我想使用 dig 查看记录的内容,但任何与 DNSSEC 相关的 RR 都为空。这发生在我的两台笔记本电脑上。我运行的是 Ubuntu 18.04。是否有任何设置可以修复以停止获取 SERVFAIL?DS 和 RRSIG 等记录应该是公开的,因此它们应该可用。我只是无法解析它们。
user@pc:~$ dig +dnssec DNSKEY com
; <<>> DiG 9.11.3-1ubuntu1.14-Ubuntu <<>> +dnssec DNSKEY com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 27473
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 65494
; OPT=5: 05 07 08 0a 0d 0e 0f (".......")
; OPT=6: 01 02 04 ("...")
; OPT=7: 01 (".")
;; QUESTION SECTION:
;com. IN DNSKEY
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Wed Feb 24 13:23:52 CET 2021
;; MSG SIZE rcvd: 55
resolved.conf我的文件内容
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
# Entries in this file show the compile time defaults.
# You can change settings by editing this file.
# Defaults can be restored by simply deleting this file.
#
# See resolved.conf(5) for details
[Resolve]
#DNS=
#FallbackDNS=
#Domains=
#LLMNR=no
#MulticastDNS=no
#DNSSEC=no
#Cache=yes
#DNSStubListener=yes
我所拥有的任何接口上唯一有效的 DNS 解析器。
Link 3 (wlp3s0)
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 192.168.178.1
fd00::2e3a:fdff:fe4c:3530
DNS Domain: ~.
fritz.box