[Help] CNAUTO=no的时候 RULES_TTL 不生效
Closed this issue · 8 comments
在提交之前,请确认
- 我已经尝试执行test.sh并搜索过Issue和discussions和文档,但没有找到相关问题。
- 我正在使用最新的docker镜像版本(可以尝试
docker pull sliamb/paopaodns:latest后重新创建容器)。
test.sh脚本自检日志
/usr/sbin # sh test.sh
*********************************************************************************
images build time : 2024-05-03 06:13:39 UTC
check for the latest version ,
go to https://github.com/kkkgo/PaoPaoDNS/discussions
-> test start `1715155992`
UNBOUND MODE TEST.
[INFO] ALL TEST PASS.✅
-> test end `1715155993`debug.sh脚本自检日志
### == debug.sh : docker exec -it paopaodns sh ==
-> debug start `1715156006`
[INFO] images build time : 2024-05-03 06:13:39 UTC
[OK]DATA_writeable
[OK]DATA_readable
[INFO] NETWORK
*********************************************************************************
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
inet 127.0.0.1/8 scope host lo
71: eth0@if72: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
inet 192.168.252.2/24 brd 192.168.252.255 scope global eth0
default via 192.168.252.1 dev eth0
192.168.252.0/24 dev eth0 scope link src 192.168.252.2
PING 223.5.5.5 (223.5.5.5): 56 data bytes
64 bytes from 223.5.5.5: seq=0 ttl=118 time=4.459 ms
--- 223.5.5.5 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 4.459/4.459/4.459 ms
PING 119.29.29.29 (119.29.29.29): 56 data bytes
64 bytes from 119.29.29.29: seq=0 ttl=55 time=3.156 ms
--- 119.29.29.29 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 3.156/3.156/3.156 ms
Server: 223.5.5.5
Address: 223.5.5.5#53
Non-authoritative answer:
www.taobao.com canonical name = www.taobao.com.danuoyi.tbcache.com.
Name: www.taobao.com.danuoyi.tbcache.com
Address: 222.186.18.188
Name: www.taobao.com.danuoyi.tbcache.com
Address: 222.186.18.183
;; Got bad packet: unexpected end of input
84 bytes
67 bb 81 80 00 01 00 00 00 01 00 00 03 77 77 77 g............www
06 74 61 6f 62 61 6f 03 63 6f 6d 07 64 61 6e 75 .taobao.com.danu
6f 79 69 07 74 62 63 61 63 68 65 03 63 6f 6d 00 oyi.tbcache.com.
00 1c 00 01 c0 0c 00 06 00 01 00 00 01 2c 00 00 .............,..
00 00 00 00 01 00 00 00 04 00 00 00 00 00 0a 00 ................
00 00 00 00 ....
Server: 119.29.29.29
Address: 119.29.29.29#53
Non-authoritative answer:
www.qq.com canonical name = ins-r23tsuuf.ias.tencent-cloud.net.
Name: ins-r23tsuuf.ias.tencent-cloud.net
Address: 101.91.22.57
Name: ins-r23tsuuf.ias.tencent-cloud.net
Address: 101.91.42.232
;; Got bad packet: bad label type
84 bytes
87 89 81 80 00 01 00 00 00 01 00 00 0c 69 6e 73 .............ins
2d 72 32 33 74 73 75 75 66 03 69 61 73 0d 74 65 -r23tsuuf.ias.te
6e 63 65 6e 74 2d 63 6c 6f 75 64 03 6e 65 74 00 ncent-cloud.net.
00 1c 00 01 c0 0c 00 06 00 01 00 00 01 2c 00 00 .............,..
68 7d b7 e6 2f 38 74 4a 08 9f 67 13 cb 84 92 9b h}../8tJ..g.....
93 33 50 18 .3P.
*********************************************************************************
[INFO] ENV
*********************************************************************************
====ENV TEST====
[OK]DATA_writeable-
[OK]DATA_readable-
MEM:1000m 2000m 1000000 3000mb
prefPC:100
CORES:-4-
POWCORES:-4-
ulimit :-10240-
FDLIM :-1268-
TZ:-Asia/Shanghai-
UPDATE:-weekly-
DNS_SERVERNAME:-PaoPaoDNS,blog.03k.org-
SERVER_IP:-none-
ETHIP:-192.168.252.2-
DNSPORT:-53-
SOCKS5:-IP:PORT-
CNAUTO:-no-
IPV6:-no-
CNFALL:-yes-
CUSTOM_FORWARD:-IP:PORT-
AUTO_FORWARD:-no-
AUTO_FORWARD_CHECK:-yes-
USE_MARK_DATA:-no-
RULES_TTL:-60-
CUSTOM_FORWARD_TTL:-0-
SHUFFLE:-no-
CN_TRACKER:-yes-
USE_HOSTS:-no-
HTTP_FILE:-no-
SAFEMODE:--
QUERY_TIME:-2000ms-
ADDINFO:-no-
PLATFORM:-Linux dns 5.10.194 #0 SMP Mon Dec 13 10:43:05 2021 x86_64 Linux-
====ENV TEST====
mosdns kkkgo/mosdns:240322.2
total 112K
4.0K drwxrwxrwx 2 0 0 4.0K May 8 16:11 .
4.0K drwxr-xr-x 1 0 0 4.0K May 8 16:11 ..
4.0K -rwxrwxrwx 1 0 0 233 May 8 15:27 custom_env.ini
4.0K -rwxrwxrwx 1 0 0 416 May 8 16:10 custom_mod.yaml
4.0K -rwxrwxrwx 1 0 0 445 May 8 16:09 force_dnscrypt_list.txt
4.0K -rwxrwxrwx 1 0 0 387 May 8 16:09 force_recurse_list.txt
4.0K -rwxrwxrwx 1 0 0 191 May 8 15:56 force_ttl_rules.txt
4.0K -rwxrwxrwx 1 0 0 255 May 8 15:27 hosts
8.0K -rw-r--r-- 1 0 0 5.7K May 8 16:11 redis.conf
16.0K -rwxrwxrwx 1 0 0 12.1K May 8 16:09 trackerslist.txt
52.0K -rw-r--r-- 1 0 0 50.5K May 8 16:11 unbound.conf
4.0K -rwxrwxrwx 1 0 0 289 May 8 15:27 unbound_custom.conf
*********************************************************************************
[INFO] PS
*********************************************************************************
PID USER TIME COMMAND
1 root 0:00 {init.sh} /bin/sh /usr/sbin/init.sh
23 root 0:00 crond
57 root 0:00 redis-server unixsocket:/tmp/redis.sock
80 root 0:00 unbound -c /tmp/unbound_raw.conf -p
81 root 0:00 {watch_list.sh} /bin/sh /usr/sbin/watch_list.sh
82 root 0:00 {data_update.sh} /bin/sh /usr/sbin/data_update.sh
84 root 0:00 sleep 184
85 root 0:00 tail -f /dev/null
89 root 0:00 inotifywait -e modify,delete /etc/unbound/named.cache
98 root 0:00 /bin/sh
147 root 0:00 sh debug.sh
163 root 0:00 ps -ef
80 root 0:00 unbound -c /tmp/unbound_raw.conf -p
unbound OK.
*********************************************************************************
[INFO] TOP
*********************************************************************************
CPU: 0% usr 0% sys 0% nic 92% idle 0% io 0% irq 7% sirq
PID PPID USER STAT VSZ %VSZ CPU %CPU COMMAND
80 1 root S 760m 4% 1 0% unbound -c /tmp/unbound_raw.conf -
57 1 root S 22520 0% 1 0% redis-server unixsocket:/tmp/redis
81 1 root S 1708 0% 1 0% {watch_list.sh} /bin/sh /usr/sbin/
98 0 root S 1692 0% 0 0% /bin/sh
82 1 root S 1632 0% 2 0% {data_update.sh} /bin/sh /usr/sbin
1 0 root S 1628 0% 1 0% {init.sh} /bin/sh /usr/sbin/init.s
147 98 root S 1624 0% 1 0% sh debug.sh
167 147 root R 1620 0% 0 0% top -n1
85 1 root S 1612 0% 2 0% tail -f /dev/null
84 82 root S 1608 0% 2 0% sleep 184
168 147 root S 1608 0% 3 0% grep %
89 81 root S 1068 0% 3 0% inotifywait -e modify,delete /etc/
23 1 root S 856 0% 1 0% crond
*********************************************************************************
[INFO] REDIS
*********************************************************************************
used_memory_human:953.73K
used_memory_rss_human:4.15M
used_memory_peak_human:953.73K
total_system_memory_human:15.51G
used_memory_lua_human:31.00K
used_memory_vm_total_human:63.00K
used_memory_scripts_human:181B
maxmemory_human:2.93G
(integer) 3
*********************************************************************************
[TEST] IP ROUTE
*********************************************************************************
CN IP URL:
116.233.xxx.xxx
-
116.233.xxx.xxx
--
116.233.xxx.xxx
CN RAW-IP URL:
116.233.xxx.xxx
------------------
Non-CN IP URL:
116.233.xxx.xxx
-
116.233.xxx.xxx
--
116.233.xxx.xxx
Non-CN RAW-IP URL:
116.233.xxx.xxx
-
116.233.xxx.xxx
--
116.233.xxx.xxx
---
116.233.xxx.xxx
------------------
IP INFO:
116.233.xxx.xxx
CN,Shanghai,Shanghai
ASN4812/China Telecom
HTTP/1.1
Mozilla/5.0 Gecko/20100101 Firefox/120.0 https://github.com/kkkgo/PaoPaoDNS
Asia/Shanghai Time: 5/8/2024, 4:13:39 PM
[INFO] force_recurse_list
domain:whoami.ds.akahelp.net
domain:whoami.03k.org
MOSDNS WHOAMI :
MOSDNS akahelp: MOSDNS 03k: 116.233.xxx.xxx
UNBOUND WHOAMI:
UNBOUND akahelp: ;; communications error to 127.0.0.1#5301: connection refused
;; communications error to 127.0.0.1#5301: connection refused
;; communications error to 127.0.0.1#5301: connection refused
;; no servers could be reached
UNBOUND 03k: ;; communications error to 127.0.0.1#5301: connection refused
;; communications error to 127.0.0.1#5301: connection refused
;; communications error to 127.0.0.1#5301: connection refused
;; no servers could be reached
*********************************************************************************
[TEST] HIJACK
*********************************************************************************
;; communications error to 9.8.7.5#53: timed out
;; no servers could be reached
;; communications error to 9.8.7.6#53: timed out
;; no servers could be reached
HIJACK 127.0.0.1 = 58.217.249.177
*********************************************************************************
[TEST] DIG-CN [taobao]
*********************************************************************************
MOSDNS CN:
www.taobao.com.danuoyi.tbcache.com.
222.186.18.183
222.186.18.188
UNBOUND CN:
;; communications error to 127.0.0.1#5301: connection refused
;; communications error to 127.0.0.1#5301: connection refused
;; communications error to 127.0.0.1#5301: connection refused
;; no servers could be reached
[TEST] DIG-NOCN [youtube]
MOSDNS NOCN:
104.244.46.93
DNSCRYPT-UNBOUND NOCN:
;; communications error to 127.0.0.1#5304: connection refused
;; communications error to 127.0.0.1#5304: connection refused
;; communications error to 127.0.0.1#5304: connection refused
DNSCRYPT NOCN:
;; communications error to 127.0.0.1#5302: connection refused
;; communications error to 127.0.0.1#5302: connection refused
;; communications error to 127.0.0.1#5302: connection refused
DNSCRYPT-SOCKS5 NOCN:
;; communications error to 127.0.0.1#5303: connection refused
;; no servers could be reached
*********************************************************************************
[TEST] DUAL CN [IPv6=YES will have aaaa,taobao]
*********************************************************************************
[TEST] DUAL NOCN [IPv6=YES will block aaaa,youtube]
[TEST] ONLY6 [IPv6=only6 will block aaaa if a ok]
checkipv6.synology.com : ip6.03k.org : 6.ipw.cn :
*********************************************************************************
[info] ALL TEST FINISH.
-> debug end `1715156021`问题描述和复现步骤
启动的时候添加了 CNAUTO=no 和 RULES_TTL=60
在force_ttl_rules.txt 里添加
local.example.com 192.168.0.20
但是解析的时候无效
CNAUTO=no时仅有递归功能。
CNAUTO=no时仅有递归功能。
好像CNAUTO=no的时候 /etc/hosts 也不生效。这种情况下要添加自己的本地解析要怎么弄啊。
纯递归模式仅unbound工作。你可以编辑unbound_custom.conf自定义。具体参考unbound官方文档。
以下是一个简单的unbound配置示例,将local.example.com解析为192.168.0.20:
server:
# 设置本地解析
local-zone: "local.example.com." static
# 将local.example.com解析为192.168.0.20
local-data: "local.example.com. IN A 192.168.0.20"
将这些配置添加到您的unbound_custom.conf配置文件中,然后重启容器。
可以了。
另外再反馈个问题,,这里面的unbound 和 macOS Sonoma 下的 dig 的 trace 有点不兼容
dig -v
DiG 9.10.6
$ dig @192.168.252.2 www.baidu.com +trace
; <<>> DiG 9.10.6 <<>> @192.168.252.2 www.baidu.com +trace
; (1 server found)
;; global options: +cmd
;; Received 28 bytes from 192.168.252.2#53(192.168.252.2) in 0 ms
linux 下的就是好的
dig -v
DiG 9.16.23-RH
dig @192.168.252.2 www.baidu.com +trace
; <<>> DiG 9.16.23-RH <<>> @192.168.252.2 www.baidu.com +trace
; (1 server found)
;; global options: +cmd
. 372 IN NS g.root-servers.net.
. 372 IN NS j.root-servers.net.
. 372 IN NS k.root-servers.net.
. 372 IN NS l.root-servers.net.
. 372 IN NS m.root-servers.net.
. 372 IN NS h.root-servers.net.
. 372 IN NS b.root-servers.net.
. 372 IN NS a.root-servers.net.
. 372 IN NS d.root-servers.net.
. 372 IN NS e.root-servers.net.
. 372 IN NS f.root-servers.net.
. 372 IN NS i.root-servers.net.
. 372 IN NS c.root-servers.net.
. 372 IN RRSIG NS 8 0 518400 20240521050000 20240508040000 5613 . UgT0oq4mPBLAtCLWnNbVXTy8RCHWoXUt9mDwigiCa659sr2Sy6ksHKYt I/T4wyrD4JfiZOvp/5fTnoTYfyAPOfsWMOx5bDy4v2zgovYe1pyMSehm qSTwY3t6S27QYAQ+lMHXj08Y55VTgk54fJVoFqx94Sf7/SZLPaeRRRqz hHw88pFAbLnYdx/36eAWPo/vnBYA2pUeq9izeznjFW01nwFblHDV+o8n MkHaUqR515okpwhwJ5RxBu+q2+dC2ButPsdDV8UwUFh94WbW6UpsXXrh kPpehEgk7RWimBH3Xpr/gM93lvJDgfAJeODPqJPZawkTedM8EP4PWmWn 328fgw==
;; Received 1097 bytes from 192.168.252.2#53(192.168.252.2) in 2 ms
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
com. 86400 IN DS 19718 13 2 8ACBB0CD28F41250A80A491389424D341522D946B0DA0C0291F2D3D7 71D7805A
com. 86400 IN RRSIG DS 8 1 86400 20240521050000 20240508040000 5613 . fzRot19u8jZM1kWXvkedb7d7/jdtMbVcb/KFTDi7rg3nYJQcgNd+dq84 aI6wyKKBaiC5bPZ4UNb1ySZkOezeYxvuctxAVTVpjVtmA2Fte2l3fCrB TkffrM89S1FY6Roa6YH3vobxzLmYPcH8QPrPYR/rOKRhtpACi/UhUh+t cRwM2E5jS3nFgrGUl4vhF5spsXePnwp3MHGcuuvclfrlxl1VL1ESx/XI ifeEJE0DWoPF242pJR+bCioahEk1v1BP8E21S7cI/vEiIaJ1fHuA6e2P O5vEZ9ILg4tHlHMPNDrkywc0TtiLRosCd3fa6SJIuvameBaguV5HHSgl e05cIg==
;; Received 1173 bytes from 192.5.5.241#53(f.root-servers.net) in 151 ms
baidu.com. 172800 IN NS ns2.baidu.com.
baidu.com. 172800 IN NS ns3.baidu.com.
baidu.com. 172800 IN NS ns4.baidu.com.
baidu.com. 172800 IN NS ns1.baidu.com.
baidu.com. 172800 IN NS ns7.baidu.com.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q2D6NI4I7EQH8NA30NS61O48UL8G5 NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 13 2 86400 20240512042505 20240505031505 956 com. /Qp86YGjg3w/GllS6xoA0ARpWdQDysBM14d+b6mF3WznITJ/Y2kU/4B3 KuEPCd5u+Zb0UWPsMGyCzuSRrHn5zg==
HPVV1UNKTCF9TD77I2AUR73709T975GH.com. 86400 IN NSEC3 1 1 0 - HPVVP23QUO0FP9R0A04URSICJPESKO9J NS DS RRSIG
HPVV1UNKTCF9TD77I2AUR73709T975GH.com. 86400 IN RRSIG NSEC3 13 2 86400 20240515050118 20240508035118 956 com. Fb27BInl1L5v9oWEc1zXuO6hQqS+0zDarxXjbY21/v68Bwh71Z3AXmgS WrTcqJp96XiyG4A2KYAAizSSq9ZIPw==
;; Received 657 bytes from 192.55.83.30#53(m.gtld-servers.net) in 175 ms
www.baidu.com. 1200 IN CNAME www.a.shifen.com.
;; Received 100 bytes from 153.3.238.93#53(ns3.baidu.com)
dig +trace 是dig自己模拟递归,结果和unbound无关。
dig +trace 是dig自己模拟递归,结果和unbound无关。
OK 懂了
感谢耐心解答