服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 使用dnscrypt时,DNS不能正确路由到WAN NIC
Intereting Posts
iptables导致ssh失速? 减lesszabbix服务器连接到数据库 Centos 7,主从复制iptables? 如何备份运行软件RAID的Linux服务器 使用公共ssh密钥encryption临时密码 如何使用virsh自动启动虚拟networking? 我在哪里可以下载PostgreSQL 8.0 Windows二进制文件? 双向信任Exchange邮箱创build 从私钥创build一个公共的SSH密钥? PHP没有保存在子域上的会话,在域上的确定:CentOS apache2和VirtualHost与外来字符和多个别名 PowerShell脚本来确定远程CPU温度 高客户端networking利用率访问文件共享 使用nxlogparsing一个sophos文本文件并发送到系统日志服务器 尝试gzip目录应用gzip到每个文件单独

使用dnscrypt时,DNS不能正确路由到WAN NIC

我有一个与AD集成DNS的Windows 2003服务器。 我试图configuration服务器通过dnscrypt代理,而不是通过正常的TCP / UDP 53传出(转发)的DNS请求。

我设置dnscrypt使用dnscrypt-proxy.exe -R opendns -L dnscrypt-resolvers.csv --local-address 127.0.0.7命令在127.0.0.7上运行。 当我尝试使用nslookup google.com 127.0.0.7testingDNS连接时,我收到错误消息[WARNING] sendto: [No route to host [WSAEHOSTUNREACH ]]

编辑:这里是dnscrypt运行127.0.0.7时的route print输出。 

 IPv4 Route Table =========================================================================== Interface List 0x1 ........................... MS TCP Loopback interface 0x2 ...4c 00 10 53 0c 4c ...... Realtek RTL8139 Family PCI Fast Ethernet NIC - Kerio WinRoute Firewall 0x3 ...00 16 76 c8 8c cc ...... Intel(R) 82566DC Gigabit Network Connection - Kerio WinRoute Firewall 0x10005 ...44 45 53 54 4f 53 ...... Kerio Virtual Network Adapter - Kerio WinRoute Firewall =========================================================================== =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.2 1 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 192.168.1.0 255.255.255.0 192.168.1.2 192.168.1.2 20 192.168.1.2 255.255.255.255 127.0.0.1 127.0.0.1 20 192.168.1.102 255.255.255.255 192.168.3.1 192.168.3.1 1 192.168.1.255 255.255.255.255 192.168.1.2 192.168.1.2 20 192.168.2.0 255.255.255.0 192.168.2.2 192.168.2.2 20 192.168.2.2 255.255.255.255 127.0.0.1 127.0.0.1 20 192.168.2.255 255.255.255.255 192.168.2.2 192.168.2.2 20 192.168.3.0 255.255.255.0 192.168.3.1 192.168.3.1 20 192.168.3.1 255.255.255.255 127.0.0.1 127.0.0.1 20 192.168.3.255 255.255.255.255 192.168.3.1 192.168.3.1 20 224.0.0.0 240.0.0.0 192.168.1.2 192.168.1.2 20 224.0.0.0 240.0.0.0 192.168.2.2 192.168.2.2 20 224.0.0.0 240.0.0.0 192.168.3.1 192.168.3.1 20 255.255.255.255 255.255.255.255 192.168.1.2 192.168.1.2 1 255.255.255.255 255.255.255.255 192.168.2.2 192.168.2.2 1 255.255.255.255 255.255.255.255 192.168.3.1 192.168.3.1 1 Default Gateway: 192.168.2.1 =========================================================================== Persistent Routes: Network Address Netmask Gateway Address Metric 192.168.1.102 255.255.255.255 192.168.3.1 1

作为一个testing,我运行dnscrypt 127.0.0.1(这工作),并比较两个configuration的进程监视器输出。 这里是两个kdiff的截图。

kdiff比较

以下是原始的进程监视器日志: 

 Command: dnscrypt-proxy.exe -R opendns -L dnscrypt-resolvers.csv --local-address 127.0.0.1 Time of Day Process Name PID Operation Path Result Detail 57:57.2 dnscrypt-proxy.exe 5492 UDP Receive 127.0.0.1:53 -> 127.0.0.1:2549 SUCCESS Length: 40 57:57.2 dnscrypt-proxy.exe 5492 UDP Send 192.168.2.2:2546 -> 208.67.220.220:443 SUCCESS Length: 512 57:57.2 dnscrypt-proxy.exe 5492 UDP Send 192.168.2.2:2546 -> 192.168.2.1:0 SUCCESS Length: 554 57:57.3 dnscrypt-proxy.exe 5492 UDP Receive 192.168.2.2:2546 -> 208.67.220.220:443 SUCCESS Length: 304 57:57.3 dnscrypt-proxy.exe 5492 UDP Send 127.0.0.1:53 -> 127.0.0.1:2549 SUCCESS Length: 110 57:57.3 dnscrypt-proxy.exe 5492 UDP Receive 127.0.0.1:53 -> 127.0.0.1:2550 SUCCESS Length: 42 57:57.3 dnscrypt-proxy.exe 5492 UDP Send 192.168.2.2:2546 -> 208.67.220.220:443 SUCCESS Length: 512 57:57.3 dnscrypt-proxy.exe 5492 UDP Send 192.168.2.2:2546 -> 192.168.2.1:0 SUCCESS Length: 554 57:57.3 dnscrypt-proxy.exe 5492 UDP Receive 192.168.2.2:2546 -> 208.67.220.220:443 SUCCESS Length: 368 57:57.3 dnscrypt-proxy.exe 5492 UDP Send 127.0.0.1:53 -> 127.0.0.1:2550 SUCCESS Length: 128 57:57.3 dnscrypt-proxy.exe 5492 UDP Receive 127.0.0.1:53 -> 127.0.0.1:2551 SUCCESS Length: 28 57:57.3 dnscrypt-proxy.exe 5492 UDP Send 192.168.2.2:2546 -> 208.67.220.220:443 SUCCESS Length: 512 57:57.4 dnscrypt-proxy.exe 5492 UDP Receive 192.168.2.2:2546 -> 208.67.220.220:443 SUCCESS Length: 304 57:57.4 dnscrypt-proxy.exe 5492 UDP Send 127.0.0.1:53 -> 127.0.0.1:2551 SUCCESS Length: 135 

 Command: dnscrypt-proxy.exe -R opendns -L dnscrypt-resolvers.csv --local-address 127.0.0.7 Time of Day Process Name PID Operation Path Result Detail 59:40.5 dnscrypt-proxy.exe 5212 UDP Receive 127.0.0.7:53 -> 127.0.0.7:2562 SUCCESS Length: 40 59:40.5 dnscrypt-proxy.exe 5212 UDP Send 192.168.2.2:2563 -> 208.67.220.220:443 SUCCESS Length: 512 59:40.6 dnscrypt-proxy.exe 5212 UDP Receive 192.168.2.2:2563 -> 208.67.220.220:443 SUCCESS Length: 240 59:42.5 dnscrypt-proxy.exe 5212 UDP Receive 127.0.0.7:53 -> 127.0.0.7:2564 SUCCESS Length: 42 59:42.5 dnscrypt-proxy.exe 5212 UDP Send 192.168.2.2:2563 -> 208.67.220.220:443 SUCCESS Length: 512 59:42.6 dnscrypt-proxy.exe 5212 UDP Receive 192.168.2.2:2563 -> 208.67.220.220:443 SUCCESS Length: 240 59:44.5 dnscrypt-proxy.exe 5212 UDP Receive 127.0.0.7:53 -> 127.0.0.7:2565 SUCCESS Length: 28 59:44.5 dnscrypt-proxy.exe 5212 UDP Send 192.168.2.2:2563 -> 208.67.220.220:443 SUCCESS Length: 512 59:44.6 dnscrypt-proxy.exe 5212 UDP Receive 192.168.2.2:2563 -> 208.67.220.220:443 SUCCESS Length: 240 59:44.6 dnscrypt-proxy.exe 5212 UDP Send 192.168.2.2:2563 -> 127.0.0.7:2565 SUCCESS Length: 135