背景:公司云上有一台 windows 服务器,配置了两个DNS,因为加入到域环境了,所以AD域那边给定了一个,配置为主用DNS
然后将VPC中默认的DNS配置成了备用DNS,最后再对ssm相关的endpoint的Interface接口的私有 DNS 名称进行解析
发现一会儿解析成公有IP,一会解析成私有IP,看着貌似没有规律,如下:
C:\Users\qq5201351>ping ssm.cn-north-1.amazonaws.com.cn Pinging ssm.cn-north-1.amazonaws.com.cn [54.222.20.96] with 32 bytes of data: C:\Users\qq5201351>ping ssm.cn-north-1.amazonaws.com.cn Pinging ssm.cn-north-1.amazonaws.com.cn [54.222.20.96] with 32 bytes of data: C:\Users\qq5201351>ping ssm.cn-north-1.amazonaws.com.cn Pinging ssm.cn-north-1.amazonaws.com.cn [172.16.1.222] with 32 bytes of data: C:\Users\qq5201351>ipconfig /all .....省略部分输出....... Ethernet adapter Ethernet 4: .....省略部分输出....... DNS Servers . . . . . . . . . . . : 43.2.3.18 172.16.1.2 NetBIOS over Tcpip. . . . . . . . : Enabled C:\Users\qq5201351>
因为是windows内网Server主机,不能访问外网,因此使用ssm相关的功能就只能依靠于aws的endpoint接口了
但其中的一个前提就是DNS要能解析到ssm相关的endpoint接口的内网IP,由于一些其他原因43.的dns又必须要配置到第一个
那如果是上面的情况下,ssm功能很可能会受到影响,即一会儿正常、一会儿不正常
当然笔者最后是将3个ssm功能相关的endpoint的IP-->域名,写到了本地hosts文件,也能解决这个问题
问题解决了、主要还得继续了解上面DNS解析现象的原因,最后再微软的一篇文章中找到了相关的原因,于是记录于此
In Windows 7, Windows Server 2008 R2 and later operating systems, the DNS client will query DNS servers that are configured on its network interfaces using the following process: Query 1: The DNS Client service sends the query to the first DNS server on the preferred network adapter’s list of DNS servers and waits one (1) second for a response. The preferred network adapter on a computer with multiple network interfaces is the one that is first in the binding order. Query 2: If the DNS Client service does not receive a response from the first DNS server on the preferred network adapter within one second, it sends the query to the next DNS server on the preferred interface and first DNS servers on all other network adapters and waits one (1) second for a response. Query 3: If the DNS Client service does not receive a response from any of the DNS servers, it sends the query to the next DNS servers on each of the network adapters that are still under consideration and waits two (2) seconds for a response. A network interface is considered "under consideration" if no response has been received from any DNS server that is configured on that interface, and the list of DNS servers has not been exhausted. Query 4: If the DNS Client service still does not receive a response from any DNS server, it sends the name query to all DNS servers on all network adapters that are still under consideration and waits four (4) seconds for a response. Query 5: If the DNS Client service still does not receive a response from any DNS server, it repeats the previous query, sending the name query to all DNS servers on all adapters that are still under consideration and waiting four (4) seconds for a response. The total wait time is 12 seconds (1, 1, 2, 4, 4) if there is no response. If a query is sent to multiple DNS servers and more than one DNS server responds, the first response that is received is used. If it is necessary for a DNS client to use another DNS server to resolve a query, this server is temporarily set to be first on the priority list of DNS servers used. After 15 minutes, the DNS client resets the DNS server priority list back to default settings.
详细的可以通过如下微软官方的url进行查看:
由上看来,我们这样的特殊网络环境,配置了两个DNS的情况、就是很可能会出现内外网域名,解析结果不能确定的情况
所以看来当前最稳定的方式就是先暂时配置到 hosts文件了,以后再思考更好的解决方案~
尊重别人的劳动成果 转载请务必注明出处:https://www.cnblogs.com/5201351/p/16732749.html
作者:一名卑微的IT民工
出处:https://www.cnblogs.com/5201351
本博客所有文章仅用于学习、研究和交流目的,欢迎非商业性质转载。
由于博主的水平不高,文章没有高度、深度和广度,只是凑字数,不足和错误之处在所难免,希望大家能够批评指出。
博主是利用读书、参考、引用、复制和粘贴等多种方式打造成自己的文章,请原谅博主成为一个卑微的IT民工!
