Bonjour !
voilà les éléments de réponse.
Je sépare en plusieurs blocs pour plus de lisibilité
Code : Tout sélectionner
$ resolvectl
Global
LLMNR setting: yes
MulticastDNS setting: yes
DNSOverTLS setting: no
DNSSEC setting: allow-downgrade
DNSSEC supported: yes
Fallback DNS Servers: 1.1.1.1
9.9.9.10
8.8.8.8
2606:4700:4700::1111
2620:fe::10
2001:4860:4860::8888
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 3 (wlp3s0)
Current Scopes: DNS LLMNR/IPv4
DefaultRoute setting: yes
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: allow-downgrade
DNSSEC supported: yes
Current DNS Server: 192.168.1.1
DNS Servers: 192.168.1.1
Link 2 (enp0s25)
Current Scopes: DNS LLMNR/IPv4
DefaultRoute setting: yes
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: allow-downgrade
DNSSEC supported: yes
Current DNS Server: 192.168.1.1
DNS Servers: 192.168.1.1
------------------------
Code : Tout sélectionner
$ cat /etc/resolv.conf
# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients directly to
# all known uplink DNS servers. This file lists all configured search domains.
#
# Third party programs must not access this file directly, but only through the
# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
# replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
nameserver 192.168.1.1
------------------
Code : Tout sélectionner
$ systemd-resolve www.archlinux.org
www.archlinux.org: 138.201.81.199 -- link: enp0s25
(apollo.archlinux.org)
-- Information acquired via protocol DNS in 24.2ms.
-- Data is authenticated: no
----------------------
Code : Tout sélectionner
$ dig +dnssec +multi www.archlinux.org
; <<>> DiG 9.14.1 <<>> +dnssec +multi www.archlinux.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8352
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1460
; COOKIE: c57c60a16cfcc40f9ab348d75cc44b4aaa559c73801985e9 (good)
;; QUESTION SECTION:
;www.archlinux.org. IN A
;; ANSWER SECTION:
www.archlinux.org. 2806 IN CNAME apollo.archlinux.org.
apollo.archlinux.org. 3112 IN A 138.201.81.199
;; Query time: 13 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: sam. avril 27 14:30:02 CEST 2019
;; MSG SIZE rcvd: 111
-------------------
Code : Tout sélectionner
$ dig +dnssec +multi @1.1.1.1 www.archlinux.org
; <<>> DiG 9.14.1 <<>> +dnssec +multi @1.1.1.1 www.archlinux.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23209
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1452
;; QUESTION SECTION:
;www.archlinux.org. IN A
;; ANSWER SECTION:
www.archlinux.org. 3226 IN CNAME apollo.archlinux.org.
apollo.archlinux.org. 3237 IN A 138.201.81.199
;; Query time: 8 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: sam. avril 27 14:34:31 CEST 2019
;; MSG SIZE rcvd: 83
--------------------------
Pour les DNS, ma Livebox me donne :
Adresse IP du DNSv4 primaire : 80.10.246.1
Adresse IP du DNSv4 secondaire : 81.253.149.9
Adresse IP du DNSv6 primaire : rien
Adresse IP du DNSv6 secondaire : rien
Code : Tout sélectionner
$ dig +dnssec +multi @80.10.246.1 www.archlinux.org
; <<>> DiG 9.14.1 <<>> +dnssec +multi @80.10.246.1 www.archlinux.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54822
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1460
; COOKIE: 53afdad973e7b4017a1b1c875cc452e1350b6d3301bb706e (good)
;; QUESTION SECTION:
;www.archlinux.org. IN A
;; ANSWER SECTION:
www.archlinux.org. 863 IN CNAME apollo.archlinux.org.
apollo.archlinux.org. 1169 IN A 138.201.81.199
;; Query time: 13 msec
;; SERVER: 80.10.246.1#53(80.10.246.1)
;; WHEN: sam. avril 27 15:02:25 CEST 2019
;; MSG SIZE rcvd: 111
----
Code : Tout sélectionner
$ dig +dnssec +multi @81.253.149.9 www.archlinux.org
; <<>> DiG 9.14.1 <<>> +dnssec +multi @81.253.149.9 www.archlinux.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22647
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1460
; COOKIE: 4583ed5def2dbb2614e3b6705cc45334fc635e8faafa31a9 (good)
;; QUESTION SECTION:
;www.archlinux.org. IN A
;; ANSWER SECTION:
www.archlinux.org. 635 IN CNAME apollo.archlinux.org.
apollo.archlinux.org. 335 IN A 138.201.81.199
;; Query time: 8 msec
;; SERVER: 81.253.149.9#53(81.253.149.9)
;; WHEN: sam. avril 27 15:03:48 CEST 2019
;; MSG SIZE rcvd: 111
============================
systemd-resolve example.net
dig +dnssec +multi example.net
dig +dnssec +multi @1.1.1.1 example.net
dig +dnssec +multi @W.X.Y.Z example.net
--------------------
Code : Tout sélectionner
$ systemd-resolve example.net
example.net: 93.184.216.34 -- link: enp0s25
-- Information acquired via protocol DNS in 294.7ms.
-- Data is authenticated: yes
-------------------
Code : Tout sélectionner
$ dig +dnssec +multi example.net
; <<>> DiG 9.14.1 <<>> +dnssec +multi example.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4559
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1460
; COOKIE: 12c7dc53e6c9187a7ed3a46f5cc45393cf2ce560a82b870d (good)
;; QUESTION SECTION:
;example.net. IN A
;; ANSWER SECTION:
example.net. 86357 IN A 93.184.216.34
example.net. 86357 IN RRSIG A 8 2 86400 (
20190504054552 20190412191956 871 example.net.
i+8gHVzmB/P7ISyaN6++AQv4v3j/xR0SlFIrfBAbv9ZY
mI6xNOf1CdjtcCYuzsXIJafPXWQ8QyHsyx+M+ed3cm3z
Ebdf9nXXe8V3lCRbMoqNz7ZFLdwSSMGTJOHDo0RgLWV8
UmpY/+dPt6pKZ/L02ewqsRD3CLezJlO9BV56dAk= )
;; Query time: 13 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: sam. avril 27 15:05:23 CEST 2019
;; MSG SIZE rcvd: 255
------------------
Code : Tout sélectionner
$ dig +dnssec +multi @1.1.1.1 example.net
; <<>> DiG 9.14.1 <<>> +dnssec +multi @1.1.1.1 example.net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31668
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1452
;; QUESTION SECTION:
;example.net. IN A
;; ANSWER SECTION:
example.net. 6272 IN A 93.184.216.34
example.net. 6272 IN RRSIG A 8 2 86400 (
20190504054552 20190412191956 871 example.net.
i+8gHVzmB/P7ISyaN6++AQv4v3j/xR0SlFIrfBAbv9ZY
mI6xNOf1CdjtcCYuzsXIJafPXWQ8QyHsyx+M+ed3cm3z
Ebdf9nXXe8V3lCRbMoqNz7ZFLdwSSMGTJOHDo0RgLWV8
UmpY/+dPt6pKZ/L02ewqsRD3CLezJlO9BV56dAk= )
;; Query time: 8 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: sam. avril 27 15:07:09 CEST 2019
;; MSG SIZE rcvd: 227
-------------------------
Code : Tout sélectionner
$ dig +dnssec +multi @80.10.246.1 example.net
; <<>> DiG 9.14.1 <<>> +dnssec +multi @80.10.246.1 example.net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59324
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1460
; COOKIE: f4f446bc11c8f8af73584ad45cc454355a47e5f8644a720b (good)
;; QUESTION SECTION:
;example.net. IN A
;; ANSWER SECTION:
example.net. 86195 IN A 93.184.216.34
example.net. 86195 IN RRSIG A 8 2 86400 (
20190504054552 20190412191956 871 example.net.
i+8gHVzmB/P7ISyaN6++AQv4v3j/xR0SlFIrfBAbv9ZY
mI6xNOf1CdjtcCYuzsXIJafPXWQ8QyHsyx+M+ed3cm3z
Ebdf9nXXe8V3lCRbMoqNz7ZFLdwSSMGTJOHDo0RgLWV8
UmpY/+dPt6pKZ/L02ewqsRD3CLezJlO9BV56dAk= )
;; Query time: 13 msec
;; SERVER: 80.10.246.1#53(80.10.246.1)
;; WHEN: sam. avril 27 15:08:05 CEST 2019
;; MSG SIZE rcvd: 255
----------------------------------
Code : Tout sélectionner
$ dig +dnssec +multi @81.253.149.9 example.net
; <<>> DiG 9.14.1 <<>> +dnssec +multi @81.253.149.9 example.net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51039
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1460
; COOKIE: 79b8610e8f4b88fdb452651a5cc4545d2dd9bf29dfb45e16 (good)
;; QUESTION SECTION:
;example.net. IN A
;; ANSWER SECTION:
example.net. 86400 IN A 93.184.216.34
example.net. 86400 IN RRSIG A 8 2 86400 (
20190504054552 20190412191956 871 example.net.
i+8gHVzmB/P7ISyaN6++AQv4v3j/xR0SlFIrfBAbv9ZY
mI6xNOf1CdjtcCYuzsXIJafPXWQ8QyHsyx+M+ed3cm3z
Ebdf9nXXe8V3lCRbMoqNz7ZFLdwSSMGTJOHDo0RgLWV8
UmpY/+dPt6pKZ/L02ewqsRD3CLezJlO9BV56dAk= )
;; Query time: 161 msec
;; SERVER: 81.253.149.9#53(81.253.149.9)
;; WHEN: sam. avril 27 15:08:45 CEST 2019
;; MSG SIZE rcvd: 255