我正在预料怪异的DNS问题,我想知道如果有人有任何想法:
# ping -c1 test.XXX.local ping: unknown host test.XXX.local # ping -c1 test PING test.XXX.local (10.52.223.41) 56(84) bytes of data. 64 bytes from test.XXX.local (10.52.223.41): icmp_seq=1 ttl=63 time=0.307 ms --- test.XXX.local ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.307/0.307/0.307/0.000 ms #
我的/etc/resolv.conf
:
$ cat /etc/resolv.conf search XXX.local nameserver 10.52.223.41 nameserver 10.52.223.42 $
我的/etc/hosts
:
# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 #
挖掘输出:
# dig test.XXX.local @10.52.223.41 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> test.XXX.local @10.52.223.41 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25966 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;test.XXX.local. IN A ;; ANSWER SECTION: test.XXX.local. 86400 IN A 10.52.223.41 ;; AUTHORITY SECTION: XXX.local. 86400 IN NS ns01.XXX.local. XXX.local. 86400 IN NS ns02.XXX.local. ;; ADDITIONAL SECTION: ns02.XXX.local. 1200 IN A 10.52.223.42 ;; Query time: 0 msec ;; SERVER: 10.52.223.41#53(10.52.223.41) ;; WHEN: Tue Feb 18 13:14:16 2014 ;; MSG SIZE rcvd: 105 #
/etc/nsswitch.conf
# cat /etc/nsswitch.conf # # /etc/nsswitch.conf # # An example Name Service Switch config file. This file should be # sorted with the most-used services at the beginning. # # The entry '[NOTFOUND=return]' means that the search for an # entry should stop if the search in the previous entry turned # up nothing. Note that if the search failed due to some other reason # (like no NIS server responding) then the search continues with the # next entry. # # Valid entries include: # # nisplus Use NIS+ (NIS version 3) # nis Use NIS (NIS version 2), also called YP # dns Use DNS (Domain Name Service) # files Use the local files # db Use the local database (.db) files # compat Use NIS on compat mode # hesiod Use Hesiod for user lookups # [NOTFOUND=return] Stop searching if not found so far # # To use db, put the "db" in front of "files" for entries you want to be # looked up first in the databases # # Example: #passwd: db files nisplus nis #shadow: db files nisplus nis #group: db files nisplus nis passwd: files shadow: files group: files #hosts: db files nisplus nis dns hosts: files mdns4_minimal [NOTFOUND=return] dns # Example - obey only what nisplus tells us... #services: nisplus [NOTFOUND=return] files #networks: nisplus [NOTFOUND=return] files #protocols: nisplus [NOTFOUND=return] files #rpc: nisplus [NOTFOUND=return] files #ethers: nisplus [NOTFOUND=return] files #netmasks: nisplus [NOTFOUND=return] files bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files rpc: files services: files netgroup: nisplus publickey: nisplus automount: files nisplus aliases: files nisplus #
如果你在nsswitch.conf
有mdns4_minimal [NOTFOUND=return]
,那肯定是因为你的系统上运行了Avahi
守护进程。
Avahi
为.local
区域使用组播DNS,这使得它与仅支持区域.local
单播DNS的DNS不兼容。 (例如,Microsoft的DNS只支持.local
区域的单播DNS)。
在这样的networking设置中(DNS只支持.local
区域的单播), Avahi
build议不要使用Avahi
。
但是,他们提供了一些解决方法:
从nsswitch.conf
删除mdns4_minimal [NOTFOUND=return]
,最后是这样的:
hosts: files dns mdns4
但他们的主要build议是像这样设置avahi-daemon.conf
以避免.local
区域的多播DNS:
domain-name=.alocal
要解决您的问题,可以:
Avahi
守护进程 要么
nsswitch.conf
: hosts: files dns mdns4
要么
avahi-daemon.conf
: domain-name=.alocal
进一步阅读:
道具@guntbert
# service avahi-daemon stop Shutting down Avahi daemon: [ OK ] # ping test.XXX.local PING test.XXX.local (10.52.223.42) 56(84) bytes of data. 64 bytes from test.XXX.local (10.52.223.42): icmp_seq=1 ttl=63 time=1.15 ms ^C --- test.XXX.local ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 625ms rtt min/avg/max/mdev = 1.152/1.152/1.152/0.000 ms # chkconfig avahi-daemon off #
我真的想明白为什么? 虽然…
修改你的nsswitch.conf。 改变线
hosts: files mdns4_minimal [NOTFOUND=return] dns
至
hosts: files dns
mdns4_minimal [NOTFOUND = return]影响.local域,不允许达到“dns”级别。 所以我觉得做这样的改变,决议应该是有效的。