Use Dnsmasq to build your own DNS server
foreword
I recently bought an iPad mini, and in the process of constant tossing and tossing, I found something that made me very, very speechless... It is still related to the network, that is, under normal circumstances, the connection speed of the App Store in the iPad mini is quite slow, It is so slow that I need to go to the home page of the App Store software for 20~30s to be able to access it successfully, so the situation of downloading an application can be imagined. Because when writing wyatt_hosts , it is also in order to solve the problem of Mac OS on iMac. The problem of slow update, so basically the same solution for iPad mini.
Before I thought of tossing a dnsmasq, I also searched for other solutions on the Internet, such as V2EX DNS, but for me, on the iPad mini, I also need other fast access, such as Google Drive, etc., and these problems The solutions are all in that hosts file, it would be nice if I could jailbreak the iPad mini...
Initial recognition
Since the iPad mini is not jailbroken, the only way I can think of now is to build a dns server by myself, search the Internet for linux dns, mac os dns in many cases, use bind 9 software, when I read some configuration guides Later ( for example ), to be honest, I was intimidated by TT's super complicated... Then, I saw another paragraph in a certain article "using dnsmasq for dns caching" attracted me, which led me to search. dnsmasq , lol, It is designed to provide DNS and, optionally, DHCP, to a small network. This is great, and for my purposes, bind 9 is a very popular and battle-tested dns server, but it also means Do I need to toss a behemoth for the 20% functions that I don't need? So I finally chose the lighter dnsmasq.
Install
It is very convenient to install software under *nix, because I am a Mac OS, so I first brew search dnsm
searched to see if there is any ready-made, and I found it. Next brew install dnsmasq
, after a series of script installations, I got a paragraph:
To configure dnsmasq, copy the example configuration to /usr/local/etc/dnsmasq.conf and edit to taste.
cp /usr/local/Cellar/dnsmasq/2.61/dnsmasq.conf.example /usr/local/etc/dnsmasq.conf
To load dnsmasq automatically on startup, install and load the provided launchd item as follows:
sudo cp /usr/local/Cellar/dnsmasq/2.61/homebrew.mxcl.dnsmasq.plist /Library/LaunchDaemons sudo launchctl load -w /Library/LaunchDaemons/homebrew.mxcl.dnsmasq.plist
Configuring Autoboot on Mac OS Unless I read this doc, I'm really confused...
configure
See a dnsmasq.conf file, it still needs a little configuration, but very, very little.
- Configure the upstream dns server of dnsmasq; (this is a dns cache, so it still needs an upstream server to perform a domain name resolution)
- Configure the system's dns server, set dnsmasq to look in the first place
- Set the IP address that dnsmasq needs to listen to, so that other servers can find him
Corresponding to the above three things, there are only 4 configurations. Don't open dnsmasq.conf and be shocked when you see a large piece of content.
- First configure resolv-file=/etc/resolv.dnsmasq.conf This parameter indicates that dnsmasq will find the upstream dns server from this specified file
- Add 127.0.0.1 to the first line of the /etc/resolv.conf file to let the system first look for
strict-order
the until a successful parsing succeeds - Make sure to comment it out
no-hosts
, it is commented out by default, dnsmasq will first look for the local hosts file, then look for the cached domain name, and finally look for the upstream dns server. - Setting
listen-address=127.0.0.1
, indicating that this dnsmasq machine is valid for its own use. - There is a pit listen-addres here , it took me a long time to climb out..
In these configurations, the parameters of listen-address have been tricking me for a long time, and finally I can understand how to configure it. For example, I also need to allow other servers in the LAN to access this dnsmasq first for domain name resolution. How to configure? listen-address=192.168.1.100
(where dnsmasq is located ip in the server LAN), well, so the 127.0.0.1 configured by your local machine will have no effect... If it is set to listen-address=127.0.0.1
that , other servers in the LAN will not be able to access this dnsmasq, in fact, it should be set listen-address=192.168.1.100,127.0.0.1
like this so that you can satisfy both parties However, it should be noted that if the ip address of the server where dnsmasq is located in the LAN has changed and is different from the one in the configuration file, then the ip in the configuration file will be used as a matter of course, and other servers in the LAN will not be able to find it. If you use dnsmasq, you will not be able to use the local dns cache.
Summary
Finally, to summarize, it can be quickly deployed.
resolv.conf 1 2 |
|
1 2 3 4 |
|
1 2 3 |
|
After setting the above, let's start dnsmasq:
- Manual start:
sudo dnsmasq
just it. - Mac OS starts automatically after booting, which is how I set it now. First run it to
brew info dnsmasq
check software information, and see a sentenceTo load dnsmasq: sudo launchctl load /Library/LaunchDaemons/homebrew.mxcl.dnsmasq.plist
Just do it, note that the use of different versions of Homebrew will be slightly different, in version 0.9.4, it is simplified, you don't need to copy a plist file under Mac OS by yourself (the specific answer can be found in /usr/local /Library/Formula/dnsmasq.rb).
closure
If you want to close it, just use *nix to ps ax | grep dns
find pid and then kill -9 [pid]
just do it, because -9 is a SIGKILL signal. At the same time, if you want dnsmasq to clear all cached dns records, send a SIGHUP(1) signal to pid. kill -1 [pid]
These can be passed man dnsmasq
to see.
test
The last thing is to test whether the test works. This is the easiest, just use the dig
command , execute it more than 2 times, and check the result of "Query time: x msec" returned. If x=0 after the second time, Then the configuration is successful.
Example: dig google.com
View detailed results
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
|
dig baidu.com +short
Just look at the resolved ip
1 2 3 |
|
Turn on dnsmasq on the computer, then connect the iPad mini to the LAN, set the first DNS service to the ip where the dnsmasq server is located, the second to V2EX, and the third to 8.8.8.8 (in English, separated by ). This time, when downloading the app from the App Store, I can finally see the obvious progress bar scrolling TT