不知道有没人遇到这个问题
公司核心 DNS 服务使用 bind9 因为需要拆分国内外域名 但是又不想手动维护转发表 在 bind9 上游挂了 mosdns 使用 https://github.com/pmkol/easymosdns
近期发现 关于微软系的域名 会出现解析不一致的情况 请求 bind9 转发至 mosdns 返回结果地址为美国 在解析日志里最后会多一条请求 fg.microsoft.map.fastly.net 的解析
nslookup vscode.download.prss.microsoft.com 192.168.8.204 服务器: UnKnown Address: 192.168.8.204
非权威应答: 名称: sni1gl.wpc.sigmacdn.net Address: 152.199.39.108 Aliases: vscode.download.prss.microsoft.com vscode.download.prss.microsoft.com.delivery.microsoft.com sundry-f-net.trafficmanager.net
在 mosdns 的日志中 会发现触发了境外规则
2024-10-31T11:29:43.862+0800 debug main_sequence.node_1.if condition matcher result {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.862+0800 debug main_sequence.node_2.if condition matcher result {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25", "result": true, "query_is_ptr": "true", "query_is_cn_domain": "false"} 2024-10-31T11:29:43.901+0800 debug entry returned {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_1.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_2.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_cn_domain": "false", "query_is_ptr": "false"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_3.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_tw_domain": "false"} 2024-10-31T11:29:43.904+0800 debug main_sequence.node_4.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_ad_domain": "false"} 2024-10-31T11:29:43.904+0800 debug main_sequence.node_5.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": true, "query_is_cdn_cn_domain": "false", "response_cname_akamai": "false", "query_is_local_domain": "true"} 2024-10-31T11:29:43.942+0800 debug entry returned {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_1.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_2.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_cn_domain": "false", "query_is_ptr": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_3.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_tw_domain": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_4.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_ad_domain": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_5.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": true, "query_is_cdn_cn_domain": "false", "response_cname_akamai": "false", "query_is_local_domain": "true"} 2024-10-31T11:29:43.984+0800 debug entry returned {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25"}
直接请求 mosdns 则正常
nslookup vscode.download.prss.microsoft.com 10.0.3.6 服务器: UnKnown Address: 10.0.3.6
非权威应答: 名称: 5g7oqi2b.sched.dma.tdnsdl1.cn Addresses: 121.204.230.169 124.225.195.95 Aliases: vscode.download.prss.microsoft.com vscode.download.prss.microsoft.com.delivery.microsoft.com sundry-f-net.trafficmanager.net alldomains-1258103457.shared.cdn.dnsv1.com
请求日志
2024-10-31T11:29:43.862+0800 debug main_sequence.node_1.if condition matcher result {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.862+0800 debug main_sequence.node_2.if condition matcher result {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25", "result": true, "query_is_ptr": "true", "query_is_cn_domain": "false"} 2024-10-31T11:29:43.901+0800 debug entry returned {"query": "6.3.0.10.in-addr.arpa. IN PTR 1 66954 ::ffff:192.168.6.25"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_1.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_2.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_cn_domain": "false", "query_is_ptr": "false"} 2024-10-31T11:29:43.903+0800 debug main_sequence.node_3.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_tw_domain": "false"} 2024-10-31T11:29:43.904+0800 debug main_sequence.node_4.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": false, "query_is_ad_domain": "false"} 2024-10-31T11:29:43.904+0800 debug main_sequence.node_5.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25", "result": true, "query_is_cdn_cn_domain": "false", "response_cname_akamai": "false", "query_is_local_domain": "true"} 2024-10-31T11:29:43.942+0800 debug entry returned {"query": "vscode.download.prss.microsoft.com. IN A 2 66960 ::ffff:192.168.6.25"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_1.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "qtype65": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_2.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_cn_domain": "false", "query_is_ptr": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_3.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_tw_domain": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_4.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": false, "query_is_ad_domain": "false"} 2024-10-31T11:29:43.945+0800 debug main_sequence.node_5.if condition matcher result {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25", "result": true, "query_is_cdn_cn_domain": "false", "response_cname_akamai": "false", "query_is_local_domain": "true"} 2024-10-31T11:29:43.984+0800 debug entry returned {"query": "vscode.download.prss.microsoft.com. IN AAAA 3 66965 ::ffff:192.168.6.25"}
1
pagxir 55 天前 via Android
这没有用 mosdns ,但是我本地测试一下,这个域名国内是走 ks-cdn.com, 国外是 fastly.com 。估计是因为判断规则太复杂导致命中 fastly 了。你 mosdns 更上游的 dns 是不是有问题?
|
3
pagxir 52 天前 via Android
如果容易复现,就抓包看看吧,也许是 bug 有可能是 feature
|