k8s中coredns配置不解析ipv6地址

发布于：2025-06-11 ⋅ 阅读:(34) ⋅ 点赞:(0)

原coredns配置

.:53 {
    errors
    health {
      lameduck 5s
    }
    ready
    kubernetes cluster.local in-addr.arpa ip6.arpa {
      pods insecure
      fallthrough in-addr.arpa ip6.arpa
    }
    prometheus :9153
    forward . "/etc/resolv.conf"
    cache 30
    loop
    reload
    loadbalance
} # STUBDOMAINS - Rancher specific change

不解析ipv6配置

.:53 {
    errors
    health {
      lameduck 5s
    }
    ready
    kubernetes cluster.local in-addr.arpa
    prometheus :9153

    # 仅拦截 AAAA 查询，不影响其他类型
    template IN AAAA . {
        rcode NXDOMAIN
    }

    # 使用英文引号，并指定可靠上游 DNS
    forward . /etc/resolv.conf {
        except no-ipv6.invalid  # 避免循环
        policy sequential
    }

    cache 30
    loop
    reload
    loadbalance
}

测试解析：

Name:   maap201.gd.rcs.cn
Address: 1.1.1.1
** server can't find maap201.gd.rcs.cn: NXDOMAIN


real    0m0.015s
user    0m0.007s
sys     0m0.005s
root@rcs-msg-send-prod-86665b4ccf-8h5gg:/hskj/app# for i in {1..50};do time nslookup maap201.gd.rcs.cn;done


root@rcs-msg-send-test-b68fb6cc9-ccttg:/hskj/app# dig AAAA maap201.gd.rcs.cn @10.43.0.10

; <<>> DiG 9.16.50-Debian <<>> AAAA maap201.gd.rcs.cn @10.43.0.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3708
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: b3b45e5abf8f7f42 (echoed)
;; QUESTION SECTION:
;maap201.gd.rcs.cn.         IN      AAAA

;; Query time: 1 msec
;; SERVER: 10.43.0.10#53(10.43.0.10)
;; WHEN: Sat Jun 07 09:19:45 CST 2025
;; MSG SIZE  rcvd: 62

root@rcs-msg-send-test-b68fb6cc9-ccttg:/hskj/app# dig A maap201.gd.rcs.cn @10.43.0.10

; <<>> DiG 9.16.50-Debian <<>> A maap201.gd.rcs.cn @10.43.0.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44578
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 536fbe9907cc6af4 (echoed)
;; QUESTION SECTION:
;maap201.gd.rcs.cn.         IN      A

;; ANSWER SECTION:
maap201.gd.rcs.cn.  30      IN      A       1.1.1.1

;; Query time: 90 msec
;; SERVER: 10.43.0.10#53(10.43.0.10)
;; WHEN: Sat Jun 07 09:19:56 CST 2025
;; MSG SIZE  rcvd: 99

root@rcs-msg-send-test-b68fb6cc9-ccttg:/hskj/app#

k8s中coredns配置不解析ipv6地址

网站公告

今日签到

热门文章

最新发布