不知道有没人遇到这个问题
公司核心 DNS 服务使用 bind9 因为需要拆分国内外域名 但是又不想手动维护转发表 在 bind9 上游挂了 mosdns 使用 https://github.com/pmkol/easymosdns
近期发现 关于微软系的域名 会出现解析不一致的情况 请求 bind9 转发至 mosdns 返回结果地址为美国 在解析日志里最后会多一条请求 fg.microsoft.map.fastly.net 的解析
nslookup vscode.download.prss.microsoft.com 192.168.8.204 服务器: UnKnown Address: 192.168.8.204
非权威应答: 名称: sni1gl.wpc.sigmacdn.net Address: 152.199.39.108 Aliases: vscode.download.prss.microsoft.com vscode.download.prss.microsoft.com.delivery.microsoft.com sundry-f-net.trafficmanager.net
在 mosdns 的日志中 会发现触发了境外规则
2024-10-31T11:29:43.862+0800 debug main_sequence.node_1.if condition matcher result {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.862+0800 debug main_sequence.node_2.if condition matcher result {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25", "result": true, "query_is_ptr": "true", "query_is_cn_domain": "false"} 2024-10-31T11:29:43.901+0800 debug entry returned {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_1.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_2.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_cn_domain": "false", "query_is_ptr": "false"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_3.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_tw_domain": "false"} 2024-10-31T11:29:43.904+0800 debug main_sequence.node_4.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_ad_domain": "false"} 2024-10-31T11:29:43.904+0800 debug main_sequence.node_5.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": true, "query_is_cdn_cn_domain": "false", "response_cname_akamai": "false", "query_is_local_domain": "true"} 2024-10-31T11:29:43.942+0800 debug entry returned {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_1.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_2.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_cn_domain": "false", "query_is_ptr": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_3.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_tw_domain": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_4.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_ad_domain": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_5.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": true, "query_is_cdn_cn_domain": "false", "response_cname_akamai": "false", "query_is_local_domain": "true"} 2024-10-31T11:29:43.984+0800 debug entry returned {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25"}
直接请求 mosdns 则正常
nslookup vscode.download.prss.microsoft.com 10.0.3.6 服务器: UnKnown Address: 10.0.3.6
非权威应答: 名称: 5g7oqi2b.sched.dma.tdnsdl1.cn Addresses: 121.204.230.169 124.225.195.95 Aliases: vscode.download.prss.microsoft.com vscode.download.prss.microsoft.com.delivery.microsoft.com sundry-f-net.trafficmanager.net alldomains-1258103457.shared.cdn.dnsv1.com
请求日志
2024-10-31T11:29:43.862+0800 debug main_sequence.node_1.if condition matcher result {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.862+0800 debug main_sequence.node_2.if condition matcher result {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25", "result": true, "query_is_ptr": "true", "query_is_cn_domain": "false"} 2024-10-31T11:29:43.901+0800 debug entry returned {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_1.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_2.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_cn_domain": "false", "query_is_ptr": "false"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_3.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_tw_domain": "false"} 2024-10-31T11:29:43.904+0800 debug main_sequence.node_4.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_ad_domain": "false"} 2024-10-31T11:29:43.904+0800 debug main_sequence.node_5.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": true, "query_is_cdn_cn_domain": "false", "response_cname_akamai": "false", "query_is_local_domain": "true"} 2024-10-31T11:29:43.942+0800 debug entry returned {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_1.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_2.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_cn_domain": "false", "query_is_ptr": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_3.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_tw_domain": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_4.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_ad_domain": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_5.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": true, "query_is_cdn_cn_domain": "false", "response_cname_akamai": "false", "query_is_local_domain": "true"} 2024-10-31T11:29:43.984+0800 debug entry returned {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25"}
这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。
V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。
V2EX is a community of developers, designers and creative people.