个人工具

“UbuntuHelp:Dnsmasq”的版本间的差异

来自Ubuntu中文

跳转至: 导航, 搜索
第1行: 第1行:
 
{{From|https://help.ubuntu.com/community/Dnsmasq}}
 
{{From|https://help.ubuntu.com/community/Dnsmasq}}
 
{{Languages|UbuntuHelp:Dnsmasq}}
 
{{Languages|UbuntuHelp:Dnsmasq}}
==== Worth a note here: ====
+
== Introduction ==
I didn't use dnsmasq for its dhcp - I used it for its dns. If dhcp help added would be A Good Thing, just let me know and I'll work it out :)
+
DNSmasq provides two services, either of which can be used independently.
Note from Ubuntu:HervéFache: you can find additional information on how to setup Dnsmasq on the [[UbuntuHelp:UbuntuWirelessRouter|UbuntuWirelessRouter]] page.
+
* DNS service
=== Preparation ===
+
* DHCP service (including features relating to network boot)
First we are going to do something seemingly unrelated - we will make a new resolv.conf, but call it '/etc/nameservers' (the filename is arbitary, but seemed like a good choice).
+
A local DNS cache can speed up internet browsing because your browser will not need to go to another server, or across the internet, when it looks up a domain name you've used before, e.g. google.com
To do this, open a terminal, and run 'host' on your ISP's nameservers (mine are just below)
+
DHCP allows your computer to allocate network addresses to other computers on your wired or wireless network. A computer needs a network address in order to do things like access the internet.
<pre><nowiki>
+
DNSmasq does not do "Internet Connection Sharing" however it does do a lot of the hard work needed in the background. With DNSmasq set up, only two additional commands can set up internet connection sharing (ref?).
kgoetz@server:~$ host ns1.on.net
+
Note that the package "dnsmasq" interferes with Network Manager which can use "dnsmasq-base" to provide DHCP services when sharing an internet connection. Therefore, if you use network manager (fine in simple set-ups only), then install dnsmasq-base, but not dnsmasq. If you have a more complicated set-up, uninstall network manager, use dnsmasq, or similar software (bind9, dhcpd, etc), and configure things by hand.
ns1.on.net has address 216.200.145.64
+
kgoetz@server:~$ host ns2.on.net
+
ns2.on.net has address 192.231.203.2
+
kgoetz@server:~$ host ns3.on.net
+
ns3.on.net has address 192.83.231.19
+
kgoetz@server:~$ host ns4.on.net
+
ns4.on.net has address 192.231.203.3
+
</nowiki></pre>
+
Now takes those lines, and add them to /etc/nameservers
+
In a terminal
+
<pre><nowiki>
+
sudo nano /etc/nameservers
+
</nowiki></pre>
+
and in that file paste lines like to these, but using the output you got above.
+
<pre><nowiki>
+
nameserver 216.200.145.64
+
nameserver 192.231.203.2
+
nameserver 192.83.231.19
+
nameserver 192.231.203.3
+
</nowiki></pre>
+
If you dont have 4 thats fine, but more nameservers=less chance of failure.
+
Having done that, we can move on to the actual install
+
 
=== Setup for dnsmasq ===
 
=== Setup for dnsmasq ===
 
Like much of the Ubuntu packages, dnsmasq is in universe. Make sure its enabled, then run these commands
 
Like much of the Ubuntu packages, dnsmasq is in universe. Make sure its enabled, then run these commands
 
<pre><nowiki>
 
<pre><nowiki>
sudo apt-get update
 
 
sudo apt-get install dnsmasq
 
sudo apt-get install dnsmasq
 
</nowiki></pre>
 
</nowiki></pre>
第41行: 第18行:
 
/etc/dnsmasq.conf
 
/etc/dnsmasq.conf
 
</nowiki></pre>
 
</nowiki></pre>
On the first page of options is one to "... filter useless windows-originated DNS requests which can trigger dial-on-demand links needlessly."
+
but for many people, the default (or empty) file will provide a good DNS cache system.
If your in that situation, you might want to uncomment `filterwin2k`.
+
=== Special Cases ===
How about making use of that file we made before?
+
* On a LAN, e.g. business or university. You do not want to provide name service or DHCP for a thousand colleagues, so add the line:
Uncomment the next option in the config file, and add your nameserver file to the end.
+
<code><nowiki>except-interface=eth0</nowiki></code> if eth0 is your internet/LAN connected interface.
`resolv-file=/etc/nameservers`
+
* Add DHCP server:
Now we can be sure our nameserver is getting its dns from a trusted upstream source, and isnt going to go walkabout.
+
<code><nowiki>dhcp-range=192.168.0.20,192.168.0.254,255.255.255.0</nowiki></code>
Now we dont need to really worry about any settings untill we get down to "# Add domains which you want to force to an IP address here.". This one is fun, as we can point any dns request that comes in to any ip we want. In the mood to spread Ubuntu love? How about all requests to Microsoft.com go... astray? All we need is this option and an ip to redirect to.
+
This range must not clash with your LAN IP address.
<pre><nowiki>
+
address=/microsoft.com/82.211.81.158
+
</nowiki></pre>
+
With this line added to your dnsmasq, visits to Microsoft are a thing of the past. ( Its now pointing to ubuntulinux.org ;) )
+
Heres my current list, perhaps it will grow as needed:
+
<pre><nowiki>
+
address=/doubleclick.net/192.168.0.2
+
address=/googlesyndication.com/192.168.0.2
+
address=/google-analytics.com/192.168.0.2
+
address=/googleadservices.com/192.168.0.2
+
address=/decideinteractive.com/192.168.0.2
+
 
+
# Not blocking redirects (google.com -> google.com.au)
+
address=/google.com/216.239.39.104
+
</nowiki></pre>
+
Its a short list, mainly because with stuff like [[UbuntuHelp:Privoxy|privoxy installed]] there isn't much call for a long one. This is just to weed out servers that privoxy misses, you dont want people visiting, or to put in simple redirects :)
+
Heading down a few lines and we are looking at the interface line. This specifies which Ethernet device to bind to (`eth0`, `eth1` etc), or if you would rather you can use the bind-address just below it and bind it to an IP instead (`127.0.0.1`, `192.168.0.1`, 10.0.1.254`, etc).
+
=== Guess what? We just finished! ===
+
 
Save and exit the file, restart the daemon and you should be running.
 
Save and exit the file, restart the daemon and you should be running.
 
<pre><nowiki>
 
<pre><nowiki>
sudo /etc/init.d/dnsmasq restart
+
sudo invoke-rc.d dnsmasq restart
 
</nowiki></pre>
 
</nowiki></pre>
The last thing that has to be done is editing your /etc/resolv.conf to point to the IP address of dnsmasq - this is the last option you set, so I hope you still remember it :)
+
DNSmasq is now listening on some interfaces for DNS lookups and/or DHCP requests. You can verify this by running:
To your local dns cache address being overwritten in /etc/resolv.conf, you can add the line
+
 
<pre><nowiki>
 
<pre><nowiki>
prepend domain-name-servers 127.0.0.1
+
netstat -ltp
 +
# -l = listen, -t = tcp, -p = show program name
 
</nowiki></pre>
 
</nowiki></pre>
to /etc/dhcp3/dhclient.conf
+
You can add the line:
 +
<code><nowiki>nameserver 127.0.0.1</nowiki></code> to the top of your /etc/resolv.conf file to use the local DNS cache first.
 +
Alternatively, the package '''resolvconf''' sorts all this out automatically.
 
----
 
----
 
[[category:CategoryNetworking]]
 
[[category:CategoryNetworking]]
  
 
[[category:UbuntuHelp]]
 
[[category:UbuntuHelp]]

2009年5月12日 (二) 16:28的版本

Geographylogo.png 文章出处: 

https://help.ubuntu.com/community/Dnsmasq

Geographylogo.png 点击翻译: 

English  • 中文(简体)‎

请不要直接编辑翻译本页,本页将定期与来源同步。

Introduction

DNSmasq provides two services, either of which can be used independently.

  • DNS service
  • DHCP service (including features relating to network boot)

A local DNS cache can speed up internet browsing because your browser will not need to go to another server, or across the internet, when it looks up a domain name you've used before, e.g. google.com DHCP allows your computer to allocate network addresses to other computers on your wired or wireless network. A computer needs a network address in order to do things like access the internet. DNSmasq does not do "Internet Connection Sharing" however it does do a lot of the hard work needed in the background. With DNSmasq set up, only two additional commands can set up internet connection sharing (ref?). Note that the package "dnsmasq" interferes with Network Manager which can use "dnsmasq-base" to provide DHCP services when sharing an internet connection. Therefore, if you use network manager (fine in simple set-ups only), then install dnsmasq-base, but not dnsmasq. If you have a more complicated set-up, uninstall network manager, use dnsmasq, or similar software (bind9, dhcpd, etc), and configure things by hand.

Setup for dnsmasq

Like much of the Ubuntu packages, dnsmasq is in universe. Make sure its enabled, then run these commands 

sudo apt-get install dnsmasq

dnsmasq can be configured by editing the file 

/etc/dnsmasq.conf

but for many people, the default (or empty) file will provide a good DNS cache system.

Special Cases

  • On a LAN, e.g. business or university. You do not want to provide name service or DHCP for a thousand colleagues, so add the line:

except-interface=eth0 if eth0 is your internet/LAN connected interface.

  • Add DHCP server:

dhcp-range=192.168.0.20,192.168.0.254,255.255.255.0 This range must not clash with your LAN IP address. Save and exit the file, restart the daemon and you should be running. 

sudo invoke-rc.d dnsmasq restart

DNSmasq is now listening on some interfaces for DNS lookups and/or DHCP requests. You can verify this by running: 

netstat -ltp
# -l = listen, -t = tcp, -p = show program name

You can add the line: nameserver 127.0.0.1 to the top of your /etc/resolv.conf file to use the local DNS cache first. Alternatively, the package resolvconf sorts all this out automatically.

取自“https://wiki.ubuntu.org.cn/index.php?title=UbuntuHelp:Dnsmasq&oldid=114803