我systemd-resolved进入调试模式,试图解决来自这台机器的大量 DNS 查询(tcfe01)。似乎systemd-resolved保留了多个缓存副本,一个用于全局范围(*/*),另一个用于特定网络设备(eno1/*)。从日志看来,似乎只有全局范围 ( */*) 被缓存,而不是 ( eno1/*)。对于第一个查询,我们看到Cache miss两个范围,但对于后续查询,我们得到Positive cache hit全局范围,但又Cache miss是设备范围,我们最终每次都访问 DNS 服务器。
这违背了拥有缓存的全部目的,不仅损害了本地计算机 ( tcfe01) 的性能,而且还不必要地破坏了 DNS 服务器。对这种行为的任何洞察都会非常有帮助。
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Got DNS stub UDP query packet for id 14184
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Looking up RR for google.com IN A.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Switching to DNS server 192.168.10.25 for interface eno1.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Switching to system DNS server 192.168.10.25.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Cache miss for google.com IN A
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Transaction 48281 for <google.com IN A> scope dns on */*.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Using feature level UDP+EDNS0 for transaction 48281.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Using DNS server 192.168.10.25 for transaction 48281.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Sending query packet with id 48281.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Cache miss for google.com IN A
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Transaction 1213 for <google.com IN A> scope dns on eno1/*.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Using feature level UDP+EDNS0 for transaction 1213.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Using DNS server 192.168.10.25 for transaction 1213.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Sending query packet with id 1213.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Processing query...
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Processing incoming packet on transaction 48281. (rcode=SUCCESS)
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Verified we get a response at feature level UDP+EDNS0 from DNS server 192.168.10.25.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Added positive unauthenticated cache entry for google.com IN A 299s on */INET/192.168.10.25
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Transaction 48281 for <google.com IN A> on scope dns on */* now complete with <success> from network (unsigned).
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Freeing transaction 1213.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Sending response packet with id 14184 on interface 1/AF_INET.
Apr 23 16:45:34 tcfe01 systemd-resolved[26041]: Freeing transaction 48281.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Got DNS stub UDP query packet for id 50679
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Looking up RR for google.com IN A.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Positive cache hit for google.com IN A
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Transaction 51371 for <google.com IN A> on scope dns on */* now complete with <success> from cache (unsigned).
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Cache miss for google.com IN A
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Transaction 16504 for <google.com IN A> scope dns on eno1/*.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Using feature level UDP+EDNS0 for transaction 16504.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Using DNS server 192.168.10.25 for transaction 16504.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Sending query packet with id 16504.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Freeing transaction 51371.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Freeing transaction 16504.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Sending response packet with id 50679 on interface 1/AF_INET.
Apr 23 16:45:45 tcfe01 systemd-resolved[26041]: Processing query...
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Got DNS stub UDP query packet for id 50950
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Looking up RR for google.com IN A.
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Positive cache hit for google.com IN A
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Transaction 27482 for <google.com IN A> on scope dns on */* now complete with <success> from cache (unsigned).
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Cache miss for google.com IN A
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Transaction 24663 for <google.com IN A> scope dns on eno1/*.
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Using feature level UDP+EDNS0 for transaction 24663.
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Using DNS server 192.168.10.25 for transaction 24663.
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Sending query packet with id 24663.
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Freeing transaction 27482.
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Freeing transaction 24663.
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Sending response packet with id 50950 on interface 1/AF_INET.
Apr 23 16:45:48 tcfe01 systemd-resolved[26041]: Processing query...
我在这里回答我自己的问题,因为至少我面临的问题现在已经解决了。感谢@bac0n 为我指明了正确的方向。因此
systemd-resolve --status显示了为全局配置的 DNS 服务器以及每个链接设置。这导致每个查询都被解析两次。Domains=~.我通过向文件添加条目/etc/systemd/resolved.conf并重新启动systemd-resolved.service将全局 DNS 配置为最终 DNS 。正如@bac0n 提到的,我可以通过systemd-network设置为我的特定链接做同样的事情。由于我使用的是 netplan 并且没有直接配置systemd-network我相信我必须使用 netplan 进行这些设置。我无法轻易找到 netplan 的选项。所以我暂时把它留在那里。