近期内部开发反馈某些合作方的域名无法解析。团内同事分析发现这些域名都是托管在相同的一个域名厂商上,而且都是刷新cache后刚开始能解析,过段时间不能解析。
efly.cc
bhc888.net
直接dig的时候返回信息如下
; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> efly.cc
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7761
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;efly.cc. IN A
;; ANSWER SECTION:
efly.cc. 600 IN A 121.9.13.185
;; AUTHORITY SECTION:
efly.cc. 168802 IN NS ns2.eflydns.net.
efly.cc. 168802 IN NS ns1.eflydns.net.
;; Query time: 1356 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Nov 29 19:00:23 CST 20
dump内存后发现有奇怪的NS记录,dig trace时打印详细信息
# dig bhc888.net +trace +all
; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> bhc888.net +trace +all
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24539
;; flags: qr ra; QUERY: 1, ANSWER: 14, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 347738 IN NS m.root-servers.net.
. 347738 IN NS g.root-servers.net.
. 347738 IN NS h.root-servers.net.
. 347738 IN NS c.root-servers.net.
. 347738 IN NS e.root-servers.net.
. 347738 IN NS d.root-servers.net.
. 347738 IN NS k.root-servers.net.
. 347738 IN NS l.root-servers.net.
. 347738 IN NS a.root-servers.net.
. 347738 IN NS f.root-servers.net.
. 347738 IN NS b.root-servers.net.
. 347738 IN NS j.root-servers.net.
. 347738 IN NS i.root-servers.net.
. 518045 IN RRSIG NS 8 0 518400 20151209050000 20151129040000 62530 . EtQ9uRmWHEfzpE2KROfPA2LcYyde+z1YKDWRbfJBQebQ0S17h8FirKlu uaQFloFKfekxT+K6YsirfivvGlO2v4qcF6XvLMhsLinlJj/6+3DG7od/ ELN3wHTTUJOchLcQTkSW2BxalK5SWP0mRXhCo7TLro8S6C893n2uYWhK SzY=
;; Query time: 5 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Nov 29 21:51:47 CST 2015
;; MSG SIZE rcvd: 397
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57915
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 15, ADDITIONAL: 16
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;bhc888.net. IN A
;; AUTHORITY SECTION:
net. 172800 IN NS a.gtld-servers.net.
net. 172800 IN NS b.gtld-servers.net.
net. 172800 IN NS c.gtld-servers.net.
net. 172800 IN NS d.gtld-servers.net.
net. 172800 IN NS e.gtld-servers.net.
net. 172800 IN NS f.gtld-servers.net.
net. 172800 IN NS g.gtld-servers.net.
net. 172800 IN NS h.gtld-servers.net.
net. 172800 IN NS i.gtld-servers.net.
net. 172800 IN NS j.gtld-servers.net.
net. 172800 IN NS k.gtld-servers.net.
net. 172800 IN NS l.gtld-servers.net.
net. 172800 IN NS m.gtld-servers.net.
net. 86400 IN DS 35886 8 2 7862B27F5F516EBE19680444D4CE5E762981931842C465F00236401D 8BD973EE
net. 86400 IN RRSIG DS 8 1 86400 20151209050000 20151129040000 62530 . mu4PiPAwAMZ/X2wUCQTXZwwCiO9/hwlvB8sbg73q5a9jyaYnWPjpIMh2 1wJWzE2Xc+5+/VxE3uLzhALqfnvto0ACN4UlyXESJ2qiVc2k69PQ54hh 8PZO4b5CzkfG09bqccLJuGcyLuMacYSc4w1LmiSq329tk7OYZw09P2YG 0RU=
;; ADDITIONAL SECTION:
a.gtld-servers.net. 172800 IN A 192.5.6.30
b.gtld-servers.net. 172800 IN A 192.33.14.30
c.gtld-servers.net. 172800 IN A 192.26.92.30
d.gtld-servers.net. 172800 IN A 192.31.80.30
e.gtld-servers.net. 172800 IN A 192.12.94.30
f.gtld-servers.net. 172800 IN A 192.35.51.30
g.gtld-servers.net. 172800 IN A 192.42.93.30
h.gtld-servers.net. 172800 IN A 192.54.112.30
i.gtld-servers.net. 172800 IN A 192.43.172.30
j.gtld-servers.net. 172800 IN A 192.48.79.30
k.gtld-servers.net. 172800 IN A 192.52.178.30
l.gtld-servers.net. 172800 IN A 192.41.162.30
m.gtld-servers.net. 172800 IN A 192.55.83.30
a.gtld-servers.net. 172800 IN AAAA 2001:503:a83e::2:30
b.gtld-servers.net. 172800 IN AAAA 2001:503:231d::2:30
;; Query time: 344 msec
;; SERVER: 128.63.2.53#53(128.63.2.53)
;; WHEN: Sun Nov 29 21:51:47 CST 2015
;; MSG SIZE rcvd: 731
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64484
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 6, ADDITIONAL: 5
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;bhc888.net. IN A
;; AUTHORITY SECTION:
bhc888.net. 172800 IN NS ns1.eflydns.net.
bhc888.net. 172800 IN NS ns2.eflydns.net.
A1RT98BS5QGC9NFI51S9HCI47ULJG6JH.net. 86400 IN NSEC3 1 1 0 - A1RUUFFJKCT2Q54P78F8EJGJ8JBK7I8B NS SOA RRSIG DNSKEY NSEC3PARAM
A1RT98BS5QGC9NFI51S9HCI47ULJG6JH.net. 86400 IN RRSIG NSEC3 8 2 86400 20151206063020 20151129052020 37703 net. QdTw71NidYfASViPME8hIX6IixUOqawLJgDF94/Z50pGN+V8mynVueuA 7sIYDinnSdZnkxIOUH284tZtfZRnUutLjocnd7YDb7hTqPSoP4QZij6A 8O7hGW+PRj/hRHJKhB7SN7aE6LN2zV+P6jLXLsTZmRnKBKAqzt+5/ZMe 23A=
K6E8QG8SUT2RJS20VQD9AQ0EQGOEVT99.net. 86400 IN NSEC3 1 1 0 - K6FGOS2E26R647F6LEEJI146DBAJE0PT NS DS RRSIG
K6E8QG8SUT2RJS20VQD9AQ0EQGOEVT99.net. 86400 IN RRSIG NSEC3 8 2 86400 20151206062959 20151129051959 37703 net. FxrolX/ogsqiCtZFd7KLBBfC9MibFkiFuIrTt9RTM+7RblfH6ZpgkxUD /oewDTkYarIMFNii+ABM+V9+fXDGszmSY4plFvTzfR7X5eiJWOVndvs2 ph8KubUiYd79+vCXkiHw86ILy1OEk3X79uhunpAO4lIaRwIq5TSQpjs+ KcY=
;; ADDITIONAL SECTION:
ns1.eflydns.net. 172800 IN A 121.201.11.2
ns1.eflydns.net. 172800 IN A 121.201.54.215
ns2.eflydns.net. 172800 IN A 121.201.11.2
ns2.eflydns.net. 172800 IN A 121.201.54.215
;; Query time: 201 msec
;; SERVER: 192.55.83.30#53(192.55.83.30)
;; WHEN: Sun Nov 29 21:51:48 CST 2015
;; MSG SIZE rcvd: 632
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33677
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; WARNING: Message has 8 extra bytes at end
;; QUESTION SECTION:
;bhc888.net. IN A
;; ANSWER SECTION:
bhc888.net. 600 IN A 14.17.121.64
;; AUTHORITY SECTION:
bhc888.net. 600 IN NS ns1.eflydns.net.
bhc888.net. 600 IN NS ns2.eflydns.net.
;; Query time: 41 msec
;; SERVER: 121.201.12.66#53(121.201.12.66)
;; WHEN: Sun Nov 29 21:51:48 CST 2015
;; MSG SIZE rcvd: 96
在trace内容中可以看到GLUE记录里的和实际的NS ip不一致。
glue记录显示
;; ADDITIONAL SECTION:
ns1.eflydns.net. 172800 IN A 121.201.11.2
ns1.eflydns.net. 172800 IN A 121.201.54.215
ns2.eflydns.net. 172800 IN A 121.201.11.2
ns2.eflydns.net. 172800 IN A 121.201.54.215
实际这2个IP都是不通的。很多人不清楚修改NS等需要同步改GLUE记录,就出现了这样的问题,去年当当网也出现过一次比较严重的故障。