近期内部开发反馈某些合作方的域名无法解析。团内同事分析发现这些域名都是托管在相同的一个域名厂商上,而且都是刷新cache后刚开始能解析,过段时间不能解析。
efly.cc
bhc888.net
直接dig的时候返回信息如下
;
<<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> efly.cc
;
;
global options: +cmd
;
;
Got answer:
;
;
->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7761
;
;
flags: qr rd ra;
QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;efly.cc. IN A
;; ANSWER SECTION: efly.cc. 600 IN A 121.9.13.185
;; AUTHORITY SECTION: efly.cc. 168802 IN NS ns2.eflydns.net. efly.cc. 168802 IN NS ns1.eflydns.net.
;; Query time: 1356 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sun Nov 29 19:00:23 CST 20
dump内存后发现有奇怪的NS记录,dig trace时打印详细信息
dig bhc888.net +trace +all
;
<<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> bhc888.net +trace +all
;; global options: +cmd ;; Got answer:
;
;
->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24539
;
;
flags: qr ra;
QUERY: 1, ANSWER: 14, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 4096 ;; QUESTION SECTION: ;. IN NS
;; ANSWER SECTION: . 347738 IN NS m.root-servers.net. . 347738 IN NS g.root-servers.net. . 347738 IN NS h.root-servers.net. . 347738 IN NS c.root-servers.net. . 347738 IN NS e.root-servers.net. . 347738 IN NS d.root-servers.net. . 347738 IN NS k.root-servers.net. . 347738 IN NS l.root-servers.net. . 347738 IN NS a.root-servers.net. . 347738 IN NS f.root-servers.net. . 347738 IN NS b.root-servers.net. . 347738 IN NS j.root-servers.net. . 347738 IN NS i.root-servers.net. . 518045 IN RRSIG NS 8 0 518400 20151209050000 20151129040000 62530 . EtQ9uRmWHEfzpE2KROfPA2LcYyde+z1YKDWRbfJBQebQ0S17h8FirKlu uaQFloFKfekxT+K6YsirfivvGlO2v4qcF6XvLMhsLinlJj/6+3DG7od/ ELN3wHTTUJOchLcQTkSW2BxalK5SWP0mRXhCo7TLro8S6C893n2uYWhK SzY=
;; Query time: 5 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sun Nov 29 21:51:47 CST 2015 ;; MSG SIZE rcvd: 397
;; Got answer:
;
;
->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57915
;
;
flags: qr;
QUERY: 1, ANSWER: 0, AUTHORITY: 15, ADDITIONAL: 16
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 4096 ;; QUESTION SECTION: ;bhc888.net. IN A
;; AUTHORITY SECTION:
net. 172800 IN NS a.gtld-servers.net.
net. 172800 IN NS b.gtld-servers.net.
net. 172800 IN NS c.gtld-servers.net.
net. 172800 IN NS d.gtld-servers.net.
net. 172800 IN NS e.gtld-servers.net.
net. 172800 IN NS f.gtld-servers.net.
net. 172800 IN NS g.gtld-servers.net.
net. 172800 IN NS h.gtld-servers.net.
net. 172800 IN NS i.gtld-servers.net.
net. 172800 IN NS j.gtld-servers.net.
net. 172800 IN NS k.gtld-servers.net.
net. 172800 IN NS l.gtld-servers.net.
net. 172800 IN NS m.gtld-servers.net.
net. 86400 IN DS 35886 8 2 7862B27F5F516EBE19680444D4CE5E762981931842C465F00236401D 8BD973EE net. 86400 IN RRSIG DS 8 1 86400 20151209050000 20151129040000 62530 . mu4PiPAwAMZ/X2wUCQTXZwwCiO9/hwlvB8sbg73q5a9jyaYnWPjpIMh2 1wJWzE2Xc+5+/VxE3uLzhALqfnvto0ACN4UlyXESJ2qiVc2k69PQ54hh 8PZO4b5CzkfG09bqccLJuGcyLuMacYSc4w1LmiSq329tk7OYZw09P2YG 0RU=
;; ADDITIONAL SECTION: a.gtld-servers.net. 172800 IN A 192.5.6.30 b.gtld-servers.net. 172800 IN A 192.33.14.30 c.gtld-servers.net. 172800 IN A 192.26.92.30 d.gtld-servers.net. 172800 IN A 192.31.80.30 e.gtld-servers.net. 172800 IN A 192.12.94.30 f.gtld-servers.net. 172800 IN A 192.35.51.30 g.gtld-servers.net. 172800 IN A 192.42.93.30 h.gtld-servers.net. 172800 IN A 192.54.112.30 i.gtld-servers.net. 172800 IN A 192.43.172.30 j.gtld-servers.net. 172800 IN A 192.48.79.30 k.gtld-servers.net. 172800 IN A 192.52.178.30 l.gtld-servers.net. 172800 IN A 192.41.162.30 m.gtld-servers.net. 172800 IN A 192.55.83.30
a.gtld-servers.net. 172800 IN AAAA 2001:503:a83e::2:30
b.gtld-servers.net. 172800 IN AAAA 2001:503:231d::2:30
;; Query time: 344 msec ;; SERVER: 128.63.2.53#53(128.63.2.53) ;; WHEN: Sun Nov 29 21:51:47 CST 2015 ;; MSG SIZE rcvd: 731
;; Got answer:
;
;
->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64484
;
;
flags: qr;
QUERY: 1, ANSWER: 0, AUTHORITY: 6, ADDITIONAL: 5
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 4096 ;; QUESTION SECTION: ;bhc888.net. IN A
;; AUTHORITY SECTION: bhc888.net. 172800 IN NS ns1.eflydns.net. bhc888.net. 172800 IN NS ns2.eflydns.net. A1RT98BS5QGC9NFI51S9HCI47ULJG6JH.net. 86400 IN NSEC3 1 1 0 - A1RUUFFJKCT2Q54P78F8EJGJ8JBK7I8B NS SOA RRSIG DNSKEY NSEC3PARAM A1RT98BS5QGC9NFI51S9HCI47ULJG6JH.net. 86400 IN RRSIG NSEC3 8 2 86400 20151206063020 20151129052020 37703 net. QdTw71NidYfASViPME8hIX6IixUOqawLJgDF94/Z50pGN+V8mynVueuA 7sIYDinnSdZnkxIOUH284tZtfZRnUutLjocnd7YDb7hTqPSoP4QZij6A 8O7hGW+PRj/hRHJKhB7SN7aE6LN2zV+P6jLXLsTZmRnKBKAqzt+5/ZMe 23A= K6E8QG8SUT2RJS20VQD9AQ0EQGOEVT99.net. 86400 IN NSEC3 1 1 0 - K6FGOS2E26R647F6LEEJI146DBAJE0PT NS DS RRSIG K6E8QG8SUT2RJS20VQD9AQ0EQGOEVT99.net. 86400 IN RRSIG NSEC3 8 2 86400 20151206062959 20151129051959 37703 net. FxrolX/ogsqiCtZFd7KLBBfC9MibFkiFuIrTt9RTM+7RblfH6ZpgkxUD /oewDTkYarIMFNii+ABM+V9+fXDGszmSY4plFvTzfR7X5eiJWOVndvs2 ph8KubUiYd79+vCXkiHw86ILy1OEk3X79uhunpAO4lIaRwIq5TSQpjs+ KcY=
;; ADDITIONAL SECTION: ns1.eflydns.net. 172800 IN A 121.201.11.2 ns1.eflydns.net. 172800 IN A 121.201.54.215 ns2.eflydns.net. 172800 IN A 121.201.11.2 ns2.eflydns.net. 172800 IN A 121.201.54.215
;; Query time: 201 msec ;; SERVER: 192.55.83.30#53(192.55.83.30) ;; WHEN: Sun Nov 29 21:51:48 CST 2015 ;; MSG SIZE rcvd: 632
;; Got answer:
;
;
->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33677
;
;
flags: qr aa rd;
QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; WARNING: recursion requested but not available ;; WARNING: Message has 8 extra bytes at end
;; QUESTION SECTION: ;bhc888.net. IN A
;; ANSWER SECTION: bhc888.net. 600 IN A 14.17.121.64
;; AUTHORITY SECTION: bhc888.net. 600 IN NS ns1.eflydns.net. bhc888.net. 600 IN NS ns2.eflydns.net.
;; Query time: 41 msec ;; SERVER: 121.201.12.66#53(121.201.12.66) ;; WHEN: Sun Nov 29 21:51:48 CST 2015 ;; MSG SIZE rcvd: 96
在trace内容中可以看到GLUE记录里的和实际的NS ip不一致。glue记录显示
;; ADDITIONAL SECTION: ns1.eflydns.net. 172800 IN A 121.201.11.2 ns1.eflydns.net. 172800 IN A 121.201.54.215 ns2.eflydns.net. 172800 IN A 121.201.11.2 ns2.eflydns.net. 172800 IN A 121.201.54.215
实际这2个IP都是不通的。很多人不清楚修改NS等需要同步改GLUE记录,就出现了这样的问题,去年当当网也出现过一次比较严重的故障。