bind9+mosdns 导致微软域名解析异常

33 天前
 zcchann

不知道有没人遇到这个问题

公司核心 DNS 服务使用 bind9 因为需要拆分国内外域名 但是又不想手动维护转发表 在 bind9 上游挂了 mosdns 使用 https://github.com/pmkol/easymosdns

近期发现 关于微软系的域名 会出现解析不一致的情况 请求 bind9 转发至 mosdns 返回结果地址为美国 在解析日志里最后会多一条请求 fg.microsoft.map.fastly.net 的解析

nslookup vscode.download.prss.microsoft.com 192.168.8.204 服务器: UnKnown Address: 192.168.8.204

非权威应答: 名称: sni1gl.wpc.sigmacdn.net Address: 152.199.39.108 Aliases: vscode.download.prss.microsoft.com vscode.download.prss.microsoft.com.delivery.microsoft.com sundry-f-net.trafficmanager.net

在 mosdns 的日志中 会发现触发了境外规则

2024-10-31T11:29:43.862+0800 debug main_sequence.node_1.if condition matcher result {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.862+0800 debug main_sequence.node_2.if condition matcher result {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25", "result": true, "query_is_ptr": "true", "query_is_cn_domain": "false"} 2024-10-31T11:29:43.901+0800 debug entry returned {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_1.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_2.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_cn_domain": "false", "query_is_ptr": "false"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_3.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_tw_domain": "false"} 2024-10-31T11:29:43.904+0800 debug main_sequence.node_4.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_ad_domain": "false"} 2024-10-31T11:29:43.904+0800 debug main_sequence.node_5.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": true, "query_is_cdn_cn_domain": "false", "response_cname_akamai": "false", "query_is_local_domain": "true"} 2024-10-31T11:29:43.942+0800 debug entry returned {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_1.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_2.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_cn_domain": "false", "query_is_ptr": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_3.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_tw_domain": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_4.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_ad_domain": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_5.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": true, "query_is_cdn_cn_domain": "false", "response_cname_akamai": "false", "query_is_local_domain": "true"} 2024-10-31T11:29:43.984+0800 debug entry returned {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25"}

直接请求 mosdns 则正常

nslookup vscode.download.prss.microsoft.com 10.0.3.6 服务器: UnKnown Address: 10.0.3.6

非权威应答: 名称: 5g7oqi2b.sched.dma.tdnsdl1.cn Addresses: 121.204.230.169 124.225.195.95 Aliases: vscode.download.prss.microsoft.com vscode.download.prss.microsoft.com.delivery.microsoft.com sundry-f-net.trafficmanager.net alldomains-1258103457.shared.cdn.dnsv1.com

请求日志

2024-10-31T11:29:43.862+0800 debug main_sequence.node_1.if condition matcher result {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.862+0800 debug main_sequence.node_2.if condition matcher result {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25", "result": true, "query_is_ptr": "true", "query_is_cn_domain": "false"} 2024-10-31T11:29:43.901+0800 debug entry returned {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_1.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_2.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_cn_domain": "false", "query_is_ptr": "false"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_3.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_tw_domain": "false"} 2024-10-31T11:29:43.904+0800 debug main_sequence.node_4.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_ad_domain": "false"} 2024-10-31T11:29:43.904+0800 debug main_sequence.node_5.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": true, "query_is_cdn_cn_domain": "false", "response_cname_akamai": "false", "query_is_local_domain": "true"} 2024-10-31T11:29:43.942+0800 debug entry returned {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_1.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_2.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_cn_domain": "false", "query_is_ptr": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_3.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_tw_domain": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_4.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_ad_domain": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_5.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": true, "query_is_cdn_cn_domain": "false", "response_cname_akamai": "false", "query_is_local_domain": "true"} 2024-10-31T11:29:43.984+0800 debug entry returned {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25"}

1164 次点击
所在节点    DNS
4 条回复
pagxir
33 天前
这没有用 mosdns ,但是我本地测试一下,这个域名国内是走 ks-cdn.com, 国外是 fastly.com 。估计是因为判断规则太复杂导致命中 fastly 了。你 mosdns 更上游的 dns 是不是有问题?
zcchann
29 天前
@pagxir 但是感觉不对劲 我主机 nslookup 直连 mos 就走国内了 过一下 mos 就跑国外去 这两个 dns 在同一个内网里
pagxir
29 天前
如果容易复现,就抓包看看吧,也许是 bug 有可能是 feature
zcchann
28 天前
@pagxir 发现问题了
因为我使用 easymosdns 的那个项目
在开启匹配 QTYPE12 65 255 这三个的情况下
通过 bind 向 mosdns 请求的 DNS 解析 CNAME 只会匹配第一条 向后不匹配
感谢大佬帮忙排查问题

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/1085389

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX