dns是指網絡域名系統

by Nikolas O'Donnell

由Nikolas O'Donnell

域名系統(DNS)的工作方式以及如何使其變得更好。 (How the Domain Name System (DNS) works and how you can make it better.)

The Domain Name System (DNS) is often referred to as the backbone of the internet. It’s run by many engineers and their organizations, it ultimately shapes the future of the internet.

域名系統(DNS)通常被稱為Internet的骨干網。它由許多工程師及其組織運營，最終決定了互聯網的未來。

I recently attended ICANN58 in Copenhagen. It was an amazing week of round table discussions about the future of the internet. It included:

我最近參加了在哥本哈根舉行的ICANN第58屆會議。關于互聯網的未來，這是令人難以置信的一周的圓桌討論。它包括：

seminars on policy development for the DNS
有關DNS政策制定的研討會
workshops on how the architecture for the internet functions
關于互聯網架構如何運作的研討會
where the internet’s biggest vulnerabilities lie
互聯網最大的漏洞所在

It was a lot of fun, and I gained a t0n of value from it.

這很有趣，我從中獲得了價值。

Just to backtrack a little, I’m relatively new to the domain world and the inner workings of the internet architecture. Since joining this space as a developer with iwantmyname, I’ve had to learn a ton. There’s a massive labyrinth that lies below the browser’s surface. So I wrote this guide to walk you through some of the infrastructure that hides behind those domain names and numbers we all use daily.

只是稍微回溯一下，我對領域世界和互聯網體系結構的內部運作還是比較陌生的。自從以iwantmyname作為開發人員加入該領域以來，我不得不學習很多東西。瀏覽器表面下方有一個巨大的迷宮。因此，我寫了本指南，向您介紹了一些我們每天都在使用的域名和數字背后的基礎架構。

互聯網如何運作？ (How does the internet work?)

“This is a very common interview question: what happens when you go to Google.com, enter a query, and press enter?” — Quincy Larson
“這是一個非常常見的面試問題：當您訪問Google.com，輸入查詢并按Enter時會發生什么？” — 昆西·拉森 ( Quincy Larson)

So you open your browser and go to freecodecamp.com and this awesome site loads up right in front of you in the blink of an eye. You already know that this site is rendered from a range of compiled files that sit on a server somewhere. But how does your browser find its way to those files in the infinitely expanding internet? You may start thinking…

因此，您打開瀏覽器并轉到freecodecamp.com ，此真棒網站瞬間就加載到您面前。您已經知道該站點是由服務器上某處的一系列編譯文件提供的。但是，在無限擴展的Internet中，瀏覽器如何找到這些文件？您可能會開始思考...

What the heck just happened?

到底發生了什么？

The very first time you went to freecodecamp.com, your browser didn’t know what the IP address for freecodecamp.com was, so it couldn’t connect to and retrieve those files. Nor for that matter did it know where the actual servers were that those files are hosted on. And therefore, it had no idea from where to pull those files to start rendering the page.

第一次訪問freecodecamp.com時，您的瀏覽器不知道freecodecamp.com的IP地址是什么，因此它無法連接并檢索這些文件。同樣，它也不知道這些文件托管在實際的服務器上。因此，不知道從何處提取這些文件以開始呈現頁面。

So here’s what happens: (cue the graphics!)

所以這是發生的事情：(提示圖形！)

DNS Chat
DNS聊天

好吧，讓我進一步介紹一下 (OK, let me expand upon that a bit)

A user asks their browser to visit freecodecamp.com
用戶要求其瀏覽器訪問freecodecamp.com
The browser queries a DNS Resolver (usually their ISP) “where’s freecodecamp.com?”
瀏覽器查詢DNS解析器(通常是其ISP)“ freecodecamp.com在哪里？”
DNS Resolver queries the Root servers (which have a big important list that keeps this information) “where is .COM?” Replies with Verisign.
DNS解析器查詢根服務器(具有保存此信息的重要清單)“。COM在哪里？” 回復Verisign。
DNS Resolver then queries Verisign — “where is freecodecamp.com?” Verisign replies with the nameservers ns1.cloudflare.com and the IP address 192.168.178.1
然后，DNS解析器查詢Verisign-“ freecodecamp.com在哪里？” Verisign回復名稱服務器ns1.cloudflare.com和IP地址192.168.178.1
Hosting servers are queried with the IP address. “Give me the files for IP address 192.168.178.1 (please)”
使用IP地址查詢托管服務器。 “請給我IP地址192.168.178.1的文件(請)”
Website files are delivered and rendered on the page so user can learn to code…or whatever they were doing.
網站文件已交付并呈現在頁面上，因此用戶可以學習編碼……或他們在做什么。

I grabbed this screencast from Verisign, by far the biggest Registry in the world running .com .net .cc .tv and .name. It shows you the process in a nice way how the protocol works through the sequential queries and responses through the DNS structure.

我從Verisign截取了此截屏視頻， Verisign是迄今為止運行.com .net .cc .tv和.name的世界上最大的注冊表。它以一種很好的方式向您顯示了該過程，該協議如何通過DNS結構通過順序查詢和響應來工作。

Don’t worry too much about trying to read all the text, but just watch the exchanges and flow of information to reiterate what we’ve discussed above (it’s on a loop so will restart).

不必過多擔心嘗試閱讀所有文本，而只是看著信息的交流和流動來重申我們上面討論的內容(它處于循環中，因此將重新啟動)。

DNS Chat
DNS聊天

誰讓它起作用？ (Who makes it work?)

In short IANA, in long ICANN, (I’ll explain these organizations in a moment and all this will make more sense, I promise!)

簡而言之，在長期的ICANN中，IANA表示(我將稍后解釋這些組織，我保證，所有這些都將變得更加有意義！)

The reason for explaining how it works, was to uncover who makes it work — the real question and purpose for this article. It’s easy to think things just work. But of course, it’s no accident, the reason the internet works is because of the protocols and policies that have been created and gained enough of a consensus to become universal norms, but who agrees on these and how?

之所以解釋它的工作原理，是為了揭示誰使它起作用-這是本文的真正問題和目的。認為事情是可行的很容易。但是，當然，這絕非偶然，互聯網之所以起作用，是因為已經制定并獲得足夠共識的協議和政策已成為普遍規范，但是誰能在這些方面達成共識以及如何達成共識？

In short, and with specific regard to how domain names and IP addresses are mapped, that function falls under the competency of IANA (Internet Assigned Numbers Authority). They have the mandate of making sure the correct technical procedures are in place to have a safe and stable Domain Name System. Which brings us to ICANN (Internet Corporation for Assigned Names and Numbers). There’s no discussing IANA without ICANN:

簡而言之，并特別關注域名和IP地址的映射方式，該功能屬于IANA(互聯網號碼分配機構)的權限。他們的任務是確保制定正確的技術程序以擁有安全和穩定的域名系統。這使我們進入了ICANN(互聯網名稱與數字地址分配機構)。沒有ICANN就沒有討論IANA：

Besides providing technical operations of vital DNS resources, ICANN also defines policies for how the “names and numbers” of the Internet should run. The work moves forward in a style we describe as the “bottom-up, consensus-driven, multi-stakeholder model” — ICANN.COM
除了提供重要DNS資源的技術操作外，ICANN還定義了有關互聯網“名稱和號碼”應如何運行的策略。 這項工作以我們稱為“自下而上，共識驅動，多方利益相關者模型”的方式前進— ICANN.COM

In September of 2015 the IANA function which has been run by ICANN since 1998 permanently transitioned from being under a contract with the United States Department of Commerce to the autonomous control of ICANN \o/ ICANN has a board of directors and as a body, is divided up into separate member groups, let’s explore the Multi-stakeholder model:

ICANN自1998年以來一直運營的IANA職能于2015年9月從與美國商務部的合同永久轉變為ICANN的自主控制權。o / ICANN擁有董事會并作為一個機構，分為不同的成員組，讓我們探索多利益相關方模型：

“ICANN’s inclusive approach treats the public sector, the private sector, and technical experts as peers. In the ICANN community, you’ll find registries, registrars, Internet Service Providers (ISPs), intellectual property advocates, commercial and business interests, non-commercial and non-profit interests, representation from more than 100 governments, and a global array of individual Internet users. All points of view receive consideration on their own merits. ICANN’s fundamental belief is that all users of the Internet deserve a say in how it is run.” — ICANN.COM
“ ICANN的包容性方法將公共部門，私營部門和技術專家視為同行。 在ICANN社群中，您會發現注冊管理機構，注冊服務商，互聯網服務提供商(ISP)，知識產權倡導者，商業和商業利益，非商業和非營利利益，來自100多個政府的代表以及遍布全球的個人互聯網用戶。 所有觀點都應根據自己的優點進行考慮。 ICANN的基本信念是，互聯網的所有用戶都應在其運行方式方面有發言權。” — ICANN.COM

While it is fair to say all these groups are “represented,” I would argue all are are not represented equally. It’s natural to expect that those with more financial stake and cash to burn will try to pull the conversation in a certain direction. For example, telecoms like AT&T, Comcast, Charter, Verizon, Vodafone, T-Mobile, Orange.

可以公平地說，所有這些團體都“有代表”，但我認為并非所有代表都平等。很自然地希望那些擁有更多財務股份和現金的人會設法將對話拉向某個方向。例如，AT＆T，Comcast，Charter，Verizon，Vodafone，T-Mobile和Orange等電信公司。

They will arguably pull us in a backward direction, where they can package up websites like they did with cable TV channels, and sell them to end users, toll the traffic on the cables they control, and generally triple-dip on a more closed internet so they can make even more profit.

可以說，它們將使我們向后拉，他們可以像使用有線電視頻道那樣打包網站，然后將其出售給最終用戶，對其所控制的電纜進行流量收費，并且通常在更加封閉的互聯網上進行三倍傾斜這樣他們可以賺更多的錢。

Some Governments will also try to influence in a direction toward their own state-interest, while others will try to be more global citizens. Intellectual Property advocates (organizations that are usually made up of IP lawyers) want things to be more about IP and brand security, so they can protect the lucrative rights of their high paying clients.

一些政府還將努力朝著自身國家利益的方向施加影響，而另一些政府將試圖成為更多的全球公民。知識產權倡導者(通常由知識產權律師組成的組織)希望事情更多地與知識產權和品牌安全有關，以便他們可以保護其高薪客戶的豐厚權利。

Service providers in the commercial sector like Google and Facebook are visible in the array, and tend to advocate — in part at least — for their users’ privacy, along with maintaining their own domination of the web.

商業領域的服務提供商(例如Google和Facebook)在陣列中可見，它們傾向于(至少部分地)倡導用戶的隱私權，并保持自己對網絡的統治。

Registries like Verisign, have an interest in designing favorable policy outcomes to which they are bound to comply.

像Verisign這樣的注冊管理機構對設計有利的政策成果感興趣，并且必須遵守這些成果。

Interestingly in my experience it is the Registrars — where you can register domain names (like iwantmyname) — who provide a voice of reason in the fray. They have to balance their obligations to ICANN and the Registries against those of their customers. And as a result of this, they often have to push back against various members or interest groups, or at times even the ICANN board itself.

根據我的經驗，有趣的是注冊商-您可以在其中注冊域名(如iwantmyname )-在競爭中提供了理性的聲音。他們必須平衡其對ICANN和注冊管理機構的義務與客戶的義務。因此，他們常常不得不反對各種成員或利益集團，甚至有時甚至反對ICANN董事會本身。

讓我們來談談最終用戶 (Let’s talk end users)

Hey! That’s us!

嘿! 那是我們！

There’s a significant lack of end-user engagement in this process. Well, we’d all be better off if the end users of the internet started paying more attention.

在此過程中，最終用戶的參與非常缺乏。好吧，如果互聯網的最終用戶開始給予更多關注，我們都會過得更好。

Remember that there are some 3.7 billion internet users, but there are only a few people who own stakes in telecoms, registers, or web platforms. The freeCodeCamp community alone has more than a million users, and together we share so much that’s at stake.

請記住，大約有37億互聯網用戶，但是只有少數人擁有電信，注冊或網絡平臺的股份。僅freeCodeCamp社區就有超過一百萬的用戶，而我們共同分享了這么多的風險。

This said, the number of folks currently engaged in this discussion is very small — maybe only a few thousand people. To be honest, I think there’s a growing need for more of us developers to take a more active voice in the conversation.

這就是說，目前參與此討論的人員很少，也許只有幾千人。坦白地說，我認為越來越需要更多的開發人員在對話中表達更積極的聲音。

This is, after all, our livelihood. It’s where we tend to spend our time. It’s the space that consumes much of our focus, energy, and passion. And apart from being highly savvy and heavy users of the internet, we also have unique insights into our own audiences. We can speak with an empathetic voice that resonates with an even larger end user base.

畢竟，這是我們的生計。這是我們傾向于花費時間的地方。這個空間消耗了我們的大部分精力，精力和激情。除了成為精通互聯網的沉迷用戶之外，我們還對自己的受眾群體具有獨特的見解。我們可以用善解人意的聲音說話，與更大的最終用戶群產生共鳴。

你可以做什么？ (What you can do?)

You can take a seat at the table (or on the floor). There are a few ways you can get involved, depending on how formal you would like your involvement to be. You can join At-Large.

您可以在桌子(或地板)上坐下。有多種參與方式，具體取決于您希望參與的正式程度。您可以加入網絡普通用戶。

At-Large is part of the end user contingent of ICANN’s multi-stakeholder model. It’s divided into regional At-Large outreach groups (RALOs). Here’s the full list: NARALO (North America), EURALO (Europe), APRALO (Asia-Pacific), LACRALO (Latin American and Caribbean Islands) and AFRALO (African Nations).

網絡普通用戶是ICANN多利益相關方模型的最終用戶隊伍的一部分。它分為區域網絡普通用戶擴展組織(RALO)。以下是完整列表：NARALO(北美)，EURALO(歐洲)，APRALO(亞太)，LACRALO(拉丁美洲和加勒比群島)和AFRALO(非洲)。

These various RALOs feed their inputs into the At-Large Advisory Committee (ALAC… aren’t acronyms fun!) who in turn report to ICANN.

這些各種RALO將他們的意見輸入網絡普通用戶咨詢委員會(ALAC…并非縮寫！)，然后向ICANN報告。

Inside these end user representative bodies, there are smaller organizations you can become a part of at the university- or city level.

在這些最終用戶代表機構內部，有一些較小的組織可以加入大學或城市級別。

Another way to get involved is by becoming an unaffiliated member, which is to say outside of an At-Large structure, and directly with your Regional At-Large group. (Note that currently only the North American, Europe and Asia Pacific RALOs that allow such members — here’s where you can find out more and apply.)

參與的另一種方法是成為獨立會員，也就是說，在網絡普通用戶結構之外，直接與您的網絡普通用戶組織在一起。 (請注意，目前只有北美，歐洲和亞太地區的RALO允許此類成員- 在這里您可以找到更多信息并申請。)

There’s one more way, and that’s by applying as a collective to become an ALS. This does require some effort on your part. You would need to organize, and lead the people who join your group. But the pay off is a seat at the table and a voice for all those who your ALS represents.

還有另一種方法，那就是通過集體申請成為ALS 。您確實需要付出一些努力。您需要組織并領導加入小組的人員。但是回報是餐桌上的一席之地，是您ALS代表的所有代表的聲音。

On a side note, I’d like to hear your input on whether you think the freeCodeCamp community itself should look into applying to become an At-Large Structure. This would give all of it’s members a pathway into the end user group of ICANN.

附帶說明一下，我想聽聽您的意見，即您是否認為freeCodeCamp社區本身應考慮申請成為一般會員結構。這將為其所有成員提供進入ICANN最終用戶組的途徑。

Outside of the At-Large structure, there’s one more way you can participate. When ICANN opens topics for public comment, you can weigh in on those. Here’s where to find them.

網絡普通用戶結構之外，還有另一種參與方式。 ICANN打開主題以征詢公眾意見時，您可以考慮這些話題。在這里找到他們。

You can also attend an ICANN meeting like I did. ICANN convenes three times a year — each time in a different part of the world. I attended ICANN58, which was held in Copenhagen. The next one is ICANN59 in Johannesburg.

您也可以像我一樣參加ICANN會議。互聯網名稱與數字地址分配機構(ICANN)每年召開三次會議，每次會議在世界的不同地方。我參加了在哥本哈根舉行的ICANN第58屆會議。下一個是位于約翰內斯堡的ICANN第59屆會議。

It’s quite a fulfilling experience to attend one of these one-week events. They’re free and open to the public. You just have to register and apply. They also offer fellowships to help you attend if you need some support doing so.

參加這些為期一周的活動之一，這真是一種充實的體驗。它們是免費的，并向公眾開放。您只需要注冊并申請。如果您需要某些支持，他們還會提供獎學金以幫助您參加。

There are many ways you can voice your opinions and help shape the future of our free and open internet.

您可以通過多種方式表達意見并幫助塑造我們免費開放互聯網的未來。