总的来说,我目前正在用内置systemd设施替换所有网络设备。NetworkManager,,,——dnsmasq全部消失了,而且一切似乎都正常运转。dhcpcdavahi-daemon
除了本地主机名不再从我的桌面框解析之外:
C:\Users\Christian>ping fritzwlan
Ping request could not find host fritzwlan. Please check the name and try again.
现在,我可以看到服务器上的查询:
root@gatekeeper:/home/stieber# tcpdump -i lan -p udp
...
15:27:18.381225 IP Desktop.mdns > mdns.mcast.net.mdns: 0 A (QM)? fritzwlan.local. (33)
15:27:18.381506 IP Desktop.mdns > mdns.mcast.net.mdns: 0 AAAA (QM)? fritzwlan.local. (33)
15:27:18.469278 IP gatekeeper.mdns > mdns.mcast.net.mdns: 0 PTR (QM)? 255.255.1.10.in-addr.arpa. (43)
15:27:18.804129 IP Desktop.61938 > 224.0.0.252.5355: UDP, length 27
15:27:18.804129 IP Desktop.61316 > 224.0.0.252.5355: UDP, length 27
15:27:19.131294 IP Desktop.netbios-ns > 10.1.255.255.netbios-ns: UDP, length 50
15:27:19.383976 IP Desktop.mdns > mdns.mcast.net.mdns: 0 AAAA (QM)? fritzwlan.local. (33)
15:27:19.384990 IP Desktop.mdns > mdns.mcast.net.mdns: 0 A (QM)? fritzwlan.local. (33)
15:27:19.385926 IP Desktop.mdns > mdns.mcast.net.mdns: 0 AAAA (QM)? fritzwlan.local. (33)
15:27:19.610547 IP gatekeeper.mdns > mdns.mcast.net.mdns: 0 PTR (QM)? 255.255.1.10.in-addr.arpa. (43)
/var/log/syslog什么也没显示。
据我所知,systemd-resolved应该启用多播:
root@gatekeeper:/home/stieber# resolvectl status
Global
Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
Fallback DNS Servers 8.8.8.8 1.1.1.1
Link 2 (lan)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6 mDNS/IPv4 mDNS/IPv6
Protocols: +DefaultRoute +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
Link 3 (wan)
...
和
root@gatekeeper:/home/stieber# resolvectl mdns
Global: yes
Link 2 (lan): yes
...
root@gatekeeper:/home/stieber# resolvectl llmnr
Global: yes
Link 2 (lan): yes
...
配置文件还表明其已完全启用,而不仅仅是resolve:
root@gatekeeper:/home/stieber# cat /etc/systemd/resolved.conf
...
# lots of comments removed
...
[Resolve]
FallbackDNS=8.8.8.8 1.1.1.1
DNSStubListenerExtra=10.1.1.1:53
DNSStubListenerExtra=127.0.0.1:53
LLMNR=true
MulticastDNS=true
这还不是最严重的问题,尤其是因为外部主机可以很好地解析,因此“互联网”可以正常运行。
在服务器本身上,它可以很好地解决:
root@gatekeeper:/home/stieber# dig fritzwlan
; <<>> DiG 9.18.24-1-Raspbian <<>> fritzwlan
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47502
;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;fritzwlan. IN A
;; ANSWER SECTION:
fritzwlan. 0 IN A 10.1.1.2
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Sun May 05 15:44:02 CEST 2024
;; MSG SIZE rcvd: 54
接口上也启用了多播:
[Match]
Name=lan
[Link]
Multicast=true
[Network]
Address=10.1.1.1/16
DHCPServer=yes
MulticastDNS=true
LLMNR=true
[DHCPServer]
...
根据评论:
root@gatekeeper:/home/stieber# ss -lpn 'sport = :5353 or sport = :5355'
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
udp UNCONN 0 0 0.0.0.0:5353 0.0.0.0:* users:(("systemd-resolve",pid=1626,fd=15))
udp UNCONN 0 0 0.0.0.0:5355 0.0.0.0:* users:(("systemd-resolve",pid=1626,fd=11))
udp UNCONN 0 0 *:5353 *:* users:(("systemd-resolve",pid=1626,fd=16))
udp UNCONN 0 0 *:5355 *:* users:(("systemd-resolve",pid=1626,fd=13))
tcp LISTEN 0 4096 0.0.0.0:5355 0.0.0.0:* users:(("systemd-resolve",pid=1626,fd=12))
tcp LISTEN 0 4096 [::]:5355 [::]:* users:(("systemd-resolve",pid=1626,fd=14))
因此,似乎该设备正在监听这些端口。不过,不知道“多播”在其中起什么作用。
与防火墙相同:朝向“LAN”,它应该完全开放:
root@gatekeeper:/home/stieber# nft list ruleset
chain output-rejects {
oifname "wan" tcp dport { 25, 110, 143 } reject
}
chain output {
type filter hook output priority 100; policy accept;
jump output-rejects
}
...
table inet filter {
...
chain input {
type filter hook input priority filter; policy drop;
ct state invalid drop
icmp type echo-request limit rate over 2/second drop
ip protocol icmp accept
iif { "lo", "lan" } accept
...
但是,我必须承认,我还不知道多播是如何影响这一点的......
所以,现在,我很困惑不知道该去哪里找...有什么想法吗?