curl - curl 和 nslookup 之间的名称查找差异是什么

Question

当我试图弄清楚 DNS 查询何时会超时时，我迷路了。尝试了多种场景(在 Linux 上):

/etc/resolv.conf 中没有配置名称服务器

###################### curl #######################
WRITE_OUT="%{http_code}\t%{time_namelookup}\t%{time_connect}\t\t%{time_starttransfer}\t\t%{time_total}\n"

time curl -k -w "$WRITE_OUT" https://www.google.com/
000     0.000   0.000           0.000           0.000

curl: (6) Could not resolve host: www.goole.com; Unknown error

real    0m0.009s
user    0m0.000s
sys     0m0.006s

##################### nslookup ####################
time nslookup www.google.com
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached

real    0m24.012s
user    0m0.004s
sys     0m0.009s

正如我们所见，curl 立即返回(9 毫秒)，而 nslookup 需要更长的时间(24 秒)。这让我很困惑，curl 的行为更有意义，因为主机上没有指定名称服务器。

在/etc/resolv.conf中添加一个无法访问的主机IP，无法ping通模拟名称服务器宕机场景

###################### curl #######################
time curl -k -w "$WRITE_OUT" https://www.google.com/
000     0.000   0.000           0.000           19.529  
curl: (6) Could not resolve host: www.goole.com; Unknown error

real    0m20.535s
user    0m0.003s
sys     0m0.005s

##################### nslookup ####################
time nslookup www.google.com
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached

real    0m20.008s
user    0m0.006s
sys     0m0.003s

欢呼!看起来像 curl 和 nslookup 在同一页面上。

添加可以ping通但没有DNS服务的主机IP地址，以模拟服务器处于事件状态但名称服务器服务已关闭

###################### curl #######################
time curl -k -w "$WRITE_OUT" https://www.google.com/
000     0.000   0.000           0.000           4.513
curl: (6) Could not resolve host: www.goole.com; Unknown error

real    0m5.520s
user    0m0.004s
sys     0m0.005s

##################### nslookup ####################
time nslookup www.google.com
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached


real    0m20.010s
user    0m0.006s
sys     0m0.005s

又糊涂了!

最令人困惑的部分是，来自 resolv.conf 的手册页，我们可以取默认值timeout是 5 秒，而 attempts是 2 次。所以我想超时应该是 5 秒 * 2 = 10 秒。但是……令人困惑……

编辑:
再次尝试修改 /etc/nsswitch.conf , 仅 dns方法被使用。 hosts: dns
场景一:

###################### curl #######################
time curl -k -w "$WRITE_OUT" https://www.google.com/
000     0.000   0.000           0.000           0.000
curl: (6) Could not resolve host: www.google.com; Unknown error

real    0m0.051s
user    0m0.004s
sys     0m0.002s
##################### nslookup ####################
time nslookup www.google.com
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached

real    0m24.287s
user    0m0.005s
sys     0m0.014s
######################## dig ######################
time dig www.google.com

; <<>> DiG 9.9.4-RedHat-9.9.4-51.el7 <<>> www.google.com
;; global options: +cmd
;; connection timed out; no servers could be reached

real    0m18.041s
user    0m0.005s
sys     0m0.005s

场景2:

time curl -k -w "$WRITE_OUT" https://www.google.com/
000     0.000   0.000           0.000           19.527
curl: (6) Could not resolve host: www.google.com; Unknown error

real    0m20.533s
user    0m0.003s
sys     0m0.004s

time nslookup www.google.com
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached

real    0m20.009s
user    0m0.005s
sys     0m0.005s

time dig www.google.com
; <<>> DiG 9.9.4-RedHat-9.9.4-51.el7 <<>> www.google.com
;; global options: +cmd
;; connection timed out; no servers could be reached

real    0m15.008s
user    0m0.005s
sys     0m0.003s

场景3:

time curl -k -w "$WRITE_OUT" https://www.google.com/
000     0.000   0.000           0.000           4.512
curl: (6) Could not resolve host: www.google.com; Unknown error

real    0m5.518s
user    0m0.004s
sys     0m0.003s

time nslookup www.google.com
;; connection timed out; trying next origin
;; connection timed out; no servers could be reached

real    0m20.009s
user    0m0.005s
sys     0m0.005s

time dig www.google.com

; <<>> DiG 9.9.4-RedHat-9.9.4-51.el7 <<>> www.google.com
;; global options: +cmd
;; connection timed out; no servers could be reached

real    0m15.009s
user    0m0.005s
sys     0m0.005s

dig有自己的超时机制，timeout(5s) * retries(3) = 15s。

Answer 1

虽然这是一个旧帖子，但我想插一句，因为它已经不止一次出现在我身上，所以我想分享它。

需要指出的一个区别是应用程序(即 nslookup 或 curl)用于 DNS 查找的内容，即 libresolv.so或 libbind.so .似乎 nslookup 专门执行后者，所以也许这就是为什么它比 curl 超时的原因。要确定在您的系统上，您应该运行

strace -o curl.out curl www.google.com
strace -o dig.out dig www.google.com

grep libresolv *.out
grep libbind *.out

并进行比较。

尽管很神秘，但 strace 输出应该显示每个部分等待的时间以及底层系统调用正在执行的工作。