resolv.conf

domain と search について

man を読んでも大したこと書いてないし、日英ともに外部サイトは「ホントかよ」みたいな内容が多い。とりあえず手元で動かしてどうなるか確認。「これらのキーワードが 2 つ以上記述されている場合、最後に記述されているものが有効になる。」これが正しいかの再確認だろう。

▼ domain が下に来る resolv.conf

resolv.conf

search sear1.yokohei.corp sear2.yokohei.corp  
domain dom.yokohei.corp

pcap 結果

17:12:36.971234 IP 172.31.0.26.59715 > 172.31.0.2.domain: 14689+ A? yokohei.dom.yokohei.corp. (42)
17:12:36.990460 IP 172.31.0.2.domain > 172.31.0.26.59715: 14689 NXDomain 0/1/0 (117)
17:12:36.990500 IP 172.31.0.26.35686 > 172.31.0.2.domain: 62761+ A? yokohei. (25)
17:12:36.991055 IP 172.31.0.2.domain > 172.31.0.26.40505: 46135 NXDomain 0/1/0 (129)

domain を下に書いてるので、 domain だけを利用。 search は使われない。

▼ search が下に来る resolv.conf

resolv.conf

domain dom.yokohei.corp  
search sear1.yokohei.corp sear2.yokohei.corp

pcap 結果

17:13:33.943296 IP 172.31.0.26.54504 > 172.31.0.2.domain: 12426+ A? yokohei.sear1.yokohei.corp. (44)
17:13:33.956272 IP 172.31.0.2.domain > 172.31.0.26.54504: 12426 NXDomain 0/1/0 (119)
17:13:33.956464 IP 172.31.0.26.45576 > 172.31.0.2.domain: 62232+ A? yokohei.sear2.yokohei.corp. (44)
17:13:33.975554 IP 172.31.0.2.domain > 172.31.0.26.45576: 62232 NXDomain 0/1/0 (119)
17:13:33.975708 IP 172.31.0.26.51491 > 172.31.0.2.domain: 57286+ A? yokohei. (25)
17:13:33.976035 IP 172.31.0.2.domain > 172.31.0.26.51491: 57286 NXDomain 0/1/0 (100)

search を下に書いてるので、 search だけを利用。 domain は使われない。

▼ domain と ndots について

domain オプションについても ndots は考慮される模様。また、 ndots により先にサフィックスをつけたものを検索して、結果がなければ domain を考慮しないもとの問い合わせクエリを試行するようだ。

resolve.conf

options timeout:2 attempts:2 ndots:5
nameserver 172.31.0.2
domain ama.local

curl yokohei.com 結果

19:16:06.657254 IP ip-172-31-0-200.eu-west-1.compute.internal.41469 > 172.31.0.2.domain: 39504+ A? yokohei.com.ama.local. (39)
19:16:06.657746 IP 172.31.0.2.domain > ip-172-31-0-200.eu-west-1.compute.internal.41469: 39504 NXDomain 0/1/0 (114)

19:16:08.659536 IP ip-172-31-0-200.eu-west-1.compute.internal.41469 > 172.31.0.2.domain: 39504+ A? yokohei.com.ama.local. (39)
19:16:08.660049 IP 172.31.0.2.domain > ip-172-31-0-200.eu-west-1.compute.internal.41469: 39504 NXDomain 0/1/0 (114)

19:16:10.661727 IP ip-172-31-0-200.eu-west-1.compute.internal.44904 > 172.31.0.2.domain: 63327+ A? yokohei.com. (29)
19:16:10.662336 IP 172.31.0.2.domain > ip-172-31-0-200.eu-west-1.compute.internal.44904: 63327 4/0/0 A 99.86.122.107, A 99.86.122.26, A 99.86.122.32, A 99.86.122.34 (93)

19:16:12.663889 IP ip-172-31-0-200.eu-west-1.compute.internal.44904 > 172.31.0.2.domain: 63327+ A? yokohei.com. (29)
19:16:12.664560 IP 172.31.0.2.domain > ip-172-31-0-200.eu-west-1.compute.internal.44904: 63327 4/0/0 A 99.86.122.34, A 99.86.122.107, A 99.86.122.26, A 99.86.122.32 (93)

attempts について

タイムアウトしてリトライし、 attempts 回目でも失敗した場合は search のサフィックスを付加して再度要領でクエリを投げる。

$ cat /etc/resolv.conf 
options timeout:2 attempts:5
; generated by /sbin/dhclient-script
search search.yokohei.corp
nameserver 8.8.8.8

$ sudo iptables -A INPUT -p udp --sport 53 -j DROP

$ sudo tcpdump port 53

$ curl localdomain.test
curl: (6) Could not resolve host: localdomain.test

$ sudo iptables -D INPUT -p udp --sport 53 -j DROP

2 秒ごとに localdomain.test. の A レコードを問い合わせるクエリを 2 秒ごとに 5 回投げ、 5 回目で終了。その後、引き続き 2 秒ごとに localdomain.test.search.yokohei.corp. へのクエリを 5 回。

pcap 結果

19:41:37.819816 IP 172.31.0.26.34985 > 8.8.8.8.domain: 38938+ A? localdomain.test. (34)
19:41:39.822141 IP 172.31.0.26.34985 > 8.8.8.8.domain: 38938+ A? localdomain.test. (34)
19:41:41.824498 IP 172.31.0.26.34985 > 8.8.8.8.domain: 38938+ A? localdomain.test. (34)
19:41:43.826791 IP 172.31.0.26.34985 > 8.8.8.8.domain: 38938+ A? localdomain.test. (34)
19:41:45.829087 IP 172.31.0.26.34985 > 8.8.8.8.domain: 38938+ A? localdomain.test. (34)
...
19:41:47.831464 IP 172.31.0.26.46149 > 8.8.8.8.domain: 19601+ A? localdomain.test.search.yokohei.corp. (54)
19:41:49.833794 IP 172.31.0.26.46149 > 8.8.8.8.domain: 19601+ A? localdomain.test.search.yokohei.corp. (54)
19:41:51.836123 IP 172.31.0.26.46149 > 8.8.8.8.domain: 19601+ A? localdomain.test.search.yokohei.corp. (54)
19:41:53.838450 IP 172.31.0.26.46149 > 8.8.8.8.domain: 19601+ A? localdomain.test.search.yokohei.corp. (54)
19:41:55.840746 IP 172.31.0.26.46149 > 8.8.8.8.domain: 19601+ A? localdomain.test.search.yokohei.corp. (54)

nameserver について

▼ 複数 nameserver

resolv.conf

options timeout:2 attempts:2

nameserver 172.31.0.2
nameserver 8.8.8.8

pcap 結果

16:36:46.181195 IP 172.31.0.130.35714 > 172.31.0.2.domain: 55053+ A? yokohei.com. (29)
16:36:46.206610 IP 172.31.0.2.domain > 172.31.0.130.35714: 55053 4/0/0 A 54.192.29.89, A 54.192.29.123, A 54.192.29.221, A 54.192.29.237 (93)
16:36:48.183173 IP 172.31.0.130.42826 > 8.8.8.8.domain: 55053+ A? yokohei.com. (29)
16:36:48.225939 IP 8.8.8.8.domain > 172.31.0.130.42826: 55053 4/0/0 A 54.192.29.221, A 54.192.29.89, A 54.192.29.237, A 54.192.29.123 (93)
16:36:50.185307 IP 172.31.0.130.35714 > 172.31.0.2.domain: 55053+ A? yokohei.com. (29)
16:36:50.185781 IP 172.31.0.2.domain > 172.31.0.130.35714: 55053 4/0/0 A 54.192.29.237, A 54.192.29.89, A 54.192.29.123, A 54.192.29.221 (93)
16:36:52.187459 IP 172.31.0.130.42826 > 8.8.8.8.domain: 55053+ A? yokohei.com. (29)
16:36:52.188595 IP 8.8.8.8.domain > 172.31.0.130.42826: 55053 4/0/0 A 54.192.29.221, A 54.192.29.89, A 54.192.29.237, A 54.192.29.123 (93)

上の nameserver -> timeout 秒 -> 次の nameserver -> timeout 秒 -> ... といった流れになる。 nameserver 数 × attempts 回繰り返す。

▼ 複数 nameserver + search

resolv.conf

options timeout:2 attempts:2

search yokohei.local
nameserver 172.31.0.2
nameserver 8.8.8.8

pcap 結果

16:50:17.213215 IP 172.31.0.130.56574 > 172.31.0.2.domain: 27563+ A? yokohei.com. (29)
16:50:17.253194 IP 172.31.0.2.domain > 172.31.0.130.56574: 27563 4/0/0 A 54.192.29.89, A 54.192.29.123, A 54.192.29.221, A 54.192.29.237 (93)

16:50:19.215229 IP 172.31.0.130.47819 > 8.8.8.8.domain: 27563+ A? yokohei.com. (29)
16:50:19.242383 IP 8.8.8.8.domain > 172.31.0.130.47819: 27563 4/0/0 A 54.192.29.237, A 54.192.29.89, A 54.192.29.123, A 54.192.29.221 (93)

16:50:21.217365 IP 172.31.0.130.56574 > 172.31.0.2.domain: 27563+ A? yokohei.com. (29)
16:50:21.217907 IP 172.31.0.2.domain > 172.31.0.130.56574: 27563 4/0/0 A 54.192.29.237, A 54.192.29.89, A 54.192.29.123, A 54.192.29.221 (93)

16:50:23.219513 IP 172.31.0.130.47819 > 8.8.8.8.domain: 27563+ A? yokohei.com. (29)
16:50:23.220689 IP 8.8.8.8.domain > 172.31.0.130.47819: 27563 4/0/0 A 54.192.29.237, A 54.192.29.89, A 54.192.29.123, A 54.192.29.221 (93)

16:50:25.221700 IP 172.31.0.130.44023 > 172.31.0.2.domain: 20880+ A? yokohei.com.yokohei.local. (43)
16:50:25.223332 IP 172.31.0.2.domain > 172.31.0.130.44023: 20880 NXDomain 0/1/0 (130)

16:50:27.223872 IP 172.31.0.130.58963 > 8.8.8.8.domain: 20880+ A? yokohei.com.yokohei.local. (43)
16:50:27.224989 IP 8.8.8.8.domain > 172.31.0.130.58963: 20880 NXDomain 0/1/0 (118)

16:50:29.226007 IP 172.31.0.130.44023 > 172.31.0.2.domain: 20880+ A? yokohei.com.yokohei.local. (43)
å16:50:29.226418 IP 172.31.0.2.domain > 172.31.0.130.44023: 20880 NXDomain 0/1/0 (130)

16:50:31.228165 IP 172.31.0.130.58963 > 8.8.8.8.domain: 20880+ A? yokohei.com.yokohei.local. (43)
16:50:31.229303 IP 8.8.8.8.domain > 172.31.0.130.58963: 20880 NXDomain 0/1/0 (118)

上の複数 nameserver のときのものを実施し、その後サフィックスを付けて同じ流れ。

rotate について

resolv.conf

options timeout:10 attempts:1 rotate

nameserver 172.31.0.2
nameserver 8.8.8.8

この設定で、 2 つの terminal から curl yokohei-1st.com と curl yokohei-2nd.com を実施。 pcap 結果を見ると、最初に問い合わせるネームサーバがラウンドロビンになるように見える。その後は、普通に nameserver を交互に。

pcap 結果

17:12:12.987775 IP 172.31.0.130.42144 > 172.31.0.2.domain: 6191+ A? yokohei-1st.com. (33)
17:12:13.006424 IP 172.31.0.2.domain > 172.31.0.130.42144: 6191 NXDomain 0/1/0 (106)

17:12:15.003626 IP 172.31.0.130.33192 > 8.8.8.8.domain: 44094+ A? yokohei-2nd.com. (33)
17:12:15.021886 IP 8.8.8.8.domain > 172.31.0.130.33192: 44094 NXDomain 0/1/0 (106)

17:12:22.997846 IP 172.31.0.130.54731 > 8.8.8.8.domain: 6191+ A? yokohei-1st.com. (33)
17:12:23.026771 IP 8.8.8.8.domain > 172.31.0.130.54731: 6191 NXDomain 0/1/0 (106)

17:12:25.013772 IP 172.31.0.130.56879 > 172.31.0.2.domain: 44094+ A? yokohei-2nd.com. (33)
17:12:25.047713 IP 172.31.0.2.domain > 172.31.0.130.56879: 44094 NXDomain 0/1/0 (106)

PreviousDNS and OS NextTCP Fallback

hashtagdomain と search について

hashtag▼ domain が下に来る resolv.conf

hashtag▼ search が下に来る resolv.conf

hashtag▼ domain と ndots について

hashtagattempts について

hashtagnameserver について

hashtag▼ 複数 nameserver

hashtag▼ 複数 nameserver + search

hashtagrotate について

domain と search について

▼ domain が下に来る resolv.conf

▼ search が下に来る resolv.conf

▼ domain と ndots について

attempts について

nameserver について

▼ 複数 nameserver

▼ 複数 nameserver + search

rotate について