升级到 18.10 后,我的 anyconnect 兼容 VPN 中配置的 DNS 似乎被忽略了

tag-icon tag-icon network-manager dns vpn 18.10 cisco
升级到 18.10 后,我的 anyconnect 兼容 VPN 中配置的 DNS 似乎被忽略了

升级到 18.10 后,我的 cisco anyconnect 兼容 VPN 中配置的 DNS 似乎被忽略了。我在 syslog 中收到一些错误,如“systemd-resolved[939]: 服务器返回错误 NXDOMAIN,缓解潜在的 DNS 违规 DVE-2018-0001,重试具有降低功能级别 UDP 的事务”。知道这是什么意思吗?

编辑:

1)无需VPN:

mirec@p50:~/tmp$ ps auxc | grep -i dns
mirec     6036  0.0  0.0 334772  7936 ?        Sl   12:04   0:00 gvfsd-dnssd
mirec@p50:~/tmp$ ps auxc | grep -i resolv
systemd+   939  0.0  0.0  54956  8664 ?        Ss   10:31   0:06 systemd-resolve
mirec@p50:~/tmp$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=122 time=8.84 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=122 time=9.05 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=122 time=8.03 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=122 time=9.21 ms
^C
--- 8.8.8.8 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 8ms
rtt min/avg/max/mdev = 8.028/8.781/9.205/0.458 ms
mirec@p50:~/tmp$ ping www.ebay.com
PING e9428.b.akamaiedge.net (23.211.9.229) 56(84) bytes of data.
64 bytes from a23-211-9-229.deploy.static.akamaitechnologies.com (23.211.9.229): icmp_seq=1 ttl=54 time=38.1 ms
64 bytes from a23-211-9-229.deploy.static.akamaitechnologies.com (23.211.9.229): icmp_seq=2 ttl=54 time=38.5 ms
64 bytes from a23-211-9-229.deploy.static.akamaitechnologies.com (23.211.9.229): icmp_seq=3 ttl=54 time=38.1 ms
64 bytes from a23-211-9-229.deploy.static.akamaitechnologies.com (23.211.9.229): icmp_seq=4 ttl=54 time=37.4 ms
64 bytes from a23-211-9-229.deploy.static.akamaitechnologies.com (23.211.9.229): icmp_seq=5 ttl=54 time=36.8 ms
^C
--- e9428.b.akamaiedge.net ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 11ms
rtt min/avg/max/mdev = 36.767/37.779/38.521/0.626 ms

2)VPN连接:

mirec@p50:~/tmp$ ps auxc | grep -i dns
mirec     6036  0.0  0.0 334772  7936 ?        Sl   12:04   0:00 gvfsd-dnssd
mirec@p50:~/tmp$ ps auxc | grep -i resolv
systemd+   939  0.0  0.0  54956  8664 ?        Ss   10:31   0:06 systemd-resolve
mirec@p50:~/tmp$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=122 time=8.75 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=122 time=8.84 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=122 time=9.25 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=122 time=8.61 ms
^C
--- 8.8.8.8 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 8ms
rtt min/avg/max/mdev = 8.611/8.860/9.246/0.263 ms
mirec@p50:~/tmp$ ping www.ebay.com
PING e9428.b.akamaiedge.net (23.53.174.111) 56(84) bytes of data.
64 bytes from a23-53-174-111.deploy.static.akamaitechnologies.com (23.53.174.111): icmp_seq=1 ttl=53 time=23.1 ms
64 bytes from a23-53-174-111.deploy.static.akamaitechnologies.com (23.53.174.111): icmp_seq=2 ttl=53 time=23.1 ms
64 bytes from a23-53-174-111.deploy.static.akamaitechnologies.com (23.53.174.111): icmp_seq=3 ttl=53 time=22.3 ms
64 bytes from a23-53-174-111.deploy.static.akamaitechnologies.com (23.53.174.111): icmp_seq=4 ttl=53 time=24.8 ms
^C
--- e9428.b.akamaiedge.net ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 7ms
rtt min/avg/max/mdev = 22.251/23.324/24.847/0.951 ms

相关内容