How to get a DNS record
本文介绍了我的私人 DNS 服务架构
设备:
- Android 手机
- iPad
- PC(Windows 10)
- PC(Fedora 37)
- 路由器(OpenWrt) 以上直接在本机使用了DoH服务。
- 电视
- 智能家居
- 音响 等,无法手动设置DNS,由路由器负责代理。
路由器:运行mosdns,在内网监听53,转发给上海VPS;
上海VPS根据域名,将请求分别转发给阿里DNS或Google DNS.
服务器:
- Shanghai: Tencent Lighthouse
- AdGuard Home 去广告、统计,提供DoH服务
- Mosdns 国内外分流
- Grafana 性能监视
- Tailscale 隧道
- HTTPS 隧道
- Hong Kong: Tencent CVM
- Mosdns
- Tailscale 隧道
- Macau: Raspberry Pi
- HTTPS 隧道
连接速度测试:
root@crazy:~# tailscale ping hkg10
pong from hkg10 (100.69.55.124) via 43.x.x.x:41641 in 31ms
root@crazy:~# q @100.69.55.124:10053 google.com A --all
Question:
google.com. A
Answer:
google.com. 2m59s A 142.250.204.46
Stats:
Received 54 B from 100.69.55.124:10053 in 37.6ms (05:32:37 02-17-2023 CST)
Router mosdns config:
plugins:
- tag: forward_alidns
type: forward
args:
upstreams:
- addr: https://dns.alidns.com/dns-query
bootstrap: 223.5.5.5
- type: udp_server
args:
entry: forward_alidns
listen: 0.0.0.0:53
Shanghai mosdns config:
log:
file: ./mosdns.log
level: info
api:
http: "127.0.0.1:9081"
plugins:
- tag: tag_cache
type: cache
args:
size: 10240
lazy_cache_ttl: 259200
dump_file: ./cache.dump
dump_interval: 3600
- tag: forward_alidns
type: forward
args:
upstreams:
- tag: alidns_main
addr: "https://223.5.5.5/dns-query"
- tag: alidns_backup
addr: "https://223.6.6.6/dns-query"
- tag: forward_google
type: forward
args:
concurrent: 3
upstreams:
- tag: tailscale_udp
addr: "100.77.149.73:10053"
- tag: tailscale_tcp
addr: "tcp://100.77.149.73:10053"
enable_pipeline: true
- tag: clash_tcp
addr: "tcp://127.0.0.1:6053"
enable_pipeline: true
- tag: main
type: sequence
args:
- matches:
- qtype 12 65 # PTR HTTPS
exec: reject 0
- exec: $tag_cache
- matches: has_resp
exec: accept
- matches: qname &/etc/mosdns/rules/china_domain_list.txt &/etc/mosdns/rules/cdn_domain_list.txt &/etc/mosdns/ecs_cn_domain.txt
exec: $forward_alidns
- matches: has_resp
exec: accept
- exec: $forward_google
- type: udp_server
args:
entry: main
listen: 127.0.0.1:5533
Hong Kong mosdns config:
plugins:
- tag: forward_google
type: forward
args:
upstreams:
- addr: https://dns.google/dns-query
bootstrap: 1.1.1.1
- type: udp_server
args:
entry: forward_google
listen: 0.0.0.0:10053
效果测试:
PC:
C:\>nslookup
默认服务器: UnKnown
Address: fd5e:128e:620::1
> google.com
服务器: UnKnown
Address: fd5e:128e:620::1
非权威应答:
名称: google.com
Addresses: 2404:6800:4005:805::200e
216.58.200.238
> resolver-identity.cloudfront.net
服务器: UnKnown
Address: fd5e:128e:620::1
非权威应答:
名称: resolver-identity.cloudfront.net
Address: 162.158.176.34
162.158.176.34
中国 香港 cloudflare.com
ECS测试:
root@crazy:~# dig +short rs.dns-oarc.net txt
rst.x1433.rs.dns-oarc.net.
rst.x1441.x1433.rs.dns-oarc.net.
rst.x1400.x1441.x1433.rs.dns-oarc.net.
"2400:cb00:140:1024::ac45:491d DNS reply size limit is at least 1441"
"2400:cb00:140:1024::ac45:491d sent EDNS buffer size 1452"
2400:cb00:23:1024::a29e:b03e
中国 香港 cloudflare.com
参考资料:
- https://irine-sistiana.gitbook.io/mosdns-wiki/mosdns-v5
- https://github.com/pmkol/easymosdns
- https://github.com/IrineSistiana/mosdns
- https://aws.amazon.com/cn/premiumsupport/knowledge-center/route-53-find-ecs-support-dns-resolver/
最后修改于 Fri, 17 Feb 2023