smartdns
smartdns copied to clipboard
Published
20 hours ago •
pymumu
pymumu
master 分支 关闭测速后 只会返回一个ip 并不会返回所有的
问题现象
master 分支 关闭测速后 只会返回一个ip 并不会返回所有的
运行环境
- 固件型号
Lede Koolshare V3.2 - 运营商
电信 重现步骤
bind [::]:6053
bind-tcp [::]:6053
dualstack-ip-selection no
prefetch-domain yes
serve-expired yes
cache-size 50000
rr-ttl 60
rr-ttl-min 10
rr-ttl-max 60
rr-ttl-reply-max 10
log-size 64K
log-num 1
log-level error
bind [::]:6553 -no-speed-check -no-dualstack-selection -no-cache
bind-tcp [::]:6553 -no-speed-check -no-dualstack-selection -no-cache
# Add custom settings here.
# set log level
# log-level [level], level=fatal, error, warn, notice, info, debug
log-level debug
# log-size k,m,g
# log-size 128k
# log-file /var/log/smartdns.log
# log-num 2
# List of hosts that supply bogus NX domain results
# bogus-nxdomain [ip/subnet]
# edns
edns-client-subnet ***.***.**.0/24
# dis ipv6
force-AAAA-SOA yes
speed-check-mode none
dualstack-ip-selection-threshold 100
max-reply-ip-num 50
nslookup www.qq.com
非权威应答:
名称: ins-r23tsuuf.ias.tencent-cloud.net
Address: 101.91.42.232
Aliases: www.qq.com
直接请求dns服务器
nslookup www.qq.com 223.5.5.5
非权威应答:
名称: ins-r23tsuuf.ias.tencent-cloud.net
Addresses: 2402:4e00:1430:1301:0:9227:79cc:76f2
2402:4e00:1430:1301:0:9227:79d3:ffd1
101.91.22.57
101.91.42.232
Aliases: www.qq.com
请在lede上用dig测试一下
root@LEDE:~# dig www.qq.com +trace
; <<>> DiG 9.18.1 <<>> www.qq.com +trace
;; global options: +cmd
. 10 IN NS m.root-servers.net.
. 10 IN NS a.root-servers.net.
. 10 IN NS e.root-servers.net.
. 10 IN NS g.root-servers.net.
. 10 IN NS j.root-servers.net.
. 10 IN NS i.root-servers.net.
. 10 IN NS c.root-servers.net.
. 10 IN NS b.root-servers.net.
. 10 IN NS l.root-servers.net.
. 10 IN NS h.root-servers.net.
. 10 IN NS d.root-servers.net.
. 10 IN NS k.root-servers.net.
. 10 IN NS f.root-servers.net.
;; Received 1482 bytes from 127.0.0.1#53(127.0.0.1) in 49 ms
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com. 86400 IN RRSIG DS 8 1 86400 20220717050000 20220704040000 20826 . TKvTy6kQJQglu8SnB0+EjffqR/j9Zh6PMH38TGu4ZcydUWY3Ak1dg772 5spBBncZjQyLfs67uAS57+EhBakn6AIXMdPBOT5DuvcfVesMFKSnconc dAKhFfeHQGKAGyw31FWzp48YsGYuSCYW7dIxcKUsMldrWRTmSvpJU9Fs huxUF5VeLG6Nth3VDFHAc1MIKA3qtJcDPJIjRfskZFSMfuNxMyV1SEpo JDFveqEdOaSd/W851sjzfZpvN51Krx8yPOaazQp8KE+oahgk9ZdA5LP5 9anldFZzuAQh/AUIHGYm4YsZgpEg9EmDjY7vbjtako1eMvurXwDB2Ozc xRLsvQ==
;; Received 1201 bytes from 192.36.148.17#53(i.root-servers.net) in 199 ms
qq.com. 172800 IN NS ns1.qq.com.
qq.com. 172800 IN NS ns2.qq.com.
qq.com. 172800 IN NS ns3.qq.com.
qq.com. 172800 IN NS ns4.qq.com.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q2D6NI4I7EQH8NA30NS61O48UL8G5 NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20220710042347 20220703031347 37269 com. pOWffB8MzYwfrxfdp9aMS/4qAdogU0EW4NdMugvpKpLvyouCm+8P37o0 t1QJLgGujL0HETaxOKkbHxfh9EFE86jNRZHqNeKkel3gef7q8ZcArZ3O WFI1b/Ya/eVErXCt/gi6n+slk/KNAsdvpXmxjq0UGpEyoGUWqRoFwR7R BtGsSxuX+4EH3CfaDwoXZCj9dbrVRvfQBT5iOQEg5f+7MQ==
J976CL8OGHG15D3SRCR02PVTCGSUQHKM.com. 86400 IN NSEC3 1 1 0 - J976V9IM8597ALLH81MQKOSCKFOC08F5 NS DS RRSIG
J976CL8OGHG15D3SRCR02PVTCGSUQHKM.com. 86400 IN RRSIG NSEC3 8 2 86400 20220709042739 20220702031739 37269 com. GbOvtK+YthFGdLXLsqpbqfo9fPPVN2zsKcPUJgRhIdTNKxG3SIlyrU6C GJ46K5KXEIrWsRhab5BRPNU4KTc/LM+P3i05wt9mnxPu606kWVxvfU2j /932Qj4GDOzHOJKCbC1w2ish5Oq5v8YO9dwd1lz9YZws0MEfrsWOL8mR eQargnEyAa60vjrrqqQD/kpO+kubqlAe5OJaZDhhS30yBw==
;; Received 956 bytes from 192.48.79.30#53(j.gtld-servers.net) in 269 ms
;; Received 39 bytes from 183.36.112.46#53(ns1.qq.com) in 29 ms
root@LEDE:~# dig www.qq.com
; <<>> DiG 9.18.1 <<>> www.qq.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24117
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.qq.com. IN A
;; ANSWER SECTION:
www.qq.com. 3 IN CNAME ins-r23tsuuf.ias.tencent-cloud.net.
ins-r23tsuuf.ias.tencent-cloud.net. 3 IN A 101.91.42.232
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Mon Jul 04 21:10:54 CST 2022
;; MSG SIZE rcvd: 92
配置里面应该有其他地方设置了speed-check-mode ,排查下。
还有,如果要返回多IP地址,要确保开启cache,并且开启过期缓存。
cache和过期缓存功能一直是开启的
排查过了没有额外的speed-check-mode设置
bind [::]:6053
bind-tcp [::]:6053
dualstack-ip-selection no
prefetch-domain yes
serve-expired yes
cache-size 50000
rr-ttl 60
rr-ttl-min 10
rr-ttl-max 60
rr-ttl-reply-max 10
log-size 64K
log-num 1
log-level error
bind [::]:6553 -no-speed-check -no-dualstack-selection -no-cache
bind-tcp [::]:6553 -no-speed-check -no-dualstack-selection -no-cache
# Add custom settings here.
# set log level
# log-level [level], level=fatal, error, warn, notice, info, debug
log-level debug
# log-size k,m,g
# log-size 128k
# log-file /var/log/smartdns.log
# log-num 2
# List of hosts that supply bogus NX domain results
# bogus-nxdomain [ip/subnet]
# edns
edns-client-subnet ***.***.**.0/24
# dis ipv6
force-AAAA-SOA yes
speed-check-mode none
dualstack-ip-selection-threshold 100
max-reply-ip-num 50
使用的是6053端口
log
[2022-07-04 21:35:49,384][DEBUG][ dns_server.c:4013] recv query packet from 127.0.0.1, len = 38, type = 0
[2022-07-04 21:35:49,384][DEBUG][ dns_server.c:4022] request qdcount = 1, ancount = 0, nscount = 0, nrcount = 0, len = 38, id = 36313, tc = 0, rd = 1, ra = 0, rcode = 0
[2022-07-04 21:35:49,384][ INFO][ dns_server.c:4038] query server message.bilibili.com from 127.0.0.1, qtype = 1
[2022-07-04 21:35:49,384][ INFO][ dns_server.c:3050] RULE-MATCH, type: 6, domain: message.bilibili.com, rule: bilibili.com
[2022-07-04 21:35:49,384][DEBUG][ dns_server.c:2572] name:message.bilibili.com ttl: 60 cname: a.w.bilicdn1.com
[2022-07-04 21:35:49,384][ INFO][ dns_server.c:3050] RULE-MATCH, type: 6, domain: message.bilibili.com, rule: bilibili.com
[2022-07-04 21:35:49,384][DEBUG][ dns_client.c:536 ] send query to group china
[2022-07-04 21:35:49,384][DEBUG][ dns_client.c:2844] send query to server 1.12.12.12
[2022-07-04 21:35:49,384][DEBUG][ dns_client.c:2844] send query to server 223.6.6.6
[2022-07-04 21:35:49,384][DEBUG][ dns_client.c:2844] send query to server 223.5.5.5
[2022-07-04 21:35:49,384][ INFO][ dns_client.c:3136] send request message.bilibili.com, qtype 1, id 41724
[2022-07-04 21:35:49,391][DEBUG][ dns_client.c:2199] recv tcp packet from 223.5.5.5, len = 956
[2022-07-04 21:35:49,391][DEBUG][ dns_client.c:1611] qdcount = 1, ancount = 21, nscount = 0, nrcount = 0, len = 739, id = 41724, tc = 0, rd = 1, ra = 1, rcode = 0, payloadsize = 2048
[2022-07-04 21:35:49,391][DEBUG][ dns_client.c:1622] domain: message.bilibili.com qtype: 1 qclass: 1
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2699] query result from server 223.5.5.5:443, type: 3
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 183.131.147.48
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 61.147.236.12
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 61.147.236.37
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 183.131.147.23
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 183.131.147.22
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 183.131.147.21
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 61.147.236.41
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 183.131.147.30
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 61.147.236.40
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 183.131.147.25
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 183.131.147.29
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 61.147.236.39
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 61.147.236.38
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 183.131.147.27
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 183.131.147.26
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 61.147.236.42
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 61.147.236.36
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 183.131.147.28
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 61.147.236.11
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:78 IP: 183.131.147.24
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:2572] name:message.bilibili.com ttl: 78 cname: a.w.bilicdn1.com
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:934 ] cache message.bilibili.com qtype:1 ttl: 60
[2022-07-04 21:35:49,391][DEBUG][ dns_server.c:1067] Cache CNAME: a.w.bilicdn1.com, qtype: 1, speed: -1
[2022-07-04 21:35:49,392][DEBUG][ dns_client.c:2199] recv tcp packet from 223.6.6.6, len = 955
[2022-07-04 21:35:49,392][DEBUG][ dns_client.c:1611] qdcount = 1, ancount = 21, nscount = 0, nrcount = 0, len = 739, id = 41724, tc = 0, rd = 1, ra = 1, rcode = 0, payloadsize = 2048
[2022-07-04 21:35:49,392][DEBUG][ dns_client.c:1622] domain: message.bilibili.com qtype: 1 qclass: 1
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2699] query result from server 223.6.6.6:443, type: 3
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 183.131.147.23
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 183.131.147.22
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 61.155.136.164
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 183.131.147.24
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 61.147.236.46
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 61.147.236.45
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 183.131.147.27
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 61.155.136.162
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 183.131.147.21
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 61.155.136.166
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 61.147.236.39
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 183.131.147.26
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 61.147.236.41
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 61.147.236.40
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 61.147.236.42
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 61.147.236.43
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 61.155.136.168
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 61.147.236.44
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 183.131.147.25
[2022-07-04 21:35:49,392][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:2 IP: 61.155.136.170
[2022-07-04 21:35:49,396][DEBUG][ dns_client.c:2199] recv tcp packet from 1.12.12.12, len = 623
[2022-07-04 21:35:49,396][DEBUG][ dns.c:1612] opt type 12
[2022-07-04 21:35:49,396][DEBUG][ dns.c:1638] DNS opt type = 12 not supported
[2022-07-04 21:35:49,396][DEBUG][ dns_client.c:1611] qdcount = 1, ancount = 21, nscount = 0, nrcount = 0, len = 468, id = 41724, tc = 0, rd = 1, ra = 1, rcode = 0, payloadsize = 2048
[2022-07-04 21:35:49,396][DEBUG][ dns_client.c:1622] domain: message.bilibili.com qtype: 1 qclass: 1
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2699] query result from server 1.12.12.12:443, type: 3
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 183.131.147.23
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 61.155.136.162
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 61.155.136.164
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 61.155.136.166
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 61.155.136.168
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 61.155.136.170
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 183.131.147.21
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 183.131.147.22
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 61.147.236.46
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 183.131.147.24
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 183.131.147.25
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 183.131.147.26
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 183.131.147.27
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 183.131.147.28
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 183.131.147.29
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 61.147.236.41
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 61.147.236.42
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 61.147.236.43
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 61.147.236.44
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:2463] domain: a.w.bilicdn1.com TTL:29 IP: 61.147.236.45
[2022-07-04 21:35:49,396][DEBUG][ dns_client.c:1399] result: message.bilibili.com, qtype: 1, hasresult: 1, id 41724
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:1343] reply message.bilibili.com qtype: 1, rcode: 0, reply: 0
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:694 ] result: message.bilibili.com, rtt: -0.1 ms, 183.131.147.24
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:934 ] cache message.bilibili.com qtype:1 ttl: 60
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:1067] Cache CNAME: a.w.bilicdn1.com, qtype: 1, speed: -1
nslookup message.bilibili.com
非权威应答:
名称: a.w.bilicdn1.com
Address: 183.131.147.24
Aliases: message.bilibili.com
显然您用nslookup 并不是smartdns在应答了
请仔细看我刚刚贴上去的日志
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:1343] reply message.bilibili.com qtype: 1, rcode: 0, reply: 0
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:694 ] result: message.bilibili.com, rtt: -0.1 ms, 183.131.147.24
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:934 ] cache message.bilibili.com qtype:1 ttl: 60
[2022-07-04 21:35:49,396][DEBUG][ dns_server.c:1067] Cache CNAME: a.w.bilicdn1.com, qtype: 1, speed: -1
明显是smartdns回复的183.131.147.24
而且我局域网内仅只有这一个dns服务器,关闭后nslookup是无法访问的
~~从lede的应答来看,您lede的ipv4 53端口对应的dns服务没有正确的上游;此时windows用nslookup查询最有可能的情况是ipv6 dns。我怀疑在smartdns和ipv6 dns中间存在过滤器,导致了上述结果~~
bug可以重现,6月25日的版本是正常的 @pymumu
https://github.com/pymumu/smartdns/issues/975#issuecomment-1173819844
max-reply-ip-num 设置大于1的数
设置的是50
max-reply-ip-num 50
最新代码经过测试问题已经修复,待我用2天看下,有没有其他问题
nslookup www.qq.com
非权威应答:
名称: ins-r23tsuuf.ias.tencent-cloud.net
Addresses: 101.91.22.57
101.91.42.232
Aliases: www.qq.com
nslookup message.bilibili.com
非权威应答:
名称: a.w.bilicdn1.com
Addresses: 61.147.236.44
183.131.147.24
183.131.147.48
61.147.236.45
183.131.147.30
183.131.147.29
61.147.236.43
183.131.147.27
183.131.147.25
61.147.236.39
61.147.236.42
183.131.147.26
61.147.236.11
61.147.236.41
183.131.147.28
61.147.236.40
61.147.236.38
61.147.236.37
61.147.236.12
61.147.236.36
Aliases: message.bilibili.com
修改了一下,用最新代码看看。
@pymumu 好像还是有个小问题,就是第二次请求并不会返回所有dns服务器返回的结果的集合,只返回了一个dns服务器的结果
打个比方
DNS1(最快): 返回 1.1.1.1和1.1.1.2
DNS2: 返回 1.1.2.1和1.1.2.2
DNS3: 返回 1.1.3.1和1.1.3.2
期望情况:
第一次请求返回: 1.1.1.1和1.1.1.2
第二次请求返回: 1.1.1.1和1.1.1.2和1.1.2.1和1.1.2.2和1.1.3.1和1.1.3.2
现在是无论如何请求都会返回1.1.1.1和1.1.1.2, 后面两个DNS的结果并不会插入到后续的请求中
现在是无论如何请求都会返回1.1.1.1和1.1.1.2, 后面两个DNS的结果并不会插入到后续的请求中
能确定后续请求的结果 是从cache来的还是从预先获取(prefetch-domain)来的?
现在是无论如何请求都会返回1.1.1.1和1.1.1.2, 后面两个DNS的结果并不会插入到后续的请求中
能确定后续请求的结果 是从cache来的还是从预先获取(prefetch-domain)来的?
prefetch-domain 会造成这种现象吗? 按照我的理解 prefetch-domain 应该是在smartdns启动时将历史域名重新请求一遍并放入 cache 中吗? 理应向所有dns服务器发起请求
按照我的理解 prefetch-domain 应该是在smartdns启动时将历史域名重新请求一遍并放入 cache 中
正确 但cache过期前不会重新向上游发起查询啊
当前设计就是关闭测速后,仅会使用响应最快的DNS结果,并不会将所有结果合并。
目前看来,将所有结果合并没有太多意义。
将所有结果合并是有意义的,比如说我访问国外使用的是国外dns,但是国外dns并不会是最快的返回结果,但是确是最应该访问的. 顺带提一下我关闭所有测速的原因,我认为测速无论是ping还是tcp都会造成请求侧漏,一但开启测速,我对于国外的服务器的连接会再某个阈值超过后被全部掐断一段时间,且延迟增高.关闭后就没有这个现象了
一但开启测速,我对于国外的服务器的连接会再某个阈值超过后被全部掐断一段时间
并发连接限制 之前有issue提到过这个现象
但即使是合并结果 客户端还是会选用获取到的第一个。。。结果合并后只要顺序不变 那么和单一结果没有区别的
所有结果合并 似乎不太符合逻辑 我能想到的场景就是网关是不同运营商的多线路 这样重新查询测速获取新的结果 比cache保持更有意义
打个比方 我请求www.google.com 对于境外的1.1.1.1和8.8.8.8和第三方dns会返回完全不同的结果,而比如说1.1.1.1只会返回对于www.google.com的仅一个anycast ip, 这个ip活跃的质量其实并不高, 而其他dns返回的速度又没有那么块, 本地浏览器如果收到多个结果在无法访问的时候自然会自动切换,但是目前是因为只有一个ip造成了这个结果
一但开启测速,我对于国外的服务器的连接会再某个阈值超过后被全部掐断一段时间
并发连接限制 之前有issue提到过这个现象
但即使是合并结果 客户端还是会选用获取到的第一个。。。结果合并后只要顺序不变 那么和单一结果没有区别的
并不是连接数限制,现在对于封禁ip的测速,明显会造成触发外网流量审计,同时掐断所有境外流量访问,而且对国外流量路由切换到抓包模式,造成海外延迟升高 正常: 延迟60ms 审计中延迟: 200-500ms
而且众所周知icmp流量是不会被透明代理所捕获的,测速中也不会触发类似dnsmasq+ipset的透明代理流量捕获,直接让网关知道你在尝试访问某些网站, 某些ip如google是直接的ip墙理应不应该对其进行测速, 即使是cf那种没有被墙ip的地址,你一直ping他也会在某一时刻造成超出阈值的审计
对于需要从代理出去的域名不进行测速,我很赞同。这部分我建议附加edns信息,使上游返回结果尽可能靠近代理所在位置。
合并不同上游返回的不同结果,能缓解个别结果无法访问的情形。但这部分不应该是代理出去了吗,为什么会无法访问?
#967 也提到,对于个别网站 应答快的上游返回soa 应答慢的上游返回结果 这样的场景下合并查询结果是有意义的 @pymumu 这块可能考虑加个开关,在不测速的情况下将所有结果写入cache
对于需要从代理出去的域名不进行测速,我很赞同。这部分我建议附加edns信息,使上游返回结果尽可能靠近代理所在位置。
合并不同上游返回的不同结果,能缓解个别结果无法访问的情形。但这部分不应该是代理出去了吗,为什么会无法访问?
对于某些dns返回的ip,就拿www.google.com的anycastip举例,就是会出现443端口无响应情况,而8.8.8.8会返回的其实是多个ip list, 无法访问是间断性的,而且仅针对这个ip,hosts换一个ip就可以访问.(个人判断可能是c段机器访问这个ip量大出现了短暂udp封禁导致h3断流, 直到黑名单timeout才允许访问, 黑名单期间不光udp:443封禁,tcp:443也是封禁状态)
但即使是合并结果 客户端还是会选用获取到的第一个。。。结果合并后只要顺序不变 那么和单一结果没有区别的
至于提到的这点,客户端确实会优先使用第一个,但是意义在于,第一个ip无法访问客户端就会接着向下尝试,甚至重新发起dns请求获取新ip进行访问,所以是有意义的
当前设计就是关闭测速后,仅会使用响应最快的DNS结果,并不会将所有结果合并。
建议 是否开启关闭测速影响行为不应该如此复杂, 开启测速就将第一个ip设为最快ip, 不开启(默认可为所有ip测速结果一致) 随意合并后返回