当前版本:macOS Sierra 10.12.3
我为公司管理 OpenVPN 服务器。我已设置以下内容:
# Send client instructions to use our internal DNS
push "dhcp-option DNS 172.31.5.39"
push "dhcp-option DNS 172.31.34.40"
push "dhcp-option DNS 172.31.33.23"
# Send client instructions to search these domains when doing short/non-FQDN name lookups
push "dhcp-option DOMAIN-SEARCH ies"
push "dhcp-option DOMAIN-SEARCH ec2"
push "dhcp-option DOMAIN-SEARCH elb"
push "dhcp-option DOMAIN-SEARCH us-west-2.compute.internal"
在我的计算机上一切都运行正常。
$ scutil --dns
DNS configuration
resolver #1
search domain[0] : ies
search domain[1] : ec2
search domain[2] : elb
search domain[3] : us-west-2.compute.internal
nameserver[0] : 172.31.5.39
nameserver[1] : 172.31.34.40
nameserver[2] : 172.31.33.23
flags : Request A records
reach : Reachable
resolver #2
domain : local
options : mdns
timeout : 5
flags : Request A records
reach : Not Reachable
order : 300000
resolver #3
domain : 254.169.in-addr.arpa
options : mdns
timeout : 5
flags : Request A records
reach : Not Reachable
order : 300200
resolver #4
domain : 8.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : Not Reachable
order : 300400
resolver #5
domain : 9.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : Not Reachable
order : 300600
resolver #6
domain : a.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : Not Reachable
order : 300800
resolver #7
domain : b.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : Not Reachable
order : 301000
resolver #8
domain : ies
nameserver[0] : 172.31.5.39
nameserver[1] : 172.31.34.40
nameserver[2] : 172.31.33.23
flags : Request A records
reach : Reachable
DNS configuration (for scoped queries)
resolver #1
search domain[0] : ies
search domain[1] : ec2
search domain[2] : elb
search domain[3] : us-west-2.compute.internal
nameserver[0] : 172.31.5.39
nameserver[1] : 172.31.34.40
nameserver[2] : 172.31.33.23
if_index : 4 (en0)
flags : Scoped, Request A records
reach : Reachable
$ dscacheutil -q host -a name svcmongouat1.ec2
name: svcmongouat1.ec2
ip_address: 172.31.16.60
$ dns-sd -Gv4v6 svcmongouat1.ec2
DATE: ---Fri 03 Mar 2017---
1:03:47.635 ...STARTING...
Timestamp A/R Flags if Hostname Address TTL
1:03:47.637 Add 2 0 svcmongouat1.ec2. 0000:0000:0000:0000:0000:0000:0000:0000%<0> 60 No Such Record
1:03:47.727 Add 2 0 svcmongouat1.ec2. 172.31.16.60 39
^C
$ dns-sd -q svcmongouat1.ec2 255 255
DATE: ---Fri 03 Mar 2017---
1:04:14.348 ...STARTING...
Timestamp A/R Flags if Name Type Class Rdata
1:04:14.349 Add 2 0 svcmongouat1.ec2. Addr IN 172.31.16.60
^C
但对于其他每个用户,他们在 中获得相同的结果scutil,并且能够在 执行 时获得正确的查找dig,但不能dscacheutil,当然他们的大多数其他应用程序也会失败。
更新:
以下是一位同事遇到奇怪故障的示例:
$ scutil --dns
DNS configuration
resolver #1
search domain[0] : ies
search domain[1] : ec2
search domain[2] : elb
search domain[3] : us-west-2.compute.internal
nameserver[0] : 172.31.5.39
nameserver[1] : 172.31.34.40
nameserver[2] : 172.31.33.23
flags : Request A records
reach : Reachable
resolver #2
domain : local
options : mdns
timeout : 5
flags : Request A records
reach : Not Reachable
order : 300000
resolver #3
domain : 254.169.in-addr.arpa
options : mdns
timeout : 5
flags : Request A records
reach : Not Reachable
order : 300200
resolver #4
domain : 8.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : Not Reachable
order : 300400
resolver #5
domain : 9.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : Not Reachable
order : 300600
resolver #6
domain : a.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : Not Reachable
order : 300800
resolver #7
domain : b.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : Not Reachable
order : 301000
resolver #8
domain : ies
nameserver[0] : 172.31.5.39
nameserver[1] : 172.31.34.40
nameserver[2] : 172.31.33.23
flags : Request A records
reach : Reachable
DNS configuration (for scoped queries)
resolver #1
search domain[0] : ies
search domain[1] : ec2
search domain[2] : elb
search domain[3] : us-west-2.compute.internal
nameserver[0] : 172.31.5.39
nameserver[1] : 172.31.34.40
nameserver[2] : 172.31.33.23
if_index : 4 (en0)
flags : Scoped, Request A records
reach : Reachable
$
$
$ dscacheutil -q host -a name svcmongouat1.ec2
$ dscacheutil -q host -a name svcmongouat1.ec2
$
$
$ dns-sd -Gv4v6 svcmongouat1.ec2
DATE: ---Thu 09 Mar 2017---
11:07:18.693 ...STARTING...
Timestamp A/R Flags if Hostname Address TTL
11:07:18.694 Add 3 0 svcmongouat1.ec2. 0000:0000:0000:0000:0000:0000:0000:0000%<0> 60 No Such Record
11:07:18.695 Add 2 0 svcmongouat1.ec2. 0.0.0.0 108002 No Such Record
^C
$
$
$ dns-sd -q svcmongouat1.ec2 255 255
DATE: ---Thu 09 Mar 2017---
11:07:43.522 ...STARTING...
Timestamp A/R Flags if Name Type Class Rdata
11:07:43.523 Add 3 0 svcmongouat1.ec2. Addr IN 0.0.0.0 No Such Record
11:07:43.524 Add 2 0 svcmongouat1.ec2. AAAA IN 0.0.0.0 No Such Record
^C
$
$
$ dig svcmongouat1.ec2
; <<>> DiG 9.8.3-P1 <<>> svcmongouat1.ec2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42225
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 0
;; QUESTION SECTION:
;svcmongouat1.ec2. IN A
;; ANSWER SECTION:
svcmongouat1.ec2. 30 IN A 172.31.16.60
;; AUTHORITY SECTION:
. 6413 IN NS i.root-servers.net.
. 6413 IN NS k.root-servers.net.
. 6413 IN NS l.root-servers.net.
. 6413 IN NS d.root-servers.net.
. 6413 IN NS j.root-servers.net.
. 6413 IN NS c.root-servers.net.
. 6413 IN NS b.root-servers.net.
. 6413 IN NS f.root-servers.net.
. 6413 IN NS a.root-servers.net.
. 6413 IN NS e.root-servers.net.
. 6413 IN NS h.root-servers.net.
. 6413 IN NS g.root-servers.net.
. 6413 IN NS m.root-servers.net.
;; Query time: 103 msec
;; SERVER: 172.31.5.39#53(172.31.5.39)
;; WHEN: Thu Mar 9 10:58:27 2017
;; MSG SIZE rcvd: 261
$
我已经在 Google 上搜索过了,它对所有人而言似乎都是一个谜,而且在不同版本的 OS X 中也发生过多次变化。
因此,问题又来了:
- 名称解析在最新版本的 macOS 中实际上是如何工作的?
- 哪些应用程序使用哪些工具以及为什么?
- 我如何确定^^^^ #2?
- 有人如何调试?