如果 resolvconf 不起作用,如何配置 DNS 解析?

tag-icon tag-icon networking server dns ifconfig
如果 resolvconf 不起作用,如何配置 DNS 解析?

我的/etc/resolv.conf意愿不会被写下来,所以 DNS 解析不起作用。

我在我们办公室服务器上的虚拟机中运行 Ubuntu Server 16.04.1 LTS。

这是我的/etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto ens3
iface ens3 inet static
        address 192.168.222.104
        netmask 255.255.255.0
        gateway 192.168.222.1
        gateway 192.168.222.1
        dns-nameservers 192.168.222.1 8.8.8.8
        dns-search internal.domain
        post-up iptables-restore < /etc/iptables.up.rules

/etc/network/interfaces.d是空的)

我已经尝试过跑步sudo dpkg-reconfigure resolvconfsudo ln -sf /run/resolvconf/resolv.conf /etc/resolv.conf正如这个答案但我的/etc/resolv.conf依然空虚:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN

我还可以尝试什么来恢复此服务器上的 DNS 解析?

笔记: 相同的设置也适用于在同一硬件上的其他 5 台虚拟机中运行 Ubuntu 的服务器。

他们都表示/etc/resolv.conf喜欢

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.222.1
nameserver 8.8.8.8
search internal.domain

并且这些 DNS 解析工作完美。

我是否遗漏了任何配置?

以防万一,我还添加了我的/etc/iptables.up.rules(在所有 6 台服务器上也或多或少相同),我已经设置了从中获取一些提示本指南

*filter
# Allow all outgoing, but drop incoming and forwarding packets by default
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]

# Custom per-protocol chains
:UDP - [0:0]
:TCP - [0:0]
:ICMP - [0:0]

# Acceptable UDP traffic

# Acceptable TCP traffic
-A TCP -p tcp --dport 22 -j ACCEPT
-A TCP -p tcp --dport 80 -j ACCEPT
-A TCP -p tcp --dport 443 -j ACCEPT
-A TCP -p tcp --dport 10000 -j ACCEPT

# Acceptable ICMP traffic
-A ICMP -p icmp -j ACCEPT

# Boilerplate acceptance policy
-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
-A INPUT -i lo -j ACCEPT

# Drop invalid packets
-A INPUT -m conntrack --ctstate INVALID -j DROP

# Pass traffic to protocol-specific chains
## Only allow new connections (established and related should already be handled)
## For TCP, additionally only allow new SYN packets since that is the only valid
## method for establishing a new TCP connection
-A INPUT -p udp -m conntrack --ctstate NEW -j UDP
-A INPUT -p tcp --syn -m conntrack --ctstate NEW -j TCP
-A INPUT -p icmp -m conntrack --ctstate NEW -j ICMP

# Reject anything that's fallen through to this point
## Try to be protocol-specific w/ rejection message
-A INPUT -p udp -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p tcp -j REJECT --reject-with tcp-reset
-A INPUT -j REJECT --reject-with icmp-proto-unreachable

# Commit the changes
COMMIT

*raw
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT

*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT

*security
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT

*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT

答案1

您可以尝试更新 DNS 服务器

/etc/resolvconf/resolv.conf.d/base

然后运行

sudo resolvconf -u

重新生成resolv.conf文件。

答案2

据我所知,最好不要编辑 resolv.conf,因为网络管理器会在每次重新启动网络或重新启动时更新您手动编写的所有内容。所以我会使用 nmcli 命令:

nmcli con mod ens3 +ipv4.dns 192.168.222.1 8.8.8.8
nmcli con up ens3

大多数基于 Ubuntu 的发行版都默认安装了网络管理器,因此我认为情况也是如此。希望这能有所帮助!

相关内容