我正在尝试查明我的 systemd DHCP/DNS 解析和设置的问题。我正在运行 Kubuntu 18.04 LTS,我有有线 ( eno1) 和无线 ( wlp2s0) 连接。
在某些网络(有线和无线)中,我需要使用 OpenConnect VPN,而在某些网络中则不需要(例如当我在办公室时)。
我用它virt-manager来运行具有各种网络配置的多个虚拟机(virbr0-nic,virbr0) - 我之所以提到它,是因为 KVM 正在运行 DNS 和 DHCP 相关服务来为虚拟机提供网络。我看到它使用dnsmasq,我从未安装或配置过它:
# ps aux | grep dnsmasq
libvirt+ 1159 0.0 0.0 49964 372 ? S 12:54 0:00 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvirt_leaseshelper
root 1160 0.0 0.0 49936 372 ? S 12:54 0:00 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvirt_leaseshelper
目前,当我在办公室时,一切正常。DHCP 配置已正确应用。
但是当我在家中连接时,它systemd-resolve --status告诉我我正在使用我的办公室 DNS 服务器(192.9.200.151,192.9.200.149),而我的家庭网络无法使用这些服务器:
Global
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 5 (virbr0-nic)
Current Scopes: none
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 4 (virbr0)
Current Scopes: none
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
Link 3 (wlp2s0)
Current Scopes: none
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 192.9.200.151
192.9.200.149
2a01:1700:2:ffff::9f01
2a01:1700:3:ffff::9822
Link 2 (eno1)
Current Scopes: none
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
网络管理器配置设置为“自动”,“其他 DNS 服务器”字段为空。
总是/etc/resolv.conf仅列出127.0.0.53(它是 的符号链接/run/systemd/resolve/stub-resolv.conf)
在/etc/systemd/network/目录中我只有一个文件eno1.network:
[DHCP]
UseDNS=true
连接家里的WiFi后journalctl提到以下内容:
NetworkManager[878]: <info> [1531741664.5062] dhcp4 (wlp2s0): dhclient started with pid 5711
dhclient[5711]: DHCPREQUEST of 192.168.1.10 on wlp2s0 to 255.255.255.255 port 67 (xid=0x4234d23a)
dhclient[5711]: DHCPACK of 192.168.1.10 from 192.168.1.254
wpa_supplicant[864]: wlp2s0: CTRL-EVENT-SIGNAL-CHANGE above=1 signal=-35 noise=9999 txrate=144400
NetworkManager[878]: <info> [1531741664.5648] dhcp4 (wlp2s0): address 192.168.1.10
NetworkManager[878]: <info> [1531741664.5654] dhcp4 (wlp2s0): plen 24 (255.255.255.0)
NetworkManager[878]: <info> [1531741664.5657] dhcp4 (wlp2s0): gateway 192.168.1.254
NetworkManager[878]: <info> [1531741664.5659] dhcp4 (wlp2s0): lease time 86400
NetworkManager[878]: <info> [1531741664.5662] dhcp4 (wlp2s0): hostname 'my-hostname'
NetworkManager[878]: <info> [1531741664.5664] dhcp4 (wlp2s0): nameserver '192.9.200.151' # <--- This should be same as gateway
NetworkManager[878]: <info> [1531741664.5667] dhcp4 (wlp2s0): nameserver '192.9.200.149'
NetworkManager[878]: <info> [1531741664.5669] dhcp4 (wlp2s0): domain name 'home'
NetworkManager[878]: <info> [1531741664.5672] dhcp4 (wlp2s0): state changed unknown -> bound
avahi-daemon[862]: Joining mDNS multicast group on interface wlp2s0.IPv4 with address 192.168.1.10.
avahi-daemon[862]: New relevant interface wlp2s0.IPv4 for mDNS.
avahi-daemon[862]: Registering new address record for 192.168.1.10 on wlp2s0.IPv4.
NetworkManager[878]: <info> [1531741664.5861] device (wlp2s0): state change: ip-config -> ip-check (reason 'none', sys-iface-state: 'managed')
NetworkManager[878]: <info> [1531741664.6017] device (wlp2s0): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'managed')
NetworkManager[878]: <info> [1531741664.6022] device (wlp2s0): state change: secondaries -> activated (reason 'none', sys-iface-state: 'managed')
NetworkManager[878]: <info> [1531741664.6025] manager: NetworkManager state is now CONNECTED_LOCAL
dhclient[5711]: bound to 192.168.1.10 -- renewal in 36652 seconds.
NetworkManager[878]: <info> [1531741664.6124] manager: NetworkManager state is now CONNECTED_SITE
NetworkManager[878]: <info> [1531741664.6126] policy: set 'pipkarybenka' (wlp2s0) as default for IPv4 routing and DNS
NetworkManager[878]: <info> [1531741664.6132] device (wlp2s0): Activation: successful, device activated.
dnsmasq[1159]: reading /etc/resolv.conf
dnsmasq[1159]: using nameserver 127.0.0.53#53
NetworkManager[878]: <info> [1531741664.6148] manager: NetworkManager state is now CONNECTED_GLOBAL
请注意,应用的名称服务器是不是正确,应该与网关相同。
过了一会儿,开始出现以下日志:
systemd-resolved[23209]: Using degraded feature set (UDP) for DNS server 192.9.200.149.
systemd-resolved[23209]: Using degraded feature set (TCP) for DNS server 192.9.200.151.
systemd-resolved[23209]: Using degraded feature set (TCP) for DNS server 192.9.200.149.
systemd-resolved[23209]: Using degraded feature set (UDP) for DNS server 192.9.200.151.
systemd-resolved[23209]: Using degraded feature set (TCP) for DNS server 192.9.200.151.
systemd-resolved[23209]: Using degraded feature set (UDP) for DNS server 192.9.200.151.
systemd-resolved[23209]: Using degraded feature set (UDP) for DNS server 192.9.200.149.
systemd-resolved[23209]: Using degraded feature set (TCP) for DNS server 192.9.200.151.
systemd-resolved[23209]: Using degraded feature set (TCP) for DNS server 192.9.200.149.
如果没有有效的 DNS,我无法连接到我的 VPN 服务或使用任何互联网。如果我手动添加正确的 DNS,systemd-resolve --set-dns=192.168.1.254 --interface=wlp2s0一切都会开始正常工作。此时我可以连接到 VPN 并192.9.200.151应用 DNS。
不幸的是,很多时候过了一段时间后 VPN 连接就会断开,我又回到了原点。
我假设我在某处硬编码了错误的 DNS 条目,很可能与有关dnsmasq,但我不知道如何诊断它。/var/lib/libvirt/dnsmasq/default.conf包含:
strict-order
user=libvirt-dnsmasq
pid-file=/var/run/libvirt/network/default.pid
except-interface=lo
bind-dynamic
interface=virbr0
dhcp-range=192.168.122.2,192.168.122.254
dhcp-no-override
dhcp-authoritative
dhcp-lease-max=253
dhcp-hostsfile=/var/lib/libvirt/dnsmasq/default.hostsfile
addn-hosts=/var/lib/libvirt/dnsmasq/default.addnhosts
因此,我的主要问题是:为什么 DHCP 无法设置正确的 DNS 条目?我该如何查明问题?