Understanding System DNS and HTTPDNS: Principles, Features, and Applications

Understanding System DNS and HTTPDNS: Principles, Features, and Applications

/ Today’s Tech News /

Recently, the China Cybersecurity Association published a statement disclosing frequent security vulnerabilities in Intel CPUs, poor reliability, user monitoring, and hidden backdoors, suggesting that Intel has ignored user complaints and recommending the company to initiate a cybersecurity review. In response, Intel issued a statement emphasizing that product safety and quality are always their top priorities.

/ Author Introduction /

This article is reprinted from Lu Yecong‘s blog, which mainly shares content related to system DNS and HTTPDNS, and is believed to be helpful to everyone!

Original article link:

https://juejin.cn/post/7425807410763939890

/ DNS and HTTPDNS /

1. Basic Knowledge of Domain Name Resolution

Domain name resolution is the process of converting a user-readable URL into a computer-recognizable IP address. This is because communication over the network is achieved through IP addresses, while people typically use more memorable domain names to access websites.

2. What is System DNS?

System DNS refers to the built-in domain name resolution service of the operating system. When we input a URL, the system DNS queries the corresponding IP address from the cache or a remote DNS server.

The DNS query process involves a series of steps to resolve the domain name into an IP address. Below is a typical DNS query process:

  • Local Cache Query: When a user inputs a URL, the operating system first checks the local cache (including browser cache and system cache) to see if there is a corresponding IP address for that domain name. If a matching IP address is found, the DNS query process ends, and the cached IP address is used for access. If not, the process moves to the next step.

  • Send Query Request to Local DNS Server: If no corresponding IP address is found in the local cache, the system sends a query request to the configured local DNS server (usually provided by the ISP or home Wi-Fi router).

  • Iterative Query: After receiving the query request, the local DNS server performs an iterative query. It first queries the root DNS server and continues to query based on the returned authoritative DNS server address for the top-level domain (such as .com, .org, etc.). Next, the local DNS server sends a query request to the authoritative DNS server, which returns the authoritative DNS server address for the corresponding domain name. Finally, the local DNS server sends a query request to the authoritative DNS server for that domain name to obtain the corresponding IP address.

  • Return IP Address: After obtaining the IP address corresponding to the domain name, the local DNS server returns the IP address to the client. At the same time, the local DNS server caches the IP address for a period of time for subsequent queries to access directly from the cache.

  • Client Accesses Website: After receiving the IP address, the client can access the website using the IP address. The entire DNS query process ends.

3. What is HTTPDNS?

HTTPDNS is a technology that performs domain name resolution through the HTTP protocol, allowing it to bypass local DNS servers and directly obtain domain resolution results from DNS service providers, thereby avoiding some issues faced by traditional DNS.

4. How to Query System DNS with C Code in Android

The network layer in the project I am involved in is implemented using cross-platform C++. In C++, we can use getaddrinfo to resolve system DNS. getaddrinfo is used to resolve hostnames and service names into a set of socket addresses. This function supports IPv6 address and service name resolution. Below is an example of C code using getaddrinfo:

#include <stdio.h>
#include <stdlib.h>
#include <netdb.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>

int main(int argc, char **argv) {
    struct addrinfo hints, *res, *p;
    int status;
    char ipstr[INET6_ADDRSTRLEN];
    char hostname[] = "www.example.com";

    memset(&hints, 0, sizeof hints);
    hints.ai_family = AF_UNSPEC; // AF_INET or AF_INET6 to force version
    hints.ai_socktype = SOCK_STREAM;

    if ((status = getaddrinfo(hostname, NULL, &hints, &res)) != 0) {
        fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(status));
        return 2;
    }

    printf("IP addresses for %s:\n", hostname);

    for(p = res; p != NULL; p = p->ai_next) {
        void *addr;
        char *ipver;

        if (p->ai_family == AF_INET) { // IPv4
            struct sockaddr_in *ipv4 = (struct sockaddr_in *)p->ai_addr;
            addr = &(ipv4->sin_addr);
            ipver = "IPv4";
        } else { // IPv6
            struct sockaddr_in6 *ipv6 = (struct sockaddr_in6 *)p->ai_addr;
            addr = &(ipv6->sin6_addr);
            ipver = "IPv6";
        }

        inet_ntop(p->ai_family, addr, ipstr, sizeof ipstr);
        printf("  %s: %s\n", ipver, ipstr);
    }

    freeaddrinfo(res); // free the linked list

    return 0;

In this example, we first call the getaddrinfo function to resolve the domain name. Then, we iterate through the returned address list, using the inet_ntop function to convert each address to a string and print it out. Finally, we use the freeaddrinfo function to free the address list.

/ Comparison of Both Features /

1. Features and Advantages of System DNS

The main advantage of System DNS is that it is part of the operating system and does not require additional installation; it uses the UDP protocol, which is fast and efficient.

2. Limitations of System DNS

System DNS has some limitations, such as being susceptible to DNS pollution, vulnerability to man-in-the-middle attacks, and lack of load balancing:

  • Susceptible to DNS Pollution: DNS pollution is a deliberate act of tampering with DNS resolution results, typically used to block specific websites or services. In cases of DNS pollution, attackers redirect users’ DNS requests to incorrect IP addresses, preventing users from accessing the target website. Since system DNS typically uses public DNS servers for domain resolution, it is easily affected by DNS pollution.

  • Vulnerable to Man-in-the-Middle Attacks: Since system DNS uses the connectionless UDP protocol for communication and the communication content is unencrypted, attackers can intercept, tamper with, or forge DNS requests and responses, leading users to malicious websites. This type of attack is known as a man-in-the-middle attack (MITM).

  • Lack of Load Balancing: System DNS typically returns only one IP address when resolving a domain name. However, large websites or services may be deployed on multiple servers, requiring load balancing to distribute traffic across different servers to improve service availability and stability. Traditional system DNS cannot provide dynamic load balancing based on users’ actual network conditions and server load.

3. Features and Advantages of HTTPDNS

By using the HTTP protocol for domain resolution, HTTPDNS can prevent DNS pollution and man-in-the-middle attacks. Additionally, as it directly obtains resolution results from DNS service providers, it can offer more precise load balancing and global scheduling.

4. Limitations of HTTPDNS

The main limitation of HTTPDNS is that it relies on specific service providers, and due to using the HTTP protocol, its resolution speed may be slower than that of system DNS.

/ Application Scenarios of HTTPDNS /

1. Solving DNS Pollution Issues

Since HTTPDNS can bypass local DNS servers for domain resolution, it can effectively prevent DNS pollution.

2. Improving Domain Resolution Speed

HTTPDNS typically caches resolution results, significantly improving domain resolution speed.

3. Achieving Intelligent Load Balancing and Global Scheduling

HTTPDNS can return optimal resolution results based on users’ actual network environments and server load, thus achieving intelligent load balancing and global scheduling.

4. Enhancing Application Stability and Reliability

HTTPDNS can provide a failover mechanism, automatically switching to a backup server when the primary DNS server is inaccessible, thereby enhancing application stability and reliability.

/ Implementation of HTTPDNS /

1. Choosing a Suitable HTTPDNS Service Provider

When selecting an HTTPDNS service provider, factors such as service quality, coverage, and price should be considered.

2. Integrating HTTPDNS SDK

Most HTTPDNS service providers offer SDKs, allowing developers to integrate the SDK into their applications to start using HTTPDNS.

3. Configuring and Using HTTPDNS

Using HTTPDNS typically requires some configuration during application initialization, such as setting DNS server addresses and enabling or disabling certain features.

4. Monitoring and Optimizing HTTPDNS Performance

To ensure HTTPDNS provides stable and reliable service, developers need to regularly monitor its performance, such as resolution speed and success rate. When performance issues arise, optimization can be achieved by adjusting configurations and optimizing the network environment.

List of Good DNS Providers in China

In practical applications, choosing a quality DNS service provider is crucial for improving domain resolution speed and enhancing user experience. There are many excellent DNS service providers both domestically and internationally, each with its own characteristics and advantages. Next, we will introduce some of the better DNS providers in China for reference and selection in practical applications.

  • Tencent

Tencent’s DNS: 119.29.29.29

  • AliDNS

Primary: 223.5.5.5

Backup: 223.6.6.6

  • 114 DNS

Regular Public DNS (Clean and Unhijacked)

Primary: 114.114.114.114

Backup: 114.114.115.115

Intercept Phishing and Virus Websites (Protect Internet Security)

Primary: 114.114.114.119

Backup: 114.114.115.119

Intercept Pornographic Websites (Protect Children)

Primary: 114.114.114.110

Backup: 114.114.115.110

  • Baidu DNS

IPv4 Address: 180.76.76.76

IPv6 Address: 2400:da00::6666

  • 360 DNS

Primary (Telecom/China Mobile/China TieTong): 101.226.4.6

Backup (Telecom/China Mobile/China TieTong): 218.30.118.6

Primary (China Unicom): 123.125.81.6

Backup (China Unicom): 140.207.198.6

  • International

CloudFlare DNS: 1.1.1.1

/ Conclusion /

The above is an introduction to System DNS and HTTPDNS, including their features, application scenarios, and how to use them in practical projects. I hope this article helps you better understand these two technologies and choose the appropriate domain resolution solution based on actual needs. We also provide a list of some excellent DNS service providers for reference and selection.

Recommended Reading:

My new book, “The First Line of Code, 3rd Edition” has been published!

New features in Android 15, enforcing edge-to-edge full-screen experience

Why did Google design such a difficult-to-use ArrayMap?

Feel free to follow my public account

to learn technology or submit articles

Understanding System DNS and HTTPDNS: Principles, Features, and Applications

Understanding System DNS and HTTPDNS: Principles, Features, and Applications

Long press the image above to scan the QR code to follow

Related posts

  1. OpenWrt: An Open Source Alternative for Home Router Firmware
  2. 4 Open Source Alternatives to MATLAB
  3. Practical Raspberry Pi Linux Compilation Guide
  4. Embedded Communication Protocol: How Many RTOS Interview Questions Can You Answer?
  5. IoT Device Firmware Security Monitoring Report
  6. Installing .NET Core 3.0 Runtime and SDK on Raspberry Pi 4
  7. Common Embedded Bus Protocols Explained
  8. Understanding ZigBee Wireless Communication Technology
  9. Comprehensive Explanation of PLC: Working Principles and Data Types
  10. Understanding the Efficient ‘MIPI Interface’
  11. Understanding Gas Sensors and Logical Operators in Arduino
  12. Memory Optimization Techniques in Microcontroller Development (C Language Version)
  13. Principles of Common Optical Sensors Explained in Depth
  14. Perfect Integration of Siemens PLC and Sensors: A New Chapter in Smart Manufacturing

Leave a Comment