내가 구성하지 않았을 때 systemd-resolved가 IPv6를 통해 Google의 공개 DNS를 사용하도록 대체하는 이유는 무엇입니까?

tag-icon tag-icon networking dns systemd-resolved
내가 구성하지 않았을 때 systemd-resolved가 IPv6를 통해 Google의 공개 DNS를 사용하도록 대체하는 이유는 무엇입니까?

Ubuntu 18.10의 SystemD 확인 서비스에 문제가 있습니다. 내 무선 네트워크에는 이상한 네트워크 설정(작동)을 통해 터널링되고 DNS 확인에 작동하지 않는 IPv6 서브넷이 있습니다.

어떤 이유로 고정 DNS 구성을 IPv4 DNS 레코드만 포함하도록 설정하고 DHCP가 IPv6 DNS 서버를 알리지 않고 "대체"되는 경우에도/etc/systemd/resolved.conf.d/dns.conf 해결은 항상 무선 연결의 연결별 DNS 구성에 일부를 추가합니다. "라고 알리고 주소 확인을 중지하세요.

이것은 내 것입니다 dns.conf(대부분 resolved.conf기본값이며 아무것도 없습니다).

[Resolve]
DNS=172.18.1.254 8.8.8.8 8.8.4.4 1.1.1.1
DNSSEC=no

(첫 번째 DNS 주소는 로컬 라우터입니다)

구문 분석된 전역 구성(에서 얻을 수 있음 resolvectl status):

Global
       LLMNR setting: no
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
  Current DNS Server: 172.18.1.254
         DNS Servers: 172.18.1.254
                      8.8.8.8
                      8.8.4.4
                      1.1.1.1
...

Link 2 (wlp2s0)
      Current Scopes: DNS
       LLMNR setting: yes
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
  Current DNS Server: 2001:4860:4860::4444
         DNS Servers: 172.18.1.254
                      8.8.8.8
                      8.8.4.4
                      2001:470:1f09:114c::1
                      2001:4860:4860::4444
                      2001:4860:4860::8888
          DNS Domain: ~.

상태는 wlp2s0현재 DNS 서버가 172.18.1.254로 설정되어 시작되고, 잠시 후(여기서는 몇 분으로 표시됨) 모든 IPv4 서버로 대체되어 IPv6 서버 중 하나에 도달합니다. 그 후 모든 DNS 쿼리가 실패하고 의미 있는 네트워크 작업과 본질적으로 연결이 끊어졌습니다. A는 systemctl restart systemd-resolved몇 분 동안 문제를 해결한 후 "DNS가 없습니다. IPv6가 아닌 네트워크가 있으면 다시 오세요"로 돌아왔습니다.

이 IPv6 주소가 어디서 나오는지 모르겠습니다. 해결된 디버그 로깅을 활성화하고 디버그 로그를 살펴보면 IPv6 주소에 대한 첫 번째 언급은 다음과 같습니다.

Feb 12 10:36:04 vesho systemd-resolved[22371]: Processing incoming packet on transaction 51369 (rcode=SERVFAIL).
Feb 12 10:36:04 vesho systemd-resolved[22371]: Retrying transaction 51369.
Feb 12 10:36:04 vesho systemd-resolved[22371]: Switching to DNS server 2001:470:1f09:114c::1 for interface wlp2s0.
Feb 12 10:36:04 vesho systemd-resolved[22371]: Cache miss for some.domain IN A
Feb 12 10:36:04 vesho systemd-resolved[22371]: Transaction 51369 for <some.domain IN A> scope dns on wlp2s0/*.
Feb 12 10:36:04 vesho systemd-resolved[22371]: Using feature level UDP+EDNS0 for transaction 51369.
Feb 12 10:36:04 vesho systemd-resolved[22371]: Using DNS server 2001:470:1f09:114c::1 for transaction 51369.
Feb 12 10:36:04 vesho systemd-resolved[22371]: Sending query packet with id 51369.

내 시스템의 무언가가 확인할 수 없는 주소를 쿼리하고 업스트림 DNS 서버가 반환되는 경우 SERVFAIL(단순히 로컬 라우터의 DNS 확인자가 손상된 것이 아니라 8.8.8.8이 동일한 응답을 반환함) 확인이 모든 서버로 대체됩니다.전혀 응답하지 않는 서버를 찾을 때까지- 모든 쿼리(단순히 깨진 쿼리가 아님)를 발생시키는 프로세스에서는 손상된 서버를 사용합니다.

디버그 로그에서 이러한 업그레이드 경로를 추적할 수 있습니다( some.domain는 해결되지 않은 다른 주소에 대한 자리 표시자입니다).

Feb 12 10:36:01 vesho systemd-resolved[22371]: Cache miss for some.domain IN A
Feb 12 10:36:01 vesho systemd-resolved[22371]: Transaction 51369 for <some.domain IN A> scope dns on wlp2s0/*.
Feb 12 10:36:01 vesho systemd-resolved[22371]: Using feature level UDP for transaction 51369.
Feb 12 10:36:01 vesho systemd-resolved[22371]: Using DNS server 172.18.1.254 for transaction 51369.
Feb 12 10:36:01 vesho systemd-resolved[22371]: Sending query packet with id 51369.
Feb 12 10:36:01 vesho systemd-resolved[22371]: Cache miss for some.domain IN AAAA
Feb 12 10:36:01 vesho systemd-resolved[22371]: Transaction 44627 for <some.domain IN AAAA> scope dns on wlp2s0/*.
...
Feb 12 10:36:03 vesho systemd-resolved[22371]: Processing incoming packet on transaction 51369 (rcode=SERVFAIL).
Feb 12 10:36:03 vesho systemd-resolved[22371]: Retrying transaction 51369.
Feb 12 10:36:03 vesho systemd-resolved[22371]: Switching to DNS server 8.8.8.8 for interface wlp2s0.
Feb 12 10:36:03 vesho systemd-resolved[22371]: Cache miss for some.domain IN A
Feb 12 10:36:03 vesho systemd-resolved[22371]: Transaction 51369 for <some.domain IN A> scope dns on wlp2s0/*.
Feb 12 10:36:03 vesho systemd-resolved[22371]: Using feature level UDP+EDNS0 for transaction 51369.
Feb 12 10:36:03 vesho systemd-resolved[22371]: Using DNS server 8.8.8.8 for transaction 51369.
Feb 12 10:36:03 vesho systemd-resolved[22371]: Sending query packet with id 51369.
...
Feb 12 10:36:03 vesho systemd-resolved[22371]: Processing incoming packet on transaction 51369 (rcode=SERVFAIL).
Feb 12 10:36:03 vesho systemd-resolved[22371]: Server returned error SERVFAIL, retrying transaction with reduced feature level UDP.
Feb 12 10:36:03 vesho systemd-resolved[22371]: Retrying transaction 51369.
Feb 12 10:36:03 vesho systemd-resolved[22371]: Cache miss for some.domain IN A
Feb 12 10:36:03 vesho systemd-resolved[22371]: Transaction 51369 for <some.domain IN A> scope dns on wlp2s0/*.
Feb 12 10:36:03 vesho systemd-resolved[22371]: Using feature level UDP for transaction 51369.
Feb 12 10:36:03 vesho systemd-resolved[22371]: Sending query packet with id 51369.
Feb 12 10:36:03 vesho systemd-resolved[22371]: Processing incoming packet on transaction 51369 (rcode=SERVFAIL).
Feb 12 10:36:03 vesho systemd-resolved[22371]: Retrying transaction 51369.
Feb 12 10:36:03 vesho systemd-resolved[22371]: Switching to DNS server 8.8.4.4 for interface wlp2s0.
Feb 12 10:36:03 vesho systemd-resolved[22371]: Cache miss for some.domain IN A
Feb 12 10:36:03 vesho systemd-resolved[22371]: Transaction 51369 for <some.domain IN A> scope dns on wlp2s0/*.
Feb 12 10:36:03 vesho systemd-resolved[22371]: Using feature level UDP+EDNS0 for transaction 51369.
Feb 12 10:36:03 vesho systemd-resolved[22371]: Using DNS server 8.8.4.4 for transaction 51369.
Feb 12 10:36:03 vesho systemd-resolved[22371]: Sending query packet with id 51369.
Feb 12 10:36:04 vesho systemd-resolved[22371]: Processing incoming packet on transaction 51369 (rcode=SERVFAIL).
Feb 12 10:36:04 vesho systemd-resolved[22371]: Server returned error SERVFAIL, retrying transaction with reduced feature level UDP.
Feb 12 10:36:04 vesho systemd-resolved[22371]: Retrying transaction 51369.
Feb 12 10:36:04 vesho systemd-resolved[22371]: Cache miss for some.domain IN A
Feb 12 10:36:04 vesho systemd-resolved[22371]: Transaction 51369 for <some.domain IN A> scope dns on wlp2s0/*.
Feb 12 10:36:04 vesho systemd-resolved[22371]: Using feature level UDP for transaction 51369.
Feb 12 10:36:04 vesho systemd-resolved[22371]: Sending query packet with id 51369.
Feb 12 10:36:04 vesho systemd-resolved[22371]: Processing incoming packet on transaction 51369 (rcode=SERVFAIL).
Feb 12 10:36:04 vesho systemd-resolved[22371]: Retrying transaction 51369.
Feb 12 10:36:04 vesho systemd-resolved[22371]: Switching to DNS server 2001:470:1f09:114c::1 for interface wlp2s0.
Feb 12 10:36:04 vesho systemd-resolved[22371]: Cache miss for some.domain IN A
Feb 12 10:36:04 vesho systemd-resolved[22371]: Transaction 51369 for <some.domain IN A> scope dns on wlp2s0/*.
Feb 12 10:36:04 vesho systemd-resolved[22371]: Using feature level UDP+EDNS0 for transaction 51369.
Feb 12 10:36:04 vesho systemd-resolved[22371]: Using DNS server 2001:470:1f09:114c::1 for transaction 51369.
Feb 12 10:36:04 vesho systemd-resolved[22371]: Sending query packet with id 51369.
...
Feb 12 10:36:08 vesho systemd-resolved[22371]: Processing incoming packet on transaction 51369 (rcode=SERVFAIL).
Feb 12 10:36:08 vesho systemd-resolved[22371]: Retrying transaction 51369.
Feb 12 10:36:08 vesho systemd-resolved[22371]: Switching to DNS server 2001:4860:4860::8888 for interface wlp2s0.
Feb 12 10:36:08 vesho systemd-resolved[22371]: Cache miss for some.domain IN A
Feb 12 10:36:08 vesho systemd-resolved[22371]: Transaction 51369 for <some.domain IN A> scope dns on wlp2s0/*.
Feb 12 10:36:08 vesho systemd-resolved[22371]: Using feature level UDP+EDNS0 for transaction 51369.
Feb 12 10:36:08 vesho systemd-resolved[22371]: Using DNS server 2001:4860:4860::8888 for transaction 51369.
Feb 12 10:36:08 vesho systemd-resolved[22371]: Sending query packet with id 51369.
...
Feb 12 10:36:13 vesho systemd-resolved[22371]: Timeout reached on transaction 51369.
Feb 12 10:36:13 vesho systemd-resolved[22371]: Retrying transaction 51369.
Feb 12 10:36:13 vesho systemd-resolved[22371]: Switching to DNS server 2001:4860:4860::8888 for interface wlp2s0.
Feb 12 10:36:13 vesho systemd-resolved[22371]: Cache miss for some.domain IN A
Feb 12 10:36:13 vesho systemd-resolved[22371]: Transaction 51369 for <some.domain IN A> scope dns on wlp2s0/*.
Feb 12 10:36:13 vesho systemd-resolved[22371]: Using feature level UDP+EDNS0 for transaction 51369.
Feb 12 10:36:13 vesho systemd-resolved[22371]: Sending query packet with id 51369.
...
Feb 12 10:36:18 vesho systemd-resolved[22371]: Timeout reached on transaction 51369.
Feb 12 10:36:18 vesho systemd-resolved[22371]: Retrying transaction 51369.
Feb 12 10:36:18 vesho systemd-resolved[22371]: Switching to DNS server 2001:4860:4860::8888 for interface wlp2s0.
Feb 12 10:36:18 vesho systemd-resolved[22371]: Cache miss for some.domain IN A
Feb 12 10:36:18 vesho systemd-resolved[22371]: Transaction 51369 for <some.domain IN A> scope dns on wlp2s0/*.
Feb 12 10:36:18 vesho systemd-resolved[22371]: Using feature level UDP+EDNS0 for transaction 51369.
Feb 12 10:36:18 vesho systemd-resolved[22371]: Sending query packet with id 51369.
... 
goes like that for a while
...
Feb 12 10:36:28 vesho systemd-resolved[22371]: Processing incoming packet on transaction 51369 (rcode=SERVFAIL).
Feb 12 10:36:28 vesho systemd-resolved[22371]: Server returned error: SERVFAIL
Feb 12 10:36:28 vesho systemd-resolved[22371]: Added SERVFAIL cache entry for some.domain IN A 30s
Feb 12 10:36:28 vesho systemd-resolved[22371]: Transaction 51369 for <some.domain IN A> on scope dns on wlp2s0/* now complete with <rcode-failure> from network (unsigned)
Feb 12 10:36:28 vesho systemd-resolved[22371]: Freeing transaction 51369.

전체적으로 내 질문은 다음과 같습니다. resovled는 이러한 IPv6 서버 주소를 어디에서 찾고 이를 사용하지 못하도록 어떻게 방지합니까(구성 파일에 하드코딩된 설정을 설정해도 방지되지 않는 것 같습니다) DNS.FallbackDNS

이 문제에 대한 다른 해결책을 제안하는 사람이 있다면 듣고 싶습니다. "비활성화 해결"이 아닌 경우 - 작업을 완료할 수 있도록 실제로 지금 그렇게 하고 있지만 해결된 문제를 자세히 조사하여 수정하고 싶습니다.

관련 정보