Ubuntu 16.04.4 LTS에서는 도메인 확인이 작동하지 않습니다. 홈 서버는 Huawei HG8245 라우터에 연결되어 있으며 서버의 네트워크는 NetworkManager에 의해 확인됩니다. NetworkNamer 구성에는 dnsmasq(dns = dnsmasq)가 포함됩니다. 네트워크 관리자가 작동합니다.
root@HTPC:~# systemctl status NetworkManager
● NetworkManager.service - Network Manager
Loaded: loaded (/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled)
Active: active (running) since Пт 2018-05-04 19:39:50 MSK; 23h ago
Docs: man:NetworkManager(8)
Main PID: 870 (NetworkManager)
CGroup: /system.slice/NetworkManager.service
├─ 870 /usr/sbin/NetworkManager --no-daemon
├─1780 /sbin/dhclient -d -q -sf /usr/lib/NetworkManager/nm-dhcp-helper -pf /var/run/dhclient-enp0s25.pid -lf /var/lib/NetworkManager/dhclient-fc677298-2d2f-3fca-87fd-55304cb944a9-enp0s25.lease -cf /var/lib/NetworkManager/dhclient-enp0s25.conf enp0s25
└─1791 /usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts --bind-interfaces --pid-file=/var/run/NetworkManager/dnsmasq.pid --listen-address=127.0.1.1 --cache-size=0 --conf-file=/dev/null --proxy-dnssec --enable-dbus=org.freedesktop.NetworkManager.dnsmasq --conf-dir=/etc/NetworkManager/dnsmasq.d
май 04 19:39:55 HTPC dnsmasq[1791]: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify
май 04 19:39:55 HTPC dnsmasq[1791]: DBus support enabled: connected to system bus
май 04 19:39:55 HTPC dnsmasq[1791]: warning: no upstream servers configured
май 04 19:39:55 HTPC NetworkManager[870]: <info> [1525451995.5358] device (enp0s25): Activation: successful, device activated.
май 04 19:39:55 HTPC NetworkManager[870]: <info> [1525451995.5400] dnsmasq[0x1ece500]: dnsmasq appeared as :1.58
май 04 19:39:55 HTPC dnsmasq[1791]: setting upstream servers from DBus
май 04 19:39:55 HTPC dnsmasq[1791]: using nameserver 192.168.100.1#53(via enp0s25)
май 04 19:40:00 HTPC NetworkManager[870]: <info> [1525452000.5064] manager: WiFi hardware radio set enabled
май 04 19:40:00 HTPC NetworkManager[870]: <info> [1525452000.5064] manager: WWAN hardware radio set enabled
май 04 19:40:00 HTPC NetworkManager[870]: <info> [1525452000.5064] manager: startup complete
root@HTPC:~#
/etc/resolv.conf 파일에는 다음이 포함됩니다. 이름 서버 127.0.1.1
포트 53에서 127.0.1.1이 수신 중입니다(tcp/udp). 127.0.1.1:53에서 도메인 구문 분석이 작동하지 않고, 라우터에서 구문 분석이 작동하며, 8.8.8.8에서도 작동합니다.
root@HTPC:~# dig ya.ru @127.0.1.1
; <<>> DiG 9.10.3-P4-Ubuntu <<>> ya.ru @127.0.1.1
;; global options: +cmd
;; connection timed out; no servers could be reached
root@HTPC:~# dig ya.ru @8.8.8.8
; <<>> DiG 9.10.3-P4-Ubuntu <<>> ya.ru @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41427
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;ya.ru. IN A
;; ANSWER SECTION:
ya.ru. 257 IN A 87.250.250.242
;; Query time: 51 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sat May 05 20:18:28 MSK 2018
;; MSG SIZE rcvd: 50
root@HTPC:~#
tcpdump를 사용하여 다음을 발견했습니다.
192.168.100.1 - 라우터(DHCP/DNS) 127.0.1.1 - /etc/resolv.conf(dnsmasq)
라우터
root@HTPC:~# nslookup ya.ru 192.168.100.1
Server: 192.168.100.1
Address: 192.168.100.1#53
Non-authoritative answer:
Name: ya.ru
Address: 87.250.250.242
root@HTPC:~#
TCP 덤프:
IP (tos 0x0, ttl 64, id 8895, offset 0, flags [none], proto UDP (17), length 51)
192.168.100.14.38831 > 192.168.100.1.53: [bad udp cksum 0x4991 -> 0xdb5b!] 27165+ A? ya.ru. (23)
IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 67)
192.168.100.1.53 > 192.168.100.14.38831: [udp sum ok] 27165 q: A? ya.ru. 1/0/0 ya.ru. [5m51s] A 87.250.250.242 (39)
도메인 명 시스템
root@HTPC:~# nslookup ya.ru 127.0.1.1
;; connection timed out; no servers could be reached
root@HTPC:~#
TCP 덤프:
IP (tos 0x0, ttl 64, id 11765, offset 0, flags [DF], proto UDP (17), length 51)
192.168.100.14.33915 > 192.168.100.1.53: [bad udp cksum 0x4991 -> 0x36a5!] 8712+ A? ya.ru. (23)
IP (tos 0x0, ttl 64, id 12556, offset 0, flags [DF], proto UDP (17), length 51)
192.168.100.14.33915 > 192.168.100.1.53: [bad udp cksum 0x4991 -> 0x36a5!] 8712+ A? ya.ru. (23)
IP (tos 0x0, ttl 64, id 13374, offset 0, flags [DF], proto UDP (17), length 51)
192.168.100.14.33915 > 192.168.100.1.53: [bad udp cksum 0x4991 -> 0x36a5!] 8712+ A? ya.ru. (23)
첫 번째 패킷에는 응답이 있지만 나머지 세 패킷에는 응답이 없는 이유는 무엇입니까?