解释 DNS 区域转移

本文的发布号曾为 CHS164017
本文已归档。它按“原样”提供,并且不再更新。
概要
本文讨论可以触发域名系统 (DNS) 区域转移的环境、区域转移的目的以及区域转移的过程。
更多信息
区域转移 (Zone Transfer) 的定义: 术语“区域转移”是指 DNS 区域 (Zone) 文件的内容从主控 DNS 服务器复制到辅助 DNS 服务器的过程。

出现以下任何情况时都会发生区域转移:
  • 在辅助 DNS 服务器上启动 DNS 服务。
  • 刷新时间终止。
  • 当更改保存到主控区域文件并有 Notify List 时。
区域转移始终由辅助 DNS 服务器启动。 主控 DNS 服务器只回答区域转移的请求。

下面的网络监视捕获序列显示当 DNS 服务从辅助 DNS 服务器上启动或刷新终止时的过程:

第 1 帧: 辅助 DNS 服务器 (JH40PS) 向区域 DOMAIN.COM 的主控 DNS 服务器 (SERVER) 请求 SOA 记录。注意 DNS Question Type。

JH40PS SERVER DNS 0x4000:Std Qry for domain.com. of type SOA on class INET addr.

DNS: 0x4000:Std Qry for domain.com. of type SOA on class INET addr.
    DNS: Query Identifier = 16384 (0x4000)    DNS: DNS Flags = Query, OpCode - Std Qry, RCode - No error        DNS: 0............... = Query        DNS: .0000........... = Standard Query        DNS: .....0.......... = Server not authority for domain        DNS: ......0......... = Message complete        DNS: .......0........ = Iterative query desired        DNS: ........0....... = No recursive queries        DNS: .........000.... = Reserved        DNS: ............0000 = No error    DNS: Question Entry Count = 1 (0x1)    DNS: Answer Entry Count = 0 (0x0)    DNS: Name Server Count = 0 (0x0)    DNS: Additional Records Count = 0 (0x0)    DNS: Question Section: domain.com. of type SOA on class INET addr.        DNS: Question Name: domain.com.        DNS: Question Type = Start of zone of authority        DNS: Question Class = Internet address class

第 2 帧: 主控 DNS 服务器在 Answer Section 中以 SOA 记录内容作为响应。

SERVER JH40PS DNS 0x4000:Std Qry Resp. for domain.com. of type SOA on class INET addr.

DNS: 0x4000:Std Qry Resp. for domain.com. of type SOA on class INET addr.
    DNS: Query Identifier = 16384 (0x4000)    DNS: DNS Flags = Response, OpCode - Std Qry, AA RA Bits Set, RCode - No         error        DNS: 1............... = Response        DNS: .0000........... = Standard Query        DNS: .....1.......... = Server authority for domain        DNS: ......0......... = Message complete        DNS: .......0........ = Iterative query desired        DNS: ........1....... = Recursive queries supported by server        DNS: .........000.... = Reserved        DNS: ............0000 = No error    DNS: Question Entry Count = 1 (0x1)    DNS: Answer Entry Count = 1 (0x1)    DNS: Name Server Count = 0 (0x0)    DNS: Additional Records Count = 0 (0x0)    DNS: Question Section: domain.com. of type SOA on class INET addr.        DNS: Question Name: domain.com.        DNS: Question Type = Start of zone of authority        DNS: Question Class = Internet address class    DNS: Answer section: domain.com. of type SOA on class INET addr.        DNS: Resource Name: domain.com.        DNS: Resource Type = Start of zone of authority        DNS: Resource Class = Internet address class        DNS: Time To Live = 86400 (0x15180)        DNS: Resource Data Length = 41 (0x29)        DNS: Primary Name Server: server.domain.com.        DNS: Responsible Authorative Mailbox: administrator.domain.com.        DNS: Version number = 26 (0x1A)        DNS: Refresh Interval = 300 (0x12C)        DNS: Retry interval = 120 (0x78)        DNS: Expiration Limit = 600 (0x258)        DNS: Minimum TTL = 86400 (0x15180)

第 3 帧: 比较版本号(序列号)并发现它与其当前版本号不同后,辅助 DNS 服务器现在请求区域转移 (Zone Transfer)。 注意 DNS Question Section 中的 Question Type。

JH40PS SERVER DNS 0x0:Std Qry for domain.com. of type Req. for zn Xfer on class INET addr.

DNS: 0x0:Std Qry for domain.com. of type Req. for zn Xfer on class INET addr.
    DNS: TCP Length = 31 (0x1F)    DNS: Query Identifier = 0 (0x0)    DNS: DNS Flags = Query, OpCode - Std Qry, RCode - No error        DNS: 0............... = Query        DNS: .0000........... = Standard Query        DNS: .....0.......... = Server not authority for domain        DNS: ......0......... = Message complete        DNS: .......0........ = Iterative query desired        DNS: ........0....... = No recursive queries        DNS: .........000.... = Reserved        DNS: ............0000 = No error    DNS: Question Entry Count = 1 (0x1)    DNS: Answer Entry Count = 0 (0x0)    DNS: Name Server Count = 0 (0x0)    DNS: Additional Records Count = 0 (0x0)    DNS: Question Section: domain.com. of type Req. for zn Xfer on class         INET addr.        DNS: Question Name: domain.com.        DNS: Question Type = Request for zone transfer        DNS: Question Class = Internet address class    DNS: Frame Padding

第 4 帧: 主控 DNS 服务器响应并执行区域转移的请求。 将区域文件的全部内容在 DNS Answer section 中传输出去。

SERVER JH40PS DNS 0x0:Std Qry Resp. for domain.com. of type SOA on class INET addr.

DNS: 0x0:Std Qry Resp. for domain.com. of type SOA on class INET addr.
    DNS: TCP Length = 445 (0x1BD)    DNS: Query Identifier = 0 (0x0)    DNS: DNS Flags = Response, OpCode - Std Qry, RA Bits Set, RCode - No         error        DNS: 1............... = Response        DNS: .0000........... = Standard Query        DNS: .....0.......... = Server not authority for domain        DNS: ......0......... = Message complete        DNS: .......0........ = Iterative query desired        DNS: ........1....... = Recursive queries supported by server        DNS: .........000.... = Reserved        DNS: ............0000 = No error    DNS: Question Entry Count = 1 (0x1)    DNS: Answer Entry Count = 16 (0x10)    DNS: Name Server Count = 0 (0x0)    DNS: Additional Records Count = 0 (0x0)    DNS: Question Section: domain.com. of type Req. for zn Xfer on class         INET addr.        DNS: Question Name: domain.com.        DNS: Question Type = Request for zone transfer        DNS: Question Class = Internet address class    DNS: Answer section: . of type SOA on class INET addr.(16 records         present)        DNS: Resource Record: domain.com. of type SOA on class INET addr.            DNS: Resource Name: domain.com.            DNS: Resource Type = Start of zone of authority            DNS: Resource Class = Internet address class            DNS: Time To Live = 86400 (0x15180)            DNS: Resource Data Length = 41 (0x29)            DNS: Primary Name Server: server.domain.com.            DNS: Responsible Authorative Mailbox: administrator.domain.com.            DNS: Version number = 26 (0x1A)            DNS: Refresh Interval = 300 (0x12C)            DNS: Retry interval = 120 (0x78)            DNS: Expiration Limit = 600 (0x258)            DNS: Minimum TTL = 86400 (0x15180)        DNS: Resource Record: domain.com. of type Host Addr on class INET             addr.            DNS: Resource Name: domain.com.            DNS: Resource Type = Host Address            DNS: Resource Class = Internet address class            DNS: Time To Live = 86400 (0x15180)            DNS: Resource Data Length = 4 (0x4)            DNS: IP address = 130.0.10.150        DNS: Resource Record: domain.com. of type Auth. NS on class INET             addr.            DNS: Resource Name: domain.com.            DNS: Resource Type = Authoritative Name Server            DNS: Resource Class = Internet address class            DNS: Time To Live = 86400 (0x15180)            DNS: Resource Data Length = 10 (0xA)            DNS: Authoritative Name Server: server.domain.com.        DNS: Resource Record: Dell.domain.com. of type Host Addr on class             INET addr.            DNS: Resource Name: Dell.domain.com.            DNS: Resource Type = Host Address            DNS: Resource Class = Internet address class            DNS: Time To Live = 86400 (0x15180)            DNS: Resource Data Length = 4 (0x4)            DNS: IP address = 130.0.10.30        DNS: Resource Record: JH40PS.domain.com. of type Host Addr on                 class INET addr.            DNS: Resource Name: JH40PS.domain.com.            DNS: Resource Type = Host Address            DNS: Resource Class = Internet address class            DNS: Time To Live = 86400 (0x15180)            DNS: Resource Data Length = 4 (0x4)            DNS: IP address = 130.0.10.155

如果对区域文件进行了更改,并且 Notify List 中有条目,那么在发生上面所概括的常规区域转移序列之前,将出现以下序列。

帧 A: 在该帧中,已经对区域文件进行了更改。 由于 JH40PS 在 Notify List 中,所以,主控 DNS 服务器将发送该帧以便通知辅助 DNS 服务器:已经发生更改,辅助 DNS 服务器应当查询 SOA 资源记录。

SERVER JH40PS DNS 0x0:Std Qry for domain.com. of type SOA on class INET addr.

DNS: 0x0:Std Qry for domain.com. of type SOA on class INET addr.
    DNS: Query Identifier = 0 (0x0)    DNS: DNS Flags = Query, OpCode - Rsrvd, AA Bits Set, RCode - No error        DNS: 0............... = Query        DNS: .0100........... = Reserved        DNS: .....1.......... = Server authority for domain        DNS: ......0......... = Message complete        DNS: .......0........ = Iterative query desired        DNS: ........0....... = No recursive queries        DNS: .........000.... = Reserved        DNS: ............0000 = No error    DNS: Question Entry Count = 1 (0x1)    DNS: Answer Entry Count = 0 (0x0)    DNS: Name Server Count = 0 (0x0)    DNS: Additional Records Count = 0 (0x0)    DNS: Question Section: domain.com. of type SOA on class INET addr.        DNS: Question Name: domain.com.        DNS: Question Type = Start of zone of authority        DNS: Question Class = Internet address class

帧 B: 辅助 DNS 服务器确认已收到第 1 帧。

JH40PS SERVER DNS 0x0:Std Qry Resp.

DNS: 0x0:Std Qry Resp.
    DNS: Query Identifier = 0 (0x0)    DNS: DNS Flags = Response, OpCode - Rsrvd, AA Bits Set, RCode - No         error        DNS: 1............... = Response        DNS: .0100........... = Reserved        DNS: .....1.......... = Server authority for domain        DNS: ......0......... = Message complete        DNS: .......0........ = Iterative query desired        DNS: ........0....... = No recursive queries        DNS: .........000.... = Reserved        DNS: ............0000 = No error    DNS: Question Entry Count = 1 (0x1)    DNS: Answer Entry Count = 0 (0x0)    DNS: Name Server Count = 0 (0x0)    DNS: Additional Records Count = 0 (0x0)    DNS: Question Section: domain.com. of type SOA on class INET addr.        DNS: Question Name: domain.com.        DNS: Question Type = Start of zone of authority        DNS: Question Class = Internet address class

在该响应之后,立即从上面第一个捕获序列的第 1 帧开始进行区域转移。
属性

文章 ID:164017 - 上次审阅时间:12/04/2015 16:24:28 - 修订版本: 1.0

Microsoft Windows NT Server 4.0 Standard Edition

  • kbnosurvey kbarchive kbinfo kbnetwork KB164017
反馈