要查看使用了什么实际的DNS服务器来解析您的地址,在使用DNSMasq时将无法使用,DIG
因为它仅报告127.0.0.1
,而是:
在DNSMasq中启用登录:
sed -i 's/\#log-queries/log-queries/' /etc/dnsmasq.conf
systemctl restart dnsmasq
记录DNSMasq并监视输出:
journalctl --unit dnsmasq.service -f
ping主机:
ping google.ca
然后您可以看到,我的上游DNS服务器(192.168.1.1)可以解决该问题:
: query[A] google.ca from 127.0.0.1
: forwarded google.ca to 192.168.1.1
: query[AAAA] google.ca from 127.0.0.1
: forwarded google.ca to 192.168.1.1
: reply google.ca is 172.217.1.3
: reply google.ca is 2607:f8b0:400b:80f::2003
: query[PTR] 3.1.217.172.in-addr.arpa from 127.0.0.1
: forwarded 3.1.217.172.in-addr.arpa to 192.168.1.1
: reply 172.217.1.3 is iad23s25-in-f3.1e100.net
: reply 172.217.1.3 is yyz10s14-in-f3.1e100.net
在* .company.com的公司VPN后(在拆分隧道中)对主机执行ping操作
ping box.company.com
结果:
: query[A] box.company.com from 127.0.0.1
: forwarded box.company.com to vpn.ser.ver.ip
: query[AAAA] box.company.com from 127.0.0.1