DNS服务器可以有源IP吗?

发布于 2024-11-06 15:06:19 字数 287 浏览 4 评论 0原文

简短的问题:

由于 DNS 是任播的,因此 DNS 服务器有什么方法可以知道“第一个”源 DNS 查询的来源吗?

长问题: 我使用 PowerDNS 开发了一个自定义 DynDNS 服务器,我想由用户通过 Web 界面向其提供信息。我希望网络界面“基于IP”更新每个用户的记录。

因此,当 DNS 服务器收到请求时,如果它可以确定源 IP,则很容易返回与该 IP 相关的记录。

据我测试,DNS Server只能知道DNS链上“最后”的节点IP,而不能知道源。有什么办法吗?

问候

Short Question :

Since DNS is anycast, is there any way for a DNS Server to know the "first" source DNS Query originated from?

Long Question :
I've developed a custom DynDNS server using PowerDNS, I want to feed it information via web interface by users. I want the web interface to update records for each user "based on IP".

So when the DNS Server gets requests, If it could determine the source IP, it'd be easy to return records associated with that IP.

As long as I tested, the DNS Server can only know the "last" node IP on the DNS chain, not the source. Is there any way?

Regards

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

云醉月微眠 2024-11-13 15:06:20

对简短问题的长答案:

DNS 不是任播。一些内容 DNS 服务器所有者使用任播将服务器分布在世界各地的多个物理位置,但 DNS/UDP 和 DNS/TCP 协议本身并不是任播。这个概念在该协议层根本不存在。

对长问题的简短回答:

否。

扩展

如前所述,DNS 协议中对此没有任何规定。此外,前端和后端事务之间的关系位于 缓存解析代理 DNS 服务器 不是一对一的。

您必须使用您正在使用的实际服务协议中存在的任何客户端区分机制,而不是将客户端区分放在名称→IP 地址查找机制中。无论如何,其他服务的客户端区分不属于名称→IP 地址查找。对于初学者来说,这种查找对于多种协议来说是常见的。使用与服务器通信的客户端所使用的任何实际服务协议的机制。

Long answer to Short Question :

DNS is not anycast. Some content DNS server owners use anycasting to distribute servers in multiple physical locations around the world, but the DNS/UDP and DNS/TCP protocols themselves are not anycast. The notion simply doesn't exist at that protocol layer.

Short answer to Long Question :

No.

Expansion

As noted, there's nothing in the DNS protocol for this. Moreover, the relationship between front-end and back-end transactions at a caching resolving proxy DNS server is not one-to-one.

You'll have to use whatever client differentiation mechanisms exist in the actual service protocol that you're using, instead of putting your client differentiation in the name→IP address lookup mechanism. Client differentiation for other services doesn't belong in name→IP address lookup, anyway. Such lookup is common to multiple protocols, for starters. Use the mechanisms of whatever actual service protocol is being used by the clients who are communicating with your servers.

皓月长歌 2024-11-13 15:06:19

谷歌和雅虎!提交了草稿 (draft-vandergaast-edns-client- ip-01)到 IETF DNS 扩展工作组提出了 DNS 请求中的新 EDNS0 选项,递归服务器可以使用该选项向上游权威服务器指示其自己的客户端 IP 地址。

其目的是通过确保返回的 Web 服务器地址基于最终用户的 IP 地址,而不是基于最终用户的 DNS 服务器的地址,从理论上优化内容交付网络的使用。

这个想法并没有得到很好的接受,也没有被工作组接受,因为它故意破坏了 DNS 的缓存层,草案随后就过期了。

更新 - 其变体随后发布为 RFC 7871。

Google and Yahoo! submitted a draft (draft-vandergaast-edns-client-ip-01) to the IETF DNS Extensions Working Group that proposed a new EDNS0 option within DNS requests that recursive servers could use to indicate their own client's IP address to the upstream authoritative server.

The intent was to theoretically optimise the use of Content Delivery Networks by ensuring that the web server addresses returned were based on the end user's IP address, rather than on the address of the end user's DNS server.

The idea was not well received and wasn't accepted by the working group because it intentionally broke the caching layer of the DNS, and the draft has subsequently expired.

UPDATE - a variation on this has subsequently been published as RFC 7871.

离不开的别离 2024-11-13 15:06:19

也许您可以控制执行查找的软件?如果是这样,您可以将 IP 地址作为请求的一部分,例如

23-34-45-56.www.example.com

您的自定义编写的服务器回复的地址

23-34-45-56.www.example.com 1800 CNAME www-europe.example.com

23-34-45-56.www.example.com  300     A 34.45.56.67

如果客户端是 Web 浏览器,则由于 NAT、HTTP 代理以及无法查询主机,会出现复杂情况直接从 Javascript 获取接口地址。但是,您也许能够对 What's-my-ip 服务进行 AJAX 式查找,该服务理解 X-Forwarded-For。

Perhaps you have control of the software performing the lookup? If so, you could include the IP address as part of the request, e.g.

23-34-45-56.www.example.com

to which your custom-written server replies

23-34-45-56.www.example.com 1800 CNAME www-europe.example.com

or

23-34-45-56.www.example.com  300     A 34.45.56.67

etc.

If the client is a web browser, complications arise due to NAT, HTTP proxies, and the inability to query host interface addresses directly from Javascript. However, you might be able to do an AJAX-style lookup to a what's-my-ip service, which understands X-Forwarded-For.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文