我正在尝试连接到公共 WiFi。WiFi 是一个开放网络(至少在欧洲很常见),但在首次连接后,本地 DNS 服务器已经正确解析了所有域名,但对端口 80 的任何传出请求都会重定向到登录页面,对其他端口的任何传出请求都会被阻止。只有在确认该登录页面上的条款和条件后,我才能真正建立与互联网的传出连接。
在我的情况下,登录页面托管在域下hotsplots.de。但是,尝试在浏览器中打开该页面时会出现ERR_NAME_NOT_RESOLVED。我在 Arch Linux 上,我的系统使用 NetworkManager 和 systemd-resolved。
我的/etc/resolv.conf包含一个典型的 systemd-resolved 配置:
nameserver 127.0.0.53
options edns0 trust-ad
search hotspot
systemd-resolve --status显示以下内容:
Global
Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
Fallback DNS Servers: 1.1.1.1#cloudflare-dns.com 9.9.9.9#dns.quad9.net 8.8.8.8#dns.google 2606:4700:4700::1111#cloudflare-dns.com 2620:fe::9#dns.quad9.net 2001:4860:4860::8888#dns.google
Link 2 (wlan0)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6 mDNS/IPv4 mDNS/IPv6
Protocols: +DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 192.168.44.1
DNS Servers: 192.168.44.1
DNS Domain: hotspot
Link 5 (vpn0)
Current Scopes: none
Protocols: -DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
我的 IP 地址是192.168.44.168/22,默认路由和 DNS 服务器的 IP 地址是192.168.44.1。我的/etc/systemd/resolved.conf仅包含注释掉的设置。
有趣的是,有些命令可以解析主机hotsplots.de,而其他命令则不能:
systemd-resolve hotsplots.de:
hotsplots.de: Name 'hotsplots.de' not found
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Got message type=method_call sender=:1.121 destination=org.freedesktop.resolve1 path=/org/freedesktop/resolve1 interface=org.freedesktop.resolve1.Manager member=ResolveHostname cookie=2 reply_cookie=0 signature=isit error-name=n/a error-message=n/a
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: idn2_lookup_u8: hotsplots.de → hotsplots.de
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Sent message type=method_call sender=n/a destination=org.freedesktop.DBus path=/org/freedesktop/DBus interface=org.freedesktop.DBus member=GetConnectionUnixProcessID cookie=37 reply_cookie=0 signature=s error-name=n/a error-message=n/a
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Got message type=method_return sender=org.freedesktop.DBus destination=:1.119 path=n/a interface=n/a member=n/a cookie=24 reply_cookie=37 signature=u error-name=n/a error-message=n/a
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: D-Bus hostname resolution request from client PID 11629 (systemd-resolve) with UID 1000
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Looking up RR for hotsplots.de IN A.
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Looking up RR for hotsplots.de IN AAAA.
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Sent message type=method_call sender=n/a destination=org.freedesktop.DBus path=/org/freedesktop/DBus interface=org.freedesktop.DBus member=AddMatch cookie=38 reply_cookie=0 signature=s error-name=n/a error-message=n/a
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Sent message type=method_call sender=n/a destination=org.freedesktop.DBus path=/org/freedesktop/DBus interface=org.freedesktop.DBus member=GetNameOwner cookie=39 reply_cookie=0 signature=s error-name=n/a error-message=n/a
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Got message type=method_return sender=org.freedesktop.DBus destination=:1.119 path=n/a interface=n/a member=n/a cookie=26 reply_cookie=39 signature=s error-name=n/a error-message=n/a
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Cache miss for hotsplots.de IN AAAA
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Firing regular transaction 15460 for <hotsplots.de IN AAAA> scope dns on wlan0/* (validate=yes).
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Using feature level UDP+EDNS0 for transaction 15460.
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Using DNS server 192.168.44.1 for transaction 15460.
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Announcing packet size 1472 in egress EDNS(0) packet.
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Emitting UDP, link MTU is 1500, socket MTU is 0, minimal MTU is 40
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Sending query packet with id 15460 of size 41.
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Cache miss for hotsplots.de IN A
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Firing regular transaction 15448 for <hotsplots.de IN A> scope dns on wlan0/* (validate=yes).
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Using feature level UDP+EDNS0 for transaction 15448.
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Using DNS server 192.168.44.1 for transaction 15448.
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Announcing packet size 1472 in egress EDNS(0) packet.
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Emitting UDP, link MTU is 1500, socket MTU is 0, minimal MTU is 40
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Sending query packet with id 15448 of size 41.
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Got message type=method_return sender=org.freedesktop.DBus destination=:1.119 path=n/a interface=n/a member=n/a cookie=25 reply_cookie=38 signature=n/a error-name=n/a error-message=n/a
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Match type='signal',sender='org.freedesktop.DBus',path='/org/freedesktop/DBus',interface='org.freedesktop.DBus',member='NameOwnerChanged',arg0=':1.121' successfully installed.
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Received dns UDP packet of size 41, ifindex=2, ttl=0, fragsize=0, sender=192.168.44.1, destination=192.168.44.168
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Processing incoming packet of size 41 on transaction 15460 (rcode=NXDOMAIN).
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Not caching negative entry without a SOA record: hotsplots.de IN AAAA
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Regular transaction 15460 for <hotsplots.de IN AAAA> on scope dns on wlan0/* now complete with <rcode-failure> from network (unsigned; non-confidential).
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Received dns UDP packet of size 41, ifindex=2, ttl=0, fragsize=0, sender=192.168.44.1, destination=192.168.44.168
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Processing incoming packet of size 41 on transaction 15448 (rcode=NXDOMAIN).
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Not caching negative entry without a SOA record: hotsplots.de IN A
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Regular transaction 15448 for <hotsplots.de IN A> on scope dns on wlan0/* now complete with <rcode-failure> from network (unsigned; non-confidential).
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Freeing transaction 15460.
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Sent message type=error sender=n/a destination=:1.121 path=n/a interface=n/a member=n/a cookie=40 reply_cookie=2 signature=s error-name=org.freedesktop.resolve1.DnsError.NXDOMAIN error-message=Name 'hotsplots.de' not found
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Sent message type=method_call sender=n/a destination=org.freedesktop.DBus path=/org/freedesktop/DBus interface=org.freedesktop.DBus member=RemoveMatch cookie=41 reply_cookie=0 signature=s error-name=n/a error-message=n/a
Jan 02 16:39:36 cdauth-atl systemd-resolved[11509]: Freeing transaction 15448.
host hotsplots.de 192.168.44.1:
Using domain server:
Name: 192.168.44.1
Address: 192.168.44.1#53
Aliases:
hotsplots.de has address 92.51.175.170
hotsplots.de mail is handled by 50 mx3.hotsplots.de.
dig @192.168.44.1 hotsplots.de:
; <<>> DiG 9.18.20 <<>> @192.168.44.1 hotsplots.de
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2439
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 980846e96f2fd1a1 (echoed)
;; QUESTION SECTION:
;hotsplots.de. IN A
;; Query time: 5 msec
;; SERVER: 192.168.44.1#53(192.168.44.1) (UDP)
;; WHEN: Tue Jan 02 17:23:45 CET 2024
;; MSG SIZE rcvd: 53
nslookup hotsplots.de 192.168.44.1:
Server: 192.168.44.1
Address: 192.168.44.1#53
Non-authoritative answer:
Name: hotsplots.de
Address: 92.51.175.170
因此host和nslookup可以解析主机名,但dig和systemd-resolved不能。
如果我手动更改/etc/resolv.conf为nameserver 192.168.44.1,则host和nslookup命令开始工作而无需指定名称服务器,但命令dig仍然失败。浏览器似乎仍然会ERR_NAME_NOT_RESOLVED出错,并且运行例如ping hotsplots.de仍然会失败hotsplots.de: Name or service not known。只有在添加到 之后92.51.175.170 hotsplots.de www.hotsplots.de,/etc/hosts我才能打开登录页面并登录。
登录后,问题仍然存在。虽然我可以连接到公共互联网,从而通过使用公共 DNS 服务器使用该连接,但只要我继续使用本地 DNS 服务器,systemd-resolved我dig的浏览器ping仍然会抱怨它们无法解析任何主机名。
我真的很困惑这里发生了什么。 请求dig和host请求之间有什么区别? 问题的原因可能是什么? 我该如何进一步调查?