- 论坛徽章:
- 0
|
无聊去捣鼓mpd5做pppoe服务器,发现DNS给我带来大麻烦。
拓扑:
PC<->pppoe_server(FB)<->gateway & DNS(FB)<->Internet
^
|
freeradius(FB)
其他都没问题,关键问题出在DNS上。
DNS IP:192.168.0.250
系统:
root@fba:/usr/local/etc/mpd5 # uname -a
FreeBSD fba.xxxx.xx.cn 9.2-STABLE FreeBSD 9.2-STABLE #3: Sat Mar 1 01:39:49 CST 2014 root@fba.xxxx.xx.cn:/usr/obj/usr/src/sys/FB amd64
现象:
以前用ROS+Freeradius拨号怎么用都没有问题,好像DNS换成这新机子后就出了问题。如果PC机本地网卡分给不正确的DNS,则通过ROS拨号后ping某IP可以,ping域名不行,换成mpd5拨号也是这现象。
必需把PC机的DNS设为192.168.0.250,然后怎么用都成。
实在是没有办法了,只有抓包,确定是PPPOE链接的DNS问题。
mpd5得到的IP为172.16.100.3- root@fba:/usr/local/etc/mpd5 # tcpdump -vvv -i em1 -s 0 -l -n port 53 and host 172.16.100.3
- tcpdump: listening on em1, link-type EN10MB (Ethernet), capture size 65535 bytes
- 01:41:34.330226 IP (tos 0x0, ttl 127, id 2105, offset 0, flags [none], proto UDP (17), length 62)
- 172.16.100.3.65443 > 192.168.0.250.53: [udp sum ok] 25769+ A? slog.sina.com.cn. (34)
- 01:41:34.331312 IP (tos 0x0, ttl 64, id 1758, offset 0, flags [none], proto UDP (17), length 62)
- 192.168.0.250.53 > 172.16.100.3.65443: [bad udp cksum 0xd1f1 -> 0xab73!] 25769 Refused- q: A? slog.sina.com.cn. 0/0/0 (34)
- 01:41:34.805251 IP (tos 0x0, ttl 127, id 2116, offset 0, flags [none], proto UDP (17), length 62)
- 172.16.100.3.63785 > 192.168.0.250.53: [udp sum ok] 64490+ A? static.bshare.cn. (34)
- 01:41:34.805896 IP (tos 0x0, ttl 64, id 1762, offset 0, flags [none], proto UDP (17), length 62)
- 192.168.0.250.53 > 172.16.100.3.63785: [bad udp cksum 0xd1f1 -> 0xb7af!] 64490 Refused- q: A? static.bshare.cn. 0/0/0 (34)
- 01:41:35.805338 IP (tos 0x0, ttl 127, id 2214, offset 0, flags [none], proto UDP (17), length 63)
- 172.16.100.3.62473 > 192.168.0.250.53: [udp sum ok] 37081+ A? count.kandian.com. (35)
- 01:41:35.807049 IP (tos 0x0, ttl 64, id 1777, offset 0, flags [none], proto UDP (17), length 63)
- 192.168.0.250.53 > 172.16.100.3.62473: [bad udp cksum 0xd1f2 -> 0xa0f4!] 37081 Refused- q: A? count.kandian.com. 0/0/0 (35)
- 01:41:35.932269 IP (tos 0x0, ttl 127, id 2233, offset 0, flags [none], proto UDP (17), length 69)
- 172.16.100.3.57937 > 192.168.0.250.53: [udp sum ok] 45587+ A? p.you.video.sina.com.cn. (41)
- 01:41:35.933867 IP (tos 0x0, ttl 64, id 1780, offset 0, flags [none], proto UDP (17), length 69)
- 192.168.0.250.53 > 172.16.100.3.57937: [bad udp cksum 0xd1f8 -> 0xcac7!] 45587 Refused- q: A? p.you.video.sina.com.cn. 0/0/0 (41)
- 01:41:36.114484 IP (tos 0x0, ttl 127, id 2246, offset 0, flags [none], proto UDP (17), length 57)
- 172.16.100.3.50859 > 192.168.0.250.53: [udp sum ok] 13069+ A? b.bshare.cn. (29)
- 01:41:36.116158 IP (tos 0x0, ttl 64, id 1784, offset 0, flags [none], proto UDP (17), length 57)
- 192.168.0.250.53 > 172.16.100.3.50859: [bad udp cksum 0xd1ec -> 0x0bea!] 13069 Refused- q: A? b.bshare.cn. 0/0/0 (29)
- 01:41:38.000781 IP (tos 0x0, ttl 127, id 2338, offset 0, flags [none], proto UDP (17), length 71)
- 172.16.100.3.64590 > 192.168.0.250.53: [udp sum ok] 63175+ A? comment5.news.sina.com.cn. (43)
- 01:41:38.003247 IP (tos 0x0, ttl 64, id 1849, offset 0, flags [none], proto UDP (17), length 71)
- 192.168.0.250.53 > 172.16.100.3.64590: [bad udp cksum 0xd1fa -> 0x4633!] 63175 Refused- q: A? comment5.news.sina.com.cn. 0/0/0 (43)
- 01:41:38.037128 IP (tos 0x0, ttl 127, id 2342, offset 0, flags [none], proto UDP (17), length 56)
- 172.16.100.3.52253 > 192.168.0.250.53: [udp sum ok] 57040+ A? v.iask.com. (28)
- 01:41:38.038772 IP (tos 0x0, ttl 64, id 1851, offset 0, flags [none], proto UDP (17), length 56)
- 192.168.0.250.53 > 172.16.100.3.52253: [bad udp cksum 0xd1eb -> 0x5efe!] 57040 Refused- q: A? v.iask.com. 0/0/0 (28)
- ^C
- 14 packets captured
- 700 packets received by filter
- 0 packets dropped by kernel
复制代码 ROS得到的IP为172.16.100.3- root@fba:/usr/local/etc/mpd5 # tcpdump -vvv -i em1 -s 0 -l -n port 53 and host 192.168.6.3
- tcpdump: listening on em1, link-type EN10MB (Ethernet), capture size 65535 bytes
- 01:45:05.957592 IP (tos 0x0, ttl 127, id 5, offset 0, flags [none], proto UDP (17), length 62)
- 192.168.6.3.58679 > 192.168.0.250.53: [udp sum ok] 17541+ A? www.msftncsi.com. (34)
- 01:45:05.957611 IP (tos 0x0, ttl 127, id 6, offset 0, flags [none], proto UDP (17), length 62)
- 192.168.6.3.60336 > 192.168.0.250.53: [udp sum ok] 52011+ A? www.msftncsi.com. (34)
- 01:45:05.957726 IP (tos 0x0, ttl 64, id 36614, offset 0, flags [none], proto UDP (17), length 62)
- 192.168.0.250.53 > 192.168.6.3.58679: [bad udp cksum 0x8889 -> 0xc43a!] 17541 Refused- q: A? www.msftncsi.com. 0/0/0 (34)
- 01:45:05.957750 IP (tos 0x0, ttl 64, id 36615, offset 0, flags [none], proto UDP (17), length 62)
- 192.168.0.250.53 > 192.168.6.3.60336: [bad udp cksum 0x8889 -> 0x371b!] 52011 Refused- q: A? www.msftncsi.com. 0/0/0 (34)
- 01:45:08.816366 IP (tos 0x0, ttl 127, id 42, offset 0, flags [none], proto UDP (17), length 60)
- 192.168.6.3.55119 > 192.168.0.250.53: [udp sum ok] 32796+ A? www.nmc.gov.cn. (32)
- 01:45:08.816580 IP (tos 0x0, ttl 64, id 36624, offset 0, flags [none], proto UDP (17), length 60)
- 192.168.0.250.53 > 192.168.6.3.55119: [bad udp cksum 0x8887 -> 0xcfa5!] 32796 Refused- q: A? www.nmc.gov.cn. 0/0/0 (32)
- 01:45:09.066874 IP (tos 0x0, ttl 127, id 50, offset 0, flags [none], proto UDP (17), length 66)
- 192.168.6.3.61782 > 192.168.0.250.53: [udp sum ok] 46882+ A? image.weather.gov.cn. (38)
- 01:45:09.067009 IP (tos 0x0, ttl 64, id 36629, offset 0, flags [none], proto UDP (17), length 66)
- 192.168.0.250.53 > 192.168.6.3.61782: [bad udp cksum 0x888d -> 0x4969!] 46882 Refused- q: A? image.weather.gov.cn. 0/0/0 (38)
- 01:45:09.484108 IP (tos 0x0, ttl 127, id 72, offset 0, flags [none], proto UDP (17), length 56)
- 192.168.6.3.51477 > 192.168.0.250.53: [udp sum ok] 15590+ A? w.cnzz.com. (28)
- 01:45:09.484239 IP (tos 0x0, ttl 64, id 36634, offset 0, flags [none], proto UDP (17), length 56)
- 192.168.0.250.53 > 192.168.6.3.51477: [bad udp cksum 0x8883 -> 0x3157!] 15590 Refused- q: A? w.cnzz.com. 0/0/0 (28)
- 01:45:09.822939 IP (tos 0x0, ttl 127, id 129, offset 0, flags [none], proto UDP (17), length 59)
- 192.168.6.3.51088 > 192.168.0.250.53: [udp sum ok] 8689+ A? hqs8.cnzz.com. (31)
- 01:45:09.822954 IP (tos 0x0, ttl 127, id 130, offset 0, flags [none], proto UDP (17), length 56)
- 192.168.6.3.62396 > 192.168.0.250.53: [udp sum ok] 8216+ A? c.cnzz.com. (28)
- 01:45:09.823094 IP (tos 0x0, ttl 64, id 36651, offset 0, flags [none], proto UDP (17), length 59)
- 192.168.0.250.53 > 192.168.6.3.51088: [bad udp cksum 0x8886 -> 0x0bfc!] 8689 Refused- q: A? hqs8.cnzz.com. 0/0/0 (31)
- 01:45:09.823133 IP (tos 0x0, ttl 64, id 36652, offset 0, flags [none], proto UDP (17), length 56)
- 192.168.0.250.53 > 192.168.6.3.62396: [bad udp cksum 0x8883 -> 0x2392!] 8216 Refused- q: A? c.cnzz.com. 0/0/0 (28)
- 01:45:09.977380 IP (tos 0x0, ttl 127, id 164, offset 0, flags [none], proto UDP (17), length 64)
- 192.168.6.3.59707 > 192.168.0.250.53: [udp sum ok] 22764+ A? bbs.weather.gov.cn. (36)
- 01:45:09.977410 IP (tos 0x0, ttl 127, id 165, offset 0, flags [none], proto UDP (17), length 64)
- 192.168.6.3.56468 > 192.168.0.250.53: [udp sum ok] 42890+ A? eng.weather.gov.cn. (36)
- 01:45:09.977528 IP (tos 0x0, ttl 64, id 36657, offset 0, flags [none], proto UDP (17), length 64)
- 192.168.0.250.53 > 192.168.6.3.59707: [bad udp cksum 0x888b -> 0x2419!] 22764 Refused- q: A? bbs.weather.gov.cn. 0/0/0 (36)
- 01:45:09.977566 IP (tos 0x0, ttl 64, id 36658, offset 0, flags [none], proto UDP (17), length 64)
- 192.168.0.250.53 > 192.168.6.3.56468: [bad udp cksum 0x888b -> 0xd62a!] 42890 Refused- q: A? eng.weather.gov.cn. 0/0/0 (36)
- 01:45:10.007708 IP (tos 0x0, ttl 127, id 166, offset 0, flags [none], proto UDP (17), length 68)
- 192.168.6.3.59973 > 192.168.0.250.53: [udp sum ok] 59149+ A? typhoon.weather.gov.cn. (40)
- 01:45:10.007845 IP (tos 0x0, ttl 64, id 36663, offset 0, flags [none], proto UDP (17), length 68)
- 192.168.0.250.53 > 192.168.6.3.59973: [bad udp cksum 0x888f -> 0xa1f8!] 59149 Refused- q: A? typhoon.weather.gov.cn. 0/0/0 (40)
复制代码 怎么总有“bad udp cksum”,是不是因为我用的是STABLE版本?
抓狂了,死了算了。明天换系统再看看。 |
|