KR_CS_DNS - somaz94/DevOps-Engineer GitHub Wiki

Q3: DNS์˜ ๋™์ž‘ ์›๋ฆฌ

์งˆ๋ฌธ: DNS๊ฐ€ ๋„๋ฉ”์ธ ์ด๋ฆ„์„ IP ์ฃผ์†Œ๋กœ ๋ณ€ํ™˜ํ•˜๋Š” ์ „์ฒด ๊ณผ์ •์„ Recursive Query์™€ Iterative Query ๋ฐฉ์‹์œผ๋กœ ๊ตฌ๋ถ„ํ•˜์—ฌ ์„ค๋ช…ํ•˜์„ธ์š”. ์ฃผ์š” DNS ๋ ˆ์ฝ”๋“œ ํƒ€์ž…์˜ ์‹ค๋ฌด ํ™œ์šฉ ์‚ฌ๋ก€๋„ ์„ค๋ช…ํ•˜์„ธ์š”.


์ฃผ์š” ์šฉ์–ด

์šฉ์–ด ์„ค๋ช…
DNS ๋„๋ฉ”์ธ ์ด๋ฆ„์„ IP ์ฃผ์†Œ๋กœ ๋ณ€ํ™˜ํ•˜๋Š” ๋ถ„์‚ฐ ๊ณ„์ธต ์‹œ์Šคํ…œ
Root DNS ์ตœ์ƒ์œ„ DNS ์„œ๋ฒ„ (์ „ ์„ธ๊ณ„ 13๊ฐœ ํด๋Ÿฌ์Šคํ„ฐ)
TLD DNS .com, .net, .kr ๋“ฑ ์ตœ์ƒ์œ„ ๋„๋ฉ”์ธ ๊ด€๋ฆฌ ์„œ๋ฒ„
Authoritative DNS ๋„๋ฉ”์ธ์˜ ์‹ค์ œ IP ์ฃผ์†Œ๋ฅผ ๋ณด์œ ํ•œ ๊ถŒํ•œ ์„œ๋ฒ„
Recursive DNS ํด๋ผ์ด์–ธํŠธ ๋Œ€์‹  ์ „์ฒด ์กฐํšŒ๋ฅผ ์ˆ˜ํ–‰ํ•˜๊ณ  ์บ์‹œ๋ฅผ ๋ณด์œ ํ•˜๋Š” ์„œ๋ฒ„
TTL Time To Live โ€” ์บ์‹œ ์œ ํšจ ์‹œ๊ฐ„(์ดˆ)

DNS ๊ณ„์ธต ๊ตฌ์กฐ

Root DNS (.)
โ”œโ”€โ”€ .com (TLD)
โ”‚   โ”œโ”€โ”€ google.com (Authoritative)
โ”‚   โ””โ”€โ”€ example.com (Authoritative)
โ”œโ”€โ”€ .net (TLD)
โ””โ”€โ”€ .kr (TLD)

DNS ์กฐํšŒ ๊ณผ์ •

Recursive Query (์žฌ๊ท€ ์งˆ์˜) โ€” ์‹ค๋ฌด ํ‘œ์ค€

ํด๋ผ์ด์–ธํŠธ๋Š” Recursive DNS์— ํ•œ ๋ฒˆ๋งŒ ์š”์ฒญํ•˜๊ณ , Recursive DNS๊ฐ€ ์ „์ฒด ์กฐํšŒ๋ฅผ ๋Œ€์‹  ์ˆ˜ํ–‰ํ•œ๋‹ค.

ํด๋ผ์ด์–ธํŠธ โ”€โ”€โ‘  www.example.com?โ”€โ”€โ†’ Recursive DNS
                                        โ”œโ”€โ”€โ‘ก .com NS?โ”€โ”€โ†’ Root DNS
                                        โ”œโ”€โ”€โ‘ข example.com NS?โ”€โ”€โ†’ TLD DNS
                                        โ””โ”€โ”€โ‘ฃ www.example.com A?โ”€โ”€โ†’ Authoritative DNS
ํด๋ผ์ด์–ธํŠธ โ†โ”€โ”€โ‘ค 93.184.216.34โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€ Recursive DNS

Iterative Query (๋ฐ˜๋ณต ์งˆ์˜)

ํด๋ผ์ด์–ธํŠธ๊ฐ€ ๊ฐ DNS ์„œ๋ฒ„์— ์ง์ ‘ ์ˆœ์ฐจ์ ์œผ๋กœ ์งˆ์˜. ์‹ค๋ฌด์—์„œ๋Š” ๊ฑฐ์˜ ์‚ฌ์šฉํ•˜์ง€ ์•Š์Œ.


DNS ์บ์‹ฑ

๊ณ„์ธต ์œ„์น˜ TTL
๋ธŒ๋ผ์šฐ์ € ์บ์‹œ ํด๋ผ์ด์–ธํŠธ 60์ดˆ (Chrome ๊ธฐ๋ณธ)
OS ์บ์‹œ ํด๋ผ์ด์–ธํŠธ TTL ๋”ฐ๋ฆ„
Recursive DNS ISP/๊ธฐ์—… TTL ๋”ฐ๋ฆ„ (๋ณดํ†ต ์ˆ˜๋ถ„~์ˆ˜์‹œ๊ฐ„)

์บ์‹œ ํžˆํŠธ ์‹œ 1 RTT๋งŒ์œผ๋กœ IP ๋ฐ˜ํ™˜.


์ฃผ์š” DNS ๋ ˆ์ฝ”๋“œ ํƒ€์ž…

๋ ˆ์ฝ”๋“œ ์„ค๋ช… ์˜ˆ์‹œ
A ๋„๋ฉ”์ธ โ†’ IPv4 ์ฃผ์†Œ www.example.com โ†’ 93.184.216.34
AAAA ๋„๋ฉ”์ธ โ†’ IPv6 ์ฃผ์†Œ www.example.com โ†’ 2606:2800::1
CNAME ๋„๋ฉ”์ธ โ†’ ๋‹ค๋ฅธ ๋„๋ฉ”์ธ (๋ณ„์นญ) blog.example.com โ†’ example.com
MX ๋ฉ”์ผ ์„œ๋ฒ„ ์ง€์ • (์šฐ์„ ์ˆœ์œ„ ํฌํ•จ) example.com MX 10 mail.example.com
TXT ์ž„์˜ ํ…์ŠคํŠธ (SPF, DKIM, ๋„๋ฉ”์ธ ์ธ์ฆ) v=spf1 include:_spf.google.com ~all
NS ๊ถŒํ•œ ๋„ค์ž„์„œ๋ฒ„ ์ง€์ • example.com NS ns1.example.com
SOA Zone ํŒŒ์ผ ๋ฉ”ํƒ€๋ฐ์ดํ„ฐ (Serial, Refresh ๋“ฑ) -

CNAME ์ฃผ์˜์‚ฌํ•ญ

  • ๋ฃจํŠธ ๋„๋ฉ”์ธ(example.com)์—๋Š” CNAME ์‚ฌ์šฉ ๋ถˆ๊ฐ€ (๋‹ค๋ฅธ ๋ ˆ์ฝ”๋“œ์™€ ์ถฉ๋Œ)
  • ์„œ๋ธŒ๋„๋ฉ”์ธ(www.example.com)์—๋งŒ ์‚ฌ์šฉ ๊ฐ€๋Šฅ

๊ณ ๊ธ‰ DNS ๊ธฐ๋Šฅ

๊ธฐ๋Šฅ ์„ค๋ช…
GeoDNS ์‚ฌ์šฉ์ž ์œ„์น˜์— ๋”ฐ๋ผ ๋‹ค๋ฅธ IP ๋ฐ˜ํ™˜ (AWS Route 53 Geolocation)
Weighted Routing ๊ฐ€์ค‘์น˜ ๊ธฐ๋ฐ˜ ํŠธ๋ž˜ํ”ฝ ๋ถ„๋ฐฐ (Canary ๋ฐฐํฌ)
Failover Routing Health Check ์‹คํŒจ ์‹œ Secondary๋กœ ์ž๋™ ์ „ํ™˜
DNSSEC DNS ์‘๋‹ต์— ์ „์ž ์„œ๋ช…์œผ๋กœ ์Šคํ‘ธํ•‘ ๋ฐฉ์ง€

ํŠธ๋Ÿฌ๋ธ”์ŠˆํŒ… ๋ช…๋ น์–ด

dig www.example.com              # ๊ธฐ๋ณธ ์กฐํšŒ
dig @8.8.8.8 www.example.com     # ํŠน์ • DNS ์„œ๋ฒ„ ์ฟผ๋ฆฌ
dig +trace www.example.com       # ์ „์ฒด ์กฐํšŒ ๊ฒฝ๋กœ ์ถ”์ 
dig -x 93.184.216.34             # ์—ญ๋ฐฉํ–ฅ ์กฐํšŒ (IP โ†’ ๋„๋ฉ”์ธ)

# DNS ์บ์‹œ ์ดˆ๊ธฐํ™”
sudo dscacheutil -flushcache && sudo killall -HUP mDNSResponder  # Mac
sudo systemd-resolve --flush-caches                               # Linux

์ฐธ๊ณ 

โš ๏ธ **GitHub.com Fallback** โš ๏ธ