一提起搭建DNS服务器,你可能会想到Bind这些Linux下的DNS工具,就像Oracle Linux下内网DNS服务器的配置里的那样,配置Bind,编写正解文件,再编写反解文件。步骤比较繁琐,尤其是正解、反解文件的格式很反人类,容易出错。
其实,除了Bind这种比较复杂的DNS服务之外,Linux系统中还提供了一种更轻量级的DNS服务,也就是本文的主角dnsmasq。它比较适合本地的小型网络,尤其是在虚拟、测试环境中为各个虚拟机提供DNS和DHCP服务。
在macOS中,通过homebrew安装,也可以使用dnsmasq。本文的目的就是将macOS作为一个虚拟局域网(192.168.78.)的DNS服务器(本机的IP地址为192.168.78.1),为本机以及各个虚拟主机提供局域网的DNS服务。接下来就是简单的配置步骤。
如果你的macOS中没有安装homebrew的话,用下面的命令1:
- $ /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
之后就可以用homebrew进行安装了:
- $ brew install dnsmasq
- Updating Homebrew...
- ==> Auto-updated Homebrew!
- Updated 1 tap (homebrew/core).
- ==> Updated Formulae
- gnupg
- ==> Downloading https://mirrors.ustc.edu.cn/homebrew-bottles/bottles/dnsmasq-2.7
- ######################################################################## 100.0%
- ==> Pouring dnsmasq-2.76.sierra.bottle.tar.gz
- ==> Caveats
- To configure dnsmasq, copy the example configuration to /usr/local/etc/dnsmasq.conf
- and edit to taste.
- cp /usr/local/opt/dnsmasq/dnsmasq.conf.example /usr/local/etc/dnsmasq.conf
- To have launchd start dnsmasq now and restart at startup:
- sudo brew services start dnsmasq
- ==> Summary
- 🍺 /usr/local/Cellar/dnsmasq/2.76: 7 files, 504.7KB
上面的安装提示信息中说的已经很明白了,需要把一个示例用的配置文件复制到/usr/local/etc/dnsmasq.conf来进行配置。什么?没注意看上面的信息,好吧,用下面的命令再看一次:
- $ brew info dnsmasq
- dnsmasq: stable 2.76 (bottled)
- Lightweight DNS forwarder and DHCP server
- http://www.thekelleys.org.uk/dnsmasq/doc.html
- ...
- To configure dnsmasq, copy the example configuration to /usr/local/etc/dnsmasq.conf
- and edit to taste.
- cp /usr/local/opt/dnsmasq/dnsmasq.conf.example /usr/local/etc/dnsmasq.conf
- To have launchd start dnsmasq now and restart at startup:
- sudo brew services start dnsmasq
照做就行:
- $ cp /usr/local/opt/dnsmasq/dnsmasq.conf.example /usr/local/etc/dnsmasq.conf
修改配置文件/usr/local/etc/dnsmasq.conf。刚才拷贝过来的文件中,默认所有的选项都是注释掉的,只需要修改下面两个选项:
- # By default, dnsmasq will send queries to any of the upstream
- # servers it knows about and tries to favour servers to are known
- # to be up. Uncommenting this forces dnsmasq to try each query
- # with each server strictly in the order they appear in
- # /etc/resolv.conf
- strict-order
- <此处省略好多字...>
- # Or which to listen on by address (remember to include 127.0.0.1 if
- # you use this.)
- listen-address=192.168.78.1,127.0.0.1
解释一下:
到此为止,dnsmasq的配置文件就编辑完了。
那么问题来了:局域网中主机地址与域名的对应关系在哪里配置呢?
答:在/etc/hosts文件中进行配置。
原来,在默认情况下,dnsmasq在解析一个域名时,会首先查找/etc/hosts文件中的定义,如果找不到的话,再去/etc/resolv.conf中去找。当然,这个动作也是可以配置的,在配置文件中说明如下:
- # If you don't want dnsmasq to read /etc/hosts, uncomment the
- # following line.
- #no-hosts
- # or if you want it to read another file, as well as /etc/hosts, use
- # this.
- #addn-hosts=/etc/banner_add_hosts
这里要按照实际的需要来定义,本文环境中的/etc/hosts文件内容如下:
- $ sudo vim /etc/hosts
- ##
- # Host Database
- #
- # localhost is used to configure the loopback interface
- # when the system is booting. Do not change this entry.
- ##
- 127.0.0.1 localhost, KMAC.local
- 255.255.255.255 broadcasthost
- ::1 localhost
- 192.168.78.122 ora12c, ora12c.example.com
- 192.168.78.73 rhel7, rhel7.example.com
- 192.168.78.113 sol11, sol11.example.com
按照brew info dnsmasq的提示,输入下面命令就可以启动服务,并且会开机自动启动:
- $ sudo brew services start dnsmasq
- Password:
- ==> Successfully started `dnsmasq` (label: homebrew.mxcl.dnsmasq)
上面的命令会将/usr/local/opt/dnsmasq/homebrew.mxcl.dnsmasq.plist自动复制为/Library/LaunchDaemons/homebrew.mxcl.dnsmasq.plist,这就是dnsmasq服务描述文件。这里多说几句,macOS用launchd(类似于Linux的systemd,或者init)来启动后台服务,LaunchDaemon会在开机时自动启动。启动时读入的就是这些”.plist”文件(Property List File),要关闭和重启服务的话,可以使用下面的命令:
- $ sudo launchctl stop homebrew.mxcl.dnsmasq
- $ sudo launchctl start homebrew.mxcl.dnsmasq
先看看外部域名能不能正常解析到:
- $ dig baidu.com
- ; <<>> DiG 9.8.3-P1 <<>> baidu.com
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64468
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0
- ;; QUESTION SECTION:
- ;baidu.com. IN A
- ;; ANSWER SECTION:
- baidu.com. 30 IN A 123.125.114.144
- baidu.com. 30 IN A 220.181.57.217
- baidu.com. 30 IN A 180.149.132.47
- baidu.com. 30 IN A 111.13.101.208
- ;; Query time: 9 msec
- ;; SERVER: 10.0.31.199#53(10.0.31.199)
- ;; WHEN: Tue May 16 11:40:52 2017
- ;; MSG SIZE rcvd: 91
没有问题,再看看本地局域网域名的解析情况如何(这一步最好到从其他主机上进行测试,本机测试意义不大,因为/etc/hosts总是会解析成功的):
- $ dig rhel7
- ; <<>> DiG 9.8.3-P1 <<>> rhel7
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30445
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
- ;; QUESTION SECTION:
- ;rhel7. IN A
- ;; Query time: 1 msec
- ;; SERVER: 10.0.31.199#53(10.0.31.199)
- ;; WHEN: Tue May 16 11:42:21 2017
- ;; MSG SIZE rcvd: 23
一共五条命令即可搞定:
- $ brew install dnsmasq
- $ cp /usr/local/opt/dnsmasq/dnsmasq.conf.example /usr/local/etc/dnsmasq.conf
- $ cat >> /usr/local/etc/dnsmasq.conf << EOF
- strict-order
- listen-address=192.168.78.1,127.0.0.1
- EOF
- $ sudo cat >> /etc/hosts << EOF
- 192.168.78.122 ora12c, ora12c.example.com
- 192.168.78.73 rhel7, rhel7.example.com
- 192.168.78.113 sol11, sol11.example.com
- EOF
- $ sudo brew services start dnsmasq
其实,关于dnsmasq网上有一大堆的教程,本文只用了最简单的步骤,使用dnsmasq的默认配置,保证在最短的时间内让DNS服务器跑起来。如果你感兴趣的话,可以仔细研究一下dnsmasq的配置文件,注释写的很详细,可以尝试配置一下DHCP服务。
湘公网安备 43102202000103号
