPv6 connection exists according to a pre-stored connection relation; wherein, the connection relation comprises an IPv4 connection or/and an IPv6 connection; if not, the DNS response message is sent to corresponding downstream equipment;
when the message type is an IPv6 message, judging whether an IPv4 connection exists or not according to the connection relation; and if not, sending the DNS response message to corresponding downstream equipment.
13. The DNS proxy method in IPv6 tunnel mode according to claim 12, wherein the method further comprises:
and when the response is not failed, sending the DNS response message to corresponding downstream equipment.
14. The DNS proxy method in IPv6 tunnel mode according to claim 12, wherein the method further comprises:
when the IPv6 connection exists, judging whether the IPv6 connection fails to respond or not;
if yes, sending the DNS response message to corresponding downstream equipment, and deleting the IPv6 connection from the connection relation;
if not, discarding the DNS response message.
15. The DNS proxy method in IPv6 tunnel mode according to any one of claims 12-14, wherein the method further comprises:
when the IPv4 connection exists, judging whether the IPv4 connection fails to respond or not;
if yes, sending the DNS response message to corresponding downstream equipment, and deleting the IPv4 connection from the connection relation;
if not, discarding the DNS response message.
16. A DNS proxy apparatus in IPv6 tunnel mode, comprising:
the response judgment module is used for judging whether the response fails according to the identification bit in the DNS response message when the DNS response message sent by the upstream server is received;
the message type judging module is used for judging the message type of the DNS response message when the response fails;
the first message processing module is used for judging whether IPv6 connection exists according to a pre-stored connection relation when the message type is an IPv4 message; wherein, the connection relation comprises an IPv4 connection or/and an IPv6 connection; if not, the DNS response message is sent to corresponding downstream equipment;
the second message processing module is used for judging whether IPv4 connection exists or not according to the connection relation when the message type is an IPv6 message; and if not, sending the DNS response message to corresponding downstream equipment.
17. A computer-readable storage medium, characterized in that the computer-readable storage medium comprises a stored computer program; wherein the computer program, when executed, controls an apparatus in which the computer-readable storage medium is located to perform:
the DNS proxy method in IPv6 tunnel mode according to any one of claims 1-3; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any one of claims 5-7; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any one of claims 9 to 10; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any one of claims 12 to 15.
18. A terminal device comprising a processor, a memory, and a computer program stored in the memory and configured to be executed by the processor, the processor when executing the computer program implementing:
the DNS proxy method in IPv6 tunnel mode according to any one of claims 1-3; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any one of claims 5-7; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any one of claims 9 to 10; or the like, or, alternatively,
the DNS proxy method in IPv6 tunnel mode according to any one of claims 12 to 15.
CN202010999620.6A 2020-09-21 2020-09-21 DNS proxy method and device in IPv6 tunnel mode, storage medium and terminal equipment Active CN112187902B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010999620.6A CN112187902B (en) 2020-09-21 2020-09-21 DNS proxy method and device in IPv6 tunnel mode, storage medium and terminal equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010999620.6A CN112187902B (en) 2020-09-21 2020-09-21 DNS proxy method and device in IPv6 tunnel mode, storage medium and terminal equipment

Publications (2)

Publication Number Publication Date
CN112187902A true CN112187902A (en) 2021-01-05
CN112187902B CN112187902B (en) 2023-10-17

Family

ID=73956577

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010999620.6A Active CN112187902B (en) 2020-09-21 2020-09-21 DNS proxy method and device in IPv6 tunnel mode, storage medium and terminal equipment

Country Status (1)

Country Link
CN (1) CN112187902B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115378906A (en) * 2022-08-16 2022-11-22 北京轻网科技股份有限公司 VPN framework-based local DNS proxy method, device, equipment and medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060095585A1 (en) * 2002-12-20 2006-05-04 Koninklijke Philips Electronics N.V. System and method for establishing communication between a client and a server in a heterogenous ip network
CN102404317A (en) * 2011-10-31 2012-04-04 杭州迪普科技有限公司 Method and device for preventing DNS (domain name system) cache attack
CN102882791A (en) * 2012-10-30 2013-01-16 杭州迪普科技有限公司 Method and device for processing DNS (Domain Name Server) business
CN104969515A (en) * 2012-11-05 2015-10-07 柏思科技有限公司 Methods and gateways for processing DNS request
CN109474718A (en) * 2018-12-29 2019-03-15 杭州迪普科技股份有限公司 Domain name analytic method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060095585A1 (en) * 2002-12-20 2006-05-04 Koninklijke Philips Electronics N.V. System and method for establishing communication between a client and a server in a heterogenous ip network
CN102404317A (en) * 2011-10-31 2012-04-04 杭州迪普科技有限公司 Method and device for preventing DNS (domain name system) cache attack
CN102882791A (en) * 2012-10-30 2013-01-16 杭州迪普科技有限公司 Method and device for processing DNS (Domain Name Server) business
CN104969515A (en) * 2012-11-05 2015-10-07 柏思科技有限公司 Methods and gateways for processing DNS request
CN109474718A (en) * 2018-12-29 2019-03-15 杭州迪普科技股份有限公司 Domain name analytic method and device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115378906A (en) * 2022-08-16 2022-11-22 北京轻网科技股份有限公司 VPN framework-based local DNS proxy method, device, equipment and medium
CN115378906B (en) * 2022-08-16 2024-02-13 北京轻网科技股份有限公司 Local DNS proxy method, device, equipment and medium based on VPN framework

Also Published As

Publication number Publication date
CN112187902B (en) 2023-10-17

Similar Documents

Publication Publication Date Title
CN106953795B (en) Method and device for configuring multiple network cards
US7415536B2 (en) Address query response method, program, and apparatus, and address notification method, program, and apparatus
EP1796342B1 (en) A method for transmitting requests
US10530886B2 (en) Method for optimizing WAN traffic using a cached stream and determination of previous transmission
US20100241861A1 (en) Dhcp client server system, dhcp client device and dhcp server device
CN108234522A (en) Prevent Address Resolution Protocol ARP attack method, device, computer equipment and storage medium
US20140201385A1 (en) Method for optimizing wan traffic with deduplicated storage
CN112532704B (en) Data transmission method, device, electronic equipment and storage medium
JP2018133692A (en) Communication apparatus, system, and method
TWI241089B (en) Method and apparatus to perform network routing using multiple length trie blocks
CN106302638B (en) Data management method, forwarding equipment and system
US9344363B2 (en) Information processing system, relay device, information processing device, and information processing method
US6621820B1 (en) Method and system for updating routes in a route table on a client computer
CN105592083A (en) Method and device for terminal to have access to server by using token
CN112187902B (en) DNS proxy method and device in IPv6 tunnel mode, storage medium and terminal equipment
CN108924061B (en) Application identification and management method, system and related device
US10680930B2 (en) Method and apparatus for communication in virtual network
CN110909030A (en) Information processing method and server cluster
US20140201384A1 (en) Method for optimizing wan traffic with efficient indexing scheme
CN112165537B (en) Virtual IP method for ping reply
JP6056857B2 (en) Communication control device and communication control method
JP2008311939A (en) Network communication equipment
JP2003163681A (en) Device and method for transferring packet and program
US7536479B2 (en) Local and remote network based management of an operating system-independent processor
JP4921864B2 (en) Communication control device, authentication system, and communication control program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant