macos 何时使用辅助 DNS 服务器?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/10207640/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
When is a secondary DNS server used?
提问by Darthtong
On our router we have the primary DNS set to a local IP, which is running Windows Server 2008 and the built in DNS server. We use this to resolve domains to local servers, if the domain is not founds locally we have forwarders set up to query external name servers.
在我们的路由器上,我们将主 DNS 设置为本地 IP,该 IP 运行 Windows Server 2008 和内置 DNS 服务器。我们使用它来将域解析到本地服务器,如果在本地找不到域,我们会设置转发器来查询外部名称服务器。
The secondary DNS on the router is set to our ISP's primary DNS, incase the local DNS server is down.
路由器上的辅助 DNS 设置为我们 ISP 的主要 DNS,以防本地 DNS 服务器关闭。
The mac clients in our office pick up the DNS servers correctly from the router but it seems very random as to what DNS server it uses. For example, a local site would load up but some of the images would not. If I hard coded my DNS address to be the local DNS server everything would work fine.
我们办公室的 mac 客户端从路由器上正确地选择了 DNS 服务器,但它使用的 DNS 服务器似乎非常随机。例如,本地站点会加载,但某些图像不会。如果我将我的 DNS 地址硬编码为本地 DNS 服务器,一切都会正常工作。
So my question is, when would a mac client use the secondary DNS server? I though it'd only use it if the primary DNS was unavailable?
所以我的问题是,mac 客户端什么时候会使用辅助 DNS 服务器?我虽然只有在主 DNS 不可用时才会使用它?
Thanks!
谢谢!
采纳答案by Sandman4
I googled this articlewhich explains newer MacOS DNS search order. And this onewhich explains how to tweak it to obtain results that you desire.
我在谷歌上搜索了这篇文章,其中解释了较新的 MacOS DNS 搜索顺序。而这一次,解释如何调整它才能得到结果,你的愿望。
Though the general idea is that it was never intended (in any OS) that first server is the one used and the second one is a backup. ( Even on windows, if first server for some reason doesn't answers very quickly, the second one will be queried.) It's wiser to regard server query order as unspecified.
虽然一般的想法是(在任何操作系统中)从来没有打算使用第一个服务器,第二个是备份。(即使在 Windows 上,如果第一个服务器由于某种原因没有很快回答,第二个将被查询。)将服务器查询顺序视为未指定是更明智的。
回答by Mecki
The general idea of a secondary DNS server was that in case the primary DNS server doesn't reply (e.g. it is offline, unreachable, restarting, etc.), the system can fall back to a secondary one, so it won't be unable to resolve DNS names during that time. Doesn't reply means "no reply at all", it will not ask the secondary when the primary one said that a name is unknown. Answering that a name is unknown isa reply.
辅助 DNS 服务器的总体思路是,如果主 DNS 服务器没有回复(例如它离线、无法访问、重新启动等),系统可以回退到辅助 DNS 服务器,因此它不会在此期间无法解析 DNS 名称。不回复意味着“根本没有回复”,当主说一个名字未知时它不会询问次要。回答姓名未知是一种答复。
The problem here is that DNS uses UDP and UDP is connectionless. So if a DNS server is offline, the system won't notice that other by not receiving a reply from it. As an UDP packet may as well get lost and the round-trip time (RTT) is unknown, it will have to resend the request a couple of times, every time waiting for several seconds, before it finally gets to the conclusion that this server is dead. This means it can take up to an entire minute and above to resolve a DNS name if the first DNS server dies.
这里的问题是 DNS 使用 UDP 而 UDP 是无连接的。因此,如果 DNS 服务器处于离线状态,系统将不会因为没有收到来自它的回复而注意到其他服务器。由于 UDP 数据包也可能丢失并且往返时间 (RTT) 未知,因此它必须重新发送请求几次,每次等待几秒钟,然后最终得出该服务器的结论死了。这意味着如果第一个 DNS 服务器死机,解析 DNS 名称可能需要一整分钟或更长时间。
As that seems unacceptable, different operating system developed different strategies to handle this in a better way. As both DNS servers are supposed to deliver the same result for the same domain (if not, your setup is actually flawed as the secondary should be a 1-to-1 replacement for the primary one), it shouldn't matter which one is being used. Some systems may send a request to the primary one but if no reply comes back within a few seconds, they don't resend to it but first try the secondary one (then they resend to the primary one and so on). Some may also query both at once, make the faster one win and then keep using that one for a while (until they start another race to see if it is still the faster one). Some may also prefer the primary one but do some kind of load balancing and switch to the secondary one if more than a certain amount of queries are currently pending on the primary one. Some will just alternate between them as a poor man's load balancing. All of this is actually allowed.
由于这似乎是不可接受的,不同的操作系统开发了不同的策略来更好地处理这个问题。由于两个 DNS 服务器都应该为同一个域提供相同的结果(如果不是,您的设置实际上存在缺陷,因为辅助服务器应该是主要服务器的 1 对 1 替换),因此哪个是无关紧要的正在使用。有些系统可能会向主系统发送请求,但如果几秒钟内没有回复,它们就不会重新发送给它,而是先尝试次要系统(然后重新发送给主系统,依此类推)。有些人也可能同时查询两者,让更快的一个获胜,然后继续使用那个一段时间(直到他们开始另一场比赛,看看它是否仍然是更快的)。有些人可能更喜欢主要的,但如果当前有超过一定数量的查询在主要查询上挂起,则会进行某种负载平衡并切换到次要查询。有些只是作为穷人的负载平衡在它们之间交替。所有这些实际上都是允许的。
In your case, though, I'm afraid something is wrong with your primary server as by default, macOS will only use the primary one. If it constantly falls back to the secondary one, it may consider the primary one to be too slow. Every time that happens, the secondary server becomes the primary one, see this older knowlebase article. This cnet articleexplained how this can be disabled but I'm not sure this is still possible in current systems. I wasn't able to find any reference on this but IIRC from the very back of my head, Apple once mentioned on a WWDC that they are now more aggressive at DNS querying and may even try to contact multiple DNS servers at once with the fastest one winning in some cases but I might be wrong on this (maybe this was iOS only or so).
但是,在您的情况下,我担心您的主服务器有问题,因为默认情况下,macOS 只会使用主服务器。如果它不断地回退到次要的,它可能会认为主要的太慢了。每次发生这种情况时,辅助服务器都会成为主要服务器,请参阅这篇较旧的知识库文章。这篇cnet文章解释了如何禁用它,但我不确定这在当前系统中是否仍然可行。我无法找到任何关于此的参考,但是 IIRC 从我的脑海深处,Apple 曾经在 WWDC 上提到他们现在在 DNS 查询方面更加积极,甚至可能尝试以最快的速度同时联系多个 DNS 服务器在某些情况下赢了,但我可能错了(也许这只是 iOS 左右)。
