官方讲解

https://www.youtube.com/watch?v=jpTY1S5vs9k

Task1 What is DNS? DNS 是什么？

What is DNS?

DNS 是什么？

DNS (Domain Name System) provides a simple way for us to communicate with devices on the internet without remembering complex numbers. Much like every house has a unique address for sending mail directly to it, every computer on the internet has its own unique address to communicate with it called an IP address. An IP address looks like the following 104.26.10.229, 4 sets of digits ranging from 0 - 255 separated by a period. When you want to visit a website, it's not exactly convenient to remember this complicated set of numbers, and that's where DNS can help. So instead of remembering 104.26.10.229, you can remember tryhackme.com instead.

DNS (域名系统) 为我们提供了一种简单的方式，让我们能够与互联网上的设备进行通信，而不必记住复杂的数字。就像每个家庭都有一个唯一的地址来直接向其发送邮件一样，互联网上的每台计算机都有一个独特的地址来与之通信，这个地址被称为 IP 地址。IP 地址看起来像下面的 104.26.10.229, 是 4 组数字，范围从 0 到 255, 每组之间用一个句号分隔。当你想访问一个网站时，记住这组复杂的数字并不是很方便，这正是 DNS 可以帮助的地方。因此，与其记住 104.26.10.239, 不如记住 tryhackme.com。

Task2 Domain Hierarchy 域名层次

TLD (Top-Level Domain)TLD (顶级域)

A TLD is the most righthand part of a domain name. So, for example, the tryhackme.com TLD is .com. There are two types of TLD, gTLD (Generic Top Level) and ccTLD (Country Code Top Level Domain). Historically a gTLD was meant to tell the user the domain name's purpose; for example, a .com would be for commercial purposes, .org for an organisation, .edu for education and .gov for government. And a ccTLD was used for geographical purposes, for example, .ca for sites based in Canada, .co.uk for sites based in the United Kingdom and so on. Due to such demand, there is an influx of new gTLDs ranging from .online , .club , .website , .biz and so many more. For a full list of over 2000 TLDs click here.
TLD 是域名的最右边部分。例如，tryhackme.com 的 TLD 是.com。有两种类型的 TLD,gTLD (通用顶级域名) 和 ccTLD (国家代码顶级域名)。历史上，gTLD 旨在告诉用户域名的用途；例如，.com 用于商业目的，.org 用于组织，.edu 用于教育，.gov 用于政府。而 ccTLD 则用于地理目的，例如.ca 用于基于加拿大的网站，.co.uk 用于基于英国的网站等。由于这种需求，新的 gTLD 正在大量涌入，包括.online、.club、.website、.biz 等。欲查看超过 2000 个 TLD 的完整列表，请单击此处。

Second-Level Domain二级域名

Taking tryhackme.com as an example, the .com part is the TLD, and tryhackme is the Second Level Domain. When registering a domain name, the second-level domain is limited to 63 characters + the TLD and can only use a-z 0-9 and hyphens (cannot start or end with hyphens or have consecutive hyphens).
以 tryhackme.com 为例，.com 部分是 TLD, 而 tryhackme 是二级域名。注册域名时，二级域名限制为 63 个字符 + TLD, 并且只能使用 a-z 0-9 和连字符 (不能以连字符开头或结尾，也不能有连续的连字符)。

Subdomain子域

A subdomain sits on the left-hand side of the Second-Level Domain using a period to separate it; for example, in the name admin.tryhackme.com the admin part is the subdomain. A subdomain name has the same creation restrictions as a Second-Level Domain, being limited to 63 characters and can only use a-z 0-9 and hyphens (cannot start or end with hyphens or have consecutive hyphens). You can use multiple subdomains split with periods to create longer names, such as jupiter.servers.tryhackme.com. But the length must be kept to 253 characters or less. There is no limit to the number of subdomains you can create for your domain name.
子域位于二级域的左侧，用句点分隔；例如，在名称 admin.tryhackme.com 中，admin 部分是子域。子域名的创建限制与二级域相同，限制为 63 个字符，并且只能使用 a-z 0-9 和连字符 (不能以连字符开始或结束，也不能有连续的连字符)。你可以使用多个用句点分隔的子域来创建较长的名称，例如 jupiter.servers.tryhackme.com。但是长度必须保持在 253 个字符或更少。你可以为你的域名创建的子域数量没有限制。

注意第二题的答案是_

Task3 Record Types 记录类型

DNS Record TypesDNS

记录类型

DNS isn't just for websites though, and multiple types of DNS record exist. We'll go over some of the most common ones that you're likely to come across.
DNS 不仅适用于网站，而且存在多种 DNS 记录类型。我们将介绍一些你可能遇到的最常见的类型。

A Record一条记录

These records resolve to IPv4 addresses, for example 104.26.10.229
这些记录可解析为 IPv4 地址，例如 104.26.10.229

AAAA RecordAAAA 记录

These records resolve to IPv6 addresses, for example 2606:4700:20::681a:be5
这些记录解析为 IPv6 地址，例如 2606:4700:20:：681a:be5

CNAME RecordCNAME 记录

These records resolve to another domain name, for example, TryHackMe's online shop has the subdomain name store.tryhackme.com which returns a CNAME record shops.shopify.com. Another DNS request would then be made to shops.shopify.com to work out the IP address.
这些记录解析为另一个域名，例如，TryHackMe 的在线商店有一个子域名 store.tryhackme.com, 该子域名返回一个 CNAME 记录 shops.shopify.com。然后，会向 shops.shopify.com 发出另一个 DNS 请求，以解析 IP 地址。

MX RecordMX 记录

These records resolve to the address of the servers that handle the email for the domain you are querying, for example an MX record response for tryhackme.com would look something like alt1.aspmx.l.google.com. These records also come with a priority flag. This tells the client in which order to try the servers, this is perfect for if the main server goes down and email needs to be sent to a backup server.
这些记录会解析到处理所查询域电子邮件的服务器地址，例如，tryhackme.com 的 MX 记录响应看起来像 alt1.aspmx.l.google.com。这些记录还带有优先级标志。这告诉客户端按照什么顺序尝试服务器，如果主服务器发生故障需要将电子邮件发送到备用服务器，这是完美的选择。

TXT RecordTXT 记录

TXT records are free text fields where any text-based data can be stored. TXT records have multiple uses, but some common ones can be to list servers that have the authority to send an email on behalf of the domain (this can help in the battle against spam and spoofed email). They can also be used to verify ownership of the domain name when signing up for third party services.
TXT 记录是免费的文本字段，可以存储任何基于文本的数据。TXT 记录有多种用途，但一些常见的用途可能是列出有权代表域发送电子邮件的服务器 (这可以帮助打击垃圾邮件和伪造的电子邮件)。当注册第三方服务时，它们也可以用来验证域名的所有权。

Task4 Making A Request 发出请求

2. A Recursive DNS Server is usually provided by your ISP, but you can also choose your own. This server also has a local cache of recently looked up domain names. If a result is found locally, this is sent back to your computer, and your request ends here (this is common for popular and heavily requested services such as Google, Facebook, Twitter). If the request cannot be found locally, a journey begins to find the correct answer, starting with the internet's root DNS servers.
递归 DNS 服务器通常由你的 ISP 提供，但你也可以选择自己的服务器。这个服务器还有一个本地缓存，用于存储最近查询的域名。如果在本地找到结果，它会被发送回你的计算机，你的请求就此结束 (这在谷歌、Facebook、Twitter 等流行且请求量大的服务中很常见)。如果请求在本地无法找到，一段旅程就会开始寻找正确答案，从互联网的根 DNS 服务器开始。

3. The root servers act as the DNS backbone of the internet; their job is to redirect you to the correct Top Level Domain Server, depending on your request. If, for example, you request www.tryhackme.com, the root server will recognise the Top Level Domain of .com and refer you to the correct TLD server that deals with .com addresses.
根服务器充当互联网的 DNS 主干；它们的工作是根据您的请求，将您重定向到正确的顶级域服务器。例如，如果您请求 www.tryhackme.com, 根服务器将识别.com 的顶级域，并将您引导到处理.com 地址的正确 TLD 服务器。

4. The TLD server holds records for where to find the authoritative server to answer the DNS request. The authoritative server is often also known as the nameserver for the domain. For example, the name server for tryhackme.com is kip.ns.cloudflare.com and uma.ns.cloudflare.com. You'll often find multiple nameservers for a domain name to act as a backup in case one goes down.
TLD 服务器保存着在哪里可以找到权威服务器来响应 DNS 请求的记录。权威服务器通常也被称为域的名称服务器。例如，tryhackme.com 的名称服务器是 kip.ns.cloudflare.com 和 uma.ns.cloudflare.com。你经常会发现一个域名有多个名称服务器作为备份，以防止其中一个发生故障。

5. An authoritative DNS server is the server that is responsible for storing the DNS records for a particular domain name and where any updates to your domain name DNS records would be made. Depending on the record type, the DNS record is then sent back to the Recursive DNS Server, where a local copy will be cached for future requests and then relayed back to the original client that made the request. DNS records all come with a TTL (Time To Live) value. This value is a number represented in seconds that the response should be saved for locally until you have to look it up again. Caching saves on having to make a DNS request every time you communicate with a server.
权威 DNS 服务器是负责为特定域名存储 DNS 记录的服务器，任何对域名的 DNS 记录更新都将在该服务器上进行。根据记录类型，DNS 记录随后会被发送回递归 DNS 服务器，在那里将缓存一个本地副本以备未来请求，然后将其传回发出请求的原始客户端。DNS 记录都带有 TTL (生存时间) 值。这个值是一个以秒为单位的数字，应该在本地保存响应，直到你需要再次查询它。缓存可以节省每次与服务器通信时都需要发出 DNS 请求的时间。

 

Task5 Practical 实战

第一个问题

第二个问题

第三个问题

30

第四个问题

10.10.10.10