CoreDNS域名解析问题

神洲發表於 2022-5-19 20:34:00

<h2>使用场景</h2>
<hr>
<h3 style="margin-left: 30px">平台组件部署模式及选型</h3>
<ul>
<li class="checked" data-inline-task-id="20">网络插件：Calico（非BGP协议，使用Calico IPIP tunl模式）</li>
<li class="checked" data-inline-task-id="21">Coredns：部署在平台集群中，非（hostNetwork: true）模式；Coredns的POD与跨node通信使用IPIP tunl</li>
<li class="auto-cursor-target">kube-proxy：使用默认的iptables NAT方式，减少一步内核态到用户态的切换
<div class="cnblogs_code">
<pre>data:
config.conf: |-
apiVersion: kubeproxy.config.k8s.io/v1alpha1
bindAddress: 0.0.0.0
clientConnection:
 acceptContentTypes: ""
 burst: 0
 contentType: ""
 kubeconfig: /var/lib/kube-proxy/kubeconfig.conf
 qps: 0
clusterCIDR: 172.19.0.0/16
configSyncPeriod: 0s
conntrack:
 maxPerCore: null
 min: null
 tcpCloseWaitTimeout: null
 tcpEstablishedTimeout: null
detectLocalMode: ""
enableProfiling: false
healthzBindAddress: ""
hostnameOverride: ""
iptables:
 masqueradeAll: false
 masqueradeBit: null
 minSyncPeriod: 0s
 syncPeriod: 0s
ipvs:
 excludeCIDRs: null
 minSyncPeriod: 0s
 scheduler: ""
 strictARP: false
 syncPeriod: 0s
 tcpFinTimeout: 0s
 tcpTimeout: 0s
 udpTimeout: 0s
kind: KubeProxyConfiguration
metricsBindAddress: ""
mode: ""
nodePortAddresses: null
oomScoreAdj: null
portRange: ""
showHiddenMetricsForVersion: ""
udpIdleTimeout: 0s
winkernel:
 enableDSR: false
 networkName: ""
 sourceVip: ""</pre>
</div>
</li>
<li class="checked" data-inline-task-id="25">DNS服务器： coredns： Coredns1/2(nflow.so)平台集群内部DNS服务器，主要作用用来解决平台集群中的service/pod域名解析，使用协议53/TCP 53/UDP 内部DNS：（DNS1/DNS2 nflow.internal) 主要作用，解析阿里云CNAME 及内部基础组件系统（zk/mq/xxl-job/amq） 使用协议 53/UDP</li>

</ul>
<h2 id="Coredns域名解析问题-故障描述">故障描述</h2>
<ol>
<li>
部署的应用容器在请求内部域名时（redis.dev02.nflow.internal）无法被解析，具体报警日志如下
<div class="cnblogs_code">
<pre> - register exception:
org.springframework.data.redis.RedisConnectionFailureException: Cannot get Jedis connection; nested exception is redis.clients.jedis.exceptions.JedisConnectionException: Could not get a resource from the pool
at org.springframework.data.redis.connection.jedis.JedisConnectionFactory.fetchJedisConnector(JedisConnectionFactory.java:162)
at org.springframework.data.redis.connection.jedis.JedisConnectionFactory.getConnection(JedisConnectionFactory.java:251)
at org.springframework.data.redis.connection.jedis.JedisConnectionFactory.getConnection(JedisConnectionFactory.java:58)
at org.springframework.data.redis.core.RedisConnectionUtils.doGetConnection(RedisConnectionUtils.java:128)
at org.springframework.data.redis.core.RedisConnectionUtils.getConnection(RedisConnectionUtils.java:91)
at org.springframework.data.redis.core.RedisConnectionUtils.getConnection(RedisConnectionUtils.java:78)
at org.springframework.data.redis.core.RedisTemplate.execute(RedisTemplate.java:178)
at org.springframework.data.redis.core.RedisTemplate.execute(RedisTemplate.java:153)
at org.springframework.data.redis.core.AbstractOperations.execute(AbstractOperations.java:86)
at org.springframework.data.redis.core.DefaultValueOperations.setIfAbsent(DefaultValueOperations.java:216)
at com.weishang.redis.lock.RedisLockBaseArithmetic.lock(RedisLockBaseArithmetic.java:67)
at com.weishang.user.service.impl.UserServiceImpl.register(UserServiceImpl.java:639)
at com.weishang.user.service.impl.UserServiceImpl.registerWithoutCode(UserServiceImpl.java:792)
at com.alibaba.dubbo.common.bytecode.Wrapper58.invokeMethod(Wrapper58.java)
at com.alibaba.dubbo.rpc.proxy.javassist.JavassistProxyFactory$1.doInvoke(JavassistProxyFactory.java:47)
at com.alibaba.dubbo.rpc.proxy.AbstractProxyInvoker.invoke(AbstractProxyInvoker.java:76)
at com.alibaba.dubbo.config.invoker.DelegateProviderMetaDataInvoker.invoke(DelegateProviderMetaDataInvoker.java:52)
at com.alibaba.dubbo.rpc.protocol.InvokerWrapper.invoke(InvokerWrapper.java:56)
at com.weishang.framework.dubbo.filter.log.LogTraceProviderFilter.invoke(LogTraceProviderFilter.java:25)
at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
at com.alibaba.dubbo.rpc.filter.ExceptionFilter.invoke(ExceptionFilter.java:62)
at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
at com.alibaba.dubbo.monitor.support.MonitorFilter.invoke(MonitorFilter.java:75)
at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
at com.alibaba.dubbo.rpc.filter.TimeoutFilter.invoke(TimeoutFilter.java:42)
at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
at com.alibaba.dubbo.rpc.protocol.dubbo.filter.TraceFilter.invoke(TraceFilter.java:78)
at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
at com.alibaba.dubbo.rpc.filter.ContextFilter.invoke(ContextFilter.java:73)
at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
at com.alibaba.dubbo.rpc.filter.GenericFilter.invoke(GenericFilter.java:141)
at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
at com.alibaba.dubbo.rpc.filter.ClassLoaderFilter.invoke(ClassLoaderFilter.java:38)
at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
at com.alibaba.dubbo.rpc.filter.EchoFilter.invoke(EchoFilter.java:38)
at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
at com.alibaba.dubbo.rpc.protocol.dubbo.DubboProtocol$1.reply(DubboProtocol.java:104)
at com.alibaba.dubbo.remoting.exchange.support.header.HeaderExchangeHandler.handleRequest(HeaderExchangeHandler.java:96)
at com.alibaba.dubbo.remoting.exchange.support.header.HeaderExchangeHandler.received(HeaderExchangeHandler.java:173)
at com.alibaba.dubbo.remoting.transport.DecodeHandler.received(DecodeHandler.java:51)
at com.alibaba.dubbo.remoting.transport.dispatcher.ChannelEventRunnable.run(ChannelEventRunnable.java:57)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: redis.clients.jedis.exceptions.JedisConnectionException: Could not get a resource from the pool
at redis.clients.util.Pool.getResource(Pool.java:50)
at redis.clients.jedis.JedisPool.getResource(JedisPool.java:99)
at redis.clients.jedis.JedisPool.getResource(JedisPool.java:12)
at org.springframework.data.redis.connection.jedis.JedisConnectionFactory.fetchJedisConnector(JedisConnectionFactory.java:155)
... 43 more
Caused by: redis.clients.jedis.exceptions.JedisConnectionException: java.net.UnknownHostException: redis.dev02.nflow.internal
at redis.clients.jedis.Connection.connect(Connection.java:164)
at redis.clients.jedis.BinaryClient.connect(BinaryClient.java:82)
at redis.clients.jedis.BinaryJedis.connect(BinaryJedis.java:1641)
at redis.clients.jedis.JedisFactory.makeObject(JedisFactory.java:85)
at org.apache.commons.pool2.impl.GenericObjectPool.create(GenericObjectPool.java:861)
at org.apache.commons.pool2.impl.GenericObjectPool.borrowObject(GenericObjectPool.java:435)
at org.apache.commons.pool2.impl.GenericObjectPool.borrowObject(GenericObjectPool.java:363)
at redis.clients.util.Pool.getResource(Pool.java:48)
... 46 more
Caused by: java.net.UnknownHostException: redis.dev02.nflow.internal
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:196)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:394)
at java.net.Socket.connect(Socket.java:606)
at redis.clients.jedis.Connection.connect(Connection.java:158)
... 53 more</pre>
</div>
</li>
</ol>
<h2 id="Coredns域名解析问题-故障分析">故障分析</h2>
<ol>
<li>排查此故障过程如下切换至应用环境Pod容器中
<div class="cnblogs_code">
<pre># host -vredis.dev02.nflow.internal
Trying "redis.dev02.nflow.internal.dev.svc.nflow.so"
Trying "redis.dev02.nflow.internal.svc.nflow.so"
Trying "redis.dev02.nflow.internal.nflow.so"
Trying "redis.dev02.nflow.internal"
Trying "redis.dev02.nflow.internal"</pre>
</div>
</li>
<li>发现如上的故障现象，是由于应用Pod容器请求corndns使用的是TCP协议，由于corndns的ServiceIP只暴露了UDP协议，默认TCP是enable，由于考虑到域名解析时，TCP消耗资源及效率低的原因，故将TCP相关配置delete操作
<div class="cnblogs_code">
<pre>spec:
ports:
- name: dns
 protocol: UDP
 port: 53
 targetPort: 53
- name: metrics
 protocol: TCP
 port: 9153
 targetPort: 9153</pre>
</div>
</li>
<li>于是将corndns的service配置开启TCP协议
<div class="cnblogs_code">
<pre>ports:
- name: dns
 protocol: UDP
 port: 53
 targetPort: 53
- name: dns-tcp
 protocol: TCP
 port: 53
 targetPort: 53
- name: metrics
 protocol: TCP
 port: 9153
 targetPort: 9153</pre>
</div>
</li>
<li>再次查看域名解析结果
<div class="cnblogs_code">
<pre># host -vredis.dev02.nflow.internal
Trying "redis.dev02.nflow.internal.dev.svc.nflow.so"
Trying "redis.dev02.nflow.internal.svc.nflow.so"
Trying "redis.dev02.nflow.internal.nflow.so"
Trying "redis.dev02.nflow.internal"
Trying "redis.dev02.nflow.internal"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15914
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 13, ADDITIONAL: 22

;; QUESTION SECTION:
;redis.dev02.nflow.internal. INA

;; ANSWER SECTION:
redis.dev02.nflow.internal. 9 INCNAME r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com.
r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com. 9 IN A 10.1.35.155

;; AUTHORITY SECTION:
com. 9 INNSc.gtld-servers.net.
com. 9 INNSa.gtld-servers.net.
com. 9 INNSk.gtld-servers.net.
com. 9 INNSd.gtld-servers.net.
com. 9 INNSb.gtld-servers.net.
com. 9 INNSj.gtld-servers.net.
com. 9 INNSh.gtld-servers.net.
com. 9 INNSf.gtld-servers.net.
com. 9 INNSi.gtld-servers.net.
com. 9 INNSg.gtld-servers.net.
com. 9 INNSl.gtld-servers.net.
com. 9 INNSm.gtld-servers.net.
com. 9 INNSe.gtld-servers.net.

;; ADDITIONAL SECTION:
e.gtld-servers.net. 9 INA 192.12.94.30
b.gtld-servers.net. 9 INA 192.33.14.30
j.gtld-servers.net. 9 INA 192.48.79.30
j.gtld-servers.net. 9 INAAAA 2001:502:7094::30
m.gtld-servers.net. 9 INA 192.55.83.30
m.gtld-servers.net. 9 INAAAA 2001:501:b1f9::30
i.gtld-servers.net. 9 INA 192.43.172.30
i.gtld-servers.net. 9 INAAAA 2001:503:39c1::30
f.gtld-servers.net. 9 INAAAA 2001:503:d414::30
a.gtld-servers.net. 9 INA 192.5.6.30
g.gtld-servers.net. 9 INA 192.42.93.30
g.gtld-servers.net. 9 INAAAA 2001:503:eea3::30
h.gtld-servers.net. 9 INA 192.54.112.30
h.gtld-servers.net. 9 INAAAA 2001:502:8cc::30
l.gtld-servers.net. 9 INA 192.41.162.30
l.gtld-servers.net. 9 INAAAA 2001:500:d937::30
k.gtld-servers.net. 9 INA 192.52.178.30
k.gtld-servers.net. 9 INAAAA 2001:503:d2d::30
c.gtld-servers.net. 9 INA 192.26.92.30
c.gtld-servers.net. 9 INAAAA 2001:503:83eb::30
d.gtld-servers.net. 9 INA 192.31.80.30
d.gtld-servers.net. 9 INAAAA 2001:500:856e::30

Received 1509 bytes from 10.10.0.10#53 in 0 ms
Trying "r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55554
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com. IN AAAA

;; AUTHORITY SECTION:
rds.aliyuncs.com. 30INSOA hidden-master.aliyun.com. hostmaster.aliyun-inc.com. 2046235511 7200 900 2592000 600

Received 162 bytes from 10.10.0.10#53 in 0 ms
Trying "r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3305
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com. IN MX

;; AUTHORITY SECTION:
rds.aliyuncs.com. 30INSOA hidden-master.aliyun.com. hostmaster.aliyun-inc.com. 2046235511 7200 900 2592000 600

Received 162 bytes from 10.10.0.10#53 in 0 ms

虽然仍然还是time_wait的状态，但是可以解析成功，且应用没有报错，请求域名解析超时的错</pre>
</div>
</li>
</ol>
<h2>Corndns相关调整</h2>
<hr>
配置清单
<table style="margin-left: 30px" border="0">
<tbody style="margin-left: 30px">
<tr style="margin-left: 30px">
<td>nflow.internal</td>
<td>
<div>
<div>只负责Pod内部请求nflow.internal的域名直接响应，并转发给内部DNS(10.1.1.132)</div>
</div>
</td>
</tr>
<tr style="margin-left: 30px">
<td>.:53　　</td>
<td>
<div>负责匹配非nflow.internal及Kubernetes内部域名及外部域名解析，其中承载外部域名解析时，直接forward到Pod所有的node节点上的/etc/resolv.conf定义的nameserver的地址</div>
</td>
</tr>
</tbody>
</table>
<ol>
<li>
在cronfile中新增一个SOA，配置如下
<div class="cnblogs_code">
<pre>{
"Corefile": "nflow.internal:53 {
 errors
 cache 10
 forward . 10.1.1.133 {
 prefer_udp
 }
 reload
 }
 .:53 {
 errors
 health {
 lameduck 5s
 }
 ready
 kubernetes nflow.so in-addr.arpa ip6.arpa {
 pods insecure
 fallthrough in-addr.arpa ip6.arpa
 ttl 30
 }
 prometheus :9153
 forward . /etc/resolv.conf
 cache 30
 loop
 reload
 loadbalance
 }
 "
}</pre>
</div>
</li>
<li>
根据以上配置可以得出如下结果
<ul>
<li>
<div>需要解析nflow.internal域名直接匹配nflow.internal并直接forward给10.1.1.132上游DNS服务器（相对coredns）</div>
</li>
<li>
<div>
<div>需要解析非nflow.internal域名及Kubernetes平台内部的svc/pod域名时及外部域名则匹配默认（.:53）SOA，这样的好处：</div>
<div>节省了如果需要解析nflow.internal需要遍历整个Kubernetes 默认的SOA（namespace.svc.nflow.so/svc.nflow.so/nflow.so）</div>
<div>节省了如果请求外部域名解析时向内部DNS转发的压力</div>
</div>
</li>
</ul>
</li>
<li>依照上面优化建议配置，需要调整相关Pod的dnsPolicy配置，如下
<div class="cnblogs_code">
<pre>dnsPolicy: None
dnsConfig:
nameservers:
- 10.10.0.10
options:
- name: ndots
 value: '2'</pre>
</div>
</li>
<li>调整后解析结果如下
<div class="cnblogs_code">
<pre>### baidu.com ###
# host -v www.baidu.com
Trying "www.baidu.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50799
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.baidu.com. INA

;; ANSWER SECTION:
www.baidu.com. 30INCNAME www.a.shifen.com.
www.a.shifen.com. 30INA 180.101.49.11
www.a.shifen.com. 30INA 180.101.49.12

Received 138 bytes from 10.10.0.10#53 in 1 ms
Trying "www.a.shifen.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62483
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;www.a.shifen.com. INAAAA

;; AUTHORITY SECTION:
a.shifen.com. 30INSOA ns1.a.shifen.com. baidu_dns_master.baidu.com. 2008240002 5 5 2592000 3600

Received 124 bytes from 10.10.0.10#53 in 0 ms
Trying "www.a.shifen.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62962
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;www.a.shifen.com. INMX

;; AUTHORITY SECTION:
a.shifen.com. 26INSOA ns1.a.shifen.com. baidu_dns_master.baidu.com. 2008240001 5 5 2592000 3600

Received 124 bytes from 10.10.0.10#53 in 0 ms
#
# host -v www.baidu.com
Trying "www.baidu.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56964
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.baidu.com. INA

;; ANSWER SECTION:
www.baidu.com. 30INCNAME www.a.shifen.com.
www.a.shifen.com. 30INA 180.101.49.11
www.a.shifen.com. 30INA 180.101.49.12

Received 138 bytes from 10.10.0.10#53 in 1 ms
Trying "www.a.shifen.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53138
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;www.a.shifen.com. INAAAA

;; AUTHORITY SECTION:
a.shifen.com. 30INSOA ns1.a.shifen.com. baidu_dns_master.baidu.com. 2008240002 5 5 2592000 3600

Received 124 bytes from 10.10.0.10#53 in 0 ms
Trying "www.a.shifen.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59658
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;www.a.shifen.com. INMX

;; AUTHORITY SECTION:
a.shifen.com. 30INSOA ns1.a.shifen.com. baidu_dns_master.baidu.com. 2008240002 5 5 2592000 3600

Received 124 bytes from 10.10.0.10#53 in 0 ms

### nflow.internal ###
# host -v redis.dev01.nflow.internal
Trying "redis.dev01.nflow.internal"
Trying "redis.dev01.nflow.internal"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10518
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 13, ADDITIONAL: 21

;; QUESTION SECTION:
;redis.dev01.nflow.internal. INA

;; ANSWER SECTION:
redis.dev01.nflow.internal. 5 INCNAME r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com.
r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com. 5 IN A 10.1.32.111

;; AUTHORITY SECTION:
com. 5 INNSb.gtld-servers.net.
com. 5 INNSc.gtld-servers.net.
com. 5 INNSf.gtld-servers.net.
com. 5 INNSh.gtld-servers.net.
com. 5 INNSm.gtld-servers.net.
com. 5 INNSd.gtld-servers.net.
com. 5 INNSi.gtld-servers.net.
com. 5 INNSe.gtld-servers.net.
com. 5 INNSj.gtld-servers.net.
com. 5 INNSk.gtld-servers.net.
com. 5 INNSa.gtld-servers.net.
com. 5 INNSl.gtld-servers.net.
com. 5 INNSg.gtld-servers.net.

;; ADDITIONAL SECTION:
e.gtld-servers.net. 5 INA 192.12.94.30
b.gtld-servers.net. 5 INA 192.33.14.30
j.gtld-servers.net. 5 INA 192.48.79.30
j.gtld-servers.net. 5 INAAAA 2001:502:7094::30
m.gtld-servers.net. 5 INA 192.55.83.30
m.gtld-servers.net. 5 INAAAA 2001:501:b1f9::30
i.gtld-servers.net. 5 INA 192.43.172.30
i.gtld-servers.net. 5 INAAAA 2001:503:39c1::30
f.gtld-servers.net. 5 INAAAA 2001:503:d414::30
a.gtld-servers.net. 5 INA 192.5.6.30
g.gtld-servers.net. 5 INA 192.42.93.30
g.gtld-servers.net. 5 INAAAA 2001:503:eea3::30
h.gtld-servers.net. 5 INA 192.54.112.30
h.gtld-servers.net. 5 INAAAA 2001:502:8cc::30
l.gtld-servers.net. 5 INAAAA 2001:500:d937::30
k.gtld-servers.net. 5 INA 192.52.178.30
k.gtld-servers.net. 5 INAAAA 2001:503:d2d::30
c.gtld-servers.net. 5 INA 192.26.92.30
c.gtld-servers.net. 5 INAAAA 2001:503:83eb::30
d.gtld-servers.net. 5 INA 192.31.80.30
d.gtld-servers.net. 5 INAAAA 2001:500:856e::30

Received 1475 bytes from 10.10.0.10#53 in 0 ms
Trying "r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16727
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com. IN AAAA

;; AUTHORITY SECTION:
rds.aliyuncs.com. 30INSOA hidden-master.aliyun.com. hostmaster.aliyun-inc.com. 2046235958 7200 900 2592000 600

Received 162 bytes from 10.10.0.10#53 in 0 ms
Trying "r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35921
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com. IN MX

;; AUTHORITY SECTION:
rds.aliyuncs.com. 30INSOA hidden-master.aliyun.com. hostmaster.aliyun-inc.com. 2046235958 7200 900 2592000 600

Received 162 bytes from 10.10.0.10#53 in 0 ms

### nflow.so ###
# host -v sit-xc-job.sit.svc.nflow.so
Trying "sit-xc-job.sit.svc.nflow.so"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52666
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;sit-xc-job.sit.svc.nflow.so. INA

;; ANSWER SECTION:
sit-xc-job.sit.svc.nflow.so. 30 INA 10.10.207.12

Received 88 bytes from 10.10.0.10#53 in 0 ms
Trying "sit-xc-job.sit.svc.nflow.so"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34898
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;sit-xc-job.sit.svc.nflow.so. INAAAA

;; AUTHORITY SECTION:
nflow.so. 30INSOA ns.dns.nflow.so. hostmaster.nflow.so. 1598246184 7200 1800 86400 30

Received 123 bytes from 10.10.0.10#53 in 0 ms
Trying "sit-xc-job.sit.svc.nflow.so"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54241
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;sit-xc-job.sit.svc.nflow.so. INMX

;; AUTHORITY SECTION:
nflow.so. 30INSOA ns.dns.nflow.so. hostmaster.nflow.so. 1598246184 7200 1800 86400 30

Received 123 bytes from 10.10.0.10#53 in 0 ms</pre>
</div>
</li>
</ol> 
来源：https://www.cnblogs.com/apink/p/16290019.html

頁: [1]

琼殿技术论坛's Archiver

CoreDNS域名解析问题