<div class="highlight highlight-source-shell notranslate position-relative overflow-auto" dir="auto"

<div class="highlight highlight-text-shell-session notranslate position-relative overflow-auto" dir=

更新之后 <div class="highlight highlight-source-shell notranslate position-relative ov

<div class="highlight highlight-source-shell notranslate position-relative overflow-auto" dir="auto"

<div class="highlight highlight-source-shell notranslate position-relative overflow-aut

mirrors.aliyuncs.com 解析失败 about chinadns-ng HOT 13 CLOSED

xspeed1989 commented on July 19, 2024

mirrors.aliyuncs.com 解析失败

from chinadns-ng.

Comments (13)

zfl9 commented on July 19, 2024

# root @ rpi in ~ [9:52:11]
$ dig @127.0.0.1 -p53 mirrors.aliyuncs.com

; <<>> DiG 9.18.12 <<>> @127.0.0.1 -p53 mirrors.aliyuncs.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33936
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;mirrors.aliyuncs.com.		IN	A

;; ANSWER SECTION:
mirrors.aliyuncs.com.	3541	IN	CNAME	mirrors.aliyuncs.com.gds.alibabadns.com.
mirrors.aliyuncs.com.gds.alibabadns.com. 3541 IN A 10.157.200.6

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Mon Jun 05 09:52:28 CST 2023
;; MSG SIZE  rcvd: 118


# root @ rpi in ~ [9:52:28]
$ dig @127.0.0.1 -p65353 mirrors.aliyuncs.com

; <<>> DiG 9.18.12 <<>> @127.0.0.1 -p65353 mirrors.aliyuncs.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13092
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;mirrors.aliyuncs.com.		IN	A

;; ANSWER SECTION:
mirrors.aliyuncs.com.	1	IN	CNAME	mirrors.aliyuncs.com.gds.alibabadns.com.
mirrors.aliyuncs.com.gds.alibabadns.com. 1 IN A	10.157.200.6

;; Query time: 9 msec
;; SERVER: 127.0.0.1#65353(127.0.0.1) (UDP)
;; WHEN: Mon Jun 05 09:52:34 CST 2023
;; MSG SIZE  rcvd: 115

没问题呀，53端口是dnsmasq（开了缓存，上游是chinadns-ng），65353是chinadns-ng，都测了正常。

from chinadns-ng.

zfl9 commented on July 19, 2024

麻烦给出 chinadns-ng 版本、启动参数、nslookup/dig 时的日志（chinadns-ng的日志，verbose）。

from chinadns-ng.

xspeed1989 commented on July 19, 2024

$ chinadns-ng -V
ChinaDNS-NG v1.0-beta.25 <https://github.com/zfl9/chinadns-ng>

$ dig @127.0.0.1 -p53 mirrors.aliyuncs.com

; <<>> DiG 9.18.1 <<>> @127.0.0.1 -p53 mirrors.aliyuncs.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54953
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; EDE: 15 (Blocked)
;; QUESTION SECTION:
;mirrors.aliyuncs.com.          IN      A

;; Query time: 8 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Mon Jun 05 11:40:11 CST 2023
;; MSG SIZE  rcvd: 55

$ nslookup mirrors.aliyuncs.com
Server:         127.0.0.1
Address:        127.0.0.1:53

** server can't find mirrors.aliyuncs.com: REFUSED

Non-authoritative answer:

/usr/bin/chinadns-ng -b 0.0.0.0 -l 5353 -c 223.5.5.5 -t 127.0.0.1#5300 -g /etc/chinadns-ng/gfwlist.txt -m /etc/chinadns-ng/chinalist.txt -o 3 -p 4 -r -N

from chinadns-ng.

zfl9 commented on July 19, 2024

你 dig 测试是 53，但是 chinadns-ng 是 5353 ？？

from chinadns-ng.

zfl9 commented on July 19, 2024

dig @127.0.0.1 -p5353 看看

from chinadns-ng.

zfl9 commented on July 19, 2024

另外，建议更新下 chinadns-ng 二进制（去 releases 页面下载，替换原有 binary 文件）

老版本的 no-ipv6 有点兼容性问题，主要是 rcode = REFUSED，新版改为 rcode = NO ERROR 了。

from chinadns-ng.

xspeed1989 commented on July 19, 2024

更新之后

# root @ OpenWrt in /tmp [12:16:01]
$ chinadns-ng -V
ChinaDNS-NG 2023.06.01 <https://github.com/zfl9/chinadns-ng>

# root @ OpenWrt in /tmp [12:16:04]
$ dig @127.0.0.1 -p5353

; <<>> DiG 9.18.1 <<>> @127.0.0.1 -p5353
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18555
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;.                              IN      NS

;; ANSWER SECTION:
.                       261     IN      NS      a.root-servers.net.
.                       261     IN      NS      b.root-servers.net.
.                       261     IN      NS      c.root-servers.net.
.                       261     IN      NS      d.root-servers.net.
.                       261     IN      NS      e.root-servers.net.
.                       261     IN      NS      f.root-servers.net.
.                       261     IN      NS      g.root-servers.net.
.                       261     IN      NS      h.root-servers.net.
.                       261     IN      NS      i.root-servers.net.
.                       261     IN      NS      j.root-servers.net.
.                       261     IN      NS      k.root-servers.net.
.                       261     IN      NS      l.root-servers.net.
.                       261     IN      NS      m.root-servers.net.

;; Query time: 4 msec
;; SERVER: 127.0.0.1#5353(127.0.0.1) (UDP)
;; WHEN: Mon Jun 05 12:16:14 CST 2023
;; MSG SIZE  rcvd: 239
# root @ OpenWrt in /tmp [12:16:15]



$ nslookup mirrors.aliyuncs.com
Server:         127.0.0.1
Address:        127.0.0.1:53

Non-authoritative answer:

Non-authoritative answer:

from chinadns-ng.

zfl9 commented on July 19, 2024

你 53 端口是什么进程，从结果看，dig 完全没问题，nslookup 我也不怎么熟悉。

from chinadns-ng.

xspeed1989 commented on July 19, 2024

# root @ OpenWrt in /tmp [12:16:47]
$ dig @127.0.0.1 -p5353 mirrors.aliyuncs.com

; <<>> DiG 9.18.1 <<>> @127.0.0.1 -p5353 mirrors.aliyuncs.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19914
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;mirrors.aliyuncs.com.          IN      A

;; ANSWER SECTION:
mirrors.aliyuncs.com.   99      IN      CNAME   mirrors.aliyuncs.com.gds.alibabadns.com.
mirrors.aliyuncs.com.gds.alibabadns.com. 99 IN A 10.157.200.6

;; Query time: 8 msec
;; SERVER: 127.0.0.1#5353(127.0.0.1) (UDP)
;; WHEN: Mon Jun 05 12:19:39 CST 2023
;; MSG SIZE  rcvd: 115

from chinadns-ng.

zfl9 commented on July 19, 2024

# root @ OpenWrt in /tmp [12:16:47]
$ dig @127.0.0.1 -p5353 mirrors.aliyuncs.com

; <<>> DiG 9.18.1 <<>> @127.0.0.1 -p5353 mirrors.aliyuncs.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19914
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;mirrors.aliyuncs.com.          IN      A

;; ANSWER SECTION:
mirrors.aliyuncs.com.   99      IN      CNAME   mirrors.aliyuncs.com.gds.alibabadns.com.
mirrors.aliyuncs.com.gds.alibabadns.com. 99 IN A 10.157.200.6

;; Query time: 8 msec
;; SERVER: 127.0.0.1#5353(127.0.0.1) (UDP)
;; WHEN: Mon Jun 05 12:19:39 CST 2023
;; MSG SIZE  rcvd: 115

这不是完全正常吗。。

from chinadns-ng.

xspeed1989 commented on July 19, 2024

你 53 端口是什么进程，从结果看，dig 完全没问题，nslookup 我也不怎么熟悉。

# root @ OpenWrt in /tmp [12:45:25] C:127
$ netstat -tlunp|grep 53
udp        0      0 192.168.2.1:53          0.0.0.0:*                           6214/dnsmasq
udp        0      0 fd00:ab:cd::1:53        :::*                                6214/dnsmasq

from chinadns-ng.

xspeed1989 commented on July 19, 2024

现在感觉是dnsmasq的问题，但是不知道为啥解析不到记录

from chinadns-ng.

xspeed1989 commented on July 19, 2024

@zfl9
破案：
前面的老版本是因为你说的IPV6的问题导致的，
当然dnsmasq也有问题，查询dnsmasq日志得知：

Mon Jun  5 11:36:55 2023 daemon.warn dnsmasq[1]: possible DNS-rebind attack detected: mirrors.aliyuncs.com.gds.alibabadns.com

关闭dnsmasq重定向保护就行，网络->DHCP/DNS->一般设置->重绑定保护（丢弃RFC1918上行响应数据）

from chinadns-ng.

mirrors.aliyuncs.com 解析失败 about chinadns-ng HOT 13 CLOSED

Comments (13)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent

Jobs