我安装了 Ubuntu 22.04,并设置了我的服务器的接口以及它应该使用的 IP 和 DNS 服务器:
root@m15jumplnxnoc01v:/# cat /etc/netplan/00-installer-config.yaml
network:
ethernets:
ens160:
dhcp4: no
addresses:
- 10.248.0.235/24
routes:
- to: default
via: 10.248.0.1
nameservers:
addresses:
- 10.248.0.100
- 10.248.0.103
version: 2
配置好接口并使其正常工作后,我确认能够 ping 8.8.8.8,但无法让 nslookup 解析www.google.com
因此我继续将 DNS 服务器添加到文件 /etc/systemd/resolved.conf 中并重新启动服务,从而全局添加 DNS 服务器:
[Resolve]
DNS=10.248.0.100 10.248.0.103
FallbackDNS=8.8.8.8
Domains=~.
#DNSSEC=no
#DNSOverTLS=no
#MulticastDNS=no
#LLMNR=no
#Cache=no-negative
#CacheFromLocalhost=no
#DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no
尽管我能够看到全局和接口 DNS 服务器都已正确设置,但这并没有解决我的问题:
root@m15jumplnxnoc01v:/# resolvectl
Global
Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
Current DNS Server: 10.248.0.103
DNS Servers: 10.248.0.100 10.248.0.103
Fallback DNS Servers: 8.8.8.8
DNS Domain: ~.
Link 2 (ens160)
Current Scopes: DNS
Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 10.248.0.100
DNS Servers: 10.248.0.100 10.248.0.103
But I'm still getting an error reporting "time outs" to the DNS servers:
root@m15jumplnxnoc01v:/# nslookup www.google.com
;; communications error to 127.0.0.53#53: timed out
;; communications error to 127.0.0.53#53: timed out
;; communications error to 127.0.0.53#53: timed out
;; no servers could be reached
The interesting things is that the connectivity is indeed in place:
root@m15jumplnxnoc01v:/# nc -uvz 172.0.0.53 53
Connection to 172.0.0.53 53 port [udp/domain] succeeded!
root@m15jumplnxnoc01v:/# nc -uvz 10.248.0.100 53
Connection to 10.248.0.100 53 port [udp/domain] succeeded!
root@m15jumplnxnoc01v:/# nc -uvz 10.248.0.103 53
Connection to 10.248.0.103 53 port [udp/domain] succeeded!
root@m15jumplnxnoc01v:/# nc -uvz 8.8.8.8 53
Connection to 8.8.8.8 53 port [udp/domain] succeeded!
我执行了 tcpdump 来查找 UDP/53 流量,并且确实看到请求发往正确的服务器:
root@m15jumplnxnoc01v:/# tcpdump -nni any udp and port 53
tcpdump: data link type LINUX_SLL2
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes
17:33:25.372379 lo In IP 127.0.0.1.43642 > 127.0.0.53.53: 4933+ [1au] A? detectportal.firefox.com. (53)
17:33:25.372418 lo In IP 127.0.0.1.43642 > 127.0.0.53.53: 34751+ [1au] AAAA? detectportal.firefox.com. (53)
17:33:26.008362 lo In IP 127.0.0.1.42621 > 127.0.0.53.53: 45529+ [1au] A? ntp.ubuntu.com. (43)
17:33:26.008405 lo In IP 127.0.0.1.42621 > 127.0.0.53.53: 32209+ [1au] AAAA? ntp.ubuntu.com. (43)
17:33:30.012481 lo In IP 127.0.0.1.38425 > 127.0.0.53.53: 5001+ A? www.google.com. (32)
17:33:30.377639 lo In IP 127.0.0.1.45370 > 127.0.0.53.53: 62098+ [1au] A? detectportal.firefox.com. (53)
17:33:30.377837 lo In IP 127.0.0.1.45370 > 127.0.0.53.53: 5017+ [1au] AAAA? detectportal.firefox.com. (53)
17:33:31.013169 lo In IP 127.0.0.1.39636 > 127.0.0.53.53: 1505+ [1au] A? ntp.ubuntu.com. (43)
17:33:31.013201 lo In IP 127.0.0.1.39636 > 127.0.0.53.53: 19416+ [1au] AAAA? ntp.ubuntu.com. (43)
17:33:35.016648 lo In IP 127.0.0.1.54656 > 127.0.0.53.53: 5001+ A? www.google.com. (32)
17:33:35.383028 lo In IP 127.0.0.1.45370 > 127.0.0.53.53: 62098+ [1au] A? detectportal.firefox.com. (53)
17:33:35.383062 lo In IP 127.0.0.1.45370 > 127.0.0.53.53: 5017+ [1au] AAAA? detectportal.firefox.com. (53)
17:33:36.018367 lo In IP 127.0.0.1.39636 > 127.0.0.53.53: 1505+ [1au] A? ntp.ubuntu.com. (43)
17:33:36.018411 lo In IP 127.0.0.1.39636 > 127.0.0.53.53: 19416+ [1au] AAAA? ntp.ubuntu.com. (43)
17:33:40.022204 lo In IP 127.0.0.1.41749 > 127.0.0.53.53: 5001+ A? www.google.com. (32)
17:33:41.020464 lo In IP 127.0.0.1.48022 > 127.0.0.53.53: 27022+ [1au] A? ntp.ubuntu.com. (43)
17:33:41.020506 lo In IP 127.0.0.1.48022 > 127.0.0.53.53: 51079+ [1au] AAAA? ntp.ubuntu.com. (43)
17:33:46.025666 lo In IP 127.0.0.1.48022 > 127.0.0.53.53: 27022+ [1au] A? ntp.ubuntu.com. (43)
17:33:46.025709 lo In IP 127.0.0.1.48022 > 127.0.0.53.53: 51079+ [1au] AAAA? ntp.ubuntu.com. (43)
17:33:46.026381 ens160 Out IP 10.248.0.235.34103 > 10.248.0.100.53: 35474+ A? detectportal.firefox.com. (42)
17:33:46.026533 ens160 Out IP 10.248.0.235.33402 > 10.248.0.100.53: 40994+ A? ntp.ubuntu.com. (32)
17:33:46.026700 ens160 Out IP 10.248.0.235.60090 > 10.248.0.100.53: 36947+ AAAA? ntp.ubuntu.com. (32)
17:33:46.026813 ens160 Out IP 10.248.0.235.33960 > 10.248.0.100.53: 10092+ A? www.google.com. (32)
17:33:46.026930 ens160 Out IP 10.248.0.235.39671 > 10.248.0.100.53: 26888+ AAAA? detectportal.firefox.com. (42)
17:33:51.028884 lo In IP 127.0.0.1.39871 > 127.0.0.53.53: 58427+ [1au] A? ntp.ubuntu.com. (43)
17:33:51.028924 lo In IP 127.0.0.1.39871 > 127.0.0.53.53: 14641+ [1au] AAAA? ntp.ubuntu.com. (43)
17:33:51.029477 ens160 Out IP 10.248.0.235.42022 > 10.248.0.103.53: 26888+ AAAA? detectportal.firefox.com. (42)
17:33:51.029655 ens160 Out IP 10.248.0.235.34400 > 10.248.0.103.53: 10092+ A? www.google.com. (32)
17:33:51.029776 ens160 Out IP 10.248.0.235.38663 > 10.248.0.103.53: 36947+ AAAA? ntp.ubuntu.com. (32)
17:33:51.029894 ens160 Out IP 10.248.0.235.58453 > 10.248.0.103.53: 40994+ A? ntp.ubuntu.com. (32)
17:33:51.030040 ens160 Out IP 10.248.0.235.51256 > 10.248.0.103.53: 35474+ A? detectportal.firefox.com. (42)
17:33:56.032396 lo In IP 127.0.0.1.39871 > 127.0.0.53.53: 58427+ [1au] A? ntp.ubuntu.com. (43)
17:33:56.032440 lo In IP 127.0.0.1.39871 > 127.0.0.53.53: 14641+ [1au] AAAA? ntp.ubuntu.com. (43)
17:34:00.365067 lo In IP 127.0.0.1.44129 > 127.0.0.53.53: 8050+ [1au] A? detectportal.firefox.com. (53)
17:34:00.365104 lo In IP 127.0.0.1.44129 > 127.0.0.53.53: 4987+ [1au] AAAA? detectportal.firefox.com. (53)
17:34:01.036519 lo In IP 127.0.0.1.34244 > 127.0.0.53.53: 36036+ [1au] A? ntp.ubuntu.com. (43)
17:34:01.036568 lo In IP 127.0.0.1.34244 > 127.0.0.53.53: 59855+ [1au] AAAA? ntp.ubuntu.com. (43)
^C
37 packets captured
64 packets received by filter
0 packets dropped by kernel
我甚至尝试将 DNS 服务更改为 resolvconf,并编辑配置文件 /etc/resolvconf/resolv.conf.d/head 以在那里添加 DNS 服务器,以及 dnsmasq 并将 DNS 服务添加到 /etc/resolv.conf(这是 dnsmasq 所使用的)。
无论我尝试哪种服务或如何配置它,它都会超时,但连接肯定存在,如上所示。
还有什么我还可以检查吗?
提前致谢!
答案1
感谢大家的评论和建议。
问题已解决,我指向的 DNS 服务器 10.248.0.100 和 10.248.0.103 正在构建中,但尚未完全准备好。我获得了另一组 DNS 服务器 10.248.1.100 和 10.248.1.103,使用这些服务器解决了问题。
有趣的是,它不能与 8.8.8.8 一起使用......
谢谢你!