一台 Ubuntu 19.10 机器突然失去网络连接。它与几个从未遇到过这些网络问题的 Windows 和 Mac 系统位于同一网络上。
当Ubuntu系统遇到这个问题的时候,运行ping google.com会给出错误信息:
名称解析暂时失败
尝试运行sudo dhclient以重新获得网络连接。有时这可以解决问题,但有时它只是在那里停留很长时间。
重新启动系统通常可以恢复网络访问,但问题最终会再次出现。
究竟发生了什么?我们该如何避免这个问题?
路由
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
172.18.0.0/16 dev br-e679420ceeeb proto kernel scope link src 172.18.0.1
172.19.0.0/16 dev br-d24de0d39a51 proto kernel scope link src 172.19.0.1
网际协议连接
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp35s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN mode DEFAULT group default qlen 1000
link/ether 70:85:c2:fd:cb:f9 brd ff:ff:ff:ff:ff:ff
3: enp36s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether 70:85:c2:fd:e4:2b brd ff:ff:ff:ff:ff:ff
6: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default
link/ether 02:42:63:e9:39:70 brd ff:ff:ff:ff:ff:ff
19: br-e679420ceeeb: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default
link/ether 02:42:b0:9b:ad:ed brd ff:ff:ff:ff:ff:ff
20: br-d24de0d39a51: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default
link/ether 02:42:db:94:c2:16 brd ff:ff:ff:ff:ff:ff
22: veth88fb62f@if21: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-d24de0d39a51 state UP mode DEFAULT group default
link/ether 3a:f6:09:94:16:38 brd ff:ff:ff:ff:ff:ff link-netnsid 2
24: vethd4b4b3e@if23: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-e679420ceeeb state UP mode DEFAULT group default
link/ether 82:9c:8a:ea:fb:5c brd ff:ff:ff:ff:ff:ff link-netnsid 0
26: vethe937672@if25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-d24de0d39a51 state UP mode DEFAULT group default
link/ether 92:f9:2d:6c:50:f1 brd ff:ff:ff:ff:ff:ff link-netnsid 1
30: vetha7a98be@if29: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-e679420ceeeb state UP mode DEFAULT group default
link/ether ea:5b:cf:3a:71:82 brd ff:ff:ff:ff:ff:ff link-netnsid 3
32: veth35b48e4@if31: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-d24de0d39a51 state UP mode DEFAULT group default
link/ether 86:96:63:9a:a5:e0 brd ff:ff:ff:ff:ff:ff link-netnsid 5
33: enp3s0f0u14u2c2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether 66:cb:3b:51:7d:87 brd ff:ff:ff:ff:ff:ff
猫/etc/resolv.conf
# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs must not access this file directly, but only through the
# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
# replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
nameserver 127.0.0.53
options edns0
猫/etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: files systemd
group: files systemd
shadow: files
gshadow: files
hosts: files mdns4_minimal [NOTFOUND=return] dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
nslookup ubuntu.com
Server: 127.0.0.53
Address: 127.0.0.53#53
** server can't find ubuntu.com: SERVFAIL
挖掘 bing.com
; <<>> DiG 9.11.5-P4-5.1ubuntu2.1-Ubuntu <<>> bing.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 50385
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;bing.com. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Mon Apr 06 18:21:13 EDT 2020
;; MSG SIZE rcvd: 37
systemd-resolve --status
Global
LLMNR setting: no
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 33 (enp3s0f0u14u2c2)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 32 (veth35b48e4)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 30 (vetha7a98be)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 26 (vethe937672)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 24 (vethd4b4b3e)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 22 (veth88fb62f)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 20 (br-d24de0d39a51)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 19 (br-e679420ceeeb)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 6 (docker0)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 3 (enp36s0)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 2 (enp35s0)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
cat /var/log/syslog | grep 已解决
Apr 6 00:00:01 foo-bar systemd-resolved[2390]: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.
Apr 6 00:00:01 foo-bar systemd-resolved[2390]: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.
Apr 6 00:00:01 foo-bar systemd-resolved[2390]: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.
Apr 6 00:00:01 foo-bar systemd-resolved[2390]: message repeated 2 times: [ Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.]
Apr 6 12:40:31 foo-bar systemd-resolved[2358]: Positive Trust Anchors:
Apr 6 12:40:31 foo-bar systemd-resolved[2358]: . IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5
Apr 6 12:40:31 foo-bar systemd-resolved[2358]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d
Apr 6 12:40:31 foo-bar systemd-resolved[2358]: Negative trust anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa 168.192.in-addr.arpa d.f.ip6.arpa corp home internal intranet lan local private test
Apr 6 12:40:31 foo-bar systemd-resolved[2358]: Using system hostname 'foo-bar'.
Apr 6 12:40:31 foo-bar NetworkManager[2489]: <info> [1586191231.7026] Read config: /etc/NetworkManager/NetworkManager.conf (lib: 10-dns-resolved.conf, 10-globally-managed-devices.conf, no-mac-addr-change.conf) (run: netplan.conf) (etc: default-wifi-powersave-on.conf)
Apr 6 12:40:31 foo-bar systemd-resolved[2358]: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.
Apr 6 12:40:31 foo-bar systemd-resolved[2358]: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.
Apr 6 12:40:31 foo-bar systemd-resolved[2358]: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.
Apr 6 12:40:31 foo-bar NetworkManager[2489]: <info> [1586191231.9621] dns-mgr[0x56555788b290]: init: dns=systemd-resolved rc-manager=symlink, plugin=systemd-resolved
Apr 6 12:40:32 foo-bar dockerd[2624]: time="2020-04-06T12:40:32.149982460-04:00" level=info msg="detected 127.0.0.53 nameserver, assuming systemd-resolved, so using resolv.conf: /run/systemd/resolve/resolv.conf"
Apr 6 18:11:51 foo-bar systemd[1]: systemd-resolved.service: Succeeded.
Apr 6 18:11:51 foo-bar systemd-resolved[8952]: Positive Trust Anchors:
Apr 6 18:11:51 foo-bar systemd-resolved[8952]: . IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5
Apr 6 18:11:51 foo-bar systemd-resolved[8952]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d
Apr 6 18:11:51 foo-bar systemd-resolved[8952]: Negative trust anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa 168.192.in-addr.arpa d.f.ip6.arpa corp home internal intranet lan local private test
Apr 6 18:11:51 foo-bar systemd-resolved[8952]: Using system hostname 'foo-bar'.