当我们使用 openvpn 连接到我们的公司 VPN 时,DNS 解析就停止工作了隧道图。
当我连接到 vpn 时,会设置以下(示例)DNS设置:
james@macbook:~$ cat /etc/resolv.conf
#
# Mac OS X Notice
#
# This file is not used by the host name and address resolution
# or the DNS query routing mechanisms used by most processes on
# this Mac OS X system.
#
# This file is automatically generated.
#
search intra.example.com
nameserver 10.181.0.222
nameserver 192.168.0.1
使用 FQDN 解析主机名的方法如下:
james@macbook:~$ dig somehost.intra.example.com +noall +answer
; <<>> DiG 9.8.3-P1 <<>> somehost.intra.example.com +noall +answer
;; global options: +cmd
somehost.intra.example.com. 3600 IN A 10.182.1.37
但虽然在 DNS 设置中设置了搜索后缀 intra.example.com,但无法仅通过主机名来解析主机:
james@macbook:~$ dig somehost +noall +answer
; <<>> DiG 9.8.3-P1 <<>> somehost +noall +answer
;; global options: +cmd
DNS 解析一直有效,直到我上次暂停使用 Macbook 之前大约 1 小时。有什么线索可以解释为什么虽然设置了搜索后缀,但主机名却无法解析?
答案1
作为dig查询 DNS 服务器的工具,它必须假定给定的参数已经是 FQDN。nslookup检查您是否为其提供了 FQDN,并添加适当的后缀。
有一件事可能会引起人们的兴趣:OS-X 上 dig 手册页的摘录:
Mac OS X NOTICE
The dig command does not use the host name and address resolution or the DNS query routing mechanisms used by other
processes running on Mac OS X. The results of name or address queries printed by dig may differ from those found by
other processes that use the Mac OS X native name and address resolution mechanisms. The results of DNS queries may also
differ from queries that use the Mac OS X DNS routing library.
希望有帮助