dig 仅在指定名称服务器时才有效

tag-icon tag-icon networking dns
dig 仅在指定名称服务器时才有效

我安装了 Ubuntu 20.04 桌面版。我无法访问互联网或通过名称访问任何服务器。DNS 查找失败。DNS 服务器是 Windows DC 10.0.1.22、10.0.1.21 和两个 Cisco Umbrella 代理设备 10.0.6.70、10.0.6.67

root@sdbuilder-NU591:/etc/network/interfaces.d# nmcli dev show | grep DNS
IP4.DNS[1]:                             10.0.6.67
IP4.DNS[2]:                             10.0.6.70

仅当我指定 DNS 服务器时 dig 命令才有效。

root@sdbuilder-NU591:/home/sdbuilder# dig google.com

; <<>> DiG 9.16.1-Ubuntu <<>> google.com
;; global options: +cmd
;; connection timed out; no servers could be reached

root@sdbuilder-NU591:/home/sdbuilder# dig google.com @10.0.6.70

; <<>> DiG 9.16.1-Ubuntu <<>> google.com @10.0.6.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10355
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com.                    IN      A

;; ANSWER SECTION:
google.com.             300     IN      A       142.251.116.100
google.com.             300     IN      A       142.251.116.101
google.com.             300     IN      A       142.251.116.102
google.com.             300     IN      A       142.251.116.113
google.com.             300     IN      A       142.251.116.138
google.com.             300     IN      A       142.251.116.139

;; Query time: 16 msec
;; SERVER: 10.0.6.70#53(10.0.6.70)
;; WHEN: Tue Dec 26 13:08:48 CST 2023
;; MSG SIZE  rcvd: 135

IP 是使用 DHCP 设置的,我获取了搜索域。但是,它无法解析域上的任何主机。

root@sdbuilder-NU591:/home/sdbuilder# cat /etc/resolv.conf
# Generated by NetworkManager
search example.com
nameserver 127.0.0.53

root@sdbuilder-NU591:/home/sdbuilder# ping server1
ping: server1: Temporary failure in name resolution

root@sdbuilder-NU591:/home/sdbuilder# ping server1.example.com
ping: server1.additech.com: Temporary failure in name resolution

如果我使用dig google.com @10.0.6.70tcpdump正在捕获流量但不使用 DNS 服务器 IP,则使用tcpdump -n udp port 53

root@sdbuilder-NU591:/home/sdbuilder# tcpdump -n udp port 53 -v
tcpdump: listening on enp3s0, link-type EN10MB (Ethernet), capture size 262144 bytes
13:16:05.308404 IP (tos 0x0, ttl 64, id 41787, offset 0, flags [none], proto UDP (17), length 79)
    10.0.6.58.40227 > 10.0.6.70.53: 12769+ [1au] A? google.com. (51)
13:16:05.326976 IP (tos 0x0, ttl 64, id 58695, offset 0, flags [DF], proto UDP (17), length 163)
    10.0.6.70.53 > 10.0.6.58.40227: 12769 6/0/1 google.com. A 142.251.116.138, google.com. A 142.251.116.139, google.com. A 142.251.116.100, google.com. A 142.251.116.101, google.com. A 142.251.116.102, google.com. A 142.251.116.113 (135)
^C
2 packets captured
3 packets received by filter
0 packets dropped by kernel
1 packet dropped by interface
root@sdbuilder-NU591:/home/sdbuilder#

systemd-resolved is disabled and inactive。下面是一些网络配置文件的输出:

root@sdbuilder-NU591:/home/sdbuilder# ls -al /etc/resolv.conf
-rw-r--r-- 1 root root 72 Dec 26 12:23 /etc/resolv.conf

root@sdbuilder-NU591:/home/sdbuilder# cat /etc/netplan/*.yaml
# Let NetworkManager manage all devices on this system
network:
  version: 2
  renderer: NetworkManager

root@sdbuilder-NU591:/home/sdbuilder# cat /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d

没有文件/etc/network/interfaces.d

如果我启用并启动systemd-resolved,它仍然无法解析名称。

Dec 26 13:26:00 sdbuilder-NU591 systemd-resolved[4652]: Using system hostname 'sdbuilder-NU591'.
Dec 26 13:26:00 sdbuilder-NU591 systemd-resolved[4652]: Another process is already listening on TCP socket 127.0.0.53:53.
Dec 26 13:26:00 sdbuilder-NU591 systemd-resolved[4652]: Turning off local DNS stub support.
Dec 26 13:26:00 sdbuilder-NU591 systemd[1]: Started Network Name Resolution.

root@sdbuilder-NU591:/etc/network/interfaces.d# cat /etc/systemd/resolved.conf
#  This file is part of systemd.
#
#  systemd is free software; you can redistribute it and/or modify it
#  under the terms of the GNU Lesser General Public License as published by
#  the Free Software Foundation; either version 2.1 of the License, or
#  (at your option) any later version.
#
# Entries in this file show the compile time defaults.
# You can change settings by editing this file.
# Defaults can be restored by simply deleting this file.
#
# See resolved.conf(5) for details

[Resolve]
DNS=10.0.1.22
FallbackDNS=10.0.1.21
#Domains=
#LLMNR=no
#MulticastDNS=no
#DNSSEC=no
#DNSOverTLS=no
#Cache=no-negative
#DNSStubListener=yes
#ReadEtcHosts=yes

看起来 dnsmasq 也正在运行。

root@sdbuilder-NU591:/etc/network/interfaces.d# netstat -tulpn | grep ":53 "
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      902/dnsmasq
tcp6       0      0 :::53                   :::*                    LISTEN      902/dnsmasq
udp        0      0 0.0.0.0:53              0.0.0.0:*                           902/dnsmasq
udp6       0      0 :::53                   :::*                                902/dnsmasq

答案1

好的,这个问题已通过停止dnsmasq服务并使用该systemd-resolved服务得到解决。

相关内容