首页 | 本学科首页   官方微博 | 高级检索  
     

智能DNS系统的设计与实现
引用本文:李静梅,吴鹏. 智能DNS系统的设计与实现[J]. 计算机工程与应用, 2007, 43(11): 157-160
作者姓名:李静梅  吴鹏
作者单位:哈尔滨工程大学,计算机学院,哈尔滨,150001;哈尔滨工程大学,计算机学院,哈尔滨,150001
摘    要:DNS(Domain Name System)域名解析系统是Internet上的一项基础服务,它为网络应用程序提供域名解析服务,作为网络一项中枢组件有许多功能需要提高和完善,通过优化DNS可以缩短查询时间,减少不必要的网络流量,提高网络的安全性能,对整个互联网的发展起到推动作用。文章主要介绍了一个符合工业标准并能应用于电信级需求的DNS系统的基本架构,系统由权威型DNS服务器、递归型DNS服务器和DNS管理系统组成,支持多种数据存储方式,通过模块化设计能做到各模块自由组合。系统具有领先于市场上同类产品的创新之处:主从数据库的热备份和用虚拟地址池实现绑定客户端IP的功能。这两个功能在不同方面改进了现存DNS系统,前者的数据备份分通用和专用两种,其中通用部分遵照RFC标准采用AXFR和NOTIFY的方式传输备份,而专用部分引进先进的数据库主从备份思想于DNS系统中并根据DNS数据库特点通过保存DML方式完成数据的持久化;后者引入虚拟地址池概念为客户端和域名的IP地址中间引入新的层次,从而可完成双方的配置,这样既可做到负载平衡也对DNS的安全问题提出了一种新的解决方案,因为用这种方法同样能达到硬件防火墙的功能,从而节约了成本并提升了性能。最后通过搭建模拟环境,用软件虚拟大流量访问数据测试系统性能,实验证明系统完全符合电信级需要。

关 键 词:DNS  热备份  访问控制  网络安全
文章编号:1002-8331(2007)11-0157-04
收稿时间:2006-05-17
修稿时间:2006-08-01

The Design and Implementation of Smart DNS
LI Jing-mei,WU Peng. The Design and Implementation of Smart DNS[J]. Computer Engineering and Applications, 2007, 43(11): 157-160
Authors:LI Jing-mei  WU Peng
Affiliation:Computer College, Harbin Engineering University, Harbin 150001, China
Abstract:A basic constructor of DNS system qualified for the need on the level of telecomm in accordance with the industrial standard,which is composted by authorized DNS server,recursive DNS server and DNS management system,supports several methods of data backup ,and every module can group freely in the way of modular design.The system has the creative point that leads the internet market,hot database backup between master and slave and binding with customer IP,is described in the article.Both of the characters improve the existing DNS system in different ways,the former can be divided to general way and private way,in the general way AXFR and NOTIFY are used to transfer data in accordance with RFC,and in the private way the advanced database backup technology is introduced to the DNS and persists the data via the way of saving DML oriented with the character of database.The concept of virtual address pool is introduced in the former character to insert a new virtual level between the client and the IP of domain name so that the configuration of both sides can be set easily.As a result,load balance is achieved and a new solution for the safety of DNS is supplied.The hardware firewall can be substituted because in this way the same goal can be achieved.Finally a modeling environment is architected,large flux data is mocked by special software to test the ability of system,it is confirmed that the system is qualified for the need of telecomm.
Keywords:Domain Name System(DNS)  hot backup  access control  network security
本文献已被 CNKI 维普 万方数据 等数据库收录!
点击此处可从《计算机工程与应用》浏览原始摘要信息
点击此处可从《计算机工程与应用》下载免费的PDF全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号