當使用 openvpn 連接到我們的公司 VPN 時,DNS 解析停止運作隧道布里克。
當我連接到 VPN 時,會設定以下(範例)DNS 設定:
james@macbook:~$ cat /etc/resolv.conf
#
# Mac OS X Notice
#
# This file is not used by the host name and address resolution
# or the DNS query routing mechanisms used by most processes on
# this Mac OS X system.
#
# This file is automatically generated.
#
search intra.example.com
nameserver 10.181.0.222
nameserver 192.168.0.1
使用 FQDN 解析主機名稱的工作原理:
james@macbook:~$ dig somehost.intra.example.com +noall +answer
; <<>> DiG 9.8.3-P1 <<>> somehost.intra.example.com +noall +answer
;; global options: +cmd
somehost.intra.example.com. 3600 IN A 10.182.1.37
但是,儘管在 DNS 設定中設定了搜尋後綴 intra.example.com,但僅使用主機名稱無法解析主機:
james@macbook:~$ dig somehost +noall +answer
; <<>> DiG 9.8.3-P1 <<>> somehost +noall +answer
;; global options: +cmd
DNS 解析一直有效,直到大約 1 小時前,我上次暫停了我的 Macbook。儘管設定了搜尋後綴,但無法解析主機名稱的任何線索?
答案1
作為dig查詢 DNS 伺服器的工具,它必須假設給定參數已經是 FQDN。nslookup檢查您是否為其提供 FQDN 並添加適當的後綴。
有一件事可能令人感興趣:OS-X 上的 dig 手冊頁摘錄:
Mac OS X NOTICE
The dig command does not use the host name and address resolution or the DNS query routing mechanisms used by other
processes running on Mac OS X. The results of name or address queries printed by dig may differ from those found by
other processes that use the Mac OS X native name and address resolution mechanisms. The results of DNS queries may also
differ from queries that use the Mac OS X DNS routing library.
希望有幫助