我今天升级了互联网路由器,发现运行 Fedora 36 的 Linux 系统无法再执行 DNS 名称解析。我的网络上还有 Android 设备、Windows 10、Windows 11 和 CentOS 7.9 系统,此次升级没有出现任何问题。
在我的 CentOS 机器上,/etc/resolv.conf包含:
# Generated by NetworkManager
nameserver 10.0.1.1
在我的 Fedora 36 机器上,它包含:
# This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8).
# Do not edit.
#
# This file might be symlinked as /etc/resolv.conf. If you're looking at
# /etc/resolv.conf and seeing this text, you have followed the symlink.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs should typically not access this file directly, but only
# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
# different way, replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
nameserver 127.0.0.53
options edns0 trust-ad
search .
Fedora 36 使用 systemd 解析服务来管理 DNS 名称服务器,向该8.8.8.8文件添加其他条目并重新启动该服务会重新生成该文件,并且任何更改都会丢失。
我不明白发生了什么,现在只有我的 Fedora 36 系统无法解析域名,而且我一直找不到修复它的方法。我尝试了很多不同的 Google 搜索,但是 Fedora 的发行版和旧版本之间存在很多相互冲突的信息,其中很多信息要么不相关,要么包含未提供任何行为改变的过程。
我通过本地网络访问系统没有问题,并且可以很好地 ping IP 地址。但我无法 ping 通任何域。
我得到的错误是:
$ ping google.com
ping: google.com: Temporary failure in name resolution
我尝试重新启动已解决的服务和 dnsmaq 服务:
systemctl restart systemd-resolved.service
systemctl restart dnsmasq
确保 DNS 端口已打开:
firewall-cmd --permanent --add-port=43/tcp
firewall-cmd --permanent --add-port=53/tcp
firewall-cmd --reload
我尝试关闭以太网适配器,然后再次备份:
nmcli con down id Ethernet
nmcli con up id Ethernet
我尝试添加8.8.8.8为我的以太网卡的接口 DNS:
systemd-resolve --interface enp9s0 --set-dns 8.8.8.8
我也尝试过刷新我的 DNS 缓存:
resolvectl flush-caches
sudo resolvectl flush-caches
该服务器是无头的,因此我只能通过 SSH 访问它。这意味着我无法从桌面或 GUI 更改任何设置。
问题是什么,它是如何发生的,我该如何解决它?我不明白问题是什么或如何继续。
以下是一些附加信息:
$ resolvectl status
Global
Protocols: LLMNR=resolve -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
Link 2 (enp9s0)
Current Scopes: LLMNR/IPv4 LLMNR/IPv6
Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Link 3 (wlp8s0)
Current Scopes: none
Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
$ systemd-resolve --statistics
DNSSEC supported by current servers: no
Transactions
Current Transactions: 0
Total Transactions: 0
Cache
Current Cache Size: 0
Cache Hits: 0
Cache Misses: 0
DNSSEC Verdicts
Secure: 0
Insecure: 0
Bogus: 0
Indeterminate: 0
$ systemctl status systemd-resolved
● systemd-resolved.service - Network Name Resolution
Loaded: loaded (/usr/lib/systemd/system/systemd-resolved.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2022-07-27 16:34:57 EDT; 16min ago
Docs: man:systemd-resolved.service(8)
man:org.freedesktop.resolve1(5)
https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers
https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients
Main PID: 1992495 (systemd-resolve)
Status: "Processing requests..."
Tasks: 1 (limit: 76912)
Memory: 4.0M
CPU: 61ms
CGroup: /system.slice/systemd-resolved.service
└─ 1992495 /usr/lib/systemd/systemd-resolved
Jul 27 16:34:57 lserver systemd[1]: Starting systemd-resolved.service - Network Name Resolution...
Jul 27 16:34:57 lserver systemd-resolved[1992495]: Positive Trust Anchors:
Jul 27 16:34:57 lserver systemd-resolved[1992495]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683>
Jul 27 16:34:57 lserver systemd-resolved[1992495]: Negative trust anchors: home.arpa 10.in-addr.arpa 16.172.in-addr.>
Jul 27 16:34:57 lserver systemd-resolved[1992495]: Using system hostname 'lserver'.
Jul 27 16:34:57 lserver systemd[1]: Started systemd-resolved.service - Network Name Resolution.
Jul 27 16:48:02 lserver systemd-resolved[1992495]: Flushed all caches.
Jul 27 16:48:30 lserver systemd-resolved[1992495]: Flushed all caches.
$ systemctl status dnsmasq
● dnsmasq.service - DNS caching server.
Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; disabled; vendor preset: disabled)
Active: active (running) since Wed 2022-07-27 16:49:49 EDT; 50s ago
Process: 2045570 ExecStart=/usr/sbin/dnsmasq (code=exited, status=0/SUCCESS)
Main PID: 2045572 (dnsmasq)
Tasks: 1 (limit: 76912)
Memory: 600.0K
CPU: 3ms
CGroup: /system.slice/dnsmasq.service
└─ 2045572 /usr/sbin/dnsmasq
Jul 27 16:49:49 lserver systemd[1]: Starting dnsmasq.service - DNS caching server....
Jul 27 16:49:49 lserver dnsmasq[2045572]: started, version 2.86 cachesize 150
Jul 27 16:49:49 lserver dnsmasq[2045572]: compile time options: IPv6 GNU-getopt DBus no-UBus no-i18n IDN2 DHCP DHCPv>
Jul 27 16:49:49 lserver dnsmasq[2045572]: reading /etc/resolv.conf
Jul 27 16:49:49 lserver dnsmasq[2045572]: using nameserver 127.0.0.53#53
Jul 27 16:49:49 lserver systemd[1]: Started dnsmasq.service - DNS caching server..
Jul 27 16:49:49 lserver dnsmasq[2045572]: read /etc/hosts - 2 addresses
我以前的路由器是带有 OpenWRT 的 Linksys WRT3200ACM。我的新路由器是带有 FreshTomato 的 Netgear R7000。我似乎将路由器软件配置为充当本地 DNS 服务器,这反映nameserver在我的 CentOS 机器上默认为 的条目上10.0.1.1,它是网络上的默认网关地址。然而,根据网络上的所有其他设备,它似乎正在执行其工作。这仍然不能解释为什么 Fedora 36 是唯一有问题的系统。
此次升级并未改变我的 IP 地址。默认网关始终配置为 10.0.1.1,并且该计算机的 IP 始终静态为 10.0.1.21。 LAN 的唯一变化是路由器交换。一切都应该“正常工作”,因为我已经预先配置了所有必要的端口转发。
根据评论要求提供更多信息:
$ dig @10.0.1.1 bbc.co.uk
; <<>> DiG 9.16.30-RH <<>> @10.0.1.1 bbc.co.uk
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16748
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;bbc.co.uk. IN A
;; ANSWER SECTION:
bbc.co.uk. 177 IN A 151.101.64.81
bbc.co.uk. 177 IN A 151.101.128.81
bbc.co.uk. 177 IN A 151.101.192.81
bbc.co.uk. 177 IN A 151.101.0.81
;; Query time: 9 msec
;; SERVER: 10.0.1.1#53(10.0.1.1)
;; WHEN: Wed Jul 27 17:21:01 EDT 2022
;; MSG SIZE rcvd: 102
$ dig @127.0.0.53 bbc.co.uk
; <<>> DiG 9.16.30-RH <<>> @127.0.0.53 bbc.co.uk
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 58582
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;bbc.co.uk. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Wed Jul 27 17:21:26 EDT 2022
;; MSG SIZE rcvd: 38
$ dig @8.8.8.8
; <<>> DiG 9.16.30-RH <<>> @8.8.8.8
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32553
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 615 IN NS m.root-servers.net.
. 615 IN NS b.root-servers.net.
. 615 IN NS c.root-servers.net.
. 615 IN NS d.root-servers.net.
. 615 IN NS e.root-servers.net.
. 615 IN NS f.root-servers.net.
. 615 IN NS g.root-servers.net.
. 615 IN NS h.root-servers.net.
. 615 IN NS a.root-servers.net.
. 615 IN NS i.root-servers.net.
. 615 IN NS j.root-servers.net.
. 615 IN NS k.root-servers.net.
. 615 IN NS l.root-servers.net.
;; Query time: 15 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Jul 27 17:21:32 EDT 2022
;; MSG SIZE rcvd: 239
$ journalctl _SYSTEMD_UNIT=systemd-resolved.service
...
-- Boot 66eaabbbfb7e4f7b9f34c9b3316f1e07 --
Jul 15 08:06:43 lserver systemd-resolved[1456]: Positive Trust Anchors:
Jul 15 08:06:43 lserver systemd-resolved[1456]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d
Jul 15 08:06:43 lserver systemd-resolved[1456]: Negative trust anchors: home.arpa 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.>
Jul 15 08:06:43 lserver systemd-resolved[1456]: Using system hostname 'lserver'.
Jul 15 08:06:48 lserver systemd-resolved[1456]: enp9s0: Bus client set default route setting: yes
Jul 15 08:06:48 lserver systemd-resolved[1456]: enp9s0: Bus client set DNS server list to: fdf5:328d:f2ee::1
Jul 27 12:35:17 lserver systemd-resolved[1456]: enp9s0: Bus client set default route setting: no
Jul 27 12:35:17 lserver systemd-resolved[1456]: enp9s0: Bus client reset DNS server list.
Jul 27 14:55:04 lserver systemd-resolved[1456]: Flushed all caches.
Jul 27 14:55:08 lserver systemd-resolved[1456]: Flushed all caches.
Jul 27 14:55:42 lserver systemd-resolved[1456]: Flushed all caches.
Jul 27 14:55:47 lserver systemd-resolved[1456]: [Scope protocol=llmnr interface=enp9s0 family=AF_INET6]
Jul 27 14:55:47 lserver systemd-resolved[1456]: [Scope protocol=llmnr interface=enp9s0 family=AF_INET]
Jul 27 14:55:47 lserver systemd-resolved[1456]: [Scope protocol=dns]
Jul 27 14:57:58 lserver systemd-resolved[1620611]: Positive Trust Anchors:
答案1
我正在回答我自己的问题来分享我最终使用的解决方法,但我不愿意接受它,因为我认为操作系统应该能够自动配置 DNS 服务器。我仍然不确定为什么这个问题存在,为什么它只在我更换路由器后发生,并且只发生在我的 Fedora 36 系统上。
为了解决这个问题,我最终复制了我的 CentOS 机器的行为,其中 DNS 服务器设置为默认网关,即我的路由器地址 10.0.1.1。对于 systemd-resolved,这是通过编辑文件/etc/systemd/resolved.conf并向该行添加一个条目来完成的DNS=。
[Resolve]
DNS=10.0.1.1
它也可以与其他已知的 DNS 主机(例如 、 等)一起正常工作。8.8.8.8但1.1.1.1使用我的路由器是有意义的,因为它也在此处执行 DNS 查找并拥有自己的缓存。
我不明白为什么这是一个问题,无论是 Fedora 36 还是我的环境,但我觉得这是一个我不应该处理的问题。