I recently participated in a telecommunication technology, a product of their cooperation, what specific items in this is ignored, first in 163 today I saw an article: "the Ministry of industry recently broken network due to DNS service providers to attack", I think it says DNSPod, I couldn’t how to understand this problem and DNSPod together, they are not affect normal resolution so many sites, they use DNS analytic website not so much.
global DNS root node server a total of 13 units, China only mirror DNS resolution server.
There are DNS server own
in each province, Telecom to build their own DNS server, each province has a high performance server more than 10 or so do support, they will request the domain name directly into the IP address, directly to the request to the specified IP address, the IP address in response to user requests.
in which the conversion to IP address process is: first verify the domain name format, such as: www.163.sdfsdfsd, the format will be directly filtered, the format verification is correct, the correct format is queried.
local DNS domain name query Tani Yuu a request to the server, sends the root name server: www.gubaiyoudiyi.com address; root name servers at the jurisdiction does not belong to their own, but belongs to a domain of CN, it will tell you to contact a com name server to get more information, and send you a list of all the com address of the name server (a lot of domain name registration after all have a point DNS is the meaning of your domain name, said the corresponding IP analysis by which server); your local DNS server will continue to send these requests to the server, and one is a look at their own the area, will repeat the process until you find the parsing of WWW machine to get the domain name service www.active.com.cn IP.
according to the common sense, if there is a chicken enough, then you can not stop the attack, sending the unregistered IP address domain name request (because the resource consumption, resource multiplier), resulting in DNS is too slow, or even a denial of service attack, such as the DNS server, he occupied bandwidth the consumption of resources or his CPU resources, it will make the province using the IP do DNS parsing user affected, but can not affect the user, unless it is that the root server crash.
storm can be implemented because his user base is huge and it is possible to launch an attack, and DNSPod can only affect the site address of the domain name DNS pointing to the address they provide.