您当前的位置:首页 > 计算机 > 系统应用 > macOS

在macOS下用dnsmasq搭建DNS服务器

时间:03-31来源:作者:点击数:

一提起搭建DNS服务器,你可能会想到Bind这些Linux下的DNS工具,就像Oracle Linux下内网DNS服务器的配置里的那样,配置Bind,编写正解文件,再编写反解文件。步骤比较繁琐,尤其是正解、反解文件的格式很反人类,容易出错。

其实,除了Bind这种比较复杂的DNS服务之外,Linux系统中还提供了一种更轻量级的DNS服务,也就是本文的主角dnsmasq。它比较适合本地的小型网络,尤其是在虚拟、测试环境中为各个虚拟机提供DNS和DHCP服务。

在macOS中,通过homebrew安装,也可以使用dnsmasq。本文的目的就是将macOS作为一个虚拟局域网(192.168.78.)的DNS服务器(本机的IP地址为192.168.78.1),为本机以及各个虚拟主机提供局域网的DNS服务。接下来就是简单的配置步骤。

安装dnsmasq

如果你的macOS中没有安装homebrew的话,用下面的命令1

$ /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

之后就可以用homebrew进行安装了:

$ brew install dnsmasq
Updating Homebrew...
==> Auto-updated Homebrew!
Updated 1 tap (homebrew/core).
==> Updated Formulae
gnupg
==> Downloading https://mirrors.ustc.edu.cn/homebrew-bottles/bottles/dnsmasq-2.7
######################################################################## 100.0%
==> Pouring dnsmasq-2.76.sierra.bottle.tar.gz
==> Caveats
To configure dnsmasq, copy the example configuration to /usr/local/etc/dnsmasq.conf
and edit to taste.
  cp /usr/local/opt/dnsmasq/dnsmasq.conf.example /usr/local/etc/dnsmasq.conf
To have launchd start dnsmasq now and restart at startup:
  sudo brew services start dnsmasq
==> Summary
🍺  /usr/local/Cellar/dnsmasq/2.76: 7 files, 504.7KB

配置dnsmasq

上面的安装提示信息中说的已经很明白了,需要把一个示例用的配置文件复制到/usr/local/etc/dnsmasq.conf来进行配置。什么?没注意看上面的信息,好吧,用下面的命令再看一次:

$ brew info dnsmasq
dnsmasq: stable 2.76 (bottled)
Lightweight DNS forwarder and DHCP server
http://www.thekelleys.org.uk/dnsmasq/doc.html
...
To configure dnsmasq, copy the example configuration to /usr/local/etc/dnsmasq.conf
and edit to taste.
  cp /usr/local/opt/dnsmasq/dnsmasq.conf.example /usr/local/etc/dnsmasq.conf
To have launchd start dnsmasq now and restart at startup:
  sudo brew services start dnsmasq

照做就行:

$ cp /usr/local/opt/dnsmasq/dnsmasq.conf.example /usr/local/etc/dnsmasq.conf

修改配置文件/usr/local/etc/dnsmasq.conf。刚才拷贝过来的文件中,默认所有的选项都是注释掉的,只需要修改下面两个选项:

# By  default,  dnsmasq  will  send queries to any of the upstream
# servers it knows about and tries to favour servers to are  known
# to  be  up.  Uncommenting this forces dnsmasq to try each query
# with  each  server  strictly  in  the  order  they   appear   in
# /etc/resolv.conf
strict-order
<此处省略好多字...>
# Or which to listen on by address (remember to include 127.0.0.1 if
# you use this.)
listen-address=192.168.78.1,127.0.0.1

解释一下:

  • strict-order表示在解析一个域名时,dnsmasq会严格按照/etc/resolv.conf文件中定义的DNS服务器的顺序从上到下进行 DNS 解析,直到第一个解析成功为止。/etc/resolv.conf是macOS默认的DNS配置文件,会自动生成。
  • listen-address表示DNS服务会绑定到哪个地址上。如果只是本机使用,那么只需要指定127.0.0.1就可。如果还需要让局域网中的其他主机也能使用这个DNS服务器,还需要加上本机在局域网中的地址,即192.168.78.1,127.0.0.1。换句话说,在192.168.78.这个网段的所有主机都可以指定192.168.78.1为自己的DNS服务器地址。

到此为止,dnsmasq的配置文件就编辑完了。

那么问题来了:局域网中主机地址与域名的对应关系在哪里配置呢?

答:在/etc/hosts文件中进行配置。

原来,在默认情况下,dnsmasq在解析一个域名时,会首先查找/etc/hosts文件中的定义,如果找不到的话,再去/etc/resolv.conf中去找。当然,这个动作也是可以配置的,在配置文件中说明如下:

# If you don't want dnsmasq to read /etc/hosts, uncomment the
# following line.
#no-hosts
# or if you want it to read another file, as well as /etc/hosts, use
# this.
#addn-hosts=/etc/banner_add_hosts

配置本地局域网中的域名和主机映射

这里要按照实际的需要来定义,本文环境中的/etc/hosts文件内容如下:

$ sudo vim /etc/hosts
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting.  Do not change this entry.
##
127.0.0.1	localhost, KMAC.local
255.255.255.255	broadcasthost
::1             localhost
192.168.78.122	ora12c, ora12c.example.com
192.168.78.73   rhel7, rhel7.example.com
192.168.78.113	sol11, sol11.example.com

启动dnsmasq服务

按照brew info dnsmasq的提示,输入下面命令就可以启动服务,并且会开机自动启动:

$ sudo brew services start dnsmasq
Password:
==> Successfully started `dnsmasq` (label: homebrew.mxcl.dnsmasq)

上面的命令会将/usr/local/opt/dnsmasq/homebrew.mxcl.dnsmasq.plist自动复制为/Library/LaunchDaemons/homebrew.mxcl.dnsmasq.plist,这就是dnsmasq服务描述文件。这里多说几句,macOS用launchd(类似于Linux的systemd,或者init)来启动后台服务,LaunchDaemon会在开机时自动启动。启动时读入的就是这些”.plist”文件(Property List File),要关闭和重启服务的话,可以使用下面的命令:

$ sudo launchctl stop homebrew.mxcl.dnsmasq
$ sudo launchctl start homebrew.mxcl.dnsmasq

测试

先看看外部域名能不能正常解析到:

$ dig baidu.com
; <<>> DiG 9.8.3-P1 <<>> baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64468
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;baidu.com.			IN	A
;; ANSWER SECTION:
baidu.com.		30	IN	A	123.125.114.144
baidu.com.		30	IN	A	220.181.57.217
baidu.com.		30	IN	A	180.149.132.47
baidu.com.		30	IN	A	111.13.101.208
;; Query time: 9 msec
;; SERVER: 10.0.31.199#53(10.0.31.199)
;; WHEN: Tue May 16 11:40:52 2017
;; MSG SIZE  rcvd: 91

没有问题,再看看本地局域网域名的解析情况如何(这一步最好到从其他主机上进行测试,本机测试意义不大,因为/etc/hosts总是会解析成功的):

$ dig rhel7
; <<>> DiG 9.8.3-P1 <<>> rhel7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30445
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;rhel7.				IN	A
;; Query time: 1 msec
;; SERVER: 10.0.31.199#53(10.0.31.199)
;; WHEN: Tue May 16 11:42:21 2017
;; MSG SIZE  rcvd: 23

总结

一共五条命令即可搞定:

$ brew install dnsmasq
$ cp /usr/local/opt/dnsmasq/dnsmasq.conf.example /usr/local/etc/dnsmasq.conf
$ cat >> /usr/local/etc/dnsmasq.conf << EOF
strict-order
listen-address=192.168.78.1,127.0.0.1
EOF
$ sudo cat >> /etc/hosts << EOF
192.168.78.122	ora12c, ora12c.example.com
192.168.78.73   rhel7, rhel7.example.com
192.168.78.113	sol11, sol11.example.com
EOF
$ sudo brew services start dnsmasq

其实,关于dnsmasq网上有一大堆的教程,本文只用了最简单的步骤,使用dnsmasq的默认配置,保证在最短的时间内让DNS服务器跑起来。如果你感兴趣的话,可以仔细研究一下dnsmasq的配置文件,注释写的很详细,可以尝试配置一下DHCP服务。

方便获取更多学习、工作、生活信息请关注本站微信公众号城东书院 微信服务号城东书院 微信订阅号
推荐内容
相关内容
栏目更新
栏目热门