Dnsmasq:让DNS智能查询

继上一篇 树莓派Raspberry Pi 使用Tcp-DNS-proxy+Dnsmasq做DNS缓存服务器 后Dropbox可以用了,原来Dropbox墙的还算好,仅仅是DNS污染.

但是又有个问题,tcp-dns-proxy 提供的国外的dns列表基本被墙了,导致每次所有查询高达1000ms+,这种速度让人无法接受的.

能让它智能的解析,国内的域名走国内的dns并缓存,国外的走国外.我们的问题就解决了.而Dnsmasq支持这样子的配置.


# 建立dnsmasq.d目录

root@linsirpi:~# mkdir /etc/dnsmasq.d
root@linsirpi:~# echo "conf-dir=/etc/dnsmasq.d" >> /etc/dnsmasq.conf

# 添加国内域名列表

这个列表可以自己维护添加, 我在网上找到现成的,就用别人的了,当然你可以自行完善.

cd /etc/dnsmasq.d
wget  --no-check-certificate https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/accelerated-domains.china.conf
wget  --no-check-certificate https://raw.githubusercontent.com/felixonmars/dnsmasq-china-list/master/bogus-nxdomain.china.conf

这里我整理了一份.

wget  --no-check-certificate https://raw.githubusercontent.com/vi5i0n/pyscripts/master/dnsmasq/accelerated-domains.china.conf

# 最后重启服务

systemctl restart dnsmasq

# 更改前后对比:

[root@linsirpi ~]# dig sina.com

; <<>> DiG 9.9.2-P2 <<>> sina.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39274
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;sina.com.      IN  A

;; ANSWER SECTION:
sina.com.   60  IN  A 12.130.132.30

;; Query time: 627 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Nov 16 09:37:33 2014
;; MSG SIZE  rcvd: 53

[root@linsirpi ~]# dig sina.com.cn

; <<>> DiG 9.9.2-P2 <<>> sina.com.cn
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40569
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;sina.com.cn.     IN  A

;; ANSWER SECTION:
sina.com.cn.    30  IN  A 202.108.33.60

;; Query time: 48 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Nov 16 09:40:43 2014
;; MSG SIZE  rcvd: 56

Enjoy it .


补充:

Dnsmasq 还可以去广告哦.原理跟上面的一样. 列表在这里:

<http://pgl.yoyo.org/adservers/serverlist.php?hostformat=dnsmasq;showintro=0>

下载之放到**/etc/dnsmasq.d/**,重启服务即可.

--EOF--


>看不到评论?GFW!!!