VAS_HTTPDNS

Last update:2022-04-12 13:36:16

1 VAS Intro

1.1 Brief Introduction

Regular resolution of domain name is based on the DNS protocol, and the local DNS server will resolve the domain into a real server address. The resolution relies completely on the local DNS servers, which are vulnerable to hijacking from ISPs or attackers. In terms of scheduling, CDN providers identify the locations and the corresponding ISPs based on the local DNS IP, which is not the real user IP and is of low accuracy.

In response to this situation, CDNetworks rolls out HTTPDNS to resolve domains using CDNetworks HTTPDNS clusters instead of local DNS servers, effectively preventing DNS hijacking. The scheduling is based on real user IP, so it is of higher accuracy.

1.2 Applicable Product Lines

  • Content Acceleration
  • Dynamic Web Acceleration
  • Media Acceleration
  • Media Acceleration Live Broadcast

1.3 Application Scenarios

It is applicable to scenarios in which anti-hijacking and scheduling accuracy are needed.

2 VAS Detail

2.1 VAS Description

HTTPDNS transmits resolution results over HTTP instead of the traditional DNS protocol, effectively circumventing the hijack and malfunction in the DNS layer. A client launches a request of “DNS query” to CDNetworks HTTPDNS clusters, and CDNetworks HTTPDNS clusters will search the DNS result in the CDN internal scheduling system (which is Global System Load Balancing to be accurate) based on the domain and the IP information carried in the request, and then respond the client the with optimum PoP IP address. After the client gets the best PoP IP address, it will send the HTTP request to the optimum PoP IP address.

2.2 Workflow

[Feature Upgrade] Advanced Access Control

Figure 1 Workflow of HTTPDNS

  1. The end-user sends a request to the CDNetworks HTTPDNS cluster, carrying the IP address of HTTPDNS server + Request URL; CDNetworks can also add the user domain and end-user IP address to the request when required.
  2. The HTTPDNS cluster synchronizes with GLB (Global Load Balancing) servers to get the optimum PoP, and return the A record of the optimum edge PoP to the end-user.
  3. The end-user receives the A record and sends the HTTP request to the optimum edge PoP.
    Note: If the request initiated by the end-user to CDNetworks HTTPDNS clusters fails, then the backup process will be activated to send the request to the Local DNS for DNS resolution.

2.3 Instructions

The HTTPDNS service can only be used by customers who have their own terminals, and the HTTPDNS SDK needs to be installed in user’s terminals to replace the DNS request. The HTTP DNS feature can be realized in two methods:

1) If the client initiates a HTTP request:
The request URL includes: the accelerated domain to be queried for + end-user IP address.

URL in the form of:

curl “http://server ip/v1/httpdns/clouddns?ws_domain= www.example.com &ws_ret_type=json&ws_cli_IP=1.1.1.1 "

server IP: The CDNetworks HTTPDNS cluster IP address, and we use anycast IP:220.242.54.8 abroad;
ws_domain: The domain requested by the end-user;
ws_cli_IP: The client IP address, which can be left empty. (If it is empty, HTTPDNS will automatically obtain the connection IP as the client IP.)
ws_ret_type: The format of return packets. If the parameter value is json, then the return packet is in the json format, and return traditional IP TTL format if the request does not carry the parameter.

2) If the client initiates a HTTPS request:
URL in the form of:

curl –H “host: edge.wshttpdns.com” "https://[server IP/server domain name]/v1/httpdns/ws_domain=www.example.com& ws_ret_type=json&ws_cli_IP=1.1.1.1" –k

Host: Customers must host to our server address: “edge.wshttpdns.com”
Server IP: The CDNetworks HTTPDNS cluster IP address, we use anycast IP:220.242.54.8 abroad;
ws_domain: The domain requested by the end-user;
ws_cli_IP: The client IP address, which can be left empty. (If it is empty, HTTPDNS will automatically obtain the connection IP as the client IP.)
ws_ret_type: The format of return packets. If the parameter value is json, then the return packet is in json format; if the request does not carry the parameter, the return packets will be in the traditional IP TTL format.

Besides, CDNetworks HTTPDNS supports a multi-domain query, which means multiple domain requests can be made through the same HTTPDNS request (the requested domains are separated by the semicolon). And the response will be the A records of these domains. The HTTP request URL format is as follows: http://service IP/?ws_domain=www. example1.com;www. example2.com&ws_ret_type=json

3 Notices

  1. If you are interested in running a test, please contact CDNetworks to obtain the IP address of the HTTPDNS cluster.
  2. To avoid being affected by the outage and switchover of a certain server, customers should not hardcore server IP, but use a dynamic server IP address which can be updated periodically.

4 Key Benefits

  1. Avoid DNS hijacking, and therefore prevent end-users from being redirected to unsafe sites.
  2. Provide more precise scheduling based on HTTP to assign better PoPs to end-users when they are far away from the local DNS server.
Is the content of this document helpful to you?
Yes
I have suggestion
Submitted successfully! Thank you very much for your feedback, we will continue to strive to do better!