問題描述:
Ubuntu系統Gnome桌面頂部欄的網絡圖標經常變成了一個問號。期間不能打開網頁,在終端里面ping公網有時能通但丟包嚴重,或者根本就不通,錯誤提示Temporary failure in name resolution,表示域名解析失敗。
問題原因:
- Ubuntu默認安裝的DNS解析工具systemd-resolved存在問題;
- 系統頻繁對網絡信號進行連接檢查,導致不能聯網。
解決辦法:
一、將DNS解析工具從systemd-resolved切換為unbound
1、安裝unbound
sudo apt-get install unbound
2、安裝resolvconf
sudo apt-get install resolvconf
3、禁用默認域名解析工具systemd-resolved並停止正在運行的程序
sudo systemctl disable systemd-resolved.service
sudo systemctl disable systemd-resolved
4、配置NetworkManager,使其使用unbound作為系統的域名解析工具
sudo vim /etc/NetworkManeger/NetworkManager.conf
在該配置文件中,緊跟plugins在下面一行加上dns=unbound:
[main]
plugins=ifupdown,keyfile
dns=unbound
[ifupdown]
managed=false
[device]
wifi.scan-rand-mac-address=no
5、手動啟用unbound
sudo systemctl enable unbound-resolvconf
sudo systemctl enable unbound
6、修改unbound配置文件/etc/unbound/unbound.conf
查看unbound.conf的manual頁面
man unbound.conf
可以看到有以下一段內容:
server:
directory: "/etc/unbound"
username: unbound
# make sure unbound can access entropy from inside the chroot.
# e.g. on linux the use these commands (on BSD, devfs(8) is used):
# mount --bind -n /dev/random /etc/unbound/dev/random
# and mount --bind -n /dev/log /etc/unbound/dev/log
chroot: "/etc/unbound"
# logfile: "/etc/unbound/unbound.log" #uncomment to use logfile.
pidfile: "/etc/unbound/unbound.pid"
# verbosity: 1 # uncomment and increase to get more logging.
# listen on all interfaces, answer queries from the local subnet.
interface: 0.0.0.0
interface: ::0
access-control: 10.0.0.0/8 allow
access-control: 2001:DB8::/64 allow
把這段配置內容追加到文件/etc/unbound/unbound.conf中:
# Unbound configuration file for Debian.
#
# See the unbound.conf(5) man page.
#
# See /usr/share/doc/unbound/examples/unbound.conf for a commented
# reference config file.
#
# The following line includes additional configuration files from the
# /etc/unbound/unbound.conf.d directory.
include: "/etc/unbound/unbound.conf.d/*.conf"
directory: "/etc/unbound"
username: unbound
# make sure unbound can access entropy from inside the chroot.
# e.g. on linux the use these commands (on BSD, devfs(8) is used):
# mount --bind -n /dev/random /etc/unbound/dev/random
# and mount --bind -n /dev/log /etc/unbound/dev/log
chroot: "/etc/unbound"
# logfile: "/etc/unbound/unbound.log" #uncomment to use logfile.
pidfile: "/etc/unbound/unbound.pid"
# verbosity: 1 # uncomment and increase to get more logging.
# listen on all interfaces, answer queries from the local subnet.
interface: 0.0.0.0
interface: ::0
access-control: 10.0.0.0/8 allow
access-control: 2001:DB8::/64 allow
7、修改resolvconf配置文件/etc/resolconf/resolv.conf.d/tail
查看unbound的manual頁面,可以看到有以下一段內容:
To use a locally running Unbound for resolving put
nameserver 127.0.0.1
into resolv.conf(5).
這里意思是,要使用某一個域名服務器,就要將該服務器的鍵值對寫入到/etc/resolv.conf中。比如要使用本地的unbound程序做域名解析,就把nameserver 127.0.0.1加入到文件/etc/resolv.conf中。
但是我們打開文件/etc/resolv.conf,發現文件頭部的描述如下:
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "systemd-resolve --status" to see details about the actual nameservers.
這里說明文件/etc/resolv.conf的內容是又resolvconf軟件生成的,手動修改只能臨時起作用,一旦主機重啟文件中的內容就會消失。因此我們必須在resolvconf軟件中找到配置該文件的配置文件。
查看resolvconf軟件的manual頁面,我們發現了如下內容:
FILES
/etc/default/resolvconf
See the ENVIRONMENT VARIABLES section.
/etc/resolvconf/interface-order
Determines the order of precedence of nameserver addresses and
search domain names. See above and interface-order(5).
/etc/resolvconf/resolv.conf.d/base
File containing basic resolver information. The lines in this
file are included in the resolver configuration file even when
no interfaces are configured.
/etc/resolvconf/resolv.conf.d/head
File to be prepended to the dynamically generated resolver con‐
figuration file. Normally this is just a comment line.
/etc/resolvconf/resolv.conf.d/tail
File to be appended to the dynamically generated resolver con‐
figuration file. To append nothing, make this an empty file.
This file is a good place to put a resolver options line if one
is needed, e.g.,
/etc/resolvconf/resolv.conf.d/original
Copy of the /etc/resolv.conf file before the resolvconf package
was installed. This file has no effect on the functioning of
resolvconf; it is retained so that /etc/resolv.conf can be
restored to its original state if the resolvconf package is
removed.
Note also that a copy of this file is included in the database
until the first reboot after installation of the resolvconf
package; this ensures that nameservers reachable before instal‐
lation of resolvconf are still reachable after installation of
resolvconf even though at that point not all suppliers of name‐
server information may have supplied their information to
resolvconf(8).
Note also that the administrator can choose to create a symbolic
link in /etc/resolvconf/resolv.conf.d/ from tail to original so
that the contents of original are always added to the end of the
dynamically generated file.
從中找到文件 /etc/resolvconf/resolv.conf.d/tail,該文件用來生成/etc/resolv.conf的配置文件質之一。
在文件 /etc/resolvconf/resolv.conf.d/tail中加入需要的鍵值對之后,重啟主機就能在文件/etc/resolv.conf中看到配置好的DNS:
nameserver 119.29.29.29
nameserver 233.5.5.5
nameserver 114.114.114.114
nameserver 1.1.1.1
目前可用的DNS主要有以下:
- 騰訊的公用免費DNS: 119.29.29.29(首選)、182.254.116.116(備選)
- 阿里的公用免費DNS: 233.5.5.5(首選)、233.6.6.6(備選)
- 國內移動、電信和聯通通用的公用免費DNS: 114.114.114.114
- Cloudflare的公用免費DNS: 1.1.1.1(首選)、1.0.0.1(備選)
二、關閉系統的網絡連接檢查
網絡信號的連接檢查是導致WiFi圖標經常變成問號的原因,不過這種狀態下並不影響主機的網絡連接,只是比較影響心情。
這里的方法是:進入設置-》隱私-》關閉連接檢查。
三、如果不關閉網絡連接檢查可以配置文件/etc/ppp/options
這里的解決方法參考一篇博客Ubuntu網絡頻繁掉線解決方案
/etc/PPP/options其中的lcp-echo-failure默認設為4,lcp-echo-interval設為30秒,也就是說如果120秒鍾之內ADSL網絡服務器沒有回echo-reply信號。
可能是國內ADSL網絡本身的問題,服務器好像是不會回echo-reply信號(有待考證)或者很長時間才會回echo-reply信號。所以可以把上面兩個參數適當地調大一些。
- 打開配置文件/etc/ppp/options
sudo vim /etc/ppp/options
- 在options文件中找到以下兩行代碼
lcp-echo-failure 4
lcp-echo-interval 30
- 把
lcp-echo-failure 4改為lcp-echo-failure 15 - 重啟主機使配置生效
其他參考資料:Ubuntu WiFi圖標變成問號 網速很慢