这里写目录标题
解释名称解析是如何工作的(Explain how name resolution works)
Name resolution is the process of converting computer names to IP addresses. Name resolution is an essential part of computer networking because it is easier for users to remember names than abstract numbers, such as an IPv4 or IPv6 address. Windows supports a number of different methods for resolving computer names, such as DNS, Windows Internet Name Service (WINS), and local hosts or LMHOSTS resolution.
名称解析是将计算机名称转换为IP地址的过程。名称解析是计算机网络的重要组成部分,因为它比抽象数字(如IPv4或IPv6地址)更容易让用户记住名称。Windows支持许多不同的方法来解析计算机名称,如DNS、Windows Internet Name Service (WINS)和本地主机或LMHOSTS解析。
计算机名称(computer name)
A host name is a user-friendly name that is associated with a host’s IP address and identifies it as a TCP/IP host. A host name can be no more than 255 characters in length, and must contain only alphanumeric characters, periods, and hyphens. A host name is an alias or a fully qualified domain name (FQDN).
主机名是一个用户友好的名称,它与主机的IP地址相关联,并将其标识为TCP/IP主机。主机名长度不超过255个字符,只能包含字母、数字、点和连字符。主机名是别名或FQDN (fully qualified domain name)。
An alias is a single name associated with an IP address, and the host name combines an alias with a domain name to create the FQDN.
别名是与IP地址关联的单个名称,主机名将别名与域名组合成FQDN。
The elements of the name include periods as separators. Applications use the structured FQDN on the Internet. An example of an FQDN is payroll.contoso.com.
A NetBIOS name is a nonhierarchical name that some older apps use. A 16-character NetBIOS name identifies a NetBIOS resource on a network. A NetBIOS name represents a single computer or a group of computers. NetBIOS uses the first 15 characters for a specific computer’s name and the final sixteenth character to identify a resource or service on that computer. An example of a NetBIOS name is NYC-SVR2[20h].
名称的元素包括作为分隔符的句号。应用程序在Internet上使用结构化的FQDN。FQDN的一个例子是payroll.contoso.com。
NetBIOS名称是一些旧应用程序使用的非分层名称。16个字符的NetBIOS名称用于标识网络中的NetBIOS资源。NetBIOS名称代表一台计算机或一组计算机。NetBIOS使用前15个字符作为特定计算机的名称,最后16个字符用于标识该计算机上的资源或服务。NetBIOS名称如“NYC-SVR2[20h]”。
域名解析方式(Methods for resolving names)
There are a number of ways in which apps resolve names to IP addresses. DNS is the Microsoft standard for resolving host names to IP addresses. Apps also use DNS to do the following:
Locate domain controllers and global catalog servers. Apps use this functionality when you sign in to Active Directory Domain Services (AD DS).
Resolve IP addresses to host names. Apps use this functionality when a log file contains only a host’s IP address.
Locate a mail server for email delivery. Apps use this functionality for the delivery of all Internet email.
When an app specifies a host name, TCP/IP uses the DNS resolver cache, DNS, and Link-Local Multicast Name Resolution when it attempts to resolve the host name. The Hosts file is loaded into the DNS resolver cache.
应用程序将名称解析为IP地址的方法有很多。DNS是微软将主机名解析为IP地址的标准。应用程序还使用DNS做以下事情:
- 定位域控制器和全局编录服务器。当您登录到Active Directory域服务(AD DS)时,应用程序将使用此功能。
- 将IP地址解析为主机名。当日志文件只包含主机的IP地址时,应用程序使用此功能。
- 定位用于发送电子邮件的邮件服务器。应用程序使用此功能来发送所有互联网电子邮件。
- 当应用程序指定主机名时,TCP/IP在尝试解析主机名时使用DNS解析器缓存、DNS和链路本地组播名称解析。Hosts文件被加载到DNS解析器缓存中。
When an app specifies a host name, TCP/IP uses the DNS resolver cache, DNS, and Link-Local Multicast Name Resolution when it attempts to resolve the host name. The Hosts file is loaded into the DNS resolver cache.
当应用程序指定主机名时,TCP/IP在尝试解析主机名时使用DNS解析器缓存、DNS和链路本地组播名称解析。Hosts文件被加载到DNS解析器缓存中。
If NetBIOS over TCP/IP is enabled, TCP/IP also uses NetBIOS name resolution methods when resolving single-label, unqualified host names.
如果启用了NetBIOS over TCP/IP, TCP/IP在解析单标签、不合格的主机名时也会使用NetBIOS的名称解析方法。
*Depending on the configuration, Windows resolves host names by performing the following actions:
- Checking whether the host name is the same as the local host name.
- Searching the DNS resolver cache which is populated from the local Hosts file.
- Sending a DNS request to its configured DNS servers.*
根据配置的不同,Windows通过执行以下操作来解析主机名:
- 检查主机名是否与本地主机名相同。
- 搜索从本地Hosts文件填充的DNS解析器缓存。
- 向配置的DNS服务器发送DNS请求。
域名系统(the domain name system)
DNS is a service that manages the resolution of host names to IP addresses. Microsoft provides a DNS Server role on Windows Server that you can use to resolve host names in your organization. Typically, you will deploy multiple DNS servers in your organization to help improve both the performance and the reliability of name resolution.
DNS是一种管理主机名到IP地址解析的服务。Microsoft在Windows Server上提供了一个DNS Server角色,您可以使用它来解析组织中的主机名。通常,您将在组织中部署多个DNS服务器,以帮助提高名称解析的性能和可靠性。
The Internet uses a single DNS namespace with multiple root servers. To participate in the Internet DNS namespace, you must register a domain name with a DNS registrar. This ensures that no two organizations attempt to use the same domain name.
Internet使用一个DNS命名空间和多个根服务器。要参与互联网DNS命名空间,必须向DNS注册商注册域名。这确保没有两个组织试图使用相同的域名。
DNS 结构(structure of DNS)
The DNS namespace consists of a hierarchy of domains and subdomains. A DNS zone is a specific portion of that namespace that resides on a DNS server in a zone file. DNS uses both forward and reverse lookup zones to satisfy name resolution requests.
DNS命名空间由层次结构的域和子域组成。DNS区域是该名称空间的特定部分,它驻留在DNS服务器上的区域文件中。DNS使用正向和反向查找区域来满足名称解析请求。
正向查找区(Forward lookup zones)
Forward lookup zones are capable of hosting a number of different record types. The most common record type in forward lookup zones is an A record, also known as a host record. This record is used when resolving a host name to an IP address. Record types in forward lookup zones include:
- A. A host record, the most common type of DNS record.
- SRV. Service records are used to locate domain controllers and global catalog servers.
- MX. Mail exchange records are used to locate the mail servers responsible for a domain.
- CNAME. Canonical name records (CNAME records) resolve to another host name, also referred to as an alias.
正向查找区域能够承载许多不同的记录类型。正向查找区域中最常见的记录类型是A记录,也称为主机记录。在将主机名解析为IP地址时使用此记录。正向查找区域中的记录类型包括:
- A:主机记录,最常见的DNS记录类型。
- SRV:服务记录用于定位域控制器和全局编录服务器。
- MX:邮件交换记录用于定位负责域的邮件服务器。
- CNAME:规范名称记录(CNAME记录)解析为另一个主机名,也称为别名。
反向查找区(Reverse lookup zones)
Reverse lookup zones contain PTR records. PTR records are used to resolve IP addresses to host names. An organization typically has control over the reverse lookup zones for its internal network. However, some PTR records for external IP addresses obtained from an ISP could be managed by the ISP.
反向查找区域包含PTR记录。PTR记录用于将IP地址解析为主机名。组织通常可以控制其内部网络的反向查找区域。但是,一些从ISP获得的外部IP地址的PTR记录可以由ISP管理。
DNS 如何解析名称(How names are resolved with DNS)
Resolving DNS names on the Internet involves an entire system of computers, not just a single server. There are hundreds of servers on the Internet, called root servers, which manage the overall process of DNS resolution. 13 FQDNs represent these servers. A list of these 13 FQDNs is preloaded on each DNS server. When you register a domain name on the Internet, you are paying to become part of this system.
To understand how these servers work together to resolve a DNS name, see the following name resolution process for the name www.microsoft.com:
- A workstation queries the local DNS server for the IP address
www.microsoft.com. - If the local DNS server does not have the information, it queries a root DNS server for the location of the
.comDNS servers. - The local DNS server queries a
.comDNS server for the location of themicrosoft.comDNS servers. - The local DNS server queries the
microsoft.comDNS server for the IP address ofwww.microsoft.com. - The
microsoft.comDNS server returns the IP address ofwww.microsoft.comto the local DNS server. - The local DNS server returns the result to the workstation.
Caching and forwarding can modify the name resolution process:
- Caching. After a local DNS server resolves a DNS name, it caches the results for the period that the Time to Live (TTL) value defines in the Start of Authority (SOA) record for the DNS zone. The default TTL is one hour. Subsequent resolution requests for the DNS name receive the cached information. Note that it is not the caching server that sets the TTL, but the authoritative DNS server that resolved the name from its zone. When the TTL expires, the caching server must delete it. Subsequent requests for the same name would require a new name resolution request to the authoritative server.
- Forwarding. Instead of querying root servers, you can configure a DNS server to forward DNS requests to another DNS server. For example, requests for all Internet names can be forwarded to a DNS server at an ISP.
在互联网上解析DNS名称涉及整个计算机系统,而不仅仅是单个服务器。Internet上有数百个服务器,称为根服务器,它们管理DNS解析的整个过程。13个fqdn代表这些服务器。在每个DNS服务器上预加载这13个FQDNs的列表。当你在互联网上注册一个域名时,你是在付费成为这个系统的一部分。
要了解这些服务器如何协同工作以解析DNS名称,请参阅名称www.microsoft.com 的以下名称解析过程:
- 工作站向本地DNS服务器查询IP地址
www.microsoft.com。 - 如果本地DNS服务器没有此信息,则向根DNS服务器查询。
comDNS服务器的位置。 - 本地DNS服务器向。
comDNS服务器查询microsoft.comDNS服务器的位置。 - 本地DNS服务器向
microsoft.com的DNS服务器查询www.microsoft.com的IP地址。 microsoft.com的DNS服务器返回www.microsoft.com的IP地址给本地DNS服务器。- 本地DNS服务器将结果返回给工作站。
缓存和转发可以修改名称解析过程:
- 缓存。本地DNS服务器在解析DNS名称后,会在DNS区域的SOA (Start of Authority)记录中定义的TTL (Time to Live)值的时间段内缓存结果。默认TTL为1小时。后续对DNS名称的解析请求将接收缓存的信息。注意,设置TTL的不是缓存服务器,而是从其区域解析名称的权威DNS服务器。当TTL过期时,缓存服务器必须删除它。对同一名称的后续请求将需要向授权服务器发出新的名称解析请求。
- 转发。通过配置DNS服务器将DNS请求转发给其他DNS服务器,而不是直接查询根服务器。例如,对所有Internet名称的请求都可以转发到ISP的DNS服务器。
解决名称解析问题(Troubleshoot name resolution)
When you troubleshoot name resolution, you must understand which name resolution methods the computer is using, and in what order. As you know, the operating system resolves host names either by using a local text file named Hosts, or by using DNS.
当您对名称解析进行故障排除时,您必须了解计算机正在使用的名称解析方法及其顺序。如您所知,操作系统通过使用名为Hosts的本地文本文件或使用DNS来解析主机名。
Windows appends the primary and connection-specific suffixes to all names that it is resolving. If the name resolution is unsuccessful initially, Windows applies parent suffixes of the primary DNS suffix. For example, if the DNS resolver attempts to resolve the name LON-CL1, Windows appends the .adatum.com suffix to attempt resolution. If that is unsuccessful, the operating system appends .com to the name, and attempts to resolve it once again. You can configure this behavior from the Advanced TCP/IP Settings page.
Windows将主后缀和特定于连接的后缀附加到它正在解析的所有名称。如果名称解析最初不成功,Windows将应用主DNS后缀的父后缀。例如,如果DNS解析器试图解析名称LON-CL1, Windows会附加。adatum.com后缀来尝试解析。如果不成功,操作系统将在名称后面附加 .com,并尝试再次解析它。您可以在“高级TCP/IP设置”页面配置此行为。
The primary tools for troubleshooting host name resolution are IPConfig and NSLookup, and their Windows PowerShell equivalents Get-NetIPAddress, Get-NetIPv4Protocol, and Resolve-dnsname.
Be sure to clear the DNS resolver cache between resolution attempts.
解决主机名解析问题的主要工具是 IPConfig 和 NSLookup,以及它们在Windows PowerShell 中的等效工具 Get-NetIPAddress、Get-NetIPv4Protocol 和 Resolve-dnsname。
请确保在两次解析尝试之间清除DNS解析器缓存。
名称解析故障处理流程(The process for troubleshooting name resolution)
If you can’t connect to a remote host, and if you suspect a name resolution problem, you can troubleshoot name resolution by using the following procedure:
如果无法连接到远程主机,并且怀疑存在名称解析问题,则可以使用以下过程对名称解析进行故障排除:
- Open an elevated command prompt, and then clear the DNS resolver cache by typing the following command:
- Attempt to verify connectivity to a remote host by using its IP address. This helps you identify whether the issue is due to name resolution. You can use the Ping command or the test-connection Windows PowerShell cmdlet. If the Ping command succeeds with the IP address but fails by the host name, the problem is with name resolution.
- Attempt to verify connectivity to the remote host by its host name, by using the FQDN followed by a period. For example, type the following command at the command prompt:
- If the test is successful, the problem is likely unrelated to name resolution.
- If the test is unsuccessful, edit the C:\windows\system32\drivers\etc\hosts text file, and then add the appropriate entry to the end of the file. For example, add this line, and then save the file:
- Perform the test-by-host-name procedure again. Name resolution should now be successful.
- Examine the DNS resolver cache to verify that the name resolved correctly. To examine the DNS resolver cache, type the following command at a command prompt:
- Remove the entry that you added to the Hosts file, and then clear the resolver cache once more. At the command prompt, type the following command, and then examine the contents of the filename.txt file to identify the failed stage in name resolution:
- 打开一个提升的命令提示符,然后输入以下命令清除DNS解析器缓存:
IPConfig /flushdns
- 尝试使用远程主机的IP地址验证其连通性。这有助于您确定问题是否由名称解析引起。您可以使用Ping命令或测试连接Windows PowerShell cmdlet。如果通过IP地址Ping成功,但通过主机名Ping失败,说明名称解析有问题。(请记住,远程主机必须允许入站ICMP回声数据包通过其防火墙,才能使该测试可行。)
- 尝试通过主机名验证与远程主机的连通性,方法是使用后跟句号的FQDN。例如,在命令提示符下输入以下命令:
Test-connection LON-cl1.adatum.com
- 如果测试成功,则问题可能与名称解析无关。
- 如果测试不成功,编辑C:\windows\system32\drivers\etc\hosts文本文件,然后在文件末尾添加相应的条目。例如,添加这一行,然后保存文件:
172.16.0.51 LON-cl1.adatum.com
- 再次执行test-by-host-name过程。名称解析现在应该成功了。
- 检查DNS解析器缓存以验证正确解析了名称。要检查DNS解析器缓存,请在命令提示符下键入以下命令:
IPConfig /displaydns
- 删除添加到Hosts文件中的条目,然后再次清除解析器缓存。在命令提示符下,键入以下命令,然后检查filename.txt文件的内容,以确定名称解析中失败的阶段:
NSLookup.exe –d2 LON-cl1.adatum.com. \> filename.txt
# powershell
Resolve-dnsname lon-cl1.adatum.com. \> filename.txt
解释 NSLookup 输出(Interpreting NSLookup output)
The NSLookup command line tool displays information that you can use to diagnose your Domain Name System (DNS) infrastructure. Before using this tool, you should be familiar with how DNS works. The nslookup command-line tool is available only if you have installed the TCP/IP protocol. The nslookup command-line tool has two modes: interactive and noninteractive.
- Interactive. If you need to look up only a single piece of data, we recommend using the non-interactive mode. For the first parameter, type the name or IP address of the computer that you want to look up. For the second parameter, type the name or IP address of a DNS name server. If you omit the second argument, nslookup uses the default DNS name server.
- Noninteractive. If you need to look up more than one piece of data, you can use interactive mode. Type a hyphen (-) for the first parameter and the name or IP address of a DNS name server for the second parameter. If you omit both parameters, the tool uses the default DNS name server.
You should understand how to interpret the NSLookup command output so that you can identify whether the name resolution problem exists with the client computer’s configuration, the name server, or the configuration of records within the name server-zone database. In the first section of the following output sample, the client resolver performs a reverse lookup to determine the DNS server host name. You can view the query 10.0.16.172.in-addr.arpa, type = PTR, class = IN in the QUESTIONS section. The returned result, name = LON-dc1.adatum.com, identifies the host name of the petitioned DNS server:
NSLookup 命令行工具显示可用于诊断域名系统(DNS)基础设施的信息。在使用此工具之前,您应该熟悉DNS的工作原理。nslookup 命令行工具只有在安装了TCP/IP协议后才可用。nslookup 命令行工具有两种模式:交互式和非交互式。
- 互动。如果您只需要查找单个数据,我们建议使用非交互模式。对于第一个参数,键入要查找的计算机的名称或IP地址。第二个参数输入DNS名称服务器的名称或IP地址。如果省略第二个参数,
nslookup将使用默认的DNS名称服务器。 - 非交互的。如果需要查找多个数据,可以使用交互模式。第一个参数输入连字符(-),第二个参数输入DNS名称服务器的名称或IP地址。如果省略这两个参数,工具将使用默认的DNS名称服务器。
您应该了解如何解释 NSLookup 命令输出,以便能够识别名称解析问题是否存在于客户端计算机的配置、名称服务器或名称服务器-区域数据库中的记录配置中。在下面的输出示例的第一部分中,客户端解析器执行反向查找以确定DNS服务器主机名。您可以查看查询 10.0.16.172.in-addr。arpa, type = PTR, class = IN在QUESTIONS 部分。返回的结果 name = LON-dc1.adatum.com 标识了请求的DNS服务器的主机名:
\------------
SendRequest(), len 41
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
10.0.16.172.in-addr.arpa, type = PTR, class = IN
\------------
\------------
Got answer (73 bytes):
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
10.0.16.172.in-addr.arpa, type = PTR, class = IN
ANSWERS:
\-\> 10.0.16.172.in-addr.arpa
type = PTR, class = IN, dlen = 20
name = LON-dc1.adatum.com
ttl = 1200 (20 mins)
\------------
Server: LON-dc1.adatum.com
Address: 172.16.0.10
总结
This module explores how name resolution works. Name resolution is used to access services by name as an alternative to the IP address. Windows clients are configured to contact specific DNS servers for resolving names. Local DNS servers communicate with root and other domain DNS servers to resolve addresses on external networks and establish as connection between the client and target server. Different types of DNS records are used to identify different types of services, such as a mail server, for a particular domain. Tools such as IPConfig and NSLookup can be used to query and troubleshoot DNS services.
本模块探讨名称解析是如何工作的。名称解析用于按名称访问服务,作为 IP 地址的替代方案。Windows 客户端被配置为联系指定的 DNS 服务器进行域名解析。本地 DNS 服务器与外部网络中的 root 和其他域 DNS 服务器通信,用于解析外部网络中的地址,并作为客户端与目标服务器之间的连接。不同类型的 DNS 记录用于标识特定域的不同类型的服务,例如邮件服务器。可以使用 IPConfig、NSLookup 等工具对 DNS 服务进行查询和故障排除。
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
