systemd-resolved 存根解析器正在断开连接,并且不响应查询。为什么是这样?

tag-icon tag-icon debian systemd dns systemd-resolved
systemd-resolved 存根解析器正在断开连接,并且不响应查询。为什么是这样?

我在使用 systemd 本地配置 DNS Over TLS 时遇到一些问题,已解决。

我的配置步骤:

  1. 修改我的 /etc/systemd/resolved.conf 文件(这可以在下面看到)
  2. 通过 systemctl 重新启动已解决 systemd-resolved
  3. 从 systemd-resolved 的 /run/systemd/resolve/stub-resolve.conf -> /etc/resolv.conf 创建符号链接
  4. 仔细检查 /etc/resolv.conf 是否正确,并且指向我的本地存根解析器 127.0.0.53:53
  5. 还检查了侦听套接字列表,并解决了似乎正在侦听接口 127.0.0.53 上的 udp 端口​​ 53

我似乎无法理解这里发生了什么,以及为什么我的连接超时并且服务器不会响应我的 DNS 查询。我显然在某个地方犯了一个巨大的错误,因为我相信这应该有效。任何人都可以更好地理解这一点,知道下一步该去哪里?

这是我的 /etc/systemd/resolved.conf 文件:

#  This file is part of systemd.
#
#  systemd is free software; you can redistribute it and/or modify it
#  under the terms of the GNU Lesser General Public License as published by
#  the Free Software Foundation; either version 2.1 of the License, or
#  (at your option) any later version.
#
# Entries in this file show the compile time defaults.
# You can change settings by editing this file.
# Defaults can be restored by simply deleting this file.
#
# See resolved.conf(5) for details

[Resolve]
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1 1.0.0.1 2606:4700:4700::1111 2606:4700:4700::1001
# Google:     8.8.8.8 8.8.4.4 2001:4860:4860::8888 2001:4860:4860::8844
# Quad9:      9.9.9.9 2620:fe::fe
DNS=9.9.9.9 149.112.112.112
#FallbackDNS=
#Domains=
DNSSEC=yes
DNSOverTLS=yes
MulticastDNS=no
#LLMNR=yes
#Cache=yes
DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no

这是我的 /etc/resolv.conf 文件(它是 /run/systemd/resolve/stub-resolv.conf 的符号链接)

# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs should typically not access this file directly, but only
# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
# different way, replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.

nameserver 127.0.0.53
options edns0 trust-ad
search .

相关内容