无线 : Cisco ASR 5000 系列

排除故障基础设施在ASR 5000/5500的客户端DNS

2016 年 10 月 27 日 - 机器翻译
其他版本: PDFpdf | 英语 (2016 年 4 月 21 日) | 反馈

简介

本文描述如何排除故障与域名服务器(DNS)基础设施涉及的问题。这包括多种命令行界面(CLI), DNS可能需要收集的概念和其它数据。提供示例输出,需要为了改善解释某些点。

在思科聚合服务路由器(ASR) 5000/5500的基础设施DNS对完全合格的域名(FQDN)的解决方法负责在配置的上下文内。这通常是为了支持呼叫控制的多种方面在入口上下文。 此的示例包括:

  • 是在FQDN格式而不是IP地址任何直径终端对等体的解决方法
  • 代理在用户设备的直径S6b答复(P-CSCF) FQDN的解决方法返回的呼叫会话控制功能(UE)必要为了向IP多媒体系统(IIMS)核心登记
  • 高速率数据包数据服务网关(HSGW)需要做DNS已命名Application Naming Authority Pointer (NAPTR)查询为了得到列表信息包数据网络网关(PGW)连接对(新建或移交)然后做DNS AAAA查询为了检索PGW本地移动性锚点(LMA)地址的IP地址为了连接呼叫。
  • 移动性管理实体(MME)需要做DNS NAPTR查询为了得到服务的网关(SGW)/PGW对列表连接。这包括DNS AAAA/A查询的创建为了获取那些节点IP。

贡献由Dave Damerjian, Cisco TAC工程师。

配置

DNS非常实现作为客户端应用在是需要的上下文。这是这样实施示例:

context ingress
ip name-servers 2001:5555:202:fffe:a0:e:0:3 2001:5555:203:fffe:c0:e:0:3
dns-client HSGW-DNS
bind address 2001:5555:200:1011:342:281::
resolver retransmission-interval 2
resolver number-of-retries 3
exit
exit

要求的最低为了配置是服务/捆绑地址和一个主要的(和或者第二) DNS服务器地址。

UDP与TCP

什么使DNS潜在更加复杂是传输层。当DNS查询通常基于UDP的时, NAPTR查询,根据请求,能结果基于TCP的。原因是有在要求TCP为了传送在多个信息包的答复的大小的限制与UDP的答复。数据包流介入一个初始请求然后一答复从DNS服务器。这通过与被削的(TC)标志设置的一0有效负载答复导致在TCP的一再请求。这意味着客户端应该再试作为TCP/IP每RFC 5966。典型TCP三通的交换接着而来,跟随由请求每第二次。什么时候是足够大要求此的大小?例如,一旦HSGW,如果请求是移交, UDP应该是返回的满足,因为应该只有一个或一些(如果多个服务) PGW FQDN为了HSGW能连接。对于虽则新的呼叫,可以返回整个网络的所有可能的PGWs的列表也许是足够长要求TCP方法。

这是该示例的答复(从Wireshark)请求TCP :

Frame 85: 143 bytes on wire (1144 bits), 143 bytes captured (1144 bits)
Ethernet II, Src: JuniperN_20:e7:f0 (64:87:88:20:e7:f0), Dst:
StarentN_02:b1:9d (00:05:47:02:b1:9d)
802.1Q Virtual LAN, PRI: 0, CFI: 0, ID: 2010
Internet Protocol Version 6, Src: 2001:5555:202:fffe:a0:e:0:3
(2001:5555:202:fffe:a0:e:0:3), Dst: 2001:5555:200:1011:304:281::
(2001:5555:200:1011:304:281::) User Datagram Protocol, Src Port: domain (53),
Dst Port: 35049 (35049)
Domain Name System (response)
[Request In: 81]
[Time: 0.088530870 seconds]
Transaction ID: 0x3b2b
Flags: 0x8780 Standard query response, No error
   1... .... .... .... = Response: Message is a response
   .000 0... .... .... = Opcode: Standard query (0)
   .... .1.. .... .... = Authoritative: Server is an authority for domain
   .... ..1. .... .... = Truncated: Message is truncated
   .... ...1 .... .... = Recursion desired: Do query recursively
   .... .... 1... .... = Recursion available: Server can do recursive queries
   .... .... .0.. .... = Z: reserved (0)
   .... .... ..0. .... = Answer authenticated: Answer/authority portion
was not authenticated by the server
   .... .... ...0 .... = Non-authenticated data: Unacceptable
   .... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 1
Queries
  APN1.apn.epc.mnc420.mcc300.3gppnetwork.org: type NAPTR, class IN
    Name: APN1.apn.epc.mnc420.mcc300.3gppnetwork.org
    Type: NAPTR (Naming authority pointer)
    Class: IN (0x0001)
  Additional records

故障排除命令

 

显示dns客户端统计信息客户端<DNS客户端Name>

这main命令为了排除故障DNS问题。这是一些优点为了运行此命令:

  • 在客户端定义的上下文必须运行它。
  • 多次运行它并且注释在适当的统计信息的增加例如超时。
  • 是结果能/能解决DNS的使用统计数据计数实际呼叫成功/失败。
  • DNS解析程序统计信息失败计数超时数量和其他失败类似拒绝的连接。超时可以归结于TCP连接建立问题。
  • DNS失败的配置的阈值用SNMP陷阱(和报警)捕获根据这些statisticss的ThreshDNSLookupFailure示例:阈值dns查找失败5结算5。
  • 如果主要的发生故障,第二几秒后尝试大约2 (不可配置)。
  • 在模式CONTEXTSch1和CONTEXTSch2的Bulkstat变量包含与此命令涉及的所有相关DNS基础设施变量。NAPTR查询类型的示例包括这些,并且他们为AAAA和A类型查询也是可适用的:
    • dns主要的NS NAPTRatmpts
    • dns主要的NS NAPTR失败
    • dns主要的NS NAPTRsuccs
    • dns第二NS NAPTRatmpts
    • dns第二NS NAPTR失败
    • dns第二NS查询超时

在此示例输出中,在NAPTR失败方面请均等地注释增加如在使用情况和解析程序统计信息反射为主要的和辅助服务器(全双工中断) :

[Ingress]HSGW> show dns-client statistics client HSGW-DNS
Monday June 02 00:26:29 UTC 2014
DNS Usage Statistics:
---------------------
Query Type             Attempts       Successes        Failures
A                         21802               0           21802
SRV                           0               0               0
AAAA                 3934082666      3934060659           21831
NAPTR                1393765619      1387607858         6156730
PTR                           0               0               0
Total                1032902791      1026701221         6200363

DNS Cache Statistics:
---------------------
                Total   Cache Hits  Cache Hits   Not Found    Hit Ratio
                Lookups  (Positive   (Negative     in Cache   (Percentage)
                            Response)   Response)
----------------------------------------------------------------------------
Central Cache:   94085256   89157603         6114     4921539         94.77%
Local Cache:     1032902770  926126458        20175   106756137       89.66%

DNS Resolver Statistics:
------------------------
Primary Name Server : 2001:5555:202:fffe:a0:e:0:3
Query Type             Attempts       Successes        Failures
A                             0               0               0
SRV                           0               0               0
AAAA                         66              64               2
NAPTR                       746              37             709
PTR                           0               0               0
Total Resolver Queries: 812
Successful Queries:     101
Query Timeouts:         705
Domain Not Found:       1
Connection Refused:     0
Other Failures:         5

Secondary Name Server : 2001:5555:203:fffe:c0:e:0:3
Query Type             Attempts       Successes        Failures
A                             0               0               0
SRV                           0               0               0
AAAA                          0               0               0
NAPTR                       705               0             703
PTR                           0               0               0
Total Resolver Queries: 705
Successful Queries:     0
Query Timeouts:         703
Domain Not Found:       0
Connection Refused:     0
Other Failures:         0

---------------------------------------------------

[Ingress]HSGW> show dns-client statistics client HSGW-DNS
Monday June 02 00:32:00 UTC 2014
DNS Usage Statistics:
---------------------
Query Type             Attempts       Successes        Failures
A                         21802               0           21802
SRV                           0               0               0
AAAA                 3934232613      3934210617           21831
NAPTR                1393923407      1387654707         6267989
PTR                           0               0               0
Total                1033210526      1026898028         6320622

DNS Cache Statistics:
---------------------
                Total   Cache Hits  Cache Hits   Not Found    Hit Ratio
              Lookups  (Positive   (Negative     in Cache   (Percentage)
                         Response)   Response)
----------------------------------------------------------------------------
Central Cache:   94120194   89157771      6114     4956309         94.73%
Local Cache:     1033210498  926323077    20175   106867246         89.66%

DNS Resolver Statistics:
------------------------
Primary Name Server : 2001:5555:202:fffe:a0:e:0:3
Query Type             Attempts       Successes        Failures
A                             0               0               0
SRV                           0               0               0
AAAA                         66              64               2
NAPTR                       913              38             873
PTR                           0               0               0
Total Resolver Queries: 979
Successful Queries:     102
Query Timeouts:         869
Domain Not Found:       1
Connection Refused:     0
Other Failures:         5

Secondary Name Server : 2001:5555:203:fffe:c0:e:0:3
Query Type             Attempts       Successes        Failures
A                             0               0               0
SRV                           0               0               0
AAAA                          0               0               0
NAPTR                       869               0             869
PTR                           0               0               0
Total Resolver Queries: 869
Successful Queries:     0
Query Timeouts:         869
Domain Not Found:       0
Connection Refused:     0
Other Failures:         0

显示dns客户端缓存客户端<client name> [查询NAME <query-name>
[查询类型<NAPTR|AAAA|A>]|[查询类型<NAPTR|AAAA|A>]]

此已保存答复的指令报告全部在缓存(未超时)多种查询类型的和包括A、AAAA和NAPTR。这提供结论可以做缓存的当前状态至于是否有根据条目遗失的呼叫失败:

没有任何限定符更比必要可以是为的整个缓存显示什么您打算排除故障。缓存条目有存活时间(TTL),因此返回的条目只是可适用的为,只要各自TTL也保持。TTL可能不同的,当您在所有条目中比较,因此条目超时在不同的时刻。这预计。

选择特定查询类型例如NAPTR并且寻找应用程序点名称(APN)结果或特定FQDN (手动断路)结果。这未命中寻找的事包括特定APN,所有APNs丢失或者移交结果未命中。

示例:

此输出显示从缓存的一些条目APN1和APN2的哪些可能是需要的为新的呼叫请求那些APNs。实际列表在整个服务提供商的网络包括每可能的PGW的条目每个可能的APN的, LTE (x-S5-gtp)和eHRPD的(x-s2a-pmip)。仅x-s2a-pmip相关的在这里,因为这是需要连接到在S2a连接的PGW的HSGW。注释同样TTL (1307, 631)从DNS服务器同时返回与同一个APN/PGW位置的条目的,与不同的TTL (1307比较与631)适用于不同的APN/PGW位置的条目的。

[Ingress]HSGW> show dns-client cache client HSGW-DNS
Monday June 02 00:26:59 UTC 2014

Query Name: so01.APN1.apn.epc.mnc485.mcc320.3gppnetwork.org
Query Type: NAPTR      TTL: 1307 seconds
Answer:
Order: 100            Preference: 50000
Flags: a              Service: x-3gpp-pgw:x-s5-gtp
Regular Expression:
Replacement: topon.lb1.pgw01.NYNY.sa008.so.node.epc.mnc485.mcc320.3gppnetwork.org

Query Name: so01.APN1.apn.epc.mnc485.mcc320.3gppnetwork.org
Query Type: NAPTR      TTL: 1307 seconds
Answer:
Order: 100            Preference: 50000
Flags: a              Service: x-3gpp-pgw:x-s2a-pmip
Regular Expression:
Replacement: topon.lb2.pgw01.NYNY.sa008.so.node.epc.mnc485.mcc320.3gppnetwork.org

Query Name: APN2.apn.epc.mnc485.mcc320.3gppnetwork.org
Query Type: NAPTR      TTL: 631 seconds
Answer:
Order: 100            Preference: 50000
Flags: a              Service: x-3gpp-pgw:x-s2a-pmip
Regular Expression:
Replacement: topon.lb2.pgw01.BOMA.sa001.mw.node.epc.mnc485.mcc320.3gppnetwork.org

Query Name: APN2.apn.epc.mnc485.mcc320.3gppnetwork.org
Query Type: NAPTR      TTL: 631 seconds
Answer:
Order: 100            Preference: 50000
Flags: a              Service: x-3gpp-pgw:x-s5-gtp
Regular Expression:
Replacement: topon.lb1.pgw01.BOMA.sa001.mw.node.epc.mnc485.mcc320.3gppnetwork.org

在此第二个输出示例中是为从长期演变(LTE)的手动断路需要的NAPTR条目对eHRPD如展示的是由特定PGW FQDN位置条目(pgw01.PHLA.xxxxxx)。类似于上一个输出,使用的相关条目是那个与服务= x-s2a-pmip。注释同样TTL (515)同时返回的所有这些条目的。唯一的差异是服务。AAAA条目解决表示PGW LMA服务地址的s2a条目,以便接着而来的代理MIPv6请求可以发送到PGW为了继续呼叫建立。

Query Name: pgw01.PHLA.sa004.mw.node.epc.mnc485.mcc320.3gppnetwork.org
Query Type: NAPTR      TTL: 515 seconds
Answer:
Order: 100            Preference: 50000
Flags: a              Service: x-3gpp-pgw:x-s2b-gtp
Regular Expression:
Replacement: topon.lb4.pgw01.PHLA.sa004.mw.node.epc.mnc485.mcc320.3gppnetwork.org

Query Name: pgw01.PHLA.sa004.mw.node.epc.mnc485.mcc320.3gppnetwork.org
Query Type: NAPTR      TTL: 515 seconds
Answer:
Order: 100            Preference: 50000
Flags: a              Service: x-3gpp-pgw:x-s2a-pmip
Regular Expression:
Replacement: topon.lb2.pgw01.PHLA.sa004.mw.node.epc.mnc485.mcc320.3gppnetwork.org

Query Name: pgw01.PHLA.sa004.mw.node.epc.mnc485.mcc320.3gppnetwork.org
Query Type: NAPTR      TTL: 515 seconds
Answer:
Order: 100            Preference: 50000
Flags: a              Service: x-3gpp-pgw:x-s5-gtp
Regular Expression:
Replacement: topon.lb1.pgw01.PHLA.sa004.mw.node.epc.mnc485.mcc320.3gppnetwork.org

Query Name: topon.lb2.pgw01.PHLA.sa004.mw.node.epc.mnc485.mcc320.3gppnetwork.org
Query Type: AAAA
       TTL: 646 seconds
Answer:
  IPv6 Address: 2001:5555:200:1000:304:200::

dns客户端查询客户端NAME <client name>查询类型<NAPTR|AAAA> [query-name <query name>]

这是启动DSN客户端为了立即检查缓存和报告答案的人工测试命令他们是否在那里。否则它尝试查询并且报告结果。请保证查询字符串适当地拼写,如果复杂:

  • 默认情况下,如果查询NAME指定,客户端假设查询type= A,因此查询类型为NAPTR和AAAA请求是需要的。
  • 此处结果是相同的象将返回,如果查询缓存与显示dns客户端缓存。例外是,如果什么被查询不在缓存,结果有新鲜的TTL。而,如果已经在缓存, TTL有在什么之间的若干值在新查询和0返回。

示例(同样从上一个输出查询和) :

[Ingress]HSGW> dns-client query client-name HSGW-DNS query-type NAPTR 
query-name pgw01.PHLA.sa004.mw.node.epc.mnc420.mcc300.3gppnetwork.org

Query Name: pgw01.PHLA.sa004.mw.node.epc.mnc420.mcc300.3gppnetwork.org
Query Type: NAPTR      TTL: 188 seconds
Answer:
Order: 100            Preference: 50000
Flags: a              Service: x-3gpp-pgw:x-s5-gtp
Regular Expression:
Replacement: topon.lb1.pgw01.PHLA.sa004.mw.node.epc.mnc420.mcc300.3gppnetwork.org

Query Name: pgw01.PHLA.sa004.mw.node.epc.mnc420.mcc300.3gppnetwork.org
Query Type: NAPTR      TTL: 188 seconds
Answer:
Order: 100            Preference: 50000
Flags: a              Service: x-3gpp-pgw:x-s2b-gtp
Regular Expression:
Replacement: topon.lb4.pgw01.PHLA.sa004.mw.node.epc.mnc420.mcc300.3gppnetwork.org

Query Name: pgw01.PHLA.sa004.mw.node.epc.mnc420.mcc300.3gppnetwork.org
Query Type: NAPTR      TTL: 188 seconds
Answer:
Order: 100            Preference: 50000
Flags: a              Service: x-3gpp-pgw:x-s2a-pmip
Regular Expression:
Replacement: topon.lb2.pgw01.PHLA.sa004.mw.node.epc.mnc420.mcc300.3gppnetwork.org

[Ingress]HSGW> dns-client query client-name HSGW-DNS query-type AAAA
query-name topon.lb2.pgw01.PHLA.sa004.mw.node.epc.mnc420.mcc300.3gppnetwork.org

Query Name: topon.lb2.pgw01.PHLA.sa004.mw.node.epc.mnc420.mcc300.3gppnetwork.org
Query Type: AAAA       TTL: 117 seconds
Answer:
  IPv6 Address: 2001:5555:200:1000:304:200::

此输出显示失败示例基于TCP的查询的。您不能告诉这是从事实的查询,但是知识根据的TCP基于APN的NAPTR查询答复太大对于UDP。

[Ingress]HSW> dns-client query client-name HSGW-DNS query-type NAPTR 
query-name APN1.apn.epc.mnc420.mcc300.3gppnetwork.org
Query Name: APN1.apn.epc.mnc420.mcc300.3gppnetwork.org
Query Type: NAPTR      TTL: 0 seconds
Answer: -Negative Reply-
Failure Reason: DNS query timed out

...

[Ingress]HSGW> dns-client query client-name HSGW-DNS query-type NAPTR
query-name APN2.apn.epc.mnc420.mcc300.3gppnetwork.org
Query Name: APN2.apn.epc.mnc420.mcc300.3gppnetwork.org
Query Type: NAPTR      TTL: 60 seconds
Answer: -Negative Reply-
Failure Reason: Connection Refused

箴言报协议(DNS的选项)

箴言报协议报告所有DNS基础设施信息包交换。箴言报用户(被覆盖的以后)不捕获数据包的DNS,即使用户活动是什么启动的交换的DNS。

  • 查询ID是与答复的有用的为了match request。

但是:

  • 一旦对TCP的交换机,输出不表明事实(作为输出显示)。
  • 端口号不一定是准确的在输出中,例如port=0。
  • 系统也许结合多个信息包,例如APN查询,到在这个阶层没有反射输出在电线的单个数据包。这继续显示每个APN的独立的数据包。
  • 必须用监视器协议获得关心以便不超载系统。咨询与技术支持在如此执行前。
<<<<OUTBOUND  00:58:57:284 Eventid:5957(3)
DNS PDU Tx
       from : 2001:5555:200:1011:304:281:: : 52816
       to   : 2001:5555:202:fffe:a0:e:0:3 : 0
       bytes : 73
Query ID              : 17034
Type                  : Query
Question              : NAPTR ? APN2.apn.epc.mnc420.mcc300.3gppnetwork.org.
Additional            :
  Name                : .
  Ext-RCODE           : 0
  Type                : OPT
  UDPsize             : 4096

INBOUND>>>>>  00:58:57:469 Eventid:5956(3)
DNS PDU Rx
       from : 2001:5555:202:fffe:a0:e:0:3 : 0
       to   : 2001:5555:200:1011:304:281:: : 0
       bytes : 16738
Query ID              : 17034
Type                  : Response
Authoritative Answer  : Yes
Response code         : Success
Question              : NAPTR ? APN2.apn.epc.mnc420.mcc300.3gppnetwork.org.
Answer                :
  Name                : APN2.apn.epc.mnc420.mcc300.3gppnetwork.org.
  TTL                 : 1800
  Type                : NAPTR
  Order               : 100
  Preference          : 50000
  Flags               : a
  Service             : x-3gpp-pgw:x-s2a-pmip
  Regexp              :
  Replacement         : topon.lb2.pgw01.PHLA.sa001.we.node.epc.mnc420.
mcc300.3gppnetwork.org.


  Name                : APN2.apn.epc.mnc420.mcc300.3gppnetwork.org.
  TTL                 : 1800
  Type                : NAPTR
  Order               : 100
  Preference          : 50000
  Flags               : a
  Service             : x-3gpp-pgw:x-s5-gtp
  Regexp              :
  Replacement         : topon.lb1.pgw01.PHLA.sa001.we.node.epc.
mnc420.mcc300.3gppnetwork.org

此示例显示三APNs结束包裹到一数据包,交换对TCP, 2秒超时每个APN的和最终再试对也失败的辅助服务器。

主服务器:  2001:5555:202:fffe:a0:e:0:3
辅助服务器:2001:5555:203:fffe:c0:e:0:3

<<<<OUTBOUND  13:03:08:056 Eventid:5957(3)
DNS PDU Tx
       from : 2001:5555:200:1011:106:281:: : 35428
       to   : 2001:5555:202:fffe:a0:e:0:3 : 53
       bytes : 78
Query ID              : 23363
Type                  : Query
Opcode                : Standard Query
Message Truncated     : No
Recursion Desired     : Yes
Authentication reqd.  : No
Question count        : 1
Additional count      : 1
Question              : NAPTR ? APN1.apn.epc.mnc420.mcc300.3gppnetwork.org.
Additional            :
  Name                : .
  Ext-RCODE           : 0
  EDNS Version        : 0
  Class               : 4096
  Data Length         : 0
  Type                : OPT
  UDPsize             : 4096

Monday October 13 2014
<<<<OUTBOUND  13:03:08:057 Eventid:5957(3)
DNS PDU Tx
       from : 2001:5555:200:1011:106:281:: : 60489
       to   : 2001:5555:202:fffe:a0:e:0:3 : 53
       bytes : 73
Query ID              : 48443
Type                  : Query
Opcode                : Standard Query
Message Truncated     : No
Recursion Desired     : Yes
Authentication reqd.  : No
Question count        : 1
Additional count      : 1
Question              : NAPTR ? APN3.apn.epc.mnc420.mcc300.3gppnetwork.org.
Additional            :
  Name                : .
  Ext-RCODE           : 0
  EDNS Version        : 0
  Class               : 4096
  Data Length         : 0
  Type                : OPT
  UDPsize             : 4096

Monday October 13 2014
<<<<OUTBOUND  13:03:08:057 Eventid:5957(3)
DNS PDU Tx
       from : 2001:5555:200:1011:106:281:: : 34309
       to   : 2001:5555:202:fffe:a0:e:0:3 : 53
       bytes : 73
Query ID              : 51787
Type                  : Query
Opcode                : Standard Query
Message Truncated     : No
Recursion Desired     : Yes
Authentication reqd.  : No
Question count        : 1
Additional count      : 1
Question              : NAPTR ? APN2.apn.epc.mnc420.mcc300.3gppnetwork.org.
Additional            :
  Name                : .
  Ext-RCODE           : 0
  EDNS Version        : 0
  Class               : 4096
  Data Length         : 0
  Type                : OPT
  UDPsize             : 4096

Monday October 13 2014
INBOUND>>>>  13:03:08:064 Eventid:5956(3)
DNS PDU Rx
       from : 2001:5555:202:fffe:a0:e:0:3 : 53
       to   : 2001:5555:200:1011:106:281:: : 35428
       bytes : 78
Query ID              : 23363
Type                  : Response
Opcode                : Standard Query
Message Truncated     : Yes
Recursion Desired     : Yes
Recursion Available   : Yes
Authenticated Answer  : No
Authoritative Answer  : Yes
Response code         : Success
Question count        : 1
Answer count          : 0
Authoritative count   : 0
Additional count      : 1
Question              : NAPTR ? APN1.apn.epc.mnc420.mcc300.3gppnetwork.org.
Additional            :
  Name                : .
  Ext-RCODE           : 0
  EDNS Version        : 0
  Class               : 4096
  Data Length         : 0
  Type                : OPT
  UDPsize             : 4096

Monday October 13 2014
INBOUND>>>>  13:03:08:064 Eventid:5956(3)
DNS PDU Rx
       from : 2001:5555:202:fffe:a0:e:0:3 : 53
       to   : 2001:5555:200:1011:106:281:: : 60489
       bytes : 73
Query ID              : 48443
Type                  : Response
Opcode                : Standard Query
Message Truncated     : Yes
Recursion Desired     : Yes
Recursion Available   : Yes
Authenticated Answer  : No
Authoritative Answer  : Yes
Response code         : Success
Question count        : 1
Answer count          : 0
Authoritative count   : 0
Additional count      : 1
Question              : NAPTR ? APN3.apn.epc.mnc420.mcc300.3gppnetwork.org.
Additional            :
  Name                : .
  Ext-RCODE           : 0
  EDNS Version        : 0
  Class               : 4096
  Data Length         : 0
  Type                : OPT
  UDPsize             : 4096

Monday October 13 2014
INBOUND>>>>  13:03:08:069 Eventid:5956(3)
DNS PDU Rx
       from : 2001:5555:202:fffe:a0:e:0:3 : 53
       to   : 2001:5555:200:1011:106:281:: : 34309
       bytes : 73
Query ID              : 51787
Type                  : Response
Opcode                : Standard Query
Message Truncated     : Yes
Recursion Desired     : Yes
Recursion Available   : Yes
Authenticated Answer  : No
Authoritative Answer  : Yes
Response code         : Success
Question count        : 1
Answer count          : 0
Authoritative count   : 0
Additional count      : 1
Question              : NAPTR ? APN2.apn.epc.mnc420.mcc300.3gppnetwork.org.
Additional            :
  Name                : .
  Ext-RCODE           : 0
  EDNS Version        : 0
  Class               : 4096
  Data Length         : 0
  Type                : OPT
  UDPsize             : 4096

Monday October 13 2014
<<<<OUTBOUND  13:03:08:147 Eventid:5957(3)
DNS PDU Tx
       from : 2001:5555:200:1011:106:281:: : 36524
       to   : 2001:5555:202:fffe:a0:e:0:3 : 0
       bytes : 78
Query ID              : 23363
Type                  : Query
Opcode                : Standard Query
Message Truncated     : No
Recursion Desired     : Yes
Authentication reqd.  : No
Question count        : 1
Additional count      : 1
Question              : NAPTR ? APN1.apn.epc.mnc420.mcc300.3gppnetwork.org.
Additional            :
  Name                : .
  Ext-RCODE           : 0
  EDNS Version        : 0
  Class               : 4096
  Data Length         : 0
  Type                : OPT
  UDPsize             : 4096

Monday October 13 2014
<<<<OUTBOUND  13:03:08:147 Eventid:5957(3)
DNS PDU Tx
       from : 2001:5555:200:1011:106:281:: : 36524
       to   : 2001:5555:202:fffe:a0:e:0:3 : 0
       bytes : 73
Query ID              : 48443
Type                  : Query
Opcode                : Standard Query
Message Truncated     : No
Recursion Desired     : Yes
Authentication reqd.  : No
Question count        : 1
Additional count      : 1
Question              : NAPTR ? APN3.apn.epc.mnc420.mcc300.3gppnetwork.org.
Additional            :
  Name                : .
  Ext-RCODE           : 0
  EDNS Version        : 0
  Class               : 4096
  Data Length         : 0
  Type                : OPT
  UDPsize             : 4096

Monday October 13 2014
<<<<OUTBOUND  13:03:08:147 Eventid:5957(3)
DNS PDU Tx
       from : 2001:5555:200:1011:106:281:: : 36524
       to   : 2001:5555:202:fffe:a0:e:0:3 : 0
       bytes : 73
Query ID              : 51787
Type                  : Query
Opcode                : Standard Query
Message Truncated     : No
Recursion Desired     : Yes
Authentication reqd.  : No
Question count        : 1
Additional count      : 1
Question              : NAPTR ? APN2.apn.epc.mnc420.mcc300.3gppnetwork.org.
Additional            :
  Name                : .
  Ext-RCODE           : 0
  EDNS Version        : 0
  Class               : 4096
  Data Length         : 0
  Type                : OPT
  UDPsize             : 4096

Monday October 13 2014
<<<<OUTBOUND  13:03:10:157 Eventid:5957(3)
DNS PDU Tx
       from : 2001:5555:200:1011:106:281:: : 57041
       to   : 2001:5555:203:fffe:c0:e:0:3 : 0
       bytes : 78
Query ID              : 23363
Type                  : Query
Opcode                : Standard Query
Message Truncated     : No
Recursion Desired     : Yes
Authentication reqd.  : No
Question count        : 1
Additional count      : 1
Question              : NAPTR ? APN1.apn.epc.mnc420.mcc300.3gppnetwork.org.
Additional            :
  Name                : .
  Ext-RCODE           : 0
  EDNS Version        : 0
  Class               : 4096
  Data Length         : 0
  Type                : OPT
  UDPsize             : 4096

Monday October 13 2014
<<<<OUTBOUND  13:03:10:157 Eventid:5957(3)
DNS PDU Tx
       from : 2001:5555:200:1011:106:281:: : 57041
       to   : 2001:5555:203:fffe:c0:e:0:3 : 0
       bytes : 73
Query ID              : 48443
Type                  : Query
Opcode                : Standard Query
Message Truncated     : No
Recursion Desired     : Yes
Authentication reqd.  : No
Question count        : 1
Additional count      : 1
Question              : NAPTR ? APN3.apn.epc.mnc420.mcc300.3gppnetwork.org.
Additional            :
  Name                : .
  Ext-RCODE           : 0
  EDNS Version        : 0
  Class               : 4096
  Data Length         : 0
  Type                : OPT
  UDPsize             : 4096

Monday October 13 2014
<<<<OUTBOUND  13:03:10:157 Eventid:5957(3)
DNS PDU Tx
       from : 2001:5555:200:1011:106:281:: : 57041
       to   : 2001:5555:203:fffe:c0:e:0:3 : 0
       bytes : 73
Query ID              : 51787
Type                  : Query
Opcode                : Standard Query
Message Truncated     : No
Recursion Desired     : Yes
Authentication reqd.  : No
Question count        : 1
Additional count      : 1
Question              : NAPTR ? APN2.apn.epc.mnc420.mcc300.3gppnetwork.org.
Additional            :
  Name                : .
  Ext-RCODE           : 0
  EDNS Version        : 0
  Class               : 4096
  Data Length         : 0
  Type                : OPT
  UDPsize             : 4096

此镜像显示三APNs包裹到一数据包#10。在1 - 3的原始UDP请求在4, 5和7响应,并且TCP握手包括数据包6, 8,并且9.连接在数据包12立即在这种情况下重置由服务器,在它最初ACK'd基于TCP的查询通过数据包11.后。这些是您也许需要排除故障问题的种类:

最终从同一个捕获,这是成功的查询和答复NAPTR查询的在需要的AAAA查询立即跟随的UDP和答复为了解决NAPTR查询返回的FQDN。此输出匹配作为文本保存的Wireshark trace :

Monday October 13 2014
<<<<OUTBOUND 13:03:11:535 Eventid:5957(3)
DNS PDU Tx
from : 2001:5555:200:1011:106:281:: : 38819
to : 2001:5555:202:fffe:a0:e:0:3 : 53
bytes : 87
Query ID : 55982
Type : Query
Opcode : Standard Query
Message Truncated : No
Recursion Desired : Yes
Authentication reqd. : No
Question count : 1
Additional count : 1
Question : NAPTR ? pgw02.PHLA.sa002.so.node.epc.mnc420.mcc300.3gppnetwork.org.
Additional :
Name : .
Ext-RCODE : 0
EDNS Version : 0
Class : 4096
Data Length : 0
Type : OPT
UDPsize : 4096

Monday October 13 2014
INBOUND>>>>> 13:03:11:543 Eventid:5956(3)
DNS PDU Rx
from : 2001:5555:202:fffe:a0:e:0:3 : 53
to : 2001:5555:200:1011:106:281:: : 38819
bytes : 307
Query ID : 55982
Type : Response
Opcode : Standard Query
Message Truncated : No
Recursion Desired : Yes
Recursion Available : Yes
Authenticated Answer : No
Authoritative Answer : Yes
Response code : Success
Question count : 1
Answer count : 2
Authoritative count : 0
Additional count : 1
Question : NAPTR ? pgw02.PHLA.sa002.so.node.epc.mnc420.
mcc300.3gppnetwork.org.
Answer :
Name : pgw02.PHLA.sa002.so.node.epc.mnc420.mcc300.3gppnetwork.org.
TTL : 1800
Class : IN
Data Length : 99
Type : NAPTR
Order : 100
Preference : 50000
Flags : a
Service : x-3gpp-pgw:x-s2a-pmip
Regexp :
Replacement : topon.lb2.pgw02.PHLA.sa002.so.node.epc.mnc420.
mcc300.3gppnetwork.org.

Name : pgw02.PHLA.sa002.so.node.epc.mnc420.mcc300.
3gppnetwork.org.
TTL : 1800
Class : IN
Data Length : 97
Type : NAPTR
Order : 100
Preference : 50000
Flags : a
Service : x-3gpp-pgw:x-s5-gtp
Regexp :
Replacement : topon.lb1.pgw02.PHLA.sa002.so.node.epc.mnc420.
mcc300.3gppnetwork.org.

Additional :
Name : .
Ext-RCODE : 0
EDNS Version : 0
Class : 4096
Data Length : 0
Type : OPT
UDPsize : 4096

Monday October 13 2014
<<<<OUTBOUND 13:03:11:543 Eventid:5957(3)
DNS PDU Tx
from : 2001:5555:200:1011:106:281:: : 50002
to : 2001:5555:202:fffe:a0:e:0:3 : 53
bytes : 97
Query ID : 1974
Type : Query
Opcode : Standard Query
Message Truncated : No
Recursion Desired : Yes
Authentication reqd. : No
Question count : 1
Additional count : 1
Question : AAAA? topon.lb2.pgw02.PHLA.sa002.so.node.epc.
mnc420.mcc300.3gppnetwork.org.
Additional :
Name : .
Ext-RCODE : 0
EDNS Version : 0
Class : 4096
Data Length : 0
Type : OPT
UDPsize : 4096

Monday October 13 2014
INBOUND>>>>> 13:03:11:551 Eventid:5956(3)
DNS PDU Rx
from : 2001:5555:202:fffe:a0:e:0:3 : 53
to : 2001:5555:200:1011:106:281:: : 50002
bytes : 125
Query ID : 1974
Type : Response
Opcode : Standard Query
Message Truncated : No
Recursion Desired : Yes
Recursion Available : Yes
Authenticated Answer : No
Authoritative Answer : Yes
Response code : Success
Question count : 1
Answer count : 1
Authoritative count : 0
Additional count : 1
Question : AAAA? topon.lb2.pgw02.PHLA.sa002.so.node.epc.
mnc420.mcc300.3gppnetwork.org.
Answer :
Name : topon.lb2.pgw02.PHLA.sa002.so.node.epc.mnc420.
mcc300.3gppnetwork.org.
TTL : 1800
Class : IN
Data Length : 16
Type : AAAA
Address : 2001:5555:200:1000:201:201::

Additional :
Name : .
Ext-RCODE : 0
EDNS Version : 0
Class : 4096
Data Length : 0
Type : OPT
UDPsize : 4096

Corresponding Wireshark trace:

Frame 25: 151 bytes on wire (1208 bits), 151 bytes captured (1208 bits)
Linux cooked capture
Internet Protocol Version 6, Src: HSGW, Dst: DNS_Server
User Datagram Protocol, Src Port: 38819 (38819), Dst Port: domain (53)
Domain Name System (query)
    [Response In: 26]
    Transaction ID: 0xdaae
    Flags: 0x0100 Standard query
    Questions: 1
    Answer RRs: 0
    Authority RRs: 0
    Additional RRs: 1
    Queries
pgw02.PHLA.sa002.so.node.epc.mnc420.mcc300.3gppnetwork.org: type NAPTR, class IN
    Additional records
        <Root>: type OPT
            Name: <Root>
            Type: OPT (EDNS0 option)
            UDP payload size: 4096
            Higher bits in extended RCODE: 0x0
            EDNS0 version: 0
            Z: 0x0
            Data length: 0

Frame 26: 371 bytes on wire (2968 bits), 371 bytes captured (2968 bits)
Linux cooked capture
Internet Protocol Version 6, Src: DNS_Server, Dst: HSGW
User Datagram Protocol, Src Port: domain (53), Dst Port: 38819 (38819)
Domain Name System (response)
    [Request In: 25]
    [Time: 0.008125000 seconds]
    Transaction ID: 0xdaae
    Flags: 0x8580 Standard query response, No error
    Questions: 1
    Answer RRs: 2
    Authority RRs: 0
    Additional RRs: 1
    Queries
pgw02.PHLA.sa002.so.node.epc.mnc420.mcc300.3gppnetwork.org: type NAPTR, class IN

  Answers
pgw02.PHLA.sa002.so.node.epc.mnc420.mcc300.3gppnetwork.org:
type NAPTR, class IN, order 100, preference 50000, flags a
            Name: pgw02.PHLA.sa002.so.node.epc.mnc420.mcc300.3gppnetwork.org
            Type: NAPTR (Naming authority pointer)
            Class: IN (0x0001)
            Time to live: 30 minutes
            Data length: 99
            Order: 100
            Preference: 50000
            Flags length: 1
            Flags: "a"
            Service length: 21
            Service: "x-3gpp-pgw:x-s2a-pmip"
            Regex length: 0
            Regex: ""
            Replacement length: 70
            Replacement: topon.lb2.pgw02.PHLA.sa002.so.node.epc.
mnc420.mcc300.3gppnetwork.org


        pgw02.PHLA.sa002.so.node.epc.mnc420.mcc300.3gppnetwork.org:
type NAPTR, class IN, order 100, preference 50000, flags a
            Name: pgw02.PHLA.sa002.so.node.epc.mnc420.mcc300.3gppnetwork.org
            Type: NAPTR (Naming authority pointer)
            Class: IN (0x0001)
            Time to live: 30 minutes
            Data length: 97
            Order: 100
            Preference: 50000
            Flags length: 1
            Flags: "a"
            Service length: 19
            Service: "x-3gpp-pgw:x-s5-gtp"
            Regex length: 0
            Regex: ""
            Replacement length: 70
            Replacement: topon.lb1.pgw02.PHLA.sa002.so.node.epc.
mnc420.mcc300.3gppnetwork.org

    Additional records
        <Root>: type OPT
            Name: <Root>
            Type: OPT (EDNS0 option)
            UDP payload size: 4096
            Higher bits in extended RCODE: 0x0
            EDNS0 version: 0
            Z: 0x0
            Data length: 0

Frame 27: 161 bytes on wire (1288 bits), 161 bytes captured (1288 bits)
Linux cooked capture
Internet Protocol Version 6, Src: HSGW, Dst: DNS_Server
User Datagram Protocol, Src Port: 50002 (50002), Dst Port: domain (53)
Domain Name System (query)
    [Response In: 28]
    Transaction ID: 0x07b6
    Flags: 0x0100 Standard query
    Questions: 1
    Answer RRs: 0
    Authority RRs: 0
    Additional RRs: 1
    Queries
        topon.lb2.pgw02.PHLA.sa002.so.node.epc.mnc420.mcc300.3gppnetwork.org:
type AAAA, class IN

    Additional records
        <Root>: type OPT
            Name: <Root>
            Type: OPT (EDNS0 option)
            UDP payload size: 4096
            Higher bits in extended RCODE: 0x0
            EDNS0 version: 0
            Z: 0x0
            Data length: 0

Frame 28: 189 bytes on wire (1512 bits), 189 bytes captured (1512 bits)
Linux cooked capture
Internet Protocol Version 6, Src: DNS_Server , Dst: HSGW
User Datagram Protocol, Src Port: domain (53), Dst Port: 50002 (50002)
Domain Name System (response)
    [Request In: 27]
    [Time: 0.007622000 seconds]
    Transaction ID: 0x07b6
    Flags: 0x8580 Standard query response, No error
    Questions: 1
    Answer RRs: 1
    Authority RRs: 0
    Additional RRs: 1
    Queries
        topon.lb2.pgw02.PHLA.sa002.so.node.epc.mnc420.mcc300.3gppnetwork.org:
type AAAA, class IN

    Answers
        topon.lb2.pgw02.PHLA.sa002.so.node.epc.mnc420.mcc300.3gppnetwork.org:
type AAAA, class IN, addr 2001:5555:200:1000:201:201::
            Name: topon.lb2.pgw02.PHLA.sa002.so.node.epc.mnc420.mcc300.3gppnetwork.org
            Type: AAAA (IPv6 address)
            Class: IN (0x0001)
            Time to live: 30 minutes
            Data length: 16
            Addr: 2001:5555:200:1000:201:201::
    Additional records
        <Root>: type OPT
            Name: <Root>
            Type: OPT (EDNS0 option)
            UDP payload size: 4096
            Higher bits in extended RCODE: 0x0
            EDNS0 version: 0
            Z: 0x0
            Data length: 0

日志

功能在连接大量拒绝在两分钟内内的错误触发为中断方案的DNS客户端配置的IP地址重新绑定的版本12.2被添加了。示例日志条目是:

[vpn 5795 error] [1/0/30805 <vpnmgr:4> vpnmgr_msg.c:13773] 
[context: Ingress, contextID: 4]  [software internal system syslog]
Ingress: Rebinding DNS-CLIENT as connection refused errors
(<# of failures>) occuring continously

示例:

Jun  2 00:03:36 [10.142.250.226.171.216] evlogd: [local-60sec36.031] 
[vpn 5450 error] [1/0/30805 <vpnmgr:4> vpnmgr_msg.c:13680] [context: Ingress,
contextID: 4]  [software internal system syslog] Connection
refused for DNS query on QNAME:APN1.apn.epc.mnc420.mcc300.3gppnetwork.org
and QTYPE:NAPTR....... Many more of these logs

Jun  2 00:05:35 [10.142.250.226.171.216] evlogd: [local-60sec35.058]
[vpn 5450 error] [1/0/30805 <vpnmgr:4> vpnmgr_msg.c:13680]
[context: Ingress, contextID: 4]  [software internal system syslog]
Connection refused for DNS query on QNAME:APN1.apn.epc.mnc420.mcc300.3gppnetwork.org
and QTYPE:NAPTR

Jun  2 00:05:35 [10.142.250.226.171.216] evlogd: [local-60sec35.058]
[vpn 5795 error] [1/0/30805 <vpnmgr:4> vpnmgr_msg.c:13773]
[context: Ingress, contextID: 4]  [software internal system syslog]
Ingress: Rebinding DNS-CLIENT as connection refused errors (3132) occuring continously

数据包捕获

一些不易处理的DNS问题被看到了数据包捕获是必要为了确定的地方什么发送和从DNS服务器的接收的上一步。统计信息和监视器协议也许不提供足够的信息。

  • 作为故障排除流程一部分,技术支持有能力获取DNS数据包用TCP转储设备,并且也许建议方法。
  • 根据干预,并且能协商TCP/IP连接的所有防火墙可以是重要的捕获点。多次捕获点也许是必要查找问题的根本原因。
  • 请使用跟随TCP数据流菜单选项在Wireshark为了过滤特定TCP连接为了更加容易地导航在大文件的多TCP数据流。

排除故障DNS,它与呼叫控制关连

如前面提到, DNS单独不作用,但是它是呼叫控制控制流启动器或组件。例如,一旦eHRPD, DNS在呼叫要求,当PGW连接到需要确定。如果失败发生在这一点上流,则适当的呼叫控制统计信息反射此。

显示hsgw服务统计信息

如果DNS失败,请勿期待“PGW联机”与增加相反。由于呼叫在尝试前做请求失效到PGW, “请显示mag统计信息”不会捕获此(没有捆绑更新为那些事件计数Sent)

示例:

[Ingress]HSGW> show hsgw statistics all
Monday June 02 00:49:06 UTC 2014

    Total PDNs Rejected Reason:
    No PGW Available:   9549866

[Ingress]HSGW> show hsgw statistics all
Monday June 02 00:49:16 UTC 2014

No PGW Available:   9554113

箴言报用户

注意DNS数据包在监视器用户没有捕获。即使他们由个体用户活动触发,他们工作对立于给的用户,并且必须由监视器协议捕获如讨论前。

DNS infrastrucControl消息例如“APN <APN Name>的没有LMA地址联机在用户配置文件,失败的PDN连接”出现,并且VSNCP ConfRej发送给有"Error-Code(6)=No-PDN-GW-Available(3)"的用户。

示例:

INBOUND>>>>  00:25:26:925 Eventid:25000(0)	PPP Rx PDU (72)	VSNCP 72: 
Conf-Req(2), OUI=cf0002(3GPP2) , PDN-ID(1)=00, PDN-APN-Name(2)=\013APN1,
PDN-Type(3)=IPv4,IPv6(3), PDN-Address(4)=(Null), PCO(5)
{Protocol(0) = PPP(0),{IPCP

(1):  Conf-Req(1), Pri-DNS=0.0.0.0, Sec-DNS=0.0.0.0},IPv6-DNS-Address(2)=Req,IP-Address-
Allocation-via-NAS-Signaling(3),}, Attach-Type(7)=Initial(1),
IPv4-Default-Router-Address(8)=0.0.0.0, Address-Allocation-Cause(9)=Null(0)

***CONTROL*** 00:25:27:054 Eventid:11813
No LMA address available for APN <APN1> in subscriber profile, PDN connection  failed

Monday June 02 2014
<<<<OUTBOUND  00:25:27:054 Eventid:25001(0)
PPP Tx PDU (14)
VSNCP 14:          Conf-Req(1), OUI=cf0002(3GPP2) , PDN-ID(1)=00

Monday June 02 2014
<<<<OUTBOUND  00:25:27:054 Eventid:25001(0)
PPP Tx PDU (52)
VSNCP 52: Conf-Rej(2), OUI=cf0002(3GPP2) , PDN-ID(1)=00, PDN-APN-Name(2)=\013APN1,
PDN-Type(3)=IPv4,IPv6(3), PDN-Address(4)=(Null), PCO(5){Protocol(0)
= PPP(0),}, Attach-Type(7)=Initial(1), IPv4-Default-Router-Address(8)=0.0.0.0,
Address-Allocation-Cause(9)=Null(0), Error-Code(6)=No-PDN-GW-Available(3)

日志

寻找与呼叫控制涉及的所有错误日志。

示例:

Jun  2 00:25:27 [10.142.250.226.171.216] evlogd: [local-60sec27.054] 
[sessmgr 11813 error] [15/0/5827 <sessmgr:71> sessmgr_mag.c:3595]
[callid 14ec7ad1] [context: Ingress, contextID: 4]  [software internal
system protocol-log syslog] No LMA address available for APN <APN1> in
subscriber profile, PDN connection failed

相关信息



Document ID: 119178