我进入systemd-resolved调试模式,尝试解决此机器 ( tcfe01) 发出的大量 DNS 查询问题。它似乎systemd-resolved保留了多个缓存副本,一个用于全局范围 ( */*),另一个用于特定网络设备 ( eno1/*)。从日志来看,似乎只有全局范围 ( */*) 被缓存,而没有 ( eno1/*)。对于第一个查询,我们看到Cache miss两个范围,但对于后续查询,我们得到的Positive cache hit是全局范围,但Cache miss再次是设备范围,最终我们每次都会访问 DNS 服务器。
这违背了缓存的初衷,不仅损害了本地机器的性能(tcfe01),而且还不必要地重击了 DNS 服务器。任何对此行为的洞察都将非常有帮助。
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Got DNS stub UDP query packet for id 14184
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Looking up RR for google.com IN A.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Switching to DNS server 192.168.10.25 for interface eno1.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Switching to system DNS server 192.168.10.25.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Cache miss for google.com IN A
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Transaction 48281 for <google.com IN A> scope dns on */*.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Using feature level UDP+EDNS0 for transaction 48281.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Using DNS server 192.168.10.25 for transaction 48281.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Sending query packet with id 48281.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Cache miss for google.com IN A
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Transaction 1213 for <google.com IN A> scope dns on eno1/*.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Using feature level UDP+EDNS0 for transaction 1213.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Using DNS server 192.168.10.25 for transaction 1213.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Sending query packet with id 1213.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Processing query...
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Processing incoming packet on transaction 48281. (rcode=SUCCESS)
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Verified we get a response at feature level UDP+EDNS0 from DNS server 192.168.10.25.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Added positive unauthenticated cache entry for google.com IN A 299s on */INET/192.168.10.25
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Transaction 48281 for <google.com IN A> on scope dns on */* now complete with <success> from network (unsigned).
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Freeing transaction 1213.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Sending response packet with id 14184 on interface 1/AF_INET.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Freeing transaction 48281.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Got DNS stub UDP query packet for id 50679
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Looking up RR for google.com IN A.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Positive cache hit for google.com IN A
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Transaction 51371 for <google.com IN A> on scope dns on */* now complete with <success> from cache (unsigned).
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Cache miss for google.com IN A
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Transaction 16504 for <google.com IN A> scope dns on eno1/*.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Using feature level UDP+EDNS0 for transaction 16504.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Using DNS server 192.168.10.25 for transaction 16504.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Sending query packet with id 16504.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Freeing transaction 51371.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Freeing transaction 16504.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Sending response packet with id 50679 on interface 1/AF_INET.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Processing query...
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Got DNS stub UDP query packet for id 50950
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Looking up RR for google.com IN A.
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Positive cache hit for google.com IN A
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Transaction 27482 for <google.com IN A> on scope dns on */* now complete with <success> from cache (unsigned).
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Cache miss for google.com IN A
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Transaction 24663 for <google.com IN A> scope dns on eno1/*.
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Using feature level UDP+EDNS0 for transaction 24663.
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Using DNS server 192.168.10.25 for transaction 24663.
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Sending query packet with id 24663.
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Freeing transaction 27482.
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Freeing transaction 24663.
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Sending response packet with id 50950 on interface 1/AF_INET.
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Processing query...
答案1
我在这里回答我自己的问题,因为至少我面临的问题现在解决了。感谢@bac0n 为我指明了正确的方向。因此显示了针对全局以及每个链接设置配置的 DNS 服务器。这导致每个查询都被解析两次。我通过向文件添加条目并重新启动,systemd-resolve --status将全局 DNS 配置为最终 DNSDomains=~./etc/systemd/resolved.confsystemd-resolved.service。
正如@bac0n提到的,我可以通过以下方式对我的特定链接执行相同的操作systemd 网络设置。由于我使用的是 netplan,并且没有配置systemd 网络我直接认为我必须使用 netplan 进行这些设置。但我无法轻松找到 netplan 的选项。所以我暂时就到此为止。