基本思路是:1.使用dnsmasq-china-list获取国内外地址列表。2.生成unbound转发配置文件。3.启动unbound服务
1.dnsmasq-china-list国内外地址列表
#dnsmasq-china-list获取脚本#!/bin/bashset -o errexitset -o pipefailurl='/felixonmars/dnsmasq-china-list/master/accelerated-domains.china.conf'data=$(curl -4sSkL "$url") || { echo "download failed, exit-code: $?"; exit 1; }echo "$data" | awk -F/ '{print $2}' | sort | uniq >chnlist.txt
2.生成unbound转发配置文件
#生成转发配置文件脚本#!/bin/shCHINA_DNS_01=114.114.114.114 #114或者使用运营商提供的dnsCHINA_DNS_02=X.X.X.X #随便再填一个DNS服务器,建议使用运营商提供的dnsNEWLINE=UNIXsed -e "s|\(.*\)|forward-zone:\n name: \"\1.\"\n forward-addr: $CHINA_DNS_01\n forward-addr: $CHINA_DNS_02\n|" chnlist.txt > chnlist.unbound.confsed -i 's/\r*$$/\r/' chnlist.unbound.conf
3.启动unbound服务
我这里使用的docker容器,也可以直接安装一个unbound包启动服务,替换/etc/unbound下的配置文件即可
#dockerfile内容FROM alpine:latestRUN sed -i "s/dl-//g" /etc/apk/repositories \&& apk add --no-cache unbound EXPOSE 53/udp 53/tcpCMD /bin/sh -c "/usr/sbin/unbound -d -c /etc/unbound/unbound.conf 2>&1"
docker build -t unbound:latest .
创建一个docker-compose.yml定义服务启动
#docker-compose.yml内容version: "3"services:unbound:image: unbound:latestcontainer_name: unboundrestart: alwaysports:- "53:53/udp"- "53:53/tcp"volumes:- "./etc/unbound:/etc/unbound"environment:- TZ= 'Asia/Chongqing'networks:- unbound-networknetworks:unbound-network:driver: bridge
将unbound配置文件放置于挂载的宿主机路径下/disk1/dockerfile/configfiles/etc/unbound
目录结构:├── conf.d│ └── default.conf #配置默认转发,内容如下├── dnsforward.conf.d│ ├── chnlist.unbound.conf #前面步骤生成的国内转发配置文件│ └── custom.conf #可以自己配置内网域名转发,可有可无├── root.hints #从/domain/named.cache下载└── unbound.conf#主配置文件,内容如下#unbound.confserver:access-control: 0.0.0.0/0 allowcache-max-negative-ttl: 10cache-max-ttl: 86400cache-min-ttl: 321do-ip4: yesdo-ip6: nodo-not-query-localhost: nodo-tcp: yesdo-udp: yesedns-buffer-size: 4096extended-statistics: yesharden-dnssec-stripped: yesharden-large-queries: yesharden-short-bufsize: yesinterface: 0.0.0.0logfile: ""minimal-responses: nonum-threads: 4msg-buffer-size: 8192msg-cache-size: 128mrrset-cache-size: 256mmsg-cache-slabs: 8rrset-cache-slabs: 8infra-cache-slabs: 8key-cache-slabs: 8so-rcvbuf: 1mnum-queries-per-thread: 1024outgoing-port-permit: "10240-65335"pidfile: "/var/run/unbound.pid"port: 53prefetch: yesroot-hints: /etc/unbound/root.hintsrrset-roundrobin: yesso-reuseport: yesstatistics-cumulative: yesstatistics-interval: 24300target-fetch-policy: "2 1 0 0 0 0"trust-anchor: ". DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5"username: "unbound"verbosity: 1include: "/etc/unbound/conf.d/*.conf"#conf.d/default.confso-sndbuf: 4m outgoing-num-tcp: 256 incoming-num-tcp: 1024 tcp-upstream: no hide-identity: yes hide-version: yesharden-glue: yes module-config: "iterator"unwanted-reply-threshold: 10000000do-not-query-localhost: noprefetch: yesminimal-responses: yesforward-zone:name: "."forward-addr: 8.8.8.8forward-addr: 8.8.4.4include: "/etc/unbound/dnsforward.conf.d/*.conf"
创建完成后,启动服务
docker-compose -f/disk1/docker-compose.yml up -d
启动服务后,修改本机dns服务器配置,解析地址看看是否解决正确
如果觉得《搭建unbound转发服务器分流国内外及内网域名》对你有帮助,请点赞、收藏,并留下你的观点哦!
