Linux下用dnsmasq做dns cache server的配置方法

目前最新版是2.7.1 ，可去其FTP下载：http://www.thekelleys.org.uk/dnsmasq/

安装过程比较简单

yum -y install dnsmasq*
wget http://www.keepalived.org/software/keepalived-1.2.9.tar.gz
tar zxvf keepalived-1.2.9.tar.gz
cd keepalived-1.2.9
./configure --prefix=/usr/local/keepalived
make && make install
mkdir /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/
chkconfig --add keepalived
chkconfig --level 35 keepalived on

keepalived的配置很简单，只需要配置一个VIP可以在两台Server之间飘来飘去就可以实现主备了

! Configuration File for keepalived

global_defs {
 notification_email {
  xxx@xxx.com
 }
 notification_email_from xxx@xxx.com
 smtp_server 127.0.0.1
 smtp_connect_timeout 30
 router_id LVS_DEVEL
}

vrrp_instance dnscache {
 state MASTER         // 另一台配置BACKUP
 interface eth1        // 在哪个接口上进行服务器状态检测
 virtual_router_id 51
 priority 180         // BACKUP机器上配置100
 advert_int 1         // 检查间隔，单位为秒
 authentication {
   auth_type PASS
   auth_pass 1234
 }

virtual_ipaddress {       // VIP设置，指定到内网网卡
   192.168.100.99/24 dev eth1
 }
}

dnsmasq的配置也很简单

resolv-file=/etc/resolv.dnsmasq.conf
cache-size=1000
conf-dir=/etc/dnsmasq.d

将dns地址写入到/etc/resolv.dnsmasq.conf文件中

echo "nameserver 8.8.8.8" > /etc/resolv.dnsmasq.conf

本机和局域网其它全部的服务器dns解析都用它

echo "nameserver 192.168.100.99" > /etc/resolv.conf

最后找一台局域网Server验证一下，如果能解析就说明正常了.

nslookup www.google.cn 192.168.100.99

此方案只适合小型企业，规模少的情况下使用，解析量大的时候还是用bind最好。

下面是其它网友的补充：

sudo pacman -S --needed dnsmasq
cd /etc

[admin@huangye etc]$ sudo cp -v dnsmasq.conf{,.orig}
`dnsmasq.conf' -> `dnsmasq.conf.orig'

[admin@huangye etc]$ sudo vim dnsmasq.conf

相比来说，dnsmasq的配置简单多了：

resolv-file=/etc/dnsmasq.resolv.conf
addn-hosts=/etc/dnsmasq.hosts
local=/localnet/
no-dhcp-interface=eth0
conf-dir=/etc/dnsmasq.d

[admin@huangye etc]$ sudo cp -v resolv.conf dnsmasq.resolv.conf
Password:
`resolv.conf' -> `dnsmasq.resolv.conf'
sudo mkdir /etc/dnsmasq.d
sudo touch /etc/dnsmasq.hosts

sudo /etc/rc.d/dnsmasq start

最后，别忘记加入rc.conf DAEMONS,注意要在network后面。

dnsmasq 可从额外的hosts文件读取条目，如可以这样添加正向解析：

echo "IP地址 域名" > /etc/dnsmasq.hosts

另外，重启dnsmasq可以用SIGHUP（可以在修改hosts文件后，让配置生效）

 killall -s SIGHUP dnsmasq

查看服务状态：

 netstat -tunl
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN
udp        0      0 0.0.0.0:53              0.0.0.0:*

再dig 一下，发现稳定在4ms ,我晕，同样的配置，我在一台ubuntu server 10.04 上面dig 是1ms ,在我本地居然在4ms ,囧