我正在尝试解决一些 DNS 问题,我首先尝试使用 dig +trace 跟踪我的 DNS 查找。我得到了一些奇怪的结果。如果对我的非绑定解析器进行正常挖掘。
dig @192.168.20.1 +notrace pfsense.org
我得到了正常的结果。
doubleh2admin@doubleh2:~$ dig @192.168.20.1 +notrace pfsense.org
; <<>> DiG 9.11.4-3ubuntu5.1-Ubuntu <<>> @192.168.20.1 +notrace pfsense.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17123
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;pfsense.org. IN A
;; ANSWER SECTION:
pfsense.org. 299 IN A 208.123.73.69
;; Query time: 1010 msec
;; SERVER: 192.168.20.1#53(192.168.20.1)
;; WHEN: Wed Apr 03 23:29:37 UT
但是如果我尝试跟踪请求
dig @192.168.20.1 +trace pfsense.org
我遇到了连接超时。
doubleh2admin@doubleh2:~$ dig @192.168.20.1 +trace pfsense.org
; <<>> DiG 9.11.4-3ubuntu5.1-Ubuntu <<>> @192.168.20.1 +trace pfsense.org
; (1 server found)
;; global options: +cmd
. 85923 IN NS a.root-servers.net.
. 85923 IN NS l.root-servers.net.
. 85923 IN NS b.root-servers.net.
. 85923 IN NS c.root-servers.net.
. 85923 IN NS g.root-servers.net.
. 85923 IN NS i.root-servers.net.
. 85923 IN NS m.root-servers.net.
. 85923 IN NS d.root-servers.net.
. 85923 IN NS j.root-servers.net.
. 85923 IN NS h.root-servers.net.
. 85923 IN NS e.root-servers.net.
. 85923 IN NS k.root-servers.net.
. 85923 IN NS f.root-servers.net.
. 85923 IN RRSIG NS 8 0 518400 20190416170000 20190403160000 25266 . aJEQERj+M077D4YytUEwfqBW8VighhMROJ1VqNRLu+eRwE3qVj1vT8QP Bi01SUibk5AET5mHva3Avz0aEPDqJZULr3IbxUwV6Gpaw7tuNyjNvB/X ZkhySRGCBubMKfc5uJkJhEEh3JGG2S5SBA2+f9JBLKzW/YiGTU2weyI1 QKA3ZY64JNk9xjBZF/6MnHfYmxYU5I7o+5IaqdMhdhfmh5PFvGtXgpeh ZQ0e203pNI8MjZMC5t9C/ucfXl4XGuGHkvKh+rvdv++t4g2fLRR1mO0K 39EfZf8lt623isLaDhifUbzdJtO2AIeb3GSE6aQCky32s3/tMyFVg8sA ByLeNw==
;; Received 525 bytes from 192.168.20.1#53(192.168.20.1) in 0 ms
;; connection timed out; no servers could be reached
有人知道这里发生了什么事吗?