Build DNSMASQ server, Internal network analysis

System: centos6.5

Internal requirements for a DNS server, resolve internal domain name (the domain name does not need to be resolved on the public network)

The "Bind Bind-utils" package is installed and the configuration settings are forwarded to the external telco DNS,DHCP service setting to distribute the DNS service for that server. Then the resolution inside is very smooth, but to the outside (such as Baidu, 163, Sina) and other websites very slow.

Do not know whether the configuration has a problem, can not find out.

So just try it with DNSMASQ.

Here is the installation procedure

===================

1,yum Installation

Yum Install Dnsmasq-y

or source code installation

Cd/tmp && wget http://www.thekelleys.org.uk/dnsmasq/dnsmasq-2.71.tar.gztar-zxvf dnsmasq-2.71.tar.gz & & CD Dnsmasq-2.71make Install

CP dnsmasq.conf.example/etc/dnsmasq.confmkdir-p/ETC/DNSMASQ.D #这个目录备用

2,DNSMASQ Configuration

#主要有三个文件: #/etc/dnsmasq.conf#/etc/dnsmasq.d/resolv.dnsmasq.conf#/etc/dnsmasq.d/dnsmasq.hosts #第一个是系统默认必须的, The following two can be built on their own, the location of the path can also be defined according to their own needs.

Vi/etc/dnsmasq.conf#itgeeker prompt error every time, the purpose is to let DNSMASQ read all the configuration files in the directory #conf-dir=/etc/dnsmasq.d# let DNSMASQ read your settings resolv-file #no-resolvresolv-file=/etc/dnsmasq.d/resolv.dnsmasq.confno-pollstrict-order# does not read the system hosts, Read the NO-HOSTSADDN-HOSTS=/ETC/DNSMASQ.D/DNSMASQ.HOSTS#DNSMASQ log settings you set log-querieslog-facility=/var/log/dnsmasq.log# DNSMASQ Cache Settings cache-size=1024# Single set 127 for native use, add native IP for internal full network use listen-address=127.0.0.1,10.19.21.249

Create 2 new files #在 the/ETC/DNSMASQ.D directory

Vi/etc/dnsmasq.d/resolv.dnsmasq.conf#nameserver 127.0.0.1 should not be added nameserver 202.96.209.5nameserver 202.96.209.133nameserver 223.5.5.5nameserver 223.6.6.6nameserver 114.114.114.114nameserver 8.8.4.4#nameserver 8.8.8.8

vi/etc/dnsmasq.d/dnsmasq.hosts10.19.21.249 aop.baim.com

3, start the service

/ETC/INIT.D/DNSMASQ startchkconfig DNSMASQ on# If it is a source-compiled installation:/USR/LOCAL/SBIN/DNSMASQ authentication: Netstat-tunlp|grep 53 off: Killall-kill dnsmasq restart: pkill-9 dnsmasp &&/usr/local/sbin/dnsmasq-h

#服务启动脚本vi  /etc/init.d/dnsmasq#!/bin/sh## Startup script for the <span  class= ' wp_keywordlink_affiliate ' ><a href= "http://itgeeker.net/tag/dns/"  title= "View all  posts in dns " target=" _blank ">dns</a></span> caching server##  chkconfig: - 49 50# description: This script starts your  Dns caching server# processname: dnsmasq# pidfile: /var/run/dnsmasq# source  function library.  /etc/rc.d/init.d/functions# source networking configuration.  /etc/sysconfig/network# check that networking is up. [ ${networking} =  "No"  ] && exit 0dnsmasq=/usr/local/sbin/dnsmasq[  -f  $DNSMASQ  ] | |  exit 0RETVAL=0# See how we were called.case  "$"  instart) if  [ $uid -ne 0 ] ; thenecho  "User has insufficient privilege." exit 4fiecho -n  "starting dnsmasq: " daemon  $dnsmasq   $OPTIONSRETVAL =$?echo[   $RETVAL  -eq 0 ] && touch /var/lock/subsys/dnsmasq;; Stop) if test  "x ' pidof dnsmasq '"  != x; thenecho -n  "Shutting down  dnsmasq:  "killproc dnsmasqfiretval=$?echo[  $RETVAL  -eq 0 ] &&  rm -f /var/lock/subsys/dnsmasq /var/run/dnsmasq.pid;; Status) status dnsmasqretval=$?;; Reload) echo -n  "reloading dnsmasq: " killproc dnsmasq -hupretval=$?echo;; Force-reload) # new configuration takes effect only after restart$0  stop$0 startretval=$?;; Restart) $0 stop$0 startretval=$?;; Condrestart) if test  "x '/sbin/pidof dnsmasq '"  != x; then$0 stop$0 startretval=$?fi;; *) echo  "Usage: $0 {start|stop|restart|reload|condrestart|status}" exit 2esacexit $ RETVAL

#如果你是本地编辑上传的, you are prompted not to find the file remember set ff=unix# again give permission to execute chmod +x/etc/init.d/dnsmasq/etc/init.d/dnsmasq startchkconfig dnsmasq on

Note: When you are finished, you need to set the DNS server address on the DHCP service side, and the client will automatically get to that DNS address. Requires a heavy client local network .

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/6F/70/wKiom1WciESDZGcPAAHuug7ROqU306.jpg "title=" Dns.jgp.png "alt=" Wkiom1wciesdzgcpaahuug7roqu306.jpg "/>

Check the local DNS to see if you can get the address.

Then access the domain name, whether it can be resolved.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/6F/70/wKiom1WciVDg-jI_AAPCHKmpBqw177.jpg "title=" QQ20150708-1@2x.jpg "alt=" Wkiom1wcivdg-ji_aapchkmpbqw177.jpg "/>

This article is from the "Charlie_cen" blog, make sure to keep this source http://charlie928.blog.51cto.com/3741218/1671914

Build DNSMASQ server, Internal network analysis