43. dns¶
DNS(Domain Name System)是域名解析系统,解析域名得到IP地址。
常用命令
dig @114.114.114.114 registry-1.docker.io #使用114.114.114.114查询域名registry-1.docker.io的IP
rDNS(Reverse DNS)反向域名解析,由IP地址反查域名服务,得到域名。
host 123.125.66.120
问题记录
ping报错,dns无法解析
root@ubuntu:/etc/apt# ping www.baidu.com
ping: www.baidu.com: Temporary failure in name resolution
配置文件路径是/etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.2.1
搭建dns服务器请参考 dnsmasq
/etc/resolv.conf 可能会被NetworkManager重写 [1]
原因是, NetworkManager好像是定期从dhcp服务器获取dns并且更新到/etc/resolv.conf上,可以通过过查看日志确认:
[user1@kunpeng920 ~]$ journalctl -f -u NetworkManager
-- Logs begin at Mon 2020-03-09 14:34:39 HKT. --
Mar 25 14:09:10 kunpeng920 dhclient[3617]: DHCPREQUEST on enp189s0f0 to 192.168.1.107 port 67 (xid=0x53549a3d)
Mar 25 14:09:10 kunpeng920 dhclient[3617]: DHCPACK from 192.168.1.107 (xid=0x53549a3d)
Mar 25 14:09:10 kunpeng920 NetworkManager[2730]: <info> [1585116550.7118] dhcp4 (enp189s0f0): address 192.168.1.180
Mar 25 14:09:10 kunpeng920 NetworkManager[2730]: <info> [1585116550.7118] dhcp4 (enp189s0f0): plen 24 (255.255.255.0)
Mar 25 14:09:10 kunpeng920 NetworkManager[2730]: <info> [1585116550.7118] dhcp4 (enp189s0f0): gateway 192.168.1.2
Mar 25 14:09:10 kunpeng920 NetworkManager[2730]: <info> [1585116550.7118] dhcp4 (enp189s0f0): lease time 3200
Mar 25 14:09:10 kunpeng920 NetworkManager[2730]: <info> [1585116550.7118] dhcp4 (enp189s0f0): nameserver '114.114.114.114'
Mar 25 14:09:10 kunpeng920 NetworkManager[2730]: <info> [1585116550.7119] dhcp4 (enp189s0f0): nameserver '192.168.1.107'
Mar 25 14:09:10 kunpeng920 NetworkManager[2730]: <info> [1585116550.7119] dhcp4 (enp189s0f0): state changed bound -> bound
Mar 25 14:09:10 kunpeng920 dhclient[3617]: bound to 192.168.1.180 -- renewal in 1508 seconds.
解决办法是:添加 dns=none 到 /etc/NetworkManager/NetworkManager.conf [1] [2]
[user1@kunpeng920 NetworkManager]$ git diff --color NetworkManager.conf.backup NetworkManager.conf
diff --git a/NetworkManager.conf.backup b/NetworkManager.conf
index 1979ea6..2d23845 100644
--- a/NetworkManager.conf.backup
+++ b/NetworkManager.conf
@@ -22,6 +22,7 @@
# the previous one.
[main]
+dns=none
#plugins=ifcfg-rh,ibft
43.1. 无法链接的ipv6地址¶
The downloaded packages were saved in cache until the next successful transaction.
You can remove cached packages by executing 'dnf clean packages'.
Error: Error downloading packages:
Curl error (7): Couldn't connect to server for
https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=aarch64&infra=$infra&content=$contentdir
[Failed to connect to 2620:52:3:1:dead:beef:cafe:fed7: Network is unreachable]
解决办法:思路是不要查询url的ipv6地址, 如何禁止ipv6 dns查询, 还不知道, 但是把本机的网卡IPv6功能关了是可信的办法之一。
disable_ipv6 of enp189s0f0¶
echo 1 > /proc/sys/net/ipv6/conf/enp189s0f0/disable_ipv6
disable_ipv6 of all interfaces¶
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
禁止IPv6之前¶
6: enp189s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:18:2d:04:00:5c brd ff:ff:ff:ff:ff:ff
inet 192.168.1.180/24 brd 192.168.1.255 scope global noprefixroute enp189s0f0
valid_lft forever preferred_lft forever
inet6 fe80::6d73:6430:e089:b1c7/64 scope link noprefixroute
valid_lft forever preferred_lft forever
禁止IPv6后¶
6: enp189s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:18:2d:04:00:5c brd ff:ff:ff:ff:ff:ff
inet 192.168.1.180/24 brd 192.168.1.255 scope global noprefixroute enp189s0f0
valid_lft forever preferred_lft forever
| [1] | (1, 2) https://wiseindy.com/blog/linux/how-to-set-dns-in-centos-rhel-7-prevent-network-manager-from-overwriting-etc-resolv-conf/ |
| [2] | https://forums.centos.org/viewtopic.php?t=8647 |