[Help] nslookup返回IP不一致,test.sh TEST FAIL.❌
wwushi opened this issue · 6 comments
wwushi commented
在提交之前,请确认
- 我已经尝试执行test.sh并搜索过Issue和discussions和文档,但没有找到相关问题。
- 我正在使用最新的docker镜像版本(可以尝试
docker pull sliamb/paopaodns:latest后重新创建容器)。
test.sh脚本自检日志
images build time : 2024-05-16 15:59:22 UTC
check for the latest version ,
go to https://github.com/kkkgo/PaoPaoDNS/discussions
-> test start `1716012709`
yyyyyCN-5301 failed:yyyNOCN-5301 failed:yyy
[INFO] TEST FAIL.❌debug.sh脚本自检日志
### == debug.sh : docker exec -it paopaodns sh ==
-> debug start `1716012762`
[INFO] images build time : 2024-05-16 15:59:22 UTC
[OK]DATA_writeable
[OK]DATA_readable
[INFO] NETWORK
*********************************************************************************
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
7: eth0@if8: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
default via 172.17.0.1 dev eth0
172.17.0.0/16 dev eth0 scope link src 172.17.0.2
PING 223.5.5.5 (223.5.5.5): 56 data bytes
64 bytes from 223.5.5.5: seq=0 ttl=113 time=9.551 ms
--- 223.5.5.5 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 9.551/9.551/9.551 ms
PING 119.29.29.29 (119.29.29.29): 56 data bytes
64 bytes from 119.29.29.29: seq=0 ttl=51 time=7.444 ms
--- 119.29.29.29 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 7.444/7.444/7.444 ms
Server: 223.5.5.5
Address: 223.5.5.5#53
Non-authoritative answer:
www.taobao.com canonical name = www.taobao.com.danuoyi.tbcache.com.
Name: www.taobao.com.danuoyi.tbcache.com
Address: 222.186.18.183
Name: www.taobao.com.danuoyi.tbcache.com
Address: 222.186.18.188
Name: www.taobao.com.danuoyi.tbcache.com
Address: 240e:978:a07:2:3::3e0
Name: www.taobao.com.danuoyi.tbcache.com
Address: 240e:978:a07:2:3::3df
Server: 119.29.29.29
Address: 119.29.29.29#53
Non-authoritative answer:
www.qq.com canonical name = ins-r23tsuuf.ias.tencent-cloud.net.
Name: ins-r23tsuuf.ias.tencent-cloud.net
Address: 121.14.77.221
Name: ins-r23tsuuf.ias.tencent-cloud.net
Address: 121.14.77.201
Name: ins-r23tsuuf.ias.tencent-cloud.net
Address: 240e:97c:2f:1::5c
Name: ins-r23tsuuf.ias.tencent-cloud.net
Address: 240e:97c:2f:2::4c
*********************************************************************************
[INFO] ENV
*********************************************************************************
====ENV TEST====
[OK]DATA_writeable-
[OK]DATA_readable-
MEM:50m 100m 200 100mb
prefPC:9
CORES:-1-
POWCORES:-1-
ulimit :-1073741816-
FDLIM :-1-
TZ:-Asia/Shanghai-
UPDATE:-weekly-
DNS_SERVERNAME:-PaoPaoDNS,blog.03k.org-
SERVER_IP:-none-
ETHIP:-172.17.0.2-
DNSPORT:-53-
SOCKS5:-IP:PORT-
CNAUTO:-yes-
IPV6:-no-
CNFALL:-no-
CUSTOM_FORWARD:-IP:PORT-
AUTO_FORWARD:-no-
AUTO_FORWARD_CHECK:-yes-
USE_MARK_DATA:-no-
RULES_TTL:-0-
CUSTOM_FORWARD_TTL:-0-
SHUFFLE:-no-
CN_TRACKER:-yes-
USE_HOSTS:-no-
HTTP_FILE:-no-
SAFEMODE:--
QUERY_TIME:-2000ms-
ADDINFO:-no-
PLATFORM:-Linux hecs-18184 5.14.0-444.el9.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Apr 26 18:25:52 UTC 2024 x86_64 Linux-
====ENV TEST====
mosdns kkkgo/mosdns:240322.2
total 384K
4.0K drwxrwxrwx 3 0 0 4.0K May 18 14:11 .
4.0K drwxr-xr-x 1 0 0 4.0K May 18 14:11 ..
260.0K -rwxrwxrwx 1 0 0 256.7K May 18 14:11 Country-only-cn-private.mmdb
4.0K -rwxrwxrwx 1 0 0 233 May 18 14:05 custom_env.ini
4.0K -rwxrwxrwx 1 0 0 416 May 18 14:11 custom_mod.yaml
4.0K drwxrwxrwx 2 0 0 4.0K May 18 14:11 dnscrypt-resolvers
4.0K -rwxrwxrwx 1 0 0 3.0K May 18 14:11 dnscrypt.toml
4.0K -rwxrwxrwx 1 0 0 445 May 18 14:05 force_dnscrypt_list.txt
4.0K -rwxrwxrwx 1 0 0 387 May 18 14:05 force_recurse_list.txt
12.0K -rwxrwxrwx 1 0 0 9.8K May 18 14:11 mosdns.yaml
8.0K -rwxrwxrwx 1 0 0 5.7K May 18 14:11 redis.conf
16.0K -rwxrwxrwx 1 0 0 12.8K May 18 14:05 trackerslist.txt
52.0K -rwxrwxrwx 1 0 0 50.5K May 18 14:11 unbound.conf
4.0K -rwxrwxrwx 1 0 0 289 May 18 14:05 unbound_custom.conf
*********************************************************************************
[INFO] PS
*********************************************************************************
PID USER TIME COMMAND
1 root 0:00 {init.sh} /bin/sh /usr/sbin/init.sh
12 root 0:00 crond
44 root 0:00 redis-server unixsocket:/tmp/redis.sock
104 root 0:00 dnscrypt-proxy -config /data/dnscrypt-resolvers/dnscrypt.toml
118 root 0:00 unbound -c /tmp/unbound_forward.conf -p
127 root 0:00 mosdns start -d /tmp -c /tmp/mosdns.yaml
136 root 0:00 {watch_list.sh} /bin/sh /usr/sbin/watch_list.sh
137 root 0:00 {data_update.sh} /bin/sh /usr/sbin/data_update.sh
139 root 0:00 tail -f /dev/null
140 root 0:00 sleep 292
141 root 0:00 unbound -c /tmp/unbound_raw.conf -p
169 root 0:00 inotifywait -e modify,delete /etc/unbound/named.cache /data/Country-only-cn-private.mmdb /data/force_recurse_list.txt /data/force_dnscrypt_list.txt /dat
176 root 0:00 /bin/sh
283 root 0:00 {debug.sh} /bin/sh /usr/sbin/debug.sh
299 root 0:00 ps -ef
141 root 0:00 unbound -c /tmp/unbound_raw.conf -p
unbound OK.
118 root 0:00 unbound -c /tmp/unbound_forward.conf -p
unbound_forward OK.
*********************************************************************************
[INFO] TOP
*********************************************************************************
CPU: 0% usr 0% sys 0% nic 100% idle 0% io 0% irq 0% sirq
PID PPID USER STAT VSZ %VSZ CPU %CPU COMMAND
104 1 root S 1210m 68% 0 0% dnscrypt-proxy -config /data/dnscr
127 1 root S 1209m 68% 0 0% mosdns start -d /tmp -c /tmp/mosdn
44 1 root S 22552 1% 0 0% redis-server unixsocket:/tmp/redis
118 1 root S 11712 1% 0 0% unbound -c /tmp/unbound_forward.co
141 1 root S 11524 1% 0 0% unbound -c /tmp/unbound_raw.conf -
136 1 root S 1712 0% 0 0% {watch_list.sh} /bin/sh /usr/sbin/
176 0 root S 1696 0% 0 0% /bin/sh
137 1 root S 1636 0% 0 0% {data_update.sh} /bin/sh /usr/sbin
1 0 root S 1632 0% 0 0% {init.sh} /bin/sh /usr/sbin/init.s
283 176 root S 1628 0% 0 0% {debug.sh} /bin/sh /usr/sbin/debug
306 283 root R 1624 0% 0 0% top -n1
139 1 root S 1616 0% 0 0% tail -f /dev/null
140 137 root S 1612 0% 0 0% sleep 292
307 283 root S 1612 0% 0 0% grep %
169 136 root S 1072 0% 0 0% inotifywait -e modify,delete /etc/
12 1 root S 860 0% 0 0% crond
*********************************************************************************
[INFO] REDIS
*********************************************************************************
used_memory_human:973.79K
used_memory_rss_human:3.86M
used_memory_peak_human:987.95K
total_system_memory_human:1.73G
used_memory_lua_human:31.00K
used_memory_vm_total_human:63.00K
used_memory_scripts_human:181B
maxmemory_human:100.00M
(integer) 0
*********************************************************************************
[TEST] IP ROUTE
*********************************************************************************
CN IP URL:
124.71.143.243
-
124.71.143.243
--
124.71.143.243
CN RAW-IP URL:
124.71.143.243
------------------
Non-CN IP URL:
124.71.143.243
-
124.71.143.243
--
124.71.143.243
Non-CN RAW-IP URL:
124.71.143.243
-
124.71.143.243
--
---
124.71.143.243
------------------
IP INFO:
124.71.143.243
CN,undefined,undefined
ASN55990/Huawei Cloud Service data center
HTTP/1.1
Mozilla/5.0 Gecko/20100101 Firefox/120.0 https://github.com/kkkgo/PaoPaoDNS
Asia/Shanghai Time: 5/18/2024, 2:12:58 PM
[INFO] force_recurse_list
domain:whoami.ds.akahelp.net
domain:whoami.03k.org
MOSDNS WHOAMI :
MOSDNS akahelp: "ns" "195.123.212.200"
MOSDNS 03k: UNBOUND WHOAMI:
UNBOUND akahelp: UNBOUND 03k: *********************************************************************************
[TEST] HIJACK
*********************************************************************************
;; communications error to 9.8.7.5#53: timed out
;; no servers could be reached
;; communications error to 9.8.7.6#53: timed out
;; no servers could be reached
HIJACK 127.0.0.1 = 112.25.12.178
*********************************************************************************
[TEST] DIG-CN [taobao]
*********************************************************************************
MOSDNS CN:
www.taobao.com.danuoyi.tbcache.com.
163.181.1.232
163.181.1.233
UNBOUND CN:
[TEST] DIG-NOCN [youtube]
MOSDNS NOCN:
youtube-ui.l.google.com.
142.250.217.142
142.250.189.14
DNSCRYPT-UNBOUND NOCN:
youtube-ui.l.google.com.
172.217.14.110
142.250.68.78
DNSCRYPT NOCN:
youtube-ui.l.google.com.
142.250.217.142
142.250.189.14
DNSCRYPT-SOCKS5 NOCN:
;; communications error to 127.0.0.1#5303: connection refused
;; no servers could be reached
*********************************************************************************
[TEST] DUAL CN [IPv6=YES will have aaaa,taobao]
*********************************************************************************
[TEST] DUAL NOCN [IPv6=YES will block aaaa,youtube]
[TEST] ONLY6 [IPv6=only6 will block aaaa if a ok]
checkipv6.synology.com : ip6.03k.org : 6.ipw.cn :
*********************************************************************************
[info] ALL TEST FINISH.问题描述和复现步骤
nslookup返回IP不一致,test.sh TEST FAIL.❌
wwushi commented
容器运行在host模式下也一样的问题
kkkgo commented
递归失败。可能是由于网络质量或者防火墙导致的。
你可以手动执行以下命令检查能否正常进行与DNS权威服务器通讯:
dig +trace www.taobao.com
dig com. @192.33.4.12
dig taobao.com @192.31.80.30
dig www.taobao.com @47.241.207.15
dig tbcache.com @192.33.14.30
dig www.taobao.com.danuoyi.tbcache.com @118.178.223.202wwushi commented
/data # dig www.taobao.com.danuoyi.tbcache.com @118.178.223.202
; <<>> DiG 9.18.27 <<>> www.taobao.com.danuoyi.tbcache.com @118.178.223.202
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30404
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1400
;; QUESTION SECTION:
;www.taobao.com.danuoyi.tbcache.com. IN A
;; ANSWER SECTION:
www.taobao.com.danuoyi.tbcache.com. 60 IN A 222.186.18.183
www.taobao.com.danuoyi.tbcache.com. 60 IN A 222.186.18.188
;; Query time: 20 msec
;; SERVER: 118.178.223.202#53(118.178.223.202) (UDP)
;; WHEN: Sat May 18 16:27:31 CST 2024
;; MSG SIZE rcvd: 95
\
我用的云服务器
kkkgo commented
递归仅测试最后一个DNS服务器是不够的。你可以拉取sliamb/paopaodns:dev镜像,再运行debug.sh测试输出更详细的递归信息。
wwushi commented
debug.sh.txt
重新拉了镜像,手动递归全部测试了,递归失败影响使用吗?
kkkgo commented
从debug信息中可以看到递归查询DNS根服务器时出现了query response was THROWAWAY。这表明网络与DNS根服务器通讯不正常。可能与防火墙,网络连接性或者某些防攻击的设置有关。
你可以重新拉取一下最新sliamb/paopaodns:dev镜像,先运行debug.sh,再运行单独的递归调试脚本ub_trace.sh,可以获得最详细的递归调试信息,虽然不一定能解决问题。
递归失败是否影响使用取决于你的使用场景。如果你是用于搭建递归DNS服务,显然这是不能满足需求的;如果你只是用于DNS分流等功能,倒也不影响使用。