环境有问题，DNS解析存在“污染”

[GuoFlight]

我的操作：

• 环境：为了避免影响，不使用域名列表，纯靠ipset判断国内外ip。（即不使用chnlist.txt和gfwlist.txt）
• 环境：导入了ipset。（并且用ipset test chnroute 测试了114解析结果处于ipset中）
• 版本号：测试了最新版(20240413)、2020年11月21号提交的v1.0-beta.23均有这个问题。
• 运行命令：./chinadns-ng -b 0.0.0.0 -l 53 -p 2 -v -n
• 测试域名：idp.eagleyun.cn
• 我的理解：如果114返回地址命中ipset中的chnroute，应该只会采用114的结果。
• 事实是：第一次请求时，返回国内地址。以后的请求都返回了国外ip。

我是这样验证ipset的：

[root@localhost chinadns]# ipset test chnroute 47.96.160.73
Warning: 47.96.160.73 is in set chnroute.
[root@localhost chinadns]# ipset test chnroute 116.62.212.44
Warning: 116.62.212.44 is in set chnroute.
[root@localhost chinadns]# ipset test chnroute 47.96.23.84
Warning: 47.96.23.84 is in set chnroute.

附上114和8.8.8.8的解析结果：

idp.eagleyun.cn
    请求A记录，114.114.114.114
        47.96.23.84
        47.96.160.73
        116.62.212.44
    请求A记录，8.8.8.8
        47.96.23.84
        47.96.160.73
        116.62.212.44
    请求CNAME，114.114.114.114
        alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com
    请求CNAME，8.8.8.8
        ga-bp1yj9pvc7vaorm2tf0df.aliyunga0019.com
alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com
    请求A记录，114.114.114.114
        47.96.23.84
        47.96.160.73
        116.62.212.44
    请求A记录，8.8.8.8
        47.96.23.84
        47.96.160.73
        116.62.212.44
ga-bp1yj9pvc7vaorm2tf0df.aliyunga0019.com
    请求A记录，114.114.114.114
        找不到记录（nslookup -q=a ga-bp1yj9pvc7vaorm2tf0df.aliyunga0019.com 114.114.114.114）
    请求A记录，8.8.8.8
        47.91.41.149

我的猜测：

• 这个域名既有A记录，也有CNAME记录，而且国外的CNAME记录在114无法解析，不知道会不会有影响？？？文档里并没有找到关于既有A记录又有CNAME记录的解析逻辑说明。

[zfl9]

解析时的chinadns-ng verbose日志有吗，发上来看看

[GuoFlight]

感谢大哥秒回。 ======================= 下面是测试结果 ======================= [root@localhost chinadns]# nslookup idp.eagleyun.cn Server: 127.0.0.1 Address: 127.0.0.1#53

Non-authoritative answer: idp.eagleyun.cn canonical name = alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com. Name: alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com Address: 47.96.23.84 Name: alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com Address: 116.62.212.44 Name: alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com Address: 47.96.160.73

[root@localhost chinadns]# [root@localhost chinadns]# [root@localhost chinadns]# nslookup idp.eagleyun.cn Server: 127.0.0.1 Address: 127.0.0.1#53

Name: idp.eagleyun.cn Address: 47.91.41.149 idp.eagleyun.cn canonical name = alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com.

======================= 下面是日志 =======================

[root@localhost chinadns]# ./chinadns-ng-20240413 -b 0.0.0.0 -l 53 -p 2 -v -n
2024-04-22 22:28:12 I [main.zig:116 main] local listen addr: 0.0.0.0#53@tcp+udp
2024-04-22 22:28:12 I [groups.zig:119 on_start] tag:chn upstream: tcpi://114.114.114.114
2024-04-22 22:28:12 I [groups.zig:119 on_start] tag:chn upstream: udpi://114.114.114.114
2024-04-22 22:28:12 I [groups.zig:119 on_start] tag:gfw upstream: tcpi://8.8.8.8
2024-04-22 22:28:12 I [groups.zig:119 on_start] tag:gfw upstream: udpi://8.8.8.8
2024-04-22 22:28:12 I [main.zig:116 main] ip test db: chnroute,chnroute6
2024-04-22 22:28:12 I [main.zig:116 main] default domain name tag: none
2024-04-22 22:28:12 I [main.zig:116 main] response timeout of upstream: 5
2024-04-22 22:28:12 I [main.zig:116 main] num of packets to trustdns: 2
2024-04-22 22:28:12 I [main.zig:116 main] accept no-ip reply from chinadns
2024-04-22 22:28:12 I [main.zig:116 main] printing the verbose runtime log
2024-04-22 22:28:24 I [server.zig:305 QueryLog.query] query(id:16652, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#52920
2024-04-22 22:28:24 I [server.zig:366 QueryLog.forward] forward query(qid:1, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 22:28:24 I [Upstream.zig:511 Group.send] forward query(qid:1, from:udp) to upstream udpi://114.114.114.114
2024-04-22 22:28:24 I [server.zig:366 QueryLog.forward] forward query(qid:1, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 22:28:24 I [Upstream.zig:511 Group.send] forward query(qid:1, from:udp) to upstream udpi://8.8.8.8
2024-04-22 22:28:24 I [server.zig:561 ReplyLog.reply] reply(qid:1, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 22:28:24 I [server.zig:305 QueryLog.query] query(id:607, tag:none, qtype:28, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') from 127.0.0.1#55857
2024-04-22 22:28:24 I [server.zig:366 QueryLog.forward] forward query(qid:2, from:udp, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') to china group
2024-04-22 22:28:24 I [Upstream.zig:511 Group.send] forward query(qid:2, from:udp) to upstream udpi://114.114.114.114
2024-04-22 22:28:24 I [server.zig:366 QueryLog.forward] forward query(qid:2, from:udp, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') to trust group
2024-04-22 22:28:24 I [Upstream.zig:511 Group.send] forward query(qid:2, from:udp) to upstream udpi://8.8.8.8
2024-04-22 22:28:24 I [server.zig:586 ReplyLog.china_noip] reply(qid:2, tag:none, qtype:28, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') has no answer ip [accept]
2024-04-22 22:28:24 I [server.zig:561 ReplyLog.reply] reply(qid:2, tag:none, qtype:28, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') from udpi://114.114.114.114 [accept]
2024-04-22 22:28:25 I [server.zig:561 ReplyLog.reply] reply(qid:1, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
2024-04-22 22:28:25 I [server.zig:561 ReplyLog.reply] reply(qid:2, tag:null, qtype:28, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') from udpi://8.8.8.8 [ignore]
2024-04-22 22:28:25 I [server.zig:561 ReplyLog.reply] reply(qid:1, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
2024-04-22 22:28:25 I [server.zig:561 ReplyLog.reply] reply(qid:2, tag:null, qtype:28, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') from udpi://8.8.8.8 [ignore]

下面是第二次请求时的日志

2024-04-22 22:28:32 I [server.zig:305 QueryLog.query] query(id:44621, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#46762
2024-04-22 22:28:32 I [server.zig:366 QueryLog.forward] forward query(qid:3, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 22:28:32 I [Upstream.zig:511 Group.send] forward query(qid:3, from:udp) to upstream udpi://114.114.114.114
2024-04-22 22:28:32 I [server.zig:366 QueryLog.forward] forward query(qid:3, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 22:28:32 I [Upstream.zig:511 Group.send] forward query(qid:3, from:udp) to upstream udpi://8.8.8.8
2024-04-22 22:28:32 I [server.zig:561 ReplyLog.reply] reply(qid:3, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [waiting]
2024-04-22 22:28:32 I [server.zig:561 ReplyLog.reply] reply(qid:3, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [filter]
2024-04-22 22:28:32 I [server.zig:561 ReplyLog.reply] reply(qid:3, tag:none, qtype:1, 'idp.eagleyun.cn') from <previous-trustdns> [accept]
2024-04-22 22:28:32 I [server.zig:561 ReplyLog.reply] reply(qid:3, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
2024-04-22 22:28:32 I [server.zig:305 QueryLog.query] query(id:59290, tag:none, qtype:28, 'idp.eagleyun.cn') from 127.0.0.1#60793
2024-04-22 22:28:32 I [server.zig:366 QueryLog.forward] forward query(qid:4, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 22:28:32 I [Upstream.zig:511 Group.send] forward query(qid:4, from:udp) to upstream udpi://114.114.114.114
2024-04-22 22:28:32 I [server.zig:366 QueryLog.forward] forward query(qid:4, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 22:28:32 I [Upstream.zig:511 Group.send] forward query(qid:4, from:udp) to upstream udpi://8.8.8.8
2024-04-22 22:28:32 I [server.zig:586 ReplyLog.china_noip] reply(qid:4, tag:none, qtype:28, 'idp.eagleyun.cn') has no answer ip [accept]
2024-04-22 22:28:32 I [server.zig:561 ReplyLog.reply] reply(qid:4, tag:none, qtype:28, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 22:28:32 I [server.zig:561 ReplyLog.reply] reply(qid:4, tag:null, qtype:28, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
2024-04-22 22:28:33 I [server.zig:561 ReplyLog.reply] reply(qid:4, tag:null, qtype:28, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]

[zfl9]

这个域名解析出来会有很多 IP 吗？我猜测是这里面既有国内IP，又有国外IP导致的。

哦不对，我回看了你发的信息，解析结果有 3 个 IP，然后 ip test chnroute 结果是这些 IP 都在里面。

[GuoFlight]

是的，我用https://www.ipshudi.com/ 检测它们都属于国内ip。并且，这些ip都在名为chnroute的ipset中。

[zfl9]

嗯，待会（或者明天哈）我测下你说的这个域名。看看啥情况

[zfl9]

不对，我怎么测试 OK 呢：

2024-04-22 23:12:42 I [main.zig:116 main] local listen addr: 127.0.0.1#55@tcp+udp
2024-04-22 23:12:42 I [groups.zig:119 on_start] tag:chn upstream: tcpi://114.114.114.114
2024-04-22 23:12:42 I [groups.zig:119 on_start] tag:chn upstream: udpi://114.114.114.114
2024-04-22 23:12:42 I [groups.zig:119 on_start] tag:gfw upstream: tcpi://8.8.8.8
2024-04-22 23:12:42 I [groups.zig:119 on_start] tag:gfw upstream: udpi://8.8.8.8
2024-04-22 23:12:42 I [main.zig:116 main] ip test db: chnroute,chnroute6
2024-04-22 23:12:42 I [main.zig:116 main] default domain name tag: none
2024-04-22 23:12:42 I [main.zig:116 main] response timeout of upstream: 5
2024-04-22 23:12:42 I [main.zig:116 main] accept no-ip reply from chinadns
2024-04-22 23:12:42 I [main.zig:116 main] printing the verbose runtime log

2024-04-22 23:12:45 I [server.zig:305 QueryLog.query] query(id:1386, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#29463
2024-04-22 23:12:45 I [server.zig:366 QueryLog.forward] forward query(qid:1, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:12:45 I [Upstream.zig:908 Group.send] forward query(qid:1, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:12:45 I [server.zig:366 QueryLog.forward] forward query(qid:1, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:12:45 I [Upstream.zig:908 Group.send] forward query(qid:1, from:udp) to upstream udpi://8.8.8.8
2024-04-22 23:12:45 I [server.zig:561 ReplyLog.reply] reply(qid:1, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:12:45 I [server.zig:561 ReplyLog.reply] reply(qid:1, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]

2024-04-22 23:12:47 I [server.zig:305 QueryLog.query] query(id:36974, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#62507
2024-04-22 23:12:47 I [server.zig:366 QueryLog.forward] forward query(qid:2, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:12:47 I [Upstream.zig:908 Group.send] forward query(qid:2, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:12:47 I [server.zig:366 QueryLog.forward] forward query(qid:2, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:12:47 I [Upstream.zig:908 Group.send] forward query(qid:2, from:udp) to upstream udpi://8.8.8.8
2024-04-22 23:12:47 I [server.zig:561 ReplyLog.reply] reply(qid:2, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:12:47 I [server.zig:561 ReplyLog.reply] reply(qid:2, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]

2024-04-22 23:12:49 I [server.zig:305 QueryLog.query] query(id:36829, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#49003
2024-04-22 23:12:49 I [server.zig:366 QueryLog.forward] forward query(qid:3, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:12:49 I [Upstream.zig:908 Group.send] forward query(qid:3, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:12:49 I [server.zig:366 QueryLog.forward] forward query(qid:3, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:12:49 I [Upstream.zig:908 Group.send] forward query(qid:3, from:udp) to upstream udpi://8.8.8.8
2024-04-22 23:12:49 I [server.zig:561 ReplyLog.reply] reply(qid:3, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:12:49 I [server.zig:561 ReplyLog.reply] reply(qid:3, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]

2024-04-22 23:12:51 I [server.zig:305 QueryLog.query] query(id:45047, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#64403
2024-04-22 23:12:51 I [server.zig:366 QueryLog.forward] forward query(qid:4, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:12:51 I [Upstream.zig:908 Group.send] forward query(qid:4, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:12:51 I [server.zig:366 QueryLog.forward] forward query(qid:4, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:12:51 I [Upstream.zig:908 Group.send] forward query(qid:4, from:udp) to upstream udpi://8.8.8.8
2024-04-22 23:12:51 I [server.zig:561 ReplyLog.reply] reply(qid:4, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:12:51 I [server.zig:561 ReplyLog.reply] reply(qid:4, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
2024-04-22 23:12:52 I [server.zig:305 QueryLog.query] query(id:10042, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#10799
2024-04-22 23:12:52 I [server.zig:366 QueryLog.forward] forward query(qid:5, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:12:52 I [Upstream.zig:908 Group.send] forward query(qid:5, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:12:52 I [server.zig:366 QueryLog.forward] forward query(qid:5, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:12:52 I [Upstream.zig:908 Group.send] forward query(qid:5, from:udp) to upstream udpi://8.8.8.8
2024-04-22 23:12:52 I [server.zig:561 ReplyLog.reply] reply(qid:5, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:12:52 I [server.zig:561 ReplyLog.reply] reply(qid:5, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
2024-04-22 23:12:52 I [server.zig:305 QueryLog.query] query(id:29836, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#30131
2024-04-22 23:12:52 I [server.zig:366 QueryLog.forward] forward query(qid:6, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:12:52 I [Upstream.zig:908 Group.send] forward query(qid:6, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:12:52 I [server.zig:366 QueryLog.forward] forward query(qid:6, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:12:52 I [Upstream.zig:908 Group.send] forward query(qid:6, from:udp) to upstream udpi://8.8.8.8
2024-04-22 23:12:52 I [server.zig:561 ReplyLog.reply] reply(qid:6, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:12:52 I [server.zig:561 ReplyLog.reply] reply(qid:6, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
2024-04-22 23:12:53 I [server.zig:305 QueryLog.query] query(id:3309, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#18791
2024-04-22 23:12:53 I [server.zig:366 QueryLog.forward] forward query(qid:7, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:12:53 I [Upstream.zig:908 Group.send] forward query(qid:7, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:12:53 I [server.zig:366 QueryLog.forward] forward query(qid:7, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:12:53 I [Upstream.zig:908 Group.send] forward query(qid:7, from:udp) to upstream udpi://8.8.8.8
2024-04-22 23:12:53 I [server.zig:561 ReplyLog.reply] reply(qid:7, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:12:53 I [server.zig:561 ReplyLog.reply] reply(qid:7, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
2024-04-22 23:12:53 I [server.zig:305 QueryLog.query] query(id:20568, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#10643
2024-04-22 23:12:53 I [server.zig:366 QueryLog.forward] forward query(qid:8, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:12:53 I [Upstream.zig:908 Group.send] forward query(qid:8, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:12:53 I [server.zig:366 QueryLog.forward] forward query(qid:8, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:12:53 I [Upstream.zig:908 Group.send] forward query(qid:8, from:udp) to upstream udpi://8.8.8.8
2024-04-22 23:12:53 I [server.zig:561 ReplyLog.reply] reply(qid:8, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:12:53 I [server.zig:561 ReplyLog.reply] reply(qid:8, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
2024-04-22 23:12:55 I [server.zig:305 QueryLog.query] query(id:16608, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#44078
2024-04-22 23:12:55 I [server.zig:366 QueryLog.forward] forward query(qid:9, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:12:55 I [Upstream.zig:908 Group.send] forward query(qid:9, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:12:55 I [server.zig:366 QueryLog.forward] forward query(qid:9, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:12:55 I [Upstream.zig:908 Group.send] forward query(qid:9, from:udp) to upstream udpi://8.8.8.8
2024-04-22 23:12:55 I [server.zig:561 ReplyLog.reply] reply(qid:9, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:12:55 I [server.zig:561 ReplyLog.reply] reply(qid:9, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
2024-04-22 23:12:56 I [server.zig:305 QueryLog.query] query(id:52634, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#20207
2024-04-22 23:12:56 I [server.zig:366 QueryLog.forward] forward query(qid:10, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:12:56 I [Upstream.zig:908 Group.send] forward query(qid:10, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:12:56 I [server.zig:366 QueryLog.forward] forward query(qid:10, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:12:56 I [Upstream.zig:908 Group.send] forward query(qid:10, from:udp) to upstream udpi://8.8.8.8
2024-04-22 23:12:56 I [server.zig:561 ReplyLog.reply] reply(qid:10, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:12:56 I [server.zig:561 ReplyLog.reply] reply(qid:10, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
2024-04-22 23:12:56 I [server.zig:305 QueryLog.query] query(id:16202, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#57976
2024-04-22 23:12:56 I [server.zig:366 QueryLog.forward] forward query(qid:11, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:12:56 I [Upstream.zig:908 Group.send] forward query(qid:11, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:12:56 I [server.zig:366 QueryLog.forward] forward query(qid:11, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:12:56 I [Upstream.zig:908 Group.send] forward query(qid:11, from:udp) to upstream udpi://8.8.8.8
2024-04-22 23:12:56 I [server.zig:561 ReplyLog.reply] reply(qid:11, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:12:56 I [server.zig:561 ReplyLog.reply] reply(qid:11, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
2024-04-22 23:12:56 I [server.zig:305 QueryLog.query] query(id:51213, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#25728
2024-04-22 23:12:56 I [server.zig:366 QueryLog.forward] forward query(qid:12, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:12:56 I [Upstream.zig:908 Group.send] forward query(qid:12, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:12:56 I [server.zig:366 QueryLog.forward] forward query(qid:12, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:12:56 I [Upstream.zig:908 Group.send] forward query(qid:12, from:udp) to upstream udpi://8.8.8.8
2024-04-22 23:12:57 I [server.zig:561 ReplyLog.reply] reply(qid:12, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:12:57 I [server.zig:561 ReplyLog.reply] reply(qid:12, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
2024-04-22 23:12:57 I [server.zig:305 QueryLog.query] query(id:46662, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#22892
2024-04-22 23:12:57 I [server.zig:366 QueryLog.forward] forward query(qid:13, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:12:57 I [Upstream.zig:908 Group.send] forward query(qid:13, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:12:57 I [server.zig:366 QueryLog.forward] forward query(qid:13, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:12:57 I [Upstream.zig:908 Group.send] forward query(qid:13, from:udp) to upstream udpi://8.8.8.8
2024-04-22 23:12:57 I [server.zig:561 ReplyLog.reply] reply(qid:13, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:12:57 I [server.zig:305 QueryLog.query] query(id:9799, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#65024
2024-04-22 23:12:57 I [server.zig:366 QueryLog.forward] forward query(qid:14, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:12:57 I [Upstream.zig:908 Group.send] forward query(qid:14, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:12:57 I [server.zig:366 QueryLog.forward] forward query(qid:14, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:12:57 I [Upstream.zig:908 Group.send] forward query(qid:14, from:udp) to upstream udpi://8.8.8.8
2024-04-22 23:12:57 I [server.zig:561 ReplyLog.reply] reply(qid:14, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:12:57 I [server.zig:561 ReplyLog.reply] reply(qid:14, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
2024-04-22 23:12:58 I [server.zig:305 QueryLog.query] query(id:37422, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#43483
2024-04-22 23:12:58 I [server.zig:366 QueryLog.forward] forward query(qid:15, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:12:58 I [Upstream.zig:908 Group.send] forward query(qid:15, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:12:58 I [server.zig:366 QueryLog.forward] forward query(qid:15, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:12:58 I [Upstream.zig:908 Group.send] forward query(qid:15, from:udp) to upstream udpi://8.8.8.8
2024-04-22 23:12:58 I [server.zig:561 ReplyLog.reply] reply(qid:15, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:12:58 I [server.zig:561 ReplyLog.reply] reply(qid:15, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]

[zfl9]

难道是 trust 先返回？我想办法模拟下这个情况。

[zfl9]

你是什么版本测试的？ x86_64 ？

[zfl9]

我特意用 119.29.29.29 模拟了 trust 先返回的情况，也是正常。。。

2024-04-22 23:24:11 I [main.zig:116 main] local listen addr: 127.0.0.1#55@tcp+udp
2024-04-22 23:24:11 I [groups.zig:119 on_start] tag:chn upstream: tcpi://114.114.114.114
2024-04-22 23:24:11 I [groups.zig:119 on_start] tag:chn upstream: udpi://114.114.114.114
2024-04-22 23:24:11 I [groups.zig:119 on_start] tag:gfw upstream: tcpi://119.29.29.29
2024-04-22 23:24:11 I [groups.zig:119 on_start] tag:gfw upstream: udpi://119.29.29.29
2024-04-22 23:24:11 I [main.zig:116 main] ip test db: chnroute,chnroute6
2024-04-22 23:24:11 I [main.zig:116 main] default domain name tag: none
2024-04-22 23:24:11 I [main.zig:116 main] response timeout of upstream: 5
2024-04-22 23:24:11 I [main.zig:116 main] num of packets to trustdns: 3
2024-04-22 23:24:11 I [main.zig:116 main] accept no-ip reply from chinadns
2024-04-22 23:24:11 I [main.zig:116 main] printing the verbose runtime log

2024-04-22 23:24:13 I [server.zig:305 QueryLog.query] query(id:15709, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#39746
2024-04-22 23:24:13 I [server.zig:366 QueryLog.forward] forward query(qid:1, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:24:13 I [Upstream.zig:908 Group.send] forward query(qid:1, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:24:13 I [server.zig:366 QueryLog.forward] forward query(qid:1, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:24:13 I [Upstream.zig:908 Group.send] forward query(qid:1, from:udp) to upstream udpi://119.29.29.29
2024-04-22 23:24:13 I [server.zig:561 ReplyLog.reply] reply(qid:1, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:24:13 I [server.zig:561 ReplyLog.reply] reply(qid:1, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://119.29.29.29 [ignore]
2024-04-22 23:24:13 I [server.zig:561 ReplyLog.reply] reply(qid:1, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://119.29.29.29 [ignore]
2024-04-22 23:24:13 I [server.zig:561 ReplyLog.reply] reply(qid:1, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://119.29.29.29 [ignore]
2024-04-22 23:24:13 I [server.zig:305 QueryLog.query] query(id:8557, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#63377
2024-04-22 23:24:13 I [server.zig:366 QueryLog.forward] forward query(qid:2, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:24:13 I [Upstream.zig:908 Group.send] forward query(qid:2, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:24:13 I [server.zig:366 QueryLog.forward] forward query(qid:2, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:24:13 I [Upstream.zig:908 Group.send] forward query(qid:2, from:udp) to upstream udpi://119.29.29.29
2024-04-22 23:24:13 I [server.zig:561 ReplyLog.reply] reply(qid:2, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://119.29.29.29 [waiting]
2024-04-22 23:24:13 I [server.zig:561 ReplyLog.reply] reply(qid:2, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://119.29.29.29 [ignore]
2024-04-22 23:24:13 I [server.zig:561 ReplyLog.reply] reply(qid:2, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://119.29.29.29 [ignore]
2024-04-22 23:24:13 I [server.zig:561 ReplyLog.reply] reply(qid:2, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:24:13 I [server.zig:561 ReplyLog.reply] reply(qid:2, tag:none, qtype:1, 'idp.eagleyun.cn') from <previous-trustdns> [filter]
2024-04-22 23:24:21 I [server.zig:305 QueryLog.query] query(id:1235, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#48518
2024-04-22 23:24:21 I [server.zig:366 QueryLog.forward] forward query(qid:3, from:udp, 'idp.eagleyun.cn') to china group
2024-04-22 23:24:21 I [Upstream.zig:908 Group.send] forward query(qid:3, from:udp) to upstream udpi://114.114.114.114
2024-04-22 23:24:21 I [server.zig:366 QueryLog.forward] forward query(qid:3, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-22 23:24:21 I [Upstream.zig:908 Group.send] forward query(qid:3, from:udp) to upstream udpi://119.29.29.29
2024-04-22 23:24:21 I [server.zig:561 ReplyLog.reply] reply(qid:3, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://119.29.29.29 [waiting]
2024-04-22 23:24:21 I [server.zig:561 ReplyLog.reply] reply(qid:3, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://119.29.29.29 [ignore]
2024-04-22 23:24:21 I [server.zig:561 ReplyLog.reply] reply(qid:3, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://119.29.29.29 [ignore]
2024-04-22 23:24:21 I [server.zig:561 ReplyLog.reply] reply(qid:3, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-22 23:24:21 I [server.zig:561 ReplyLog.reply] reply(qid:3, tag:none, qtype:1, 'idp.eagleyun.cn') from <previous-trustdns> [filter]
^C

[GuoFlight]

我用的是x86_64测试的，我再用arm架构的macbook测试一下。

[GuoFlight]

我用arm架构的macbook测试，未复现我的问题。 版本号：ChinaDNS-NG 2023.05.08。 我明天再用x86_64测试一下。 万分感谢。

[zfl9]

OK，我发一个没有lto的x86_64版本给你，你能帮忙测下吗？感谢

[GuoFlight]

OK，我发一个没有lto的x86_64版本给你，你能帮忙测下吗？感谢

没问题，非常荣幸。但需要明天才能测试了，因为身边暂时没有x86_64的机器。

[zfl9]

好的。

[windmsn]

OK，我发一个没有lto的x86_64版本给你，你能帮忙测下吗？感谢

用4.13的分支重新编译？我关cache现在用的是4.13的。。

[zfl9]

嗯，4.13版本 关闭lto

明天吧，先休息了哈

[zfl9]

@windmsn @GuoFlight

最新 release 版本（2024.04.13）上传了非 LTO 版本的，麻烦用非 LTO 版本的测试下。

[cattyhouse]

试试这个chnroute文件, 重新加载一下到系统的ipset

chnroute.txt

[zfl9]

#销毁原来的
ipset destroy chnroute

#用他发的chnroute.txt重建一个set
ipset create chnroute hash:net
cat chnroute.txt | sed "s/^/add chnroute /" | ipset -! restore

[GuoFlight]

测试了一下，在x86_64上问题依然稳定复现

版本：https://github.com/zfl9/chinadns-ng/releases/download/2024.04.13/chinadns-ng@x86_64-linux-musl@x86_64_v4@fast 添加了上面给的chnroute.txt：

[root@localhost test]# ipset test chnroute 47.96.160.73
Warning: 47.96.160.73 is in set chnroute.
[root@localhost test]# ipset test chnroute 116.62.212.44
Warning: 116.62.212.44 is in set chnroute.
[root@localhost test]# ipset test chnroute 47.96.23.84
Warning: 47.96.23.84 is in set chnroute.

执行命令：./chinadns-ng -b 0.0.0.0 -l 53 -p 2 -v -n 测试过程：

[root@localhost chinadns]# nslookup idp.eagleyun.cn
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
idp.eagleyun.cn canonical name = alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com.
Name:   alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com
Address: 47.96.23.84
Name:   alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com
Address: 116.62.212.44
Name:   alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com
Address: 47.96.160.73
################################ 下面是第二次解析 ################################
[root@localhost chinadns]# nslookup idp.eagleyun.cn
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:   idp.eagleyun.cn
Address: 47.91.41.149
idp.eagleyun.cn canonical name = alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com.

[root@localhost chinadns]#

日志：

[root@localhost chinadns]# ./chinadns-ng-20240413-new -b 0.0.0.0 -l 53 -p 2 -v -n
2024-04-23 11:06:56 I [main.zig:116 main] local listen addr: 0.0.0.0#53@tcp+udp
2024-04-23 11:06:56 I [groups.zig:119 on_start] tag:chn upstream: tcpi://114.114.114.114
2024-04-23 11:06:56 I [groups.zig:119 on_start] tag:chn upstream: udpi://114.114.114.114
2024-04-23 11:06:56 I [groups.zig:119 on_start] tag:gfw upstream: tcpi://8.8.8.8
2024-04-23 11:06:56 I [groups.zig:119 on_start] tag:gfw upstream: udpi://8.8.8.8
2024-04-23 11:06:56 I [main.zig:116 main] ip test db: chnroute,chnroute6
2024-04-23 11:06:56 I [main.zig:116 main] default domain name tag: none
2024-04-23 11:06:56 I [main.zig:116 main] response timeout of upstream: 5
2024-04-23 11:06:56 I [main.zig:116 main] num of packets to trustdns: 2
2024-04-23 11:06:56 I [main.zig:116 main] accept no-ip reply from chinadns
2024-04-23 11:06:56 I [main.zig:116 main] printing the verbose runtime log

############################ 下面是第1次解析的日志 ############################

2024-04-23 11:07:00 I [server.zig:305 QueryLog.query] query(id:35368, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#52192
2024-04-23 11:07:00 I [server.zig:366 QueryLog.forward] forward query(qid:1, from:udp, 'idp.eagleyun.cn') to china group
2024-04-23 11:07:00 I [Upstream.zig:512 Group.send] forward query(qid:1, from:udp) to upstream udpi://114.114.114.114
2024-04-23 11:07:00 I [server.zig:366 QueryLog.forward] forward query(qid:1, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-23 11:07:00 I [Upstream.zig:512 Group.send] forward query(qid:1, from:udp) to upstream udpi://8.8.8.8
2024-04-23 11:07:00 I [server.zig:561 ReplyLog.reply] reply(qid:1, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-23 11:07:00 I [server.zig:305 QueryLog.query] query(id:49929, tag:none, qtype:28, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') from 127.0.0.1#53333
2024-04-23 11:07:00 I [server.zig:366 QueryLog.forward] forward query(qid:2, from:udp, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') to china group
2024-04-23 11:07:00 I [Upstream.zig:512 Group.send] forward query(qid:2, from:udp) to upstream udpi://114.114.114.114
2024-04-23 11:07:00 I [server.zig:366 QueryLog.forward] forward query(qid:2, from:udp, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') to trust group
2024-04-23 11:07:00 I [Upstream.zig:512 Group.send] forward query(qid:2, from:udp) to upstream udpi://8.8.8.8
2024-04-23 11:07:00 I [server.zig:586 ReplyLog.china_noip] reply(qid:2, tag:none, qtype:28, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') has no answer ip [accept]
2024-04-23 11:07:00 I [server.zig:561 ReplyLog.reply] reply(qid:2, tag:none, qtype:28, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') from udpi://114.114.114.114 [accept]
2024-04-23 11:07:00 I [server.zig:561 ReplyLog.reply] reply(qid:1, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
2024-04-23 11:07:00 I [server.zig:561 ReplyLog.reply] reply(qid:2, tag:null, qtype:28, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') from udpi://8.8.8.8 [ignore]
2024-04-23 11:07:00 I [server.zig:561 ReplyLog.reply] reply(qid:2, tag:null, qtype:28, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') from udpi://8.8.8.8 [ignore]
2024-04-23 11:07:01 I [server.zig:561 ReplyLog.reply] reply(qid:1, tag:null, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]

############################ 下面是第2次解析的日志 ############################

2024-04-23 11:07:06 I [server.zig:305 QueryLog.query] query(id:46524, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#41879
2024-04-23 11:07:06 I [server.zig:366 QueryLog.forward] forward query(qid:3, from:udp, 'idp.eagleyun.cn') to china group
2024-04-23 11:07:06 I [Upstream.zig:512 Group.send] forward query(qid:3, from:udp) to upstream udpi://114.114.114.114
2024-04-23 11:07:06 I [server.zig:366 QueryLog.forward] forward query(qid:3, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-23 11:07:06 I [Upstream.zig:512 Group.send] forward query(qid:3, from:udp) to upstream udpi://8.8.8.8
2024-04-23 11:07:06 I [server.zig:561 ReplyLog.reply] reply(qid:3, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [waiting]
2024-04-23 11:07:06 I [server.zig:561 ReplyLog.reply] reply(qid:3, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
2024-04-23 11:07:06 I [server.zig:561 ReplyLog.reply] reply(qid:3, tag:none, qtype:1, 'idp.eagleyun.cn') from udpi://114.114.114.114 [filter]
2024-04-23 11:07:06 I [server.zig:561 ReplyLog.reply] reply(qid:3, tag:none, qtype:1, 'idp.eagleyun.cn') from <previous-trustdns> [accept]
2024-04-23 11:07:06 I [server.zig:305 QueryLog.query] query(id:13988, tag:none, qtype:28, 'idp.eagleyun.cn') from 127.0.0.1#55680
2024-04-23 11:07:06 I [server.zig:366 QueryLog.forward] forward query(qid:4, from:udp, 'idp.eagleyun.cn') to china group
2024-04-23 11:07:06 I [Upstream.zig:512 Group.send] forward query(qid:4, from:udp) to upstream udpi://114.114.114.114
2024-04-23 11:07:06 I [server.zig:366 QueryLog.forward] forward query(qid:4, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-23 11:07:06 I [Upstream.zig:512 Group.send] forward query(qid:4, from:udp) to upstream udpi://8.8.8.8
2024-04-23 11:07:06 I [server.zig:586 ReplyLog.china_noip] reply(qid:4, tag:none, qtype:28, 'idp.eagleyun.cn') has no answer ip [accept]
2024-04-23 11:07:06 I [server.zig:561 ReplyLog.reply] reply(qid:4, tag:none, qtype:28, 'idp.eagleyun.cn') from udpi://114.114.114.114 [accept]
2024-04-23 11:07:06 I [server.zig:561 ReplyLog.reply] reply(qid:4, tag:null, qtype:28, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
2024-04-23 11:07:06 I [server.zig:561 ReplyLog.reply] reply(qid:4, tag:null, qtype:28, 'idp.eagleyun.cn') from udpi://8.8.8.8 [ignore]
^C
[root@localhost chinadns]#

[cattyhouse]

1. 安装 dig, 用 dig 测试下
2. 检查下 53 端口有没有被 redirect 到其他端口? iptables-save ; iptables-nft-save 查看规则
3. ss -nutlp 检查下有么其他程序监听 53

[cattyhouse]

确定下 8.8.8.8 是否走了代理? 不然的话 8.8.8.8 的结果会被劫持/污染

[zfl9]

你的 8888 为什么第二次总是可以这么快返回呢？第一次为什么又不是。有点奇怪。

[GuoFlight]

1. 安装 dig, 用 dig 测试下
2. 检查下 53 端口有没有被 redirect 到其他端口? iptables-save ; iptables-nft-save 查看规则
3. ss -nutlp 检查下有么其他程序监听 53

我认为dig和nslookup用的是同一个网络库，应该不会有区别。 53端口没有重定向到其他端口。 下面是我检查的结果：

[root@localhost chinadns]# dig idp.eagleyun.cn

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.14 <<>> idp.eagleyun.cn
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16202
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;idp.eagleyun.cn.               IN      A

;; ANSWER SECTION:
idp.eagleyun.cn.        566     IN      CNAME   alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com.
alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com. 124 IN A 47.96.160.73
alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com. 124 IN A 47.96.23.84
alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com. 124 IN A 116.62.212.44

;; Query time: 25 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Apr 23 11:14:57 CST 2024
;; MSG SIZE  rcvd: 325

[root@localhost chinadns]# 
[root@localhost chinadns]# 
[root@localhost chinadns]# dig idp.eagleyun.cn

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.14 <<>> idp.eagleyun.cn
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53154
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;idp.eagleyun.cn.               IN      A

;; ANSWER SECTION:
idp.eagleyun.cn.        60      IN      A       47.91.41.149

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Apr 23 11:15:02 CST 2024
;; MSG SIZE  rcvd: 64

[root@localhost chinadns]#

[root@localhost chinadns]# iptables-save
# Generated by iptables-save v1.4.21 on Tue Apr 23 11:16:07 2024
*nat
:PREROUTING ACCEPT [1769:1175362]
:INPUT ACCEPT [1:52]
:OUTPUT ACCEPT [1550:101368]
:POSTROUTING ACCEPT [1550:101368]
:DOCKER - [0:0]
:OUTPUT_direct - [0:0]
:POSTROUTING_ZONES - [0:0]
:POSTROUTING_ZONES_SOURCE - [0:0]
:POSTROUTING_direct - [0:0]
:POST_docker - [0:0]
:POST_docker_allow - [0:0]
:POST_docker_deny - [0:0]
:POST_docker_log - [0:0]
:POST_public - [0:0]
:POST_public_allow - [0:0]
:POST_public_deny - [0:0]
:POST_public_log - [0:0]
:PREROUTING_ZONES - [0:0]
:PREROUTING_ZONES_SOURCE - [0:0]
:PREROUTING_direct - [0:0]
:PRE_docker - [0:0]
:PRE_docker_allow - [0:0]
:PRE_docker_deny - [0:0]
:PRE_docker_log - [0:0]
:PRE_public - [0:0]
:PRE_public_allow - [0:0]
:PRE_public_deny - [0:0]
:PRE_public_log - [0:0]
-A PREROUTING -j PREROUTING_direct
-A PREROUTING -j PREROUTING_ZONES_SOURCE
-A PREROUTING -j PREROUTING_ZONES
-A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
-A OUTPUT -j OUTPUT_direct
-A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
-A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
-A POSTROUTING -j POSTROUTING_direct
-A POSTROUTING -j POSTROUTING_ZONES_SOURCE
-A POSTROUTING -j POSTROUTING_ZONES
-A DOCKER -i docker0 -j RETURN
-A POSTROUTING_ZONES -o docker0 -g POST_docker
-A POSTROUTING_ZONES -o ens33 -g POST_public
-A POSTROUTING_ZONES -g POST_public
-A POST_docker -j POST_docker_log
-A POST_docker -j POST_docker_deny
-A POST_docker -j POST_docker_allow
-A POST_public -j POST_public_log
-A POST_public -j POST_public_deny
-A POST_public -j POST_public_allow
-A PREROUTING_ZONES -i docker0 -g PRE_docker
-A PREROUTING_ZONES -i ens33 -g PRE_public
-A PREROUTING_ZONES -g PRE_public
-A PRE_docker -j PRE_docker_log
-A PRE_docker -j PRE_docker_deny
-A PRE_docker -j PRE_docker_allow
-A PRE_public -j PRE_public_log
-A PRE_public -j PRE_public_deny
-A PRE_public -j PRE_public_allow
COMMIT
# Completed on Tue Apr 23 11:16:07 2024
# Generated by iptables-save v1.4.21 on Tue Apr 23 11:16:07 2024
*mangle
:PREROUTING ACCEPT [16477:3103852]
:INPUT ACCEPT [16477:3103852]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [14743:2764968]
:POSTROUTING ACCEPT [14743:2764968]
:FORWARD_direct - [0:0]
:INPUT_direct - [0:0]
:OUTPUT_direct - [0:0]
:POSTROUTING_direct - [0:0]
:PREROUTING_ZONES - [0:0]
:PREROUTING_ZONES_SOURCE - [0:0]
:PREROUTING_direct - [0:0]
:PRE_docker - [0:0]
:PRE_docker_allow - [0:0]
:PRE_docker_deny - [0:0]
:PRE_docker_log - [0:0]
:PRE_public - [0:0]
:PRE_public_allow - [0:0]
:PRE_public_deny - [0:0]
:PRE_public_log - [0:0]
-A PREROUTING -j PREROUTING_direct
-A PREROUTING -j PREROUTING_ZONES_SOURCE
-A PREROUTING -j PREROUTING_ZONES
-A INPUT -j INPUT_direct
-A FORWARD -j FORWARD_direct
-A OUTPUT -j OUTPUT_direct
-A POSTROUTING -j POSTROUTING_direct
-A PREROUTING_ZONES -i docker0 -g PRE_docker
-A PREROUTING_ZONES -i ens33 -g PRE_public
-A PREROUTING_ZONES -g PRE_public
-A PRE_docker -j PRE_docker_log
-A PRE_docker -j PRE_docker_deny
-A PRE_docker -j PRE_docker_allow
-A PRE_public -j PRE_public_log
-A PRE_public -j PRE_public_deny
-A PRE_public -j PRE_public_allow
COMMIT
# Completed on Tue Apr 23 11:16:07 2024
# Generated by iptables-save v1.4.21 on Tue Apr 23 11:16:07 2024
*security
:INPUT ACCEPT [14735:1933122]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [14771:2768829]
:FORWARD_direct - [0:0]
:INPUT_direct - [0:0]
:OUTPUT_direct - [0:0]
-A INPUT -j INPUT_direct
-A FORWARD -j FORWARD_direct
-A OUTPUT -j OUTPUT_direct
COMMIT
# Completed on Tue Apr 23 11:16:07 2024
# Generated by iptables-save v1.4.21 on Tue Apr 23 11:16:07 2024
*raw
:PREROUTING ACCEPT [16477:3103852]
:OUTPUT ACCEPT [14743:2764968]
:OUTPUT_direct - [0:0]
:PREROUTING_ZONES - [0:0]
:PREROUTING_ZONES_SOURCE - [0:0]
:PREROUTING_direct - [0:0]
:PRE_docker - [0:0]
:PRE_docker_allow - [0:0]
:PRE_docker_deny - [0:0]
:PRE_docker_log - [0:0]
:PRE_public - [0:0]
:PRE_public_allow - [0:0]
:PRE_public_deny - [0:0]
:PRE_public_log - [0:0]
-A PREROUTING -j PREROUTING_direct
-A PREROUTING -j PREROUTING_ZONES_SOURCE
-A PREROUTING -j PREROUTING_ZONES
-A OUTPUT -j OUTPUT_direct
-A PREROUTING_ZONES -i docker0 -g PRE_docker
-A PREROUTING_ZONES -i ens33 -g PRE_public
-A PREROUTING_ZONES -g PRE_public
-A PRE_docker -j PRE_docker_log
-A PRE_docker -j PRE_docker_deny
-A PRE_docker -j PRE_docker_allow
-A PRE_public -j PRE_public_log
-A PRE_public -j PRE_public_deny
-A PRE_public -j PRE_public_allow
COMMIT
# Completed on Tue Apr 23 11:16:07 2024
# Generated by iptables-save v1.4.21 on Tue Apr 23 11:16:07 2024
*filter
:INPUT ACCEPT [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [12660:2560812]
:DOCKER - [0:0]
:DOCKER-ISOLATION-STAGE-1 - [0:0]
:DOCKER-ISOLATION-STAGE-2 - [0:0]
:DOCKER-USER - [0:0]
:FORWARD_IN_ZONES - [0:0]
:FORWARD_IN_ZONES_SOURCE - [0:0]
:FORWARD_OUT_ZONES - [0:0]
:FORWARD_OUT_ZONES_SOURCE - [0:0]
:FORWARD_direct - [0:0]
:FWDI_docker - [0:0]
:FWDI_docker_allow - [0:0]
:FWDI_docker_deny - [0:0]
:FWDI_docker_log - [0:0]
:FWDI_public - [0:0]
:FWDI_public_allow - [0:0]
:FWDI_public_deny - [0:0]
:FWDI_public_log - [0:0]
:FWDO_docker - [0:0]
:FWDO_docker_allow - [0:0]
:FWDO_docker_deny - [0:0]
:FWDO_docker_log - [0:0]
:FWDO_public - [0:0]
:FWDO_public_allow - [0:0]
:FWDO_public_deny - [0:0]
:FWDO_public_log - [0:0]
:INPUT_ZONES - [0:0]
:INPUT_ZONES_SOURCE - [0:0]
:INPUT_direct - [0:0]
:IN_docker - [0:0]
:IN_docker_allow - [0:0]
:IN_docker_deny - [0:0]
:IN_docker_log - [0:0]
:IN_public - [0:0]
:IN_public_allow - [0:0]
:IN_public_deny - [0:0]
:IN_public_log - [0:0]
:OUTPUT_direct - [0:0]
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -j INPUT_direct
-A INPUT -j INPUT_ZONES_SOURCE
-A INPUT -j INPUT_ZONES
-A INPUT -m conntrack --ctstate INVALID -j DROP
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j DOCKER-USER
-A FORWARD -j DOCKER-ISOLATION-STAGE-1
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o docker0 -j DOCKER
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i lo -j ACCEPT
-A FORWARD -j FORWARD_direct
-A FORWARD -j FORWARD_IN_ZONES_SOURCE
-A FORWARD -j FORWARD_IN_ZONES
-A FORWARD -j FORWARD_OUT_ZONES_SOURCE
-A FORWARD -j FORWARD_OUT_ZONES
-A FORWARD -m conntrack --ctstate INVALID -j DROP
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -j OUTPUT_direct
-A DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2
-A DOCKER-ISOLATION-STAGE-1 -j RETURN
-A DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP
-A DOCKER-ISOLATION-STAGE-2 -j RETURN
-A DOCKER-USER -j RETURN
-A FORWARD_IN_ZONES -i docker0 -g FWDI_docker
-A FORWARD_IN_ZONES -i ens33 -g FWDI_public
-A FORWARD_IN_ZONES -g FWDI_public
-A FORWARD_OUT_ZONES -o docker0 -g FWDO_docker
-A FORWARD_OUT_ZONES -o ens33 -g FWDO_public
-A FORWARD_OUT_ZONES -g FWDO_public
-A FWDI_docker -j FWDI_docker_log
-A FWDI_docker -j FWDI_docker_deny
-A FWDI_docker -j FWDI_docker_allow
-A FWDI_docker -j ACCEPT
-A FWDI_public -j FWDI_public_log
-A FWDI_public -j FWDI_public_deny
-A FWDI_public -j FWDI_public_allow
-A FWDI_public -p icmp -j ACCEPT
-A FWDO_docker -j FWDO_docker_log
-A FWDO_docker -j FWDO_docker_deny
-A FWDO_docker -j FWDO_docker_allow
-A FWDO_docker -j ACCEPT
-A FWDO_public -j FWDO_public_log
-A FWDO_public -j FWDO_public_deny
-A FWDO_public -j FWDO_public_allow
-A INPUT_ZONES -i docker0 -g IN_docker
-A INPUT_ZONES -i ens33 -g IN_public
-A INPUT_ZONES -g IN_public
-A IN_docker -j IN_docker_log
-A IN_docker -j IN_docker_deny
-A IN_docker -j IN_docker_allow
-A IN_docker -j ACCEPT
-A IN_public -j IN_public_log
-A IN_public -j IN_public_deny
-A IN_public -j IN_public_allow
-A IN_public -p icmp -j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW,UNTRACKED -j ACCEPT
COMMIT
# Completed on Tue Apr 23 11:16:07 2024
[root@localhost chinadns]#

[root@localhost chinadns]# netstat -ntlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      4724/./chinadns-ng- 
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1220/sshd           
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1489/master         
tcp6       0      0 :::22                   :::*                    LISTEN      1220/sshd           
tcp6       0      0 ::1:25                  :::*                    LISTEN      1489/master         
[root@localhost chinadns]#

[zfl9]

dig单独测试 114 和 8888 上游，看看结果？

[GuoFlight]

你的 8888 为什么第二次总是可以这么快返回呢？第一次为什么又不是。有点奇怪。

我用的是vmware虚拟机，我怀疑vmware是否会有缓存？

[zfl9]

你的第二次dig为什么解析时间这么快，1ms，这不像是正常公网请求的DNS的速度。

[zfl9]

你是否除了 chinadns-ng 外，还有其他 DNS 环境/设施（上游）？

[zfl9]

我怀疑某些地方（vmware？）缓存了这个解析结果（可能刚好缓存最后一个，也就是第一次8.8.8.8的结果），然后后面无论本地访问什么上游DNS，这个“设施”会无条件返回这个reply，也就是说即使chinadns-ng访问114，也是给出这个reply，因为他是non-china ip，所以filter，然后用了8.8.8.8的（该reply也来自Ta的“缓存”）

[GuoFlight]

已确认，有缓存影响。 先dig 114再dig 8.8.8.8返回了国内的结果。 先dig 8.8.8.8再dig 114返回了国外的结果。 我用的是vmware，我也怀疑它有缓存，我没有其他DNS上游了。 我再尝试使用物理机来测试。

[zfl9]

给 upstream 加上 tcp:// 限定看看，应该可以绕过 vmware 的缓存（我猜测他没有劫持 tcp 查询）

[cattyhouse]

1. 用 ss -nutlp
2. 你是否运行着 systemd-resolved
3. ls -la /etc/resolv.conf 指向什么地方
4. 尝试让chinadns监听比如 9999, 然后 dig @9999 .... 测试, 避开一切干扰.

[zfl9]

我认为dig和nslookup用的是同一个网络库，应该不会有区别。

主要是dig给出的信息和细节更多，也没有nslookup的一些“潜规则”（比如默认给你解析CNAME啥的）

[GuoFlight]

给 upstream 加上 tcp:// 限定看看，应该可以绕过 vmware 的缓存（我猜测他没有劫持 tcp 查询）

尝试使用tcp，问题依然稳定复现。 环境：x86_64，vmware虚拟机，centos7 启动命令：./chinadns-ng-20240413-new -b 0.0.0.0 -l 53 -p 2 -v -n --china-dns tcp://114.114.114.114 --trust-dns tcp://8.8.8.8 测试过程：

[root@localhost chinadns]# nslookup idp.eagleyun.cn
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:   idp.eagleyun.cn
Address: 47.91.41.149
idp.eagleyun.cn canonical name = alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com.

[root@localhost chinadns]# nslookup idp.eagleyun.cn
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
idp.eagleyun.cn canonical name = alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com.
Name:   alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com
Address: 47.96.160.73
Name:   alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com
Address: 47.96.23.84
Name:   alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com
Address: 116.62.212.44

[root@localhost chinadns]# nslookup idp.eagleyun.cn
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:   idp.eagleyun.cn
Address: 47.91.41.149
idp.eagleyun.cn canonical name = alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com.

[root@localhost chinadns]# 

日志：

[root@localhost chinadns]# ./chinadns-ng-20240413-new -b 0.0.0.0 -l 53 -p 2 -v -n --china-dns tcp://114.114.114.114 --trust-dns tcp://8.8.8.8
2024-04-23 11:31:12 I [main.zig:116 main] local listen addr: 0.0.0.0#53@tcp+udp
2024-04-23 11:31:12 I [groups.zig:119 on_start] tag:chn upstream: tcp://114.114.114.114
2024-04-23 11:31:12 I [groups.zig:119 on_start] tag:gfw upstream: tcp://8.8.8.8
2024-04-23 11:31:12 I [main.zig:116 main] ip test db: chnroute,chnroute6
2024-04-23 11:31:12 I [main.zig:116 main] default domain name tag: none
2024-04-23 11:31:12 I [main.zig:116 main] response timeout of upstream: 5
2024-04-23 11:31:12 I [main.zig:116 main] num of packets to trustdns: 2
2024-04-23 11:31:12 I [main.zig:116 main] accept no-ip reply from chinadns
2024-04-23 11:31:12 I [main.zig:116 main] printing the verbose runtime log

################################# 这是第1次请求 #################################

2024-04-23 11:31:37 I [server.zig:305 QueryLog.query] query(id:12040, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#42854
2024-04-23 11:31:37 I [server.zig:366 QueryLog.forward] forward query(qid:1, from:udp, 'idp.eagleyun.cn') to china group
2024-04-23 11:31:37 I [Upstream.zig:512 Group.send] forward query(qid:1, from:udp) to upstream tcp://114.114.114.114
2024-04-23 11:31:37 I [server.zig:366 QueryLog.forward] forward query(qid:1, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-23 11:31:37 I [Upstream.zig:512 Group.send] forward query(qid:1, from:udp) to upstream tcp://8.8.8.8
2024-04-23 11:31:37 I [server.zig:561 ReplyLog.reply] reply(qid:1, tag:none, qtype:1, 'idp.eagleyun.cn') from tcp://114.114.114.114 [accept]
2024-04-23 11:31:37 I [server.zig:305 QueryLog.query] query(id:32864, tag:none, qtype:28, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') from 127.0.0.1#37761
2024-04-23 11:31:37 I [server.zig:366 QueryLog.forward] forward query(qid:2, from:udp, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') to china group
2024-04-23 11:31:37 I [Upstream.zig:512 Group.send] forward query(qid:2, from:udp) to upstream tcp://114.114.114.114
2024-04-23 11:31:37 I [server.zig:366 QueryLog.forward] forward query(qid:2, from:udp, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') to trust group
2024-04-23 11:31:37 I [Upstream.zig:512 Group.send] forward query(qid:2, from:udp) to upstream tcp://8.8.8.8
2024-04-23 11:31:37 I [server.zig:586 ReplyLog.china_noip] reply(qid:2, tag:none, qtype:28, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') has no answer ip [accept]
2024-04-23 11:31:37 I [server.zig:561 ReplyLog.reply] reply(qid:2, tag:none, qtype:28, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') from tcp://114.114.114.114 [accept]
2024-04-23 11:31:38 I [server.zig:561 ReplyLog.reply] reply(qid:1, tag:null, qtype:1, 'idp.eagleyun.cn') from tcp://8.8.8.8 [ignore]
2024-04-23 11:31:38 I [server.zig:561 ReplyLog.reply] reply(qid:2, tag:null, qtype:28, 'alb-mvq0rcz9eirmqfg50n.cn-hangzhou.alb.aliyuncs.com') from tcp://8.8.8.8 [ignore]

################################# 这是第2次请求 #################################

2024-04-23 11:31:45 I [server.zig:305 QueryLog.query] query(id:7403, tag:none, qtype:1, 'idp.eagleyun.cn') from 127.0.0.1#57204
2024-04-23 11:31:45 I [server.zig:366 QueryLog.forward] forward query(qid:3, from:udp, 'idp.eagleyun.cn') to china group
2024-04-23 11:31:45 I [Upstream.zig:512 Group.send] forward query(qid:3, from:udp) to upstream tcp://114.114.114.114
2024-04-23 11:31:45 I [server.zig:366 QueryLog.forward] forward query(qid:3, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-23 11:31:45 I [Upstream.zig:512 Group.send] forward query(qid:3, from:udp) to upstream tcp://8.8.8.8
2024-04-23 11:31:45 I [server.zig:561 ReplyLog.reply] reply(qid:3, tag:none, qtype:1, 'idp.eagleyun.cn') from tcp://114.114.114.114 [filter]
2024-04-23 11:31:45 I [server.zig:561 ReplyLog.reply] reply(qid:3, tag:none, qtype:1, 'idp.eagleyun.cn') from tcp://8.8.8.8 [accept]
2024-04-23 11:31:45 I [server.zig:305 QueryLog.query] query(id:22384, tag:none, qtype:28, 'idp.eagleyun.cn') from 127.0.0.1#57686
2024-04-23 11:31:45 I [server.zig:366 QueryLog.forward] forward query(qid:4, from:udp, 'idp.eagleyun.cn') to china group
2024-04-23 11:31:45 I [Upstream.zig:512 Group.send] forward query(qid:4, from:udp) to upstream tcp://114.114.114.114
2024-04-23 11:31:45 I [server.zig:366 QueryLog.forward] forward query(qid:4, from:udp, 'idp.eagleyun.cn') to trust group
2024-04-23 11:31:45 I [Upstream.zig:512 Group.send] forward query(qid:4, from:udp) to upstream tcp://8.8.8.8
2024-04-23 11:31:45 I [server.zig:586 ReplyLog.china_noip] reply(qid:4, tag:none, qtype:28, 'idp.eagleyun.cn') has no answer ip [accept]
2024-04-23 11:31:45 I [server.zig:561 ReplyLog.reply] reply(qid:4, tag:none, qtype:28, 'idp.eagleyun.cn') from tcp://114.114.114.114 [accept]
2024-04-23 11:31:45 I [server.zig:561 ReplyLog.reply] reply(qid:4, tag:null, qtype:28, 'idp.eagleyun.cn') from tcp://8.8.8.8 [ignore]
^C
[root@localhost chinadns]#

[zfl9]

你这个应该是某些地方有缓存，污染了chinadns-ng的结果。

[zfl9]

用dig测试，方便看解析时间，推测是否有缓存。

[GuoFlight]

我用dig命令发起tcp请求，没有结果，是我用的方式不对吗？

[root@localhost chinadns]# dig -t idp.eagleyun.cn
;; Warning, ignoring invalid type idp.eagleyun.cn

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.14 <<>> -t idp.eagleyun.cn
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57304
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;.                              IN      NS

;; ANSWER SECTION:
.                       170598  IN      NS      b.root-servers.net.
.                       170598  IN      NS      c.root-servers.net.
.                       170598  IN      NS      d.root-servers.net.
.                       170598  IN      NS      e.root-servers.net.
.                       170598  IN      NS      f.root-servers.net.
.                       170598  IN      NS      g.root-servers.net.
.                       170598  IN      NS      h.root-servers.net.
.                       170598  IN      NS      i.root-servers.net.
.                       170598  IN      NS      j.root-servers.net.
.                       170598  IN      NS      k.root-servers.net.
.                       170598  IN      NS      l.root-servers.net.
.                       170598  IN      NS      m.root-servers.net.
.                       170598  IN      NS      a.root-servers.net.

;; Query time: 27 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Apr 23 11:37:54 CST 2024
;; MSG SIZE  rcvd: 431

[root@localhost chinadns]#

[GuoFlight]

附上我的DNS配置：

[root@localhost chinadns]# cat /etc/resolv.conf 
# Generated by NetworkManager
#nameserver 114.114.114.114
#nameserver 8.8.8.8
nameserver 127.0.0.1
[root@localhost chinadns]#

[zfl9]

dig默认用udp，带上参数+tcp使用tcp上游，如 dig @114.114.114.114 +tcp foo.com

[cattyhouse]

1. 用 ss -nutlp
2. 你是否运行着 systemd-resolved
3. ls -la /etc/resolv.conf 指向什么地方
4. 尝试让chinadns监听比如 9999, 然后 dig @9999 .... 测试, 避开一切干扰.

回答下这几个问题哦

[GuoFlight]

dig默认用udp，带上参数+tcp使用tcp上游，如 dig @114.114.114.114 +tcp foo.com

已确认，使用tcp依然会有缓存。 我尝试使用物理机测试一下。

[zfl9]

你本机是不是有 systemd-resolved 啥的？

[zfl9]

要么是本机上有进程拦截了向外网发出的DNS请求， 要么就是网络的某个节点上有DNS拦截器，并做了缓存。

[cattyhouse]

目测你的虚拟机被外部主机劫持了 53. 建议这样试试:

./chinadns-ng-20240413-new -b 0.0.0.0 -l 9999 -p 2 -v -n

dig -p 9999 idp.eagleyun.cn

[GuoFlight]

1. 用 ss -nutlp
2. 你是否运行着 systemd-resolved
3. ls -la /etc/resolv.conf 指向什么地方
4. 尝试让chinadns监听比如 9999, 然后 dig @9999 .... 测试, 避开一切干扰.

回答下这几个问题哦

使用【china监听9999端口+tcp上游+用dig命令发起tcp请求】问题依然复现。

[GuoFlight]

我尝试用物理机测试，需要久一点，万分感谢各位，先休息吧。

[GuoFlight]

我用物理机测试的结果： 结论：

• 启动时加-n参数，没有复现我的问题。
• 启动时不加-n参数，返回了国内的A记录和国外的CNAME记录。（我觉得是114无法解析8.8.8.8 返回的CNAME造成的，对吗？）

同时，我发现dig命令默认不会请求CNAME记录，我依然用nslookup来测试。

[GuoFlight]

这是我用dig命令和nslookup同时测试的结果：我不知道为什么他们返回的CNAME不一样。

[GuoFlight]

为什么我用nslookup 加和不加-q=cname得到的结果不一样呢？是这个原因影响了我的测试。

[GuoFlight]

我发现nslookup测试时，不加-q=cname，chinadns就会接受8.8.8.8的结果。