dnsmasq-搭建属于自己的DNS域名服务

　　dnsmasq是⼀款⼩巧且⽅便地⽤于配置DNS服务器和DHCP服务器的⼯具，适⽤于⼩型⽹络，它提供了DNS解析功能和可选择的DHCP功能。可以解决⼩范围的dns查询问题，如果业务是跨机房、跨地区的话不建议使⽤dnsmasq做为dns解析服务器。

1、安装dnsmsaq工具

[root@junwu_server ~]# yum install -y dnsmasq

2、配置dnsmsaq.conf文件（默认为空）

[root@junwu_server ~]# grep -Ev '^$|^#' /etc/dnsmasq.conf
resolv-file=/etc/resolv.dnsmasq.conf
address=/baidu.com/123.206.16.61
address=/taobao.com/123.206.16.61
listen-address=10.0.0.10,127.0.0.1
addn-hosts=/etc/dnsmasq.hosts
log-queries
log-facility=/var/log/dnsmasq.log
conf-dir=/etc/dnsmasq.d,.rpmnew,.rpmsave,.rpmorig

 3、内部解析地址配置

[root@junwu_server ~]# cat /etc/dnsmasq.hosts
10.4.29.106 www.taobao.com
10.4.24.116 www.baidu.com

 4、添加上游dns服务器地址

[root@junwu_server ~]# cat /etc/resolv.dnsmasq.conf
nameserver 233.5.5.5
nameserver 233.6.6.6

 5、配置日志切割

[root@junwu_server ~]# cat /etc/logrotate.d/dnsmasq
/var/log/dnsmasq.log {
daily
copytruncate
missingok
rotate 30
compress
notifempty
dateext
size 200M
}

6、启动dnsmasq服务

[root@junwu_server ~]# systemctl start dnsmasq

7、配置dns服务端地址为本地机器地址

[root@junwu_server ~]# cat /etc/resolv.conf

# Generated by NetworkManager

#nameserver 114.114.114.114

nameserver 10.0.0.10

【测试dns域名解析】

##查看日志服务

[root@junwu_server ~]# tail -f /var/log/dnsmasq.log
Nov 22 07:49:58 dnsmasq[992]: read /etc/hosts - 2 addresses
Nov 22 07:49:58 dnsmasq[992]: read /etc/dnsmasq.hosts - 5 addresses
Nov 22 07:54:17 dnsmasq[992]: exiting on receipt of SIGTERM
Nov 22 07:54:29 dnsmasq[949]: started, version 2.76 cachesize 150
Nov 22 07:54:29 dnsmasq[949]: compile time options: IPv6 GNU-getopt DBus no-i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth nettlehash no-DNSSEC loop-detect inotify
Nov 22 07:54:29 dnsmasq[949]: reading /etc/resolv.dnsmasq.conf
Nov 22 07:54:29 dnsmasq[949]: using nameserver 233.5.5.5#53
Nov 22 07:54:29 dnsmasq[949]: using nameserver 233.6.6.6#53
Nov 22 07:54:29 dnsmasq[949]: read /etc/hosts - 2 addresses
Nov 22 07:54:29 dnsmasq[949]: read /etc/dnsmasq.hosts - 5 addresses

##安装dns客户端软件dig和nslookup

[root@junwu_server ~]# yum install bind-utils -y

##用本地dns

[root@junwu_server ~]# nslookup baidu.com
Server: 10.0.0.10
Address: 10.0.0.10#53

Name: baidu.com
Address: 123.206.16.61

#用公网dns，即上游服务器查询

[root@junwu_server ~]# nslookup www.baidu.com 223.5.5.5
Server: 223.5.5.5
Address: 223.5.5.5#53

Non-authoritative answer:
www.baidu.com canonical name = www.a.shifen.com.
Name: www.a.shifen.com
Address: 183.232.231.174
Name: www.a.shifen.com
Address: 183.232.231.172

成功！！！

问题1：在dns配置文件/etc/resolve.con修改为本机地址后为什么还能访问外网？

问题2：下载rpm软件包，为什么下载超时甚至无法下载了呢？