问题描述:DNS解析时出现"no servers could be reached"告警,如下所示:
系统:客户端与服务器端均为 rhel 7.9 64位
主机名:客户端(cbdps01) DNS服务器端(leo-mydns)
1、异常重现
[root@cbdps01 ~]# nslookup cbdps-scan
;; connection timed out; no servers could be reached
DNS服务器端正常解析.
[root@leo-mydns ~]# nslookup cbdps-scan
Server: 192.168.133.200
Address: 192.168.133.200#53
Name: cbdps-scan.cqupt.com
Address: 192.168.133.247
2、异常排查
--客户端DNS服务进程正常
[root@cbdps01 ~]# systemctl status named
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; disabled; vendor preset: disabled)
Active: active (running) since Sun 2025-03-09 18:43:41 CST; 3min 10s ago
Process: 8475 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS)
Process: 8472 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 8477 (named)
CGroup: /system.slice/named.service
└─8477 /usr/sbin/named -u named -c /etc/named.conf
Mar 09 18:43:42 cbdps01 named[8477]: network unreachable resolving './DNSKEY/IN': 2001:500:2::c#53
Mar 09 18:43:42 cbdps01 named[8477]: network unreachable resolving './DNSKEY/IN': 2001:7fe::53#53
Mar 09 18:43:42 cbdps01 named[8477]: network unreachable resolving './DNSKEY/IN': 2001:500:2d::d#53
Mar 09 18:43:42 cbdps01 named[8477]: resolver priming query complete
Mar 09 18:43:42 cbdps01 named[8477]: checkhints: b.root-servers.net/A (170.247.170.2) missing from hints
Mar 09 18:43:42 cbdps01 named[8477]: checkhints: b.root-servers.net/A (199.9.14.201) extra record in hints
Mar 09 18:43:42 cbdps01 named[8477]: checkhints: b.root-servers.net/AAAA (2801:1b8:10::b) missing from hints
Mar 09 18:43:42 cbdps01 named[8477]: checkhints: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
Mar 09 18:43:42 cbdps01 named[8477]: managed-keys-zone: Key 20326 for zone . acceptance timer complete: key now trusted
Mar 09 18:43:42 cbdps01 named[8477]: managed-keys-zone: Initializing automatic trust anchor management for zone '.'; DNSKEY ID 38696 is now trusted, waiving the normal 30-day waiting period.
Hint: Some lines were ellipsized, use -l to show in full.
3、异常原因
DNS服务器端防火墙未关闭导致该异常.
4、解决方案
关闭DNS服务器端防火墙.
[root@leo-mydns ~]# systemctl stop firewalld.service
[root@leo-mydns ~]# systemctl disable firewalld.service
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
5、结果验证
[root@cbdps01 ~]# nslookup cbdps-scan
Server: 192.168.133.200
Address: 192.168.133.200#53
Name: cbdps-scan.cqupt.com
Address: 192.168.133.247
[root@cbdps01 ~]# nslookup 192.168.133.247
247.133.168.192.IN-ADDR.ARPA name = cbdps-scan.cqupt.com.
说明:如上所示客户端cbdps01正向反向解析均正常.
最后修改时间:2025-03-09 19:04:12
「喜欢这篇文章,您的关注和赞赏是给作者最好的鼓励」
关注作者
【版权声明】本文为墨天轮用户原创内容,转载时必须标注文章的来源(墨天轮),文章链接,文章作者等基本信息,否则作者和墨天轮有权追究责任。如果您发现墨天轮中有涉嫌抄袭或者侵权的内容,欢迎发送邮件至:contact@modb.pro进行举报,并提供相关证据,一经查实,墨天轮将立刻删除相关内容。
安装oracle 12c rac节点2在打 33610989 补丁时出现"cannot move libasmclntsh12.so"的告警
Leo
33次阅读
2025-03-04 23:58:22
安装oracle 12.2.0.1 rac第一个节点执行root.sh时报错"failed to get the list of configured diskgroups"
Leo
27次阅读
2025-03-08 18:19:09
安装oracle 12c rac节点1在打33583921 RU时出现"Failed to bring down CRS service on home"告警
Leo
26次阅读
2025-03-04 23:30:58
安装oracle 12.2.0.1 rac第二个节点执行root.sh时报错"Resource 'ora.cssdmonitor' failed during Clusterware stack start"
Leo
22次阅读
2025-03-08 18:35:12
