18.04服务器-systemd-解析返回缓存的cname NODATA进行查找
摘要:由于缓存的CNAME NODATA查找,DNS记录查找无法解决。
详细信息:使用DNS查找报告错误的邮件日志:
Host or domain name not found. Name service error for name=google.com type=A: Host found but no data record of requested type启用“解决调试”之后,我看到dns查找首先查询域的CNAME记录。这通常是根域,它没有CNAME,查找正确地返回NODATA。
但是,当执行后续的A查找时,CNAME查找的NODATA结果将从缓存返回,而不是执行A查找。
通过发出以下命令,我可以始终如一地重新创建该命令:
~$ dig google.com CNAME
~$ dig google.com A以下是调试日志的结果:
Aug 08 11:09:04 leopard systemd-resolved[555]: Transaction 17304 for scope dns on eth0/*.
Aug 08 11:09:04 leopard systemd-resolved[555]: Using feature level UDP+EDNS0 for transaction 17304.
Aug 08 11:09:04 leopard systemd-resolved[555]: Using DNS server 8.8.8.8 for transaction 17304.
Aug 08 11:09:04 leopard systemd-resolved[555]: Sending query packet with id 17304.
Aug 08 11:09:04 leopard systemd-resolved[555]: Processing query...
Aug 08 11:09:04 leopard systemd-resolved[555]: Processing incoming packet on transaction 17304. (rcode=SUCCESS)
Aug 08 11:09:04 leopard systemd-resolved[555]: Added NODATA cache entry for google.com IN CNAME 1799s
Aug 08 11:09:04 leopard systemd-resolved[555]: Transaction 17304 for on scope dns on eth0/* now complete with from network (unsigned).
Aug 08 11:09:04 leopard systemd-resolved[555]: Sending response packet with id 22860 on interface 1/AF_INET.
Aug 08 11:09:04 leopard systemd-resolved[555]: Freeing transaction 17304.A纪录查询结果:
Aug 08 11:09:37 leopard systemd-resolved[555]: Processing query...
Aug 08 11:09:51 leopard systemd-resolved[555]: Got DNS stub UDP query packet for id 3119
Aug 08 11:09:51 leopard systemd-resolved[555]: Looking up RR for google.com IN A.
Aug 08 11:09:51 leopard systemd-resolved[555]: NODATA cache hit for google.com IN A
Aug 08 11:09:51 leopard systemd-resolved[555]: Transaction 45189 for on scope dns on eth0/* now complete with from cache (unsigned).
Aug 08 11:09:51 leopard systemd-resolved[555]: Freeing transaction 45189.
Aug 08 11:09:51 leopard systemd-resolved[555]: Sending response packet with id 3119 on interface 1/AF_INET.进一步的信息:服务器正在运行一个LEMP堆栈。看起来,nginx在每个请求之前都会进行DNS查找,它首先是CNAME查找,然后是A查找,然后是AAAA查找。这将导致缓存CNAME NODATA。随后,当邮件服务器试图发送邮件时,它将从resolve获得缓存的NODATA记录,从而导致上述错误。
问题:这是预期的行为(CNAME返回进行查找)吗?是否有一些配置,我可以更改,以防止缓存的CNAME查找返回A查找?
诊断信息:
~$ ip route
default via 85.159.215.1 dev eth0 proto static
85.159.215.0/24 dev eth0 proto kernel scope link src 85.159.215.159
~$ sudo systemd-resolve --status
Global
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 2 (eth0)
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 8.8.8.8
8.8.4.4
~$ cat /etc/resolv.conf
nameserver 127.0.0.53回答 1
Ask Ubuntu用户
发布于 2019-05-14 21:30:19
在目前使用的systemd Ubuntu 18.04版本上,这似乎是一个真正的问题。https://github.com/systemd/systemd/issues/9833和https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1818527发射台
但不确定Ubuntu是否会升级systemd版本。
https://askubuntu.com/questions/1063462
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号