我在我的 resolv 文件中有旋转和尝试设置:
nameserver 127.0.0.1
nameserver 10.104.64.25
nameserver 10.104.65.25
options timeout:1 attempts:3 rotate
操作系统信息为:
Linux 152a580f-e3c2-405f-acde-eac4d928af22 4.4.0-111-generic #134~14.04.1-Ubuntu SMP Mon Jan 15 15:39:56 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
然后我尝试使用 curl 进行 DNS 解析:
# curl bbs.service.cf.internal
curl: (6) Could not resolve host: bbs.service.cf.internal
tcpdump 给出的结果如下:
10.104.148.102.34753 > cn1c6ocvcu01.dummysite.net.domain: [bad udp cksum 0xe991 -> 0xd0f1!] 62383+ A? bbs.service.cf.internal. (41)
10.104.148.102.34753 > cn1c6ocvcu01.dummysite.net.domain: [bad udp cksum 0xe991 -> 0xc7f2!] 57774+ AAAA? bbs.service.cf.internal. (41)
cn1c6ocvcu01.dummysite.net.domain > 10.104.148.102.34753: [udp sum ok] 62383 NXDomain q: A? bbs.service.cf.internal. 0/1/0 ns: . [1h28m41s] SOA a.root-servers.net. nstld.verisign-grs.com. 2018111900 1800 900 604800 86400 (116)
cn1c6ocvcu01.dummysite.net.domain > 10.104.148.102.34753: [udp sum ok] 57774 NXDomain q: AAAA? bbs.service.cf.internal. 0/1/0 ns: . [1h28m41s] SOA a.root-servers.net. nstld.verisign-grs.com. 2018111900 1800 900 604800 86400 (116)
10.104.148.102.37052 > cn1c6ocvcu02.dummysite.net.domain: [bad udp cksum 0xea91 -> 0x41ad!] 30969+ A? bbs.service.cf.internal. (41)
10.104.148.102.37052 > cn1c6ocvcu02.dummysite.net.domain: [bad udp cksum 0xea91 -> 0xee5a!] 45387+ AAAA? bbs.service.cf.internal. (41)
cn1c6ocvcu02.dummysite.net.domain > 10.104.148.102.37052: [udp sum ok] 45387 NXDomain q: AAAA? bbs.service.cf.internal. 0/1/0 ns: . [2h25m58s] SOA a.root-servers.net. nstld.verisign-grs.com. 2018111900 1800 900 604800 86400 (116)
cn1c6ocvcu02.dummysite.net.domain > 10.104.148.102.37052: [udp sum ok] 30969 NXDomain q: A? bbs.service.cf.internal. 0/1/0 ns: . [2h25m58s] SOA a.root-servers.net. nstld.verisign-grs.com. 2018111900 1800 900 604800 86400 (116)
其实 127.0.0.1:53 正在运行一个 consul,它有能力解析“bbs.service.cf.internal.”,但解析过程似乎只尝试了两次就停止了,然后返回失败。为什么?根据我的理解,查询顺序应该是:10.104.64.25 -> 10.104.65.25 -> 127.0.0.1