需要了解DNS查詢過程的遞歸和迭代的機制，找到了RFC的相關章節，

對這個進行了簡單的翻譯(水平有限)，可以留下來做個參考。

RFC 1034

4.3.1. Queries and responses(查詢和響應)

The principal activity of name servers is to answer standard queries. Both

the query and its response are carried in a standard message format which is

described in [RFC-1035]. The query contains a QTYPE, QCLASS, and QNAME, which

describe the types and classes of desired information and the name of interest.

域名服務器的首要任務是響應標準查詢。查詢和響應報文都有標準的格式(參考RFC1035)。一個查詢會包括描述查詢類型的QTYPE,查詢類的QCLASS,以及查詢名稱QNAME.

The way that the name server answers the query depends upon whether it is

operating in recursive mode or not:

名稱服務器處理查詢信息的方法依賴于他是否支持遞歸查詢模式：

The simplest

mode for the server is non-recursive, since it can answer queries using

only local information: the response contains an error, the answer, or a

referral to some other server "closer" to the answer. All name

servers must implement non-recursive queries.

對于服務器而言，最簡單的查詢模式是非遞歸模式(迭代查詢)，因為這樣可以僅僅使用本地資源信息就可以完成響應:響應報文可以是返回出錯信息，或者查詢客戶下一步可以去找的“最近”的服務器。所有的服務器都必須實現迭代查詢。

The simplest

mode for the client is recursive, since in this mode the name server acts

in the role of a resolver and returns either an error or the answer, but

never referrals. This service is optional in a name server, and the name

server may also choose to restrict the clients which can use recursive

mode.

對于客戶端而言最簡單的查詢模式是遞歸查詢，因為這種模式下名稱服務器充當了一個查詢者的角色，會返回給客戶出錯信息或者最終的查詢結果，但是從來不會返回下一步客戶應該去找的服務器。這種遞歸查詢的模式對于名稱服務器而言是可選的，并且名稱服務器可以設置禁止客戶端使用遞歸查詢模式。

Recursive service is helpful in several situations:

遞歸查詢服務在以下情況下是很有用的：

a relatively

simple requester that lacks the ability to use anything other than a

direct answer to the question.

一個功能相對簡單的查詢客戶，他只能處理最終的查詢結果。

a request

that needs to cross protocol or other boundaries and can be sent to a

server which can act as intermediary.

一個發送給中轉服務器的需要跨網際，或者跨協議的查詢請求。

a network

where we want to concentrate the cache rather than having a separate cache

for each client.

當我們需要將cache集中起來而不是將cache分散到其他客戶端

Non-recursive service is appropriate if the requester is capable of

pursuing referrals and interested in information which will aid future

requests.

當請求者的目標是得到下一個可以訪問的服務器時使用非遞歸(迭代)服務是合適的。

The use of recursive mode is limited to cases where both the client and

the name server agree to its use. The agreement is negotiated through the use

of two bits in query and response messages:

遞歸服務只能在客戶端請求使用遞歸服務并且服務器同意提供相應服務的情況下。這種協議是使用查詢和響應報文中的兩位來進行協商的。

The recursion

available, or RA bit, is set or cleared by a name server in all responses.

The bit is true if the name server is willing to provide recursive service

for the client, regardless of whether the client requested recursive

service. That is, RA signals availability rather than use.

域名服務器通過在所有的響應報文中設置或清除RA位來表明是否支持遞歸。

Queries

contain a bit called recursion desired or RD. This bit specifies specifies

whether the requester wants recursive service for this query. Clients may

request recursive service from any name server, though they should depend

upon receiving it only from servers which have previously sent an RA, or

servers which have agreed to provide service through private agreement or

some other means outside of the DNS protocol.

查詢報文中包含了一位(RD)用來表明請求遞歸。RD位用來表明查詢客戶是否請求遞歸服務。客戶端有可能向任何域名服務器發送請求遞歸服務的查詢報文，盡管他們是建立在收到服務器端預先發送過來的RA位的信息，或者服務器端已經同意通過私下協商來提供服務，或者其他在DNS服務協議之外的情況。

The recursive mode occurs when a query with RD set arrives at a server

which is willing to provide recursive service; the client can verify that

recursive mode was used by checking that both RA and RD are set in the reply.

Note that the name server should never perform recursive service unless asked

via RD, since this interferes with trouble shooting of name servers and their

databases.

遞歸模式出現在設置了RD位的查詢請求到達了一個可以提供遞歸服務的服務器上，客戶端可以通過查看響應報文中的RA和RD位來確定是否使用了遞歸模式。注意：名稱服務器永遠不會主動提供遞歸查詢模式，除非請求報文中設置了RD位，因為這樣會干擾到服務器的指向和他們的數據庫。

If recursive service is requested and available, the recursive response to

a query will be one of the following:

如果遞歸請求被成功響應，返回給查詢的遞歸結果會是以下幾種情況：

The answer to

the query, possibly preface by one or more CNAME RRs that specify aliases

encountered on the way to an answer.

針對查詢的回答，可能是在查詢過程中遇到的由別名所標識的CNAME資源記錄。

A name error

indicating that the name does not exist. This may include CNAME RRs that

indicate that the original query name was an alias for a name which does

not exist.

查詢域名不存在的錯誤。這個有可能是包含在CNAME記錄中的結果指明查詢的原始域名是一個指向不明確的別名。

A temporary

error indication.

一個臨時的錯誤指向。

If recursive service is not requested or is not available, the non-

recursive response will be one of the following:

如果沒有請求遞歸服務或者遞歸服務不可用，迭代響應會是以下幾種情況：

An

authoritative name error indicating that the name does not exist.

一個權威域名錯誤，指出當前查詢的名字不存在。

A temporary

error indication.

一個臨時的錯誤指向。

Some

combination of:

下面幾種情況的組合：

RRs that

answer the question, together with an indication whether the data comes

from a zone or is cached.

回答資源記錄集，指明這個結果是來自緩存還是區域文件。

A referral

to name servers which have zones which are closer ancestors to the name

than the server sending the reply.

一個授權域名服務器的指向。

RRs that the

name server thinks will prove useful to the requester.

名稱服務器認為會提供給查詢客戶有用信息的資源記錄。

結論：何時使用遞歸何時使用迭代

使用迭代：

1.根域名服務器或者流量較大的域名服務器使用迭代查詢，以減輕服務器的壓力。

2.服務器被配置為不使用遞歸的情況。

使用遞歸：

1.查詢報文中RD位設置為1，同時服務器支持遞歸，也就是響應報文中RA

設置為1。

2.需要將cache集中起來的時候。

總結

以上是生活随笔為你收集整理的linux关闭dns迭代查询,DNS查询和响应过程递归和迭代的使用的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。