CoreDNS域名解析问题

使用场景


平台组件部署模式及选型

  • 网络插件:Calico(非BGP协议,使用Calico IPIP tunl模式)
  • Coredns:部署在平台集群中,非(hostNetwork: true)模式;Coredns的POD与跨node通信使用IPIP tunl
  • kube-proxy:使用默认的iptables NAT方式,减少一步内核态到用户态的切换
    data:
      config.conf: |-
        apiVersion: kubeproxy.config.k8s.io/v1alpha1
        bindAddress: 0.0.0.0
        clientConnection:
          acceptContentTypes: ""
          burst: 0
          contentType: ""
          kubeconfig: /var/lib/kube-proxy/kubeconfig.conf
          qps: 0
        clusterCIDR: 172.19.0.0/16
        configSyncPeriod: 0s
        conntrack:
          maxPerCore: null
          min: null
          tcpCloseWaitTimeout: null
          tcpEstablishedTimeout: null
        detectLocalMode: ""
        enableProfiling: false
        healthzBindAddress: ""
        hostnameOverride: ""
        iptables:
          masqueradeAll: false
          masqueradeBit: null
          minSyncPeriod: 0s
          syncPeriod: 0s
        ipvs:
          excludeCIDRs: null
          minSyncPeriod: 0s
          scheduler: ""
          strictARP: false
          syncPeriod: 0s
          tcpFinTimeout: 0s
          tcpTimeout: 0s
          udpTimeout: 0s
        kind: KubeProxyConfiguration
        metricsBindAddress: ""
        mode: ""
        nodePortAddresses: null
        oomScoreAdj: null
        portRange: ""
        showHiddenMetricsForVersion: ""
        udpIdleTimeout: 0s
        winkernel:
          enableDSR: false
          networkName: ""
          sourceVip: ""
  • DNS服务器:
    coredns: Coredns1/2(nflow.so)平台集群内部DNS服务器,主要作用用来解决平台集群中的service/pod域名解析,使用协议53/TCP 53/UDP
    内部DNS:(DNS1/DNS2 nflow.internal) 主要作用,解析阿里云CNAME 及内部基础组件系统(zk/mq/xxl-job/amq) 使用协议 53/UDP

故障描述

  1. 部署的应用容器在请求内部域名时(redis.dev02.nflow.internal)无法被解析,具体报警日志如下

    [2020-08-24 11:36:18.721] [DubboServerHandler-172.19.25.116:20012-thread-997] [Careful] [ERROR] [traceId-xincheng-flow-cce7124074414c82a2cb8a51be8a8e53_202008241134119950889D95AEC6A5] - register exception:
    org.springframework.data.redis.RedisConnectionFailureException: Cannot get Jedis connection; nested exception is redis.clients.jedis.exceptions.JedisConnectionException: Could not get a resource from the pool
        at org.springframework.data.redis.connection.jedis.JedisConnectionFactory.fetchJedisConnector(JedisConnectionFactory.java:162)
        at org.springframework.data.redis.connection.jedis.JedisConnectionFactory.getConnection(JedisConnectionFactory.java:251)
        at org.springframework.data.redis.connection.jedis.JedisConnectionFactory.getConnection(JedisConnectionFactory.java:58)
        at org.springframework.data.redis.core.RedisConnectionUtils.doGetConnection(RedisConnectionUtils.java:128)
        at org.springframework.data.redis.core.RedisConnectionUtils.getConnection(RedisConnectionUtils.java:91)
        at org.springframework.data.redis.core.RedisConnectionUtils.getConnection(RedisConnectionUtils.java:78)
        at org.springframework.data.redis.core.RedisTemplate.execute(RedisTemplate.java:178)
        at org.springframework.data.redis.core.RedisTemplate.execute(RedisTemplate.java:153)
        at org.springframework.data.redis.core.AbstractOperations.execute(AbstractOperations.java:86)
        at org.springframework.data.redis.core.DefaultValueOperations.setIfAbsent(DefaultValueOperations.java:216)
        at com.weishang.redis.lock.RedisLockBaseArithmetic.lock(RedisLockBaseArithmetic.java:67)
        at com.weishang.user.service.impl.UserServiceImpl.register(UserServiceImpl.java:639)
        at com.weishang.user.service.impl.UserServiceImpl.registerWithoutCode(UserServiceImpl.java:792)
        at com.alibaba.dubbo.common.bytecode.Wrapper58.invokeMethod(Wrapper58.java)
        at com.alibaba.dubbo.rpc.proxy.javassist.JavassistProxyFactory$1.doInvoke(JavassistProxyFactory.java:47)
        at com.alibaba.dubbo.rpc.proxy.AbstractProxyInvoker.invoke(AbstractProxyInvoker.java:76)
        at com.alibaba.dubbo.config.invoker.DelegateProviderMetaDataInvoker.invoke(DelegateProviderMetaDataInvoker.java:52)
        at com.alibaba.dubbo.rpc.protocol.InvokerWrapper.invoke(InvokerWrapper.java:56)
        at com.weishang.framework.dubbo.filter.log.LogTraceProviderFilter.invoke(LogTraceProviderFilter.java:25)
        at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
        at com.alibaba.dubbo.rpc.filter.ExceptionFilter.invoke(ExceptionFilter.java:62)
        at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
        at com.alibaba.dubbo.monitor.support.MonitorFilter.invoke(MonitorFilter.java:75)
        at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
        at com.alibaba.dubbo.rpc.filter.TimeoutFilter.invoke(TimeoutFilter.java:42)
        at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
        at com.alibaba.dubbo.rpc.protocol.dubbo.filter.TraceFilter.invoke(TraceFilter.java:78)
        at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
        at com.alibaba.dubbo.rpc.filter.ContextFilter.invoke(ContextFilter.java:73)
        at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
        at com.alibaba.dubbo.rpc.filter.GenericFilter.invoke(GenericFilter.java:141)
        at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
        at com.alibaba.dubbo.rpc.filter.ClassLoaderFilter.invoke(ClassLoaderFilter.java:38)
        at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
        at com.alibaba.dubbo.rpc.filter.EchoFilter.invoke(EchoFilter.java:38)
        at com.alibaba.dubbo.rpc.protocol.ProtocolFilterWrapper$1.invoke(ProtocolFilterWrapper.java:72)
        at com.alibaba.dubbo.rpc.protocol.dubbo.DubboProtocol$1.reply(DubboProtocol.java:104)
        at com.alibaba.dubbo.remoting.exchange.support.header.HeaderExchangeHandler.handleRequest(HeaderExchangeHandler.java:96)
        at com.alibaba.dubbo.remoting.exchange.support.header.HeaderExchangeHandler.received(HeaderExchangeHandler.java:173)
        at com.alibaba.dubbo.remoting.transport.DecodeHandler.received(DecodeHandler.java:51)
        at com.alibaba.dubbo.remoting.transport.dispatcher.ChannelEventRunnable.run(ChannelEventRunnable.java:57)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
        at java.lang.Thread.run(Thread.java:748)
    Caused by: redis.clients.jedis.exceptions.JedisConnectionException: Could not get a resource from the pool
        at redis.clients.util.Pool.getResource(Pool.java:50)
        at redis.clients.jedis.JedisPool.getResource(JedisPool.java:99)
        at redis.clients.jedis.JedisPool.getResource(JedisPool.java:12)
        at org.springframework.data.redis.connection.jedis.JedisConnectionFactory.fetchJedisConnector(JedisConnectionFactory.java:155)
        ... 43 more
    Caused by: redis.clients.jedis.exceptions.JedisConnectionException: java.net.UnknownHostException: redis.dev02.nflow.internal
        at redis.clients.jedis.Connection.connect(Connection.java:164)
        at redis.clients.jedis.BinaryClient.connect(BinaryClient.java:82)
        at redis.clients.jedis.BinaryJedis.connect(BinaryJedis.java:1641)
        at redis.clients.jedis.JedisFactory.makeObject(JedisFactory.java:85)
        at org.apache.commons.pool2.impl.GenericObjectPool.create(GenericObjectPool.java:861)
        at org.apache.commons.pool2.impl.GenericObjectPool.borrowObject(GenericObjectPool.java:435)
        at org.apache.commons.pool2.impl.GenericObjectPool.borrowObject(GenericObjectPool.java:363)
        at redis.clients.util.Pool.getResource(Pool.java:48)
        ... 46 more
    Caused by: java.net.UnknownHostException: redis.dev02.nflow.internal
        at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:196)
        at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:394)
        at java.net.Socket.connect(Socket.java:606)
        at redis.clients.jedis.Connection.connect(Connection.java:158)
        ... 53 more

故障分析

  1. 排查此故障过程如下切换至应用环境Pod容器中
    [root@dev02-xc-admin-5c768555-jgxhq nflow]# host -v  redis.dev02.nflow.internal
    Trying "redis.dev02.nflow.internal.dev.svc.nflow.so"
    Trying "redis.dev02.nflow.internal.svc.nflow.so"
    Trying "redis.dev02.nflow.internal.nflow.so"
    Trying "redis.dev02.nflow.internal"
    Trying "redis.dev02.nflow.internal"
  2. 发现如上的故障现象,是由于应用Pod容器请求corndns使用的是TCP协议,由于corndns的ServiceIP只暴露了UDP协议,默认TCP是enable,由于考虑到域名解析时,TCP消耗资源及效率低的原因,故将TCP相关配置delete操作
    spec:
      ports:
        - name: dns
          protocol: UDP
          port: 53
          targetPort: 53
        - name: metrics
          protocol: TCP
          port: 9153
          targetPort: 9153
  3. 于是将corndns的service配置开启TCP协议
    ports:
        - name: dns
          protocol: UDP
          port: 53
          targetPort: 53
        - name: dns-tcp
          protocol: TCP
          port: 53
          targetPort: 53
        - name: metrics
          protocol: TCP
          port: 9153
          targetPort: 9153
  4. 再次查看域名解析结果
    [root@dev02-xc-admin-5c768555-jgxhq nflow]# host -v  redis.dev02.nflow.internal
    Trying "redis.dev02.nflow.internal.dev.svc.nflow.so"
    Trying "redis.dev02.nflow.internal.svc.nflow.so"
    Trying "redis.dev02.nflow.internal.nflow.so"
    Trying "redis.dev02.nflow.internal"
    Trying "redis.dev02.nflow.internal"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15914
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 13, ADDITIONAL: 22
     
    ;; QUESTION SECTION:
    ;redis.dev02.nflow.internal.    IN  A
     
    ;; ANSWER SECTION:
    redis.dev02.nflow.internal. 9   IN  CNAME   r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com.
    r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com. 9 IN A 10.1.35.155
     
    ;; AUTHORITY SECTION:
    com.            9   IN  NS  c.gtld-servers.net.
    com.            9   IN  NS  a.gtld-servers.net.
    com.            9   IN  NS  k.gtld-servers.net.
    com.            9   IN  NS  d.gtld-servers.net.
    com.            9   IN  NS  b.gtld-servers.net.
    com.            9   IN  NS  j.gtld-servers.net.
    com.            9   IN  NS  h.gtld-servers.net.
    com.            9   IN  NS  f.gtld-servers.net.
    com.            9   IN  NS  i.gtld-servers.net.
    com.            9   IN  NS  g.gtld-servers.net.
    com.            9   IN  NS  l.gtld-servers.net.
    com.            9   IN  NS  m.gtld-servers.net.
    com.            9   IN  NS  e.gtld-servers.net.
     
    ;; ADDITIONAL SECTION:
    e.gtld-servers.net. 9   IN  A   192.12.94.30
    b.gtld-servers.net. 9   IN  A   192.33.14.30
    j.gtld-servers.net. 9   IN  A   192.48.79.30
    j.gtld-servers.net. 9   IN  AAAA    2001:502:7094::30
    m.gtld-servers.net. 9   IN  A   192.55.83.30
    m.gtld-servers.net. 9   IN  AAAA    2001:501:b1f9::30
    i.gtld-servers.net. 9   IN  A   192.43.172.30
    i.gtld-servers.net. 9   IN  AAAA    2001:503:39c1::30
    f.gtld-servers.net. 9   IN  AAAA    2001:503:d414::30
    a.gtld-servers.net. 9   IN  A   192.5.6.30
    g.gtld-servers.net. 9   IN  A   192.42.93.30
    g.gtld-servers.net. 9   IN  AAAA    2001:503:eea3::30
    h.gtld-servers.net. 9   IN  A   192.54.112.30
    h.gtld-servers.net. 9   IN  AAAA    2001:502:8cc::30
    l.gtld-servers.net. 9   IN  A   192.41.162.30
    l.gtld-servers.net. 9   IN  AAAA    2001:500:d937::30
    k.gtld-servers.net. 9   IN  A   192.52.178.30
    k.gtld-servers.net. 9   IN  AAAA    2001:503:d2d::30
    c.gtld-servers.net. 9   IN  A   192.26.92.30
    c.gtld-servers.net. 9   IN  AAAA    2001:503:83eb::30
    d.gtld-servers.net. 9   IN  A   192.31.80.30
    d.gtld-servers.net. 9   IN  AAAA    2001:500:856e::30
     
    Received 1509 bytes from 10.10.0.10#53 in 0 ms
    Trying "r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55554
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
     
    ;; QUESTION SECTION:
    ;r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com. IN    AAAA
     
    ;; AUTHORITY SECTION:
    rds.aliyuncs.com.   30  IN  SOA hidden-master.aliyun.com. hostmaster.aliyun-inc.com. 2046235511 7200 900 2592000 600
     
    Received 162 bytes from 10.10.0.10#53 in 0 ms
    Trying "r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3305
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
     
    ;; QUESTION SECTION:
    ;r-bp1qv8wuvhbs9k8kk8.redis.rds.aliyuncs.com. IN    MX
     
    ;; AUTHORITY SECTION:
    rds.aliyuncs.com.   30  IN  SOA hidden-master.aliyun.com. hostmaster.aliyun-inc.com. 2046235511 7200 900 2592000 600
     
    Received 162 bytes from 10.10.0.10#53 in 0 ms
     
    虽然仍然还是time_wait的状态,但是可以解析成功,且应用没有报错,请求域名解析超时的错

Corndns相关调整


配置清单

nflow.internal
只负责Pod内部请求nflow.internal的域名直接响应,并转发给内部DNS(10.1.1.132)
.:53  
负责匹配非nflow.internal及Kubernetes内部域名及外部域名解析,其中承载外部域名解析时,直接forward到Pod所有的node节点上的/etc/resolv.conf定义的nameserver的地址
  1. 在cronfile中新增一个SOA,配置如下

    {
        "Corefile": "nflow.internal:53 {
                errors
                cache 10
                forward . 10.1.1.133 {
                  prefer_udp
                }
                reload
            }
            .:53 {
                errors
                health {
                   lameduck 5s
                }
                ready
                kubernetes nflow.so in-addr.arpa ip6.arpa {
                   pods insecure
                   fallthrough in-addr.arpa ip6.arpa
                   ttl 30
                }
                prometheus :9153
                forward . /etc/resolv.conf
                cache 30
                loop
                reload
                loadbalance
            }
            "
    }
  2. 根据以上配置可以得出如下结果

    • 需要解析nflow.internal域名直接匹配nflow.internal并直接forward给10.1.1.132上游DNS服务器(相对coredns)
    • 需要解析非nflow.internal域名及Kubernetes平台内部的svc/pod域名时及外部域名则匹配默认(.:53)SOA,这样的好处:
      节省了如果需要解析nflow.internal需要遍历整个Kubernetes 默认的SOA(namespace.svc.nflow.so/svc.nflow.so/nflow.so)
      节省了如果请求外部域名解析时向内部DNS转发的压力
  3. 依照上面优化建议配置,需要调整相关Pod的dnsPolicy配置,如下
    dnsPolicy: None
    dnsConfig:
      nameservers:
        - 10.10.0.10
      options:
        - name: ndots
          value: '2'
  4. 调整后解析结果如下
    ### baidu.com ###
    [root@dev02-xc-user-6f6c5876bf-8vcr4 nflow]# host -v www.baidu.com
    Trying "www.baidu.com"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50799
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
     
    ;; QUESTION SECTION:
    ;www.baidu.com.         IN  A
     
    ;; ANSWER SECTION:
    www.baidu.com.      30  IN  CNAME   www.a.shifen.com.
    www.a.shifen.com.   30  IN  A   180.101.49.11
    www.a.shifen.com.   30  IN  A   180.101.49.12
     
    Received 138 bytes from 10.10.0.10#53 in 1 ms
    Trying "www.a.shifen.com"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62483
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
     
    ;; QUESTION SECTION:
    ;www.a.shifen.com.      IN  AAAA
     
    ;; AUTHORITY SECTION:
    a.shifen.com.       30  IN  SOA ns1.a.shifen.com. baidu_dns_master.baidu.com. 2008240002 5 5 2592000 3600
     
    Received 124 bytes from 10.10.0.10#53 in 0 ms
    Trying "www.a.shifen.com"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62962
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
     
    ;; QUESTION SECTION:
    ;www.a.shifen.com.      IN  MX
     
    ;; AUTHORITY SECTION:
    a.shifen.com.       26  IN  SOA ns1.a.shifen.com. baidu_dns_master.baidu.com. 2008240001 5 5 2592000 3600
     
    Received 124 bytes from 10.10.0.10#53 in 0 ms
    [root@dev02-xc-user-6f6c5876bf-8vcr4 nflow]#
    [root@dev02-xc-user-6f6c5876bf-8vcr4 nflow]# host -v www.baidu.com
    Trying "www.baidu.com"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56964
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
     
    ;; QUESTION SECTION:
    ;www.baidu.com.         IN  A
     
    ;; ANSWER SECTION:
    www.baidu.com.      30  IN  CNAME   www.a.shifen.com.
    www.a.shifen.com.   30  IN  A   180.101.49.11
    www.a.shifen.com.   30  IN  A   180.101.49.12
     
    Received 138 bytes from 10.10.0.10#53 in 1 ms
    Trying "www.a.shifen.com"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53138
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
     
    ;; QUESTION SECTION:
    ;www.a.shifen.com.      IN  AAAA
     
    ;; AUTHORITY SECTION:
    a.shifen.com.       30  IN  SOA ns1.a.shifen.com. baidu_dns_master.baidu.com. 2008240002 5 5 2592000 3600
     
    Received 124 bytes from 10.10.0.10#53 in 0 ms
    Trying "www.a.shifen.com"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59658
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
     
    ;; QUESTION SECTION:
    ;www.a.shifen.com.      IN  MX
     
    ;; AUTHORITY SECTION:
    a.shifen.com.       30  IN  SOA ns1.a.shifen.com. baidu_dns_master.baidu.com. 2008240002 5 5 2592000 3600
     
    Received 124 bytes from 10.10.0.10#53 in 0 ms
     
     
    ### nflow.internal ###
    [root@dev02-xc-user-6f6c5876bf-8vcr4 nflow]# host -v redis.dev01.nflow.internal
    Trying "redis.dev01.nflow.internal"
    Trying "redis.dev01.nflow.internal"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10518
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 13, ADDITIONAL: 21
     
    ;; QUESTION SECTION:
    ;redis.dev01.nflow.internal.    IN  A
     
    ;; ANSWER SECTION:
    redis.dev01.nflow.internal. 5   IN  CNAME   r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com.
    r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com. 5 IN A 10.1.32.111
     
    ;; AUTHORITY SECTION:
    com.            5   IN  NS  b.gtld-servers.net.
    com.            5   IN  NS  c.gtld-servers.net.
    com.            5   IN  NS  f.gtld-servers.net.
    com.            5   IN  NS  h.gtld-servers.net.
    com.            5   IN  NS  m.gtld-servers.net.
    com.            5   IN  NS  d.gtld-servers.net.
    com.            5   IN  NS  i.gtld-servers.net.
    com.            5   IN  NS  e.gtld-servers.net.
    com.            5   IN  NS  j.gtld-servers.net.
    com.            5   IN  NS  k.gtld-servers.net.
    com.            5   IN  NS  a.gtld-servers.net.
    com.            5   IN  NS  l.gtld-servers.net.
    com.            5   IN  NS  g.gtld-servers.net.
     
    ;; ADDITIONAL SECTION:
    e.gtld-servers.net. 5   IN  A   192.12.94.30
    b.gtld-servers.net. 5   IN  A   192.33.14.30
    j.gtld-servers.net. 5   IN  A   192.48.79.30
    j.gtld-servers.net. 5   IN  AAAA    2001:502:7094::30
    m.gtld-servers.net. 5   IN  A   192.55.83.30
    m.gtld-servers.net. 5   IN  AAAA    2001:501:b1f9::30
    i.gtld-servers.net. 5   IN  A   192.43.172.30
    i.gtld-servers.net. 5   IN  AAAA    2001:503:39c1::30
    f.gtld-servers.net. 5   IN  AAAA    2001:503:d414::30
    a.gtld-servers.net. 5   IN  A   192.5.6.30
    g.gtld-servers.net. 5   IN  A   192.42.93.30
    g.gtld-servers.net. 5   IN  AAAA    2001:503:eea3::30
    h.gtld-servers.net. 5   IN  A   192.54.112.30
    h.gtld-servers.net. 5   IN  AAAA    2001:502:8cc::30
    l.gtld-servers.net. 5   IN  AAAA    2001:500:d937::30
    k.gtld-servers.net. 5   IN  A   192.52.178.30
    k.gtld-servers.net. 5   IN  AAAA    2001:503:d2d::30
    c.gtld-servers.net. 5   IN  A   192.26.92.30
    c.gtld-servers.net. 5   IN  AAAA    2001:503:83eb::30
    d.gtld-servers.net. 5   IN  A   192.31.80.30
    d.gtld-servers.net. 5   IN  AAAA    2001:500:856e::30
     
    Received 1475 bytes from 10.10.0.10#53 in 0 ms
    Trying "r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16727
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
     
    ;; QUESTION SECTION:
    ;r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com. IN    AAAA
     
    ;; AUTHORITY SECTION:
    rds.aliyuncs.com.   30  IN  SOA hidden-master.aliyun.com. hostmaster.aliyun-inc.com. 2046235958 7200 900 2592000 600
     
    Received 162 bytes from 10.10.0.10#53 in 0 ms
    Trying "r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35921
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
     
    ;; QUESTION SECTION:
    ;r-bp1yy77dfyewep8jzf.redis.rds.aliyuncs.com. IN    MX
     
    ;; AUTHORITY SECTION:
    rds.aliyuncs.com.   30  IN  SOA hidden-master.aliyun.com. hostmaster.aliyun-inc.com. 2046235958 7200 900 2592000 600
     
    Received 162 bytes from 10.10.0.10#53 in 0 ms
     
     
    ### nflow.so ###
    [root@dev02-xc-user-6f6c5876bf-8vcr4 nflow]# host -v sit-xc-job.sit.svc.nflow.so
    Trying "sit-xc-job.sit.svc.nflow.so"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52666
    ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
     
    ;; QUESTION SECTION:
    ;sit-xc-job.sit.svc.nflow.so.   IN  A
     
    ;; ANSWER SECTION:
    sit-xc-job.sit.svc.nflow.so. 30 IN  A   10.10.207.12
     
    Received 88 bytes from 10.10.0.10#53 in 0 ms
    Trying "sit-xc-job.sit.svc.nflow.so"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34898
    ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
     
    ;; QUESTION SECTION:
    ;sit-xc-job.sit.svc.nflow.so.   IN  AAAA
     
    ;; AUTHORITY SECTION:
    nflow.so.       30  IN  SOA ns.dns.nflow.so. hostmaster.nflow.so. 1598246184 7200 1800 86400 30
     
    Received 123 bytes from 10.10.0.10#53 in 0 ms
    Trying "sit-xc-job.sit.svc.nflow.so"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54241
    ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
     
    ;; QUESTION SECTION:
    ;sit-xc-job.sit.svc.nflow.so.   IN  MX
     
    ;; AUTHORITY SECTION:
    nflow.so.       30  IN  SOA ns.dns.nflow.so. hostmaster.nflow.so. 1598246184 7200 1800 86400 30
     
    Received 123 bytes from 10.10.0.10#53 in 0 ms
posted @ 2022-05-19 20:34  MacoPlus  阅读(724)  评论(0编辑  收藏  举报